A New Common Law of Web Scraping

25 Lewis & Clark L. Rev. ___ (forthcoming 2021)

75 Pages Posted: 18 May 2020 Last revised: 9 Sep 2020

See all articles by Benjamin Sobel

Benjamin Sobel

Harvard University - Berkman Klein Center for Internet & Society

Date Written: April 21, 2020


The Clearview AI facial recognition scandal is a monumental breach of privacy that arrived at a particularly inopportune time. A shadowy company reportedly scraped billions of publicly-available images from social media platforms and compiled them into a facial recognition database that it made available to law enforcement and private industry. To make matters worse, the scandal came to light just months after the Ninth Circuit’s decision in hiQ v. LinkedIn, which held that scraping the public web probably does not violate the Computer Fraud and Abuse Act (CFAA). Before hiQ, the CFAA would have seemed like the surest route to redress against Clearview. This Article analyzes the implications of the hiQ decision, situates the Clearview outrage in historical context, explains why existing legal remedies give aggrieved plaintiffs little to no recourse, and proposes a narrow tort to empower ordinary Internet users to take action against gross breaches of privacy by actors like Clearview: the tort of bad faith breach of terms of service.

Part I argues that the Ninth Circuit’s hiQ decision marks, at least for the time being, the reascension of common law causes of action in a field that had been dominated by the CFAA. Part II shows that the tangle of possible common law theories that courts must now adapt to cyberspace resembles the strained property and contract concepts that jurists and privacy plaintiffs reckoned with at the turn of the 20th century. It suggests that modern courts, following the example some of their predecessors set over a century ago, may properly recognize some common law remedies for present-day misconduct. Part III catalogs familiar common law claims to argue that no established property, tort, or contract claim fully captures the relational harm that conduct like Clearview’s wreaks on individual Internet users. Part IV proposes a new tort, bad faith breach of terms of service, that can provide aggrieved plaintiffs with a proper remedy without sacrificing doctrinal fidelity or theoretical coherence.

Keywords: facial recognition, law, privacy, tort, clearview, scraping, cyberlaw, internet law, intellectual property

JEL Classification: K10, K11, K12, K13, K24, O34

Suggested Citation

Sobel, Benjamin, A New Common Law of Web Scraping (April 21, 2020). 25 Lewis & Clark L. Rev. ___ (forthcoming 2021), Available at SSRN: https://ssrn.com/abstract=3581844 or http://dx.doi.org/10.2139/ssrn.3581844

Benjamin Sobel (Contact Author)

Harvard University - Berkman Klein Center for Internet & Society ( email )

Harvard Law School
23 Everett, 2nd Floor
Cambridge, MA 02138
United States

Here is the Coronavirus
related research on SSRN

Paper statistics

Abstract Views
PlumX Metrics