LinkedIn Sues 100 Individuals For Scraping User Data From the Site

Mark Wilson, writing for BetaNews: Professional social network LinkedIn is suing 100 anonymous individuals for data scraping. It is hoped that a court order will be able to reveal the identities of those responsible for using bots to harvest user data from the site. The Microsoft-owned service takes pride in the relationship it has with its users and the security it offers their data. Its lawsuit seeks to use the data scrapers' IP addresses and then discover their true identity in order to take action against them. LinkedIn says that a botnet has been used to gain access to user data which is then passed on to third parties. The site has a number of measures in place to prevent this type of data harvesting, but it seems that scrapers have found a way to circumvent these security restrictions. A series of automated tools -- FUSE, Quicksand, Sentinel, and Org Block -- are used to monitor suspicious activity and blocking scraping.

LinkedIn Response in Summary

[damn_registrars]

"hey, data scraping is our gig"

Re:LinkedIn Response in Summary

Warm it up Kris!

I'm about to...oh wait.

Re:LinkedIn Response in Summary

You know, I wish I had mod points. :D

Too bad they didn't get sued in their early days for scraping it off Google.

Re:LinkedIn Response in Summary

That was exactly my thought when I read this article. Microsoft is jealous of people spying on their users. Oh the irony...

Re: LinkedIn Response in Summary

[hackwrench]

I think the word you are looking for is hypocrisy, not irony... Just saying.

Security?

[shabble]

The Microsoft-owned service takes pride in [...] the security it offers their data

Oh? https://blog.linkedin.com/2016...

In 2012, LinkedIn was the victim of an unauthorized access and disclosure of some members' passwords. [...]

Yesterday, we became aware of an additional set of data that had just been released that claims to be email and hashed password combinations of more than 100 million LinkedIn members

Re:Security?

[Big+Hairy+Ian]

2012 Wasn't that before M$ bought them for an obscene amount of money.

Security my Ass

[ketomax]

The Microsoft-owned service takes pride in the relationship it has with its users and the security it offers their data.

Thanks to LinkedIn hackers are attempting to login to my accounts on sites like Steam, Facebook, eBay, Twitter, etc. Now, I know better and use different passwords for different sites. But, at least these sites have security in place to warn me of suspicious logins while denying the logins.

Re:Security my Ass

[0100010001010011]

I don't even have the same login in different sites.

Linked in? linkedin.com@example.org.

Facebook? facebook.com@example.org.

Re: Security my Ass

That wouldn't be all that hard for someone to guess.

Re: Security my Ass

[MitchDev]

Point is, there's nothing tying two different sites to each other. Using even just the login ID of one is useless on the other.

Re:Security my Ass

[ketomax]

I don't know how but LinkedIn has linked all 5 of my email addresses in! And that is enough for the hackers to log in. But, I think these logins are automated too. Otherwise they could have used a proxy server to get past the country checks put in place by the other sites.

Re: Security my Ass

[ketomax]

Most user ids have become emails these days. Even if it is not mandatory to use an email as the login, people prefer to use that because one does not have to remember a unique id for each site.

Re:Security my Ass

[fuzzyf]

Agreed.
Any company that thinks is a good idea to get customers email password in order to "add information to the email" sucks at security. Basically channeling all emails through their service, even corporate email accounts. It's just unbelievable.

Re: Security my Ass

Easy to guess for people only. A bot comparing strings wont see such patterns. Bots go for the lowest hanging fruit only.

Re:Security my Ass

"Now, I know better and use different passwords for different sites."

You are just learning this now? Are you knew here or do you just always ignore advice from experts?

Re:Security my Ass

[ShaunC]

The annoying thing is, I'm getting a lot of SASL authentication attempts from Microsoft Azure IPs against the email address I used for LinkedIn. Microsoft's LinkedIn service leaked my email address and an ancient password, and lots of Microsoft Azure cloud instances are now busy attempting to login to that email account.

