Web scraping LinkedIn profiles and other data has become a common practice for companies looking to find new sales leads or recruit job candidates. However, LinkedIn has terms of service that prohibit scraping without permission. So is web scraping LinkedIn actually legal? The short answer is it depends. Here is an in-depth look at the legal issues around scraping LinkedIn data.
What is Web Scraping?
Web scraping refers to the automated extraction of data from websites. It works by using bots, scripts or web crawling software to copy content from web pages into a central local database or spreadsheet. The scraped data may include text, images, documents or other information.
On a site like LinkedIn, web scrapers target member profiles to harvest information like names, job titles, companies, locations, skills, education and more. This data can then be analyzed to look for potential customers, recruiting prospects, business connections and other uses.
LinkedIn’s Position on Web Scraping
LinkedIn’s User Agreement explicitly prohibits scraping their website without permission. Here is the relevant section from their terms of service as of September 2022:
You agree that you will not engage in activity that would violate applicable law or regulation in connection with your use of the Services. This includes:
– Scraping or mining content from the Services via bots, spiders, crawlers, scripts, browsers, or any other automated or manual process.
LinkedIn argues web scraping violates their terms of service which members agree to when signing up for the platform. They can use violations as grounds for terminating accounts and pursuing legal action.
LinkedIn has employed several technical measures to try blocking scrapers, including CAPTCHAs, limiting API access and monitoring traffic patterns to detect bots. They frequently send cease and desist letters to scrapers threatening legal action if they do not stop extracting data from the site.
Scraping LinkedIn is Likely a Violation of the CFAA
There is a strong argument that scraping LinkedIn profiles without permission constitutes a violation of the Computer Fraud and Abuse Act (CFAA). This is a US federal law that prohibits accessing any computer without authorization or in a way that exceeds authorized access. Here are some key points on how the CFAA potentially applies to LinkedIn scraping:
- LinkedIn’s terms of service provide the authorization terms and make it clear scraping is prohibited without permission.
- Scraping bots access LinkedIn servers without authorization to obtain member data.
- The CFAA covers any computer accessed via the internet, which includes LinkedIn’s servers.
- Violations are punishable by criminal and civil penalties.
There have been several cases in recent years where companies scraping LinkedIn have been sued for violating the CFAA:
- in 2017, LinkedIn sued 100 anonymous John Doe scrapers.
- in 2019, they sued ZoomInfo for scraping 100 million member profiles.
- in 2020, they sued Adversite for taking job postings and member data.
None of these cases have fully played out in court to establish definitive legal precedent. But the cases help demonstrate LinkedIn’s commitment to enforcing its terms of service banning scraping through CFAA lawsuits.
Scraping Public Member Profiles Has Mixed Legality
The legality of web scraping public LinkedIn pages without logging in is debatable. On one hand, public profiles do not sit behind a password login or other technical barrier. But LinkedIn’s terms still apply to public content, and scraping even public pages may still violate the CFAA.
Here are some examples where scraping public profiles has been legally challenged:
- In 2017, LinkedIn sent HiQ labs a cease and desist for scraping public profiles. HiQ filed suit arguing it was legal, but a judge granted LinkedIn’s request to order HiQ to stop.
- In 2019, LinkedIn sued Meetup for allegedly scraping public profile data. The case was eventually dismissed.
- In 2021, the US Supreme Court ruled in a CFAA case that terms of service alone cannot make access without authorization illegal. This weakens the argument that violating ToS is inherently a CFAA violation.
The legality around public profile scraping thus seems to depend on the specific circumstances of each case. There are viable fair use arguments, but the practice still carries legal risks.
Scraping Messages and Group Posts is Likely Illegal
LinkedIn messages and private group posts sit behind the login barrier and are not visible to public visitors. Scraping these private communications is a clearer CFAA violation since it requires circumventing LinkedIn’s access controls.
For example, in 2015 LinkedIn sued John Doe individuals for allegedly scraping private LinkedIn groups. The case was dropped when the defendants could not be positively identified and served. But it demonstrates LinkedIn’s view that scraping non-public data is unlawful.
What are the Legal Risks of Scraping LinkedIn?
Scraping LinkedIn data without permission carries the following legal risks:
- LinkedIn may send a cease & desist letter demanding you stop scraping or face civil litigation.
- Your accounts could be terminated for violating LinkedIn’s terms of service.
- LinkedIn may file a CFAA or state law civil suit seeking an injunction and monetary damages.
