This week, the professional networking company LinkedIn have filed a lawsuit against 100 unnamed individuals for using bots to harvest user profiles from its website.
The lawsuit is a preliminary step to revealing the identities of the scrapers — as it is believed that LinkedIn will ask the court to reveal the true identities behind the scrapers’ IP addresses.
The lawsuit also raises questions about how to police bot use – LinkedIn have invoked the controversial Computer Fraud and Abuse Act (CFAA) in the lawsuit, claiming that collecting user profiles from the site amounts to hacking.
The period of time the lawsuit refers to dates from December 2015 to present, and specifically refers to the act of unknown persons and/or entities employing various automated software programs, known as bots, to extract data from LinkedIn profiles. The networking site complain that in doing so, the perpetrators violated a multitude of laws, including the Computer Fraud and Abuse Act.
LinkedIn believe anonymous scrapers have built a network of computers infected with malicious software, known as a botnet, which can get around the restrictions LinkedIn uses to prevent profile collection by undesirable third parties.
The CFAA allows companies like LinkedIn to bring cases against anyone who gains unauthorised access to a protected computer.
Despite the lawsuit, LinkedIn doesn’t want to prohibit scraping altogether. Search engines like Google use bots to index websites and turn up relevant results, which LinkedIn wants to continue to allow.
The reasoning behind this is simple: Linked consider anonymous data collectors to be undesirable, whereas search engines using bots to boost the site’s rankings in search results is naturally desirable for the networking company.