A New Common Law of Web Scraping

25 Lewis & Clark L. Rev. 147 (2021)

61 Pages Posted: 18 May 2020 Last revised: 4 Jun 2024

See all articles by Benjamin Sobel

Benjamin Sobel

Cornell University - Cornell Tech NYC

Date Written: April 21, 2020

Abstract

The Clearview AI facial recognition scandal is a monumental breach of privacy that arrived at a particularly inopportune time. A shadowy company reportedly scraped billions of publicly-available images from social media platforms and compiled them into a facial recognition database that it made available to law enforcement and private industry. To make matters worse, the scandal came to light just months after the Ninth Circuit’s decision in hiQ v. LinkedIn, which held that scraping the public web probably does not violate the Computer Fraud and Abuse Act (CFAA). Before hiQ, the CFAA would have seemed like the surest route to redress against Clearview. This Article analyzes the implications of the hiQ decision, situates the Clearview outrage in historical context, explains why existing legal remedies give aggrieved plaintiffs little to no recourse, and proposes a narrow tort to empower ordinary Internet users to take action against gross breaches of privacy by actors like Clearview: the tort of bad faith breach of terms of service.

Part I argues that the Ninth Circuit’s hiQ decision marks, at least for the time being, the reascension of common law causes of action in a field that had been dominated by the CFAA. Part II shows that the tangle of possible common law theories that courts must now adapt to cyberspace resembles the strained property and contract concepts that jurists and privacy plaintiffs reckoned with at the turn of the 20th century. It suggests that modern courts, following the example some of their predecessors set over a century ago, may properly recognize some common law remedies for present-day misconduct. Part III catalogs familiar common law claims to argue that no established property, tort, or contract claim fully captures the relational harm that conduct like Clearview’s wreaks on individual Internet users. Part IV proposes a new tort, bad faith breach of terms of service, that can provide aggrieved plaintiffs with a proper remedy without sacrificing doctrinal fidelity or theoretical coherence.

Keywords: facial recognition, law, privacy, tort, clearview, scraping, cyberlaw, internet law, intellectual property

JEL Classification: K10, K11, K12, K13, K24, O34

Suggested Citation

Sobel, Benjamin, A New Common Law of Web Scraping (April 21, 2020). 25 Lewis & Clark L. Rev. 147 (2021), Available at SSRN: https://ssrn.com/abstract=3581844 or http://dx.doi.org/10.2139/ssrn.3581844

Benjamin Sobel (Contact Author)

Cornell University - Cornell Tech NYC ( email )

2 West Loop Rd.
New York, NY 10044
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
1,033
Abstract Views
3,801
Rank
42,553
PlumX Metrics