Scraping By with the Computer Fraud & Abuse Act
The Computer Fraud & Abuse Act was enacted by Congress in 1986, primarily as a tool to criminally prosecute hackers, in an era before the web and online publishing, when the internet was mostly used by a small universe of academics, government and military staff. Although the CFAA has been updated by Congress several times, its meaning in the modern age of universal internet access and porous digital borders has eluded courts as to what it means to access a computer without authorization. This panel will attempt to make sense of the various, often contradictory, judicial rulings in this area, and debate a better way forward which balances platforms’ private property right to its data with the right of public access to online information. The session will consider:
• Can platforms deny other companies the right to access and process otherwise public information on their sites, and what are the rights of aggregators to gather news and process information by scraping other sites?
• What technical measures, such as password protection, is sufficient to enjoy the protections of the CFAA?
• Reconciling CFAA decisions in Power Ventures & Craigslist v. 3Taps with contradictory rulings in Hi-Q and others.
• Is there a kind of “public forum doctrine” emerging on private social media in light of notions of mandatory access and free speech protections arguably extended to privately-owned social media platforms in other cases.
• What should a modern update or replacement of the CFAA look like?
Brian Willen, Partner, Wilson Sonsini (Moderator)
Jonathan Blavin, Partner, Munger Tolles
Stacey Brandenburg, Partner, ZwillGen
Jamie Williams, Staff Attorney, Electronic Frontier Foundation