- Law enforcement could pursue criminal CFAA charges for unlawful hacking or computer intrusion.
- You may be liable for civil damages under state privacy and consumer protection laws.
Defending a scraping lawsuit is costly even if you ultimately prevail. Many scrapers decide to comply with cease and desist demands since litigation poses too much risk and uncertainty.
Asking Permission Reduces Legal Risk
The simplest way to avoid legal risk is to contact LinkedIn and ask for permission before scraping. Some exceptions where LinkedIn grants permission include:
- Academic researchers and universities conducting research studies.
- Browser extensions and apps that follow API guidelines and add value for members.
- Partnerships that provide mutual benefit and align with LinkedIn’s mission.
- Members downloading their own profile data using LinkedIn’s tools.
There is no guarantee LinkedIn will authorize your web scraping. But asking for permission and abiding by their decision is the best way to avoid potential lawsuits or other legal problems down the road.
Scraping Principles to Reduce Risk
If you proceed with scraping LinkedIn without explicit permission, you can employ the following practices to reduce legal risk:
- Only access personal profiles and public data, avoiding private content behind the login.
- Use limited scraping mainly for internal research versus commercial purposes.
- Implement robust opt-out mechanisms for members to avoid being scraped.
- Add value and enrich LinkedIn’s platform instead of merely copying data.
- Implement scraping conservatively instead of maximally scraping.
- Abide immediately by any cease and desist requests from LinkedIn.
- Consult qualified legal counsel to understand your specific legal risks.
These precautions will not guarantee safety from legal action, but can help demonstrate good faith efforts to avoid harm.
Best Practices for LinkedIn Scraping
Here are some best practices for reducing friction and protecting yourself legally when scraping LinkedIn:
- Review the latest LinkedIn user agreement so you understand the terms and what is allowed or prohibited.
- Implement scraping ethically by respecting opt-out requests, scraping reasonably, and not overburdening servers.
- Do not scrape under false member accounts that violate LinkedIn’s terms of service.
- Use scraping tools judiciously to blend into normal website traffic versus launching aggressive bot attacks.
- Scrape only elements of public profiles needed for your specific purposes, avoiding wholesale data copying.
- Consider using LinkedIn’s official API which grants managed access to certain member data in some cases.
- Rotating IP addresses and proxies and spread scraping over time can help avoid bot detection.
- Monitor legal developments that may impact web scraping laws and best practices.
Again, the ideal option is getting LinkedIn’s blessing through their partner program, academic outreach or other official channels. But if you do opt to scrape, those measures can help reduce friction.
Top LinkedIn Scraping Alternatives
Here are some alternatives to consider instead of scraping LinkedIn:
- LinkedIn Sales Navigator – Paid sales prospecting tool with robust search features. Costs $79/month.
- LinkedIn Recruiter – Talent recruiting platform for finding and engaging candidates. $8,500+/year.
- Humanyze – People intelligence platform with compliant data sourcing. Fortune 500 customers.
- Lusha – B2B data enrichment for lead gen and recruiting. Browser extension and API access.
- RocketReach – Find direct contacts at companies through legal methods.
- Apollo.io – AI-powered B2B database for sales/recruiting. No scraping.
- LinkedIn Ads – Target prospects based on LinkedIn profile data legally.
While paid, these tools provide access to LinkedIn member data through legal channels. They can often serve as scraping alternatives depending on your needs.
Bottom Line on Scraping LinkedIn Legally
In summary, here are the key points to keep in mind:
- LinkedIn’s terms prohibit scraping without permission.
- Scraping likely violates the CFAA and state laws, prompting lawsuits.
- Scraping public profiles has mixed legality depending on specifics.
- Private groups and messages are more clearly illegal to scrape.
- Asking LinkedIn for permission is the only sure way to stay onside of the law.
- Scraping conservatively, ethically, and focused on public data reduces risk.
- However, any scraping still carries legal uncertainty.
With web scraping laws rapidly evolving, there are no hard and fast guarantees. But following ethical practices, respecting opt-outs, minimizing harm, and understanding LinkedIn’s terms of service will point you in the right direction.
Conclusion
LinkedIn scraping occupies a grey area legally. While a common practice, scrapers ultimately do so at their own risk. Following the guidelines above can help reduce legal exposure. But restraint and caution are advisable given LinkedIn’s demonstrated willingness to pursue scrapers under the CFAA and other laws. The only sure way to avoid legal headaches is getting LinkedIn’s blessing or using alternative data sourcing approaches.