Aug 15 10:51:04 mail postfix/smtpd[12561]: connect from unknown[13.84.216.161]
Aug 15 10:51:07 mail postfix/smtpd[12561]: warning: unknown[13.84.216.161]: SASL LOGIN authentication failed: authentication failure
Aug 15 10:51:07 mail postfix/smtpd[12561]: lost connection after AUTH from unknown[13.84.216.161]
Aug 15 10:51:07 mail postfix/smtpd[12561]: disconnect from unknown[13.84.216.161]
Aug 15 10:51:07 mail postfix/smtpd[12561]: connect from unknown[13.84.216.161]
Aug 15 10:51:09 mail postfix/smtpd[12561]: warning: unknown[13.84.216.161]: SASL LOGIN authentication failed: authentication failure
Aug 15 10:51:09 mail postfix/smtpd[12561]: lost connection after AUTH from unknown[13.84.216.161]
Aug 15 10:51:09 mail postfix/smtpd[12561]: disconnect from unknown[13.84.216.161]
Aug 15 10:51:10 mail postfix/smtpd[12561]: connect from unknown[13.84.216.161]
Aug 15 10:51:12 mail postfix/smtpd[12561]: warning: unknown[13.84.216.161]: SASL LOGIN authentication failed: authentication failure
Aug 15 10:51:12 mail postfix/smtpd[12561]: lost connection after AUTH from unknown[13.84.216.161]
Aug 15 10:51:12 mail postfix/smtpd[12561]: disconnect from unknown[13.84.216.161]
Aug 15 10:51:12 mail postfix/smtpd[12561]: connect from unknown[13.84.216.161]

Yadda yadda. I report them all to Microsoft's CERT but despite the "thank you" emails, I wind up getting attacked from the same IPs day in and day out.

Re: Security my Ass

[MitchDev]

Same with Passwords eh?

See, Security requires a lack of convenience, you don't get both.

If you use the same login ID and same password multiple places, especially in today's world, you are kind of inviting yourself to be hacked.

Re:Security my Ass

because your friends, or friends of friends (or acquaintances) have it. and you all got suckered into linkedin.

and here is the main problem with "social networks":

the 'network' knows way more about you than you tell it, more than you want it to, more than you could ever imagine.... because you can't control what other people do, provide, post, etc; and you can't control where else the network obtains data from (other databases, the internets in general, their own snooping and tracking) to pair-up with its own

i would guess (and be right), that facebook knows more about me than my own mother does... and i don't even have an account there.

Re: Security my Ass

I always knew he was new here. :)

Re: Security my Ass

I guess you like being spammed then. I use a separate email address per site. Most sites only get a throwaway address.

Re: Security my Ass

I have an account with your mother

Re: Security my Ass

[The-Ixian]

Here's my method for (mostly) solving that issue.

Use a single e-mail address for logins, but then heavily filter that alias. Nobody but companies have that e-mail.

Then, use @domain.com to hand out to acquaintances or anyone who you want to receive mail from.

Every year, increment the user portion of the address and discontinue the previous year. Users will know to increment the year when their e-mail bounces. If they don't bother and just give up... well, the message obviously wasn't that important.

Then there is the private address which I hand out to friends and family which I don't change, but also don't hand out very much.

Re: Security my Ass

[The-Ixian]

and... lack of edit sucks. Thought I proof read the whole thing but, of course, overlooked the angle brackets (again)...

anyway: YYYY@domain.com is what I meant.

Re: Security my Ass

I'm your mother and I *do know* what you did with your best friend.

Re: Security my Ass

Of course you do, you were there when I married her.

Re: Security my Ass

[ketomax]

Well, I had like 4 passwords. One for the Hub account like Google, one for bank accounts, one for social networks and one for web hosts, course providers, etc. At some places I have Multi-factor Authentication setup. How do you remember all those passwords? Do you use a password vault? What if that gets compromised? What sucks is that I can google my old LinkedIn password and find it in a bad password list. Did they store the passwords in reversible format? Or was it decrypted from the hashes? On a side note, a week ago I bought a custom T-Shirt from a local company 99tshirts.com. When I hit the forgot password link, it emailed me my password. Who does that these days!

Re: Security my Ass

[MitchDev]

Simply using a different login ID can work. THat way a hack of one place doesn;t give your userID and password to other sites as well.

This isn't rocket science.

So...

[The-Ixian]

You publish a public document then get mad when people use it for their own purposes.... brilliant.

