Consumer Privacy
Ninth Circuit Indicates that Information on Public LinkedIn Profiles is Fair Game for Automated Data Scraping Bots Under the CFAA
The CFAA, codified at 18 U.S.C. § 1030, prohibits the intentional accessing of a protected computer “without authorization” in order to obtain information from it. The Ninth Circuit considered the meaning of the phrase “without authorization” and determined that its use in the statute is meant to protect against the digital equivalent of “breaking and entering.” As such, simply collecting publicly available data from a website like LinkedIn does not give rise to a CFAA violation. The court rather indicated that the CFAA is violated only “when a person circumvents a computer’s generally applicable rules regarding access permissions, such as username and password requirements, to gain access to a computer.”—Jenny L. Holmes
California governor signs seven bills related to data security and privacy
On October 13, 2019, the California governor signed bills amending the California Consumer Privacy Act into law.—Karl Belgum