How about you just make user privacy a default so that anonymous users cannot see any information?

You would then see which throw away accounts are being used to log in to see the data...

Re:So...

[freeze128]

I'll do you one better: Don't use LinkedIn.

Re:So...

[Gr8Apes]

Linked In is a public billboard. Treat it like that and this doesn't matter.

Re:So...

[MitchDev]

LinkedIn is basically Facebook for business purposes....Is anyone surprised?

Re:So...

[JustAnotherOldGuy]

I'll do you one better: Don't use LinkedIn.

That was my solution. So while everyone else is running around in hair-on-fire mode, my defensive plan is to have a sandwich and then take a nap.

Re:So...

[thegarbz]

How about you just make user privacy a default so that anonymous users cannot see any information?

Err this is linked-in we're talking about. Don't you remember the point of it all? Do you put a "looking for work" notice up on a public billboard and expect that note to be private?

Please sell my data to everyone and make it as public as possible.

Re:So...

[thegarbz]

I'll do you one better: Don't use LinkedIn.

Yes please don't. We don't need more competition in the employment market as it is.

Re: So...

[hackwrench]

Yeah and have undesirables come sniffing around. I'd rather the information be visioly to friends and employers vetted by something or someone.

Re:So...

Public billboards don't require obscene amounts of personal information to post on. LinkedIn is just another shit site run by greedy fucks that just want to make a profit by selling you. If everyone treated it as the shit that it is, it would cease to exist and this wouldn't matter.

Re:So...

[The-Ixian]

Simple. If you are an employer or recruiter, create an account. Once you are inside the gates, things are nice and open.

I was simply suggesting that they not make this level of access available to anonymous users.

If it turns out that a single account is crawling thousands of user's info... there you go, you have the user account responsible and can then do whatever internal correlations you need to do in order to determine who is scraping data.

Re:So...

[Dutch+Gun]

Let's be clear about this. LinkedIn is upset because that collection of professional data is extremely valuable. Microsoft just paid billions of dollars for it, and someone else just grabbed a lot of it for free. While having a static copy of the data isn't valuable as owning the network, there's still a lot of value of it, especially while the data is still reasonably fresh.

In short, individual users have nothing to fear from this, as they've already made all this data public, presumably because they want the world to see it. This is only an issue for MS and Linked-In.

Re: So...

[thegarbz]

Yeah and have undesirables come sniffing around

Why do you think you're some how forced to work for someone because they find you on LinkedIn? But hey I'm all for it. The less you are known the better chances I have come the next redundancy.

Re:So...

Technically we have a lot to fear from a legal system that lets a company sue anonymous people who've been downloading said publicly-available data. We must remain vigilant against this kind of BS; the amount it's gotten worse over the last 20 years is already enough to make one basically give up and assume we live in a 100% orwellian world. :P

Re:So...

[Dutch+Gun]

The only reason to scrape all of LinkedIn's public data is to compile and sell it as a database, probably to some shady advertising network that doesn't care where the data comes from. So... I'm not exactly sympathetic to whoever is doing this.

That being said, it doesn't strike me as being illegal either. LinkedIn has every right to try to block mass access, but I agree, it seems like they're on shaky ground, legally speaking (not that I'm a lawyer). Maybe a judge will disagree. We'll have to keep an eye on this one.

Re: So...

I deleted mine yesterday. I got enough of their shit to last a lifetime...

Re: So...

[hackwrench]

No, but when undesirables come sniffing around they find a way to make themselves irritable, like trying to use that data to guess passwords for your accounts and who knows what else. I could try to come up with more what elses, but where there's a will...

Crime?

[redbaran360]

Are they trying to say that's some kind of crime?

Re:Crime?

[omnichad]

Yes. They're trying to turn a civil suit about a breach in contract into a criminal charge of anti-circumvention (DMCA) of their IP blacklist procedures and CFAA and criminal trespass for the access to the nearly public profiles that anyone with a free account can view.

Re:Crime?

[infolation]

What contract did the botnet breach? I am sure the botnet didn't agree to their terms of use.

Re:Crime?

[omnichad]

The botnet created accounts, under influence of a programmer's hand. That programmer "agreed" to the terms of use. Unless we're going to say that assistive technology acts of its own free will.

Re:Crime?

[Big+Hairy+Ian]

The account that the Botnet was using to scrape the data would have had to agree to the T's & C's

Re:Crime?

[MitchDev]

And has the entire T&C been tried in court to see if it's even actually legal and valid? Companies can and WILL say ANYTHING they want in T&Cs and EULAs, doesn't make them legal...

Re:Crime?

[omnichad]

They have a pretty standard severability clause - and those hold up in court just fine. If part of the contract is invalid / unenforceable, the rest still stands.

IANAL, but I'd say "no bots / no scraping" is probably perfectly valid legally speaking.

Re: Crime?

The programmer doesn't visit the site, the bot does. And it doesn't log in so it's unclear at what point it even agreed to the tos.

Re:Crime?

Except how can they technically prove it is a botnet. All they can be sure of is different IP addresses taking similar actions. From a legal standpoint this is not guaranteed to be a botnet. You would have to have access to either one of the control channels or the infected computers to prove it was in fact part of a botnet and not just different users taking similar actions. They also can't prove scraping when all they see if IP addresses, because all they can prove is the IP address is making HTTP(s) requests, they can't prove that IP address is parsing and storing the data, but then again, if scraping is parsing and storing data, technically web browsers would fall into that category as well.

Re:Crime?

[knorthern+knight]

That's what happened to Aaron Swartz https://en.wikipedia.org/wiki/... He was charged under the CFAA.

Gotta love the "contextual advertising" around this article on Slashdot. I see a "Clear Your Criminal Record for Life" ad (I'm in Canada).

Re:Crime?

[omnichad]

bots != botnet. A bot can be a computer you own. All of the accounts were created in the same manner and all are behaving the same.

Whether it can be proven or not has nothing to do with whether the contract terms are legally valid.

Re: Crime?

[omnichad]

Look closer. They are creating accounts.

Is data scraping illegal?

[mwvdlee]

I know scanning the data from a yellow pages breaks copyright law, but using an army of typists to copy the same data from the same source is perfectly fine.
How does scraping data from a website measure up, assuming all scraped data is available to visitors through normal means (i.e. not using security holes).
At what point does using data from a website become "scraping" and at what point does it violate copyrights?

Re:Is data scraping illegal?

[omnichad]

When it's an automated tool (just like scanning from the yellow pages)

Re:Is data scraping illegal?

[Big+Hairy+Ian]

Hmm Yellow pages doesn't require you to sign off on T's & C's before you use it

Re:Is data scraping illegal?

It isn't a violation of copyright at all.

The law making it illegal is the Computer Fraud and Abuse Act, which states it is a federal crime to violate a websites terms of service.

LinkedIn is claiming web scraping is against their TOS, and the CFAA states violating the TOS is a federal crime.

Re:Is data scraping illegal?

[pem]

A compilation of names and phone numbers is not subject to copyright in the US. See, e.g. Feist

Re:Is data scraping illegal?

Can you provide some more information on this? State law, federal law, etc?

Re:Is data scraping illegal?

[JustAnotherOldGuy]

I know scanning the data from a yellow pages breaks copyright law, but using an army of typists to copy the same data from the same source is perfectly fine.

Exactly. They should have just hired 100 guys from a labor pool in India to do it, or used Amazon's Mechanical Turk.

Re: Is data scraping illegal?

Wrong! When the company is owned by Microshit.

Re:Is data scraping illegal?

[Dan+East]

Hmm Yellow pages doesn't require you to sign off on T's & C's before you use it

I don't think the data-scraping bot that agreed to the terms and conditions gives that much thought.

Re:Is data scraping illegal?

Scanning the data from a yellow pages book doesn't break copyright law. Republishing that data in the same layout is what triggers copyright issues. If you scan and then reformat you're fine. If you learn the basics about copyright law, which is very specific, then you'd be able to answer your own questions. Scraping doesn't require using that data so your second question isn't even valid.

LinkedIn isn't suing over copyright issues (so why did you even bring that up?), they're suing over unauthorized use of their site (automated scanning being against their terms of use) which is a completely different thing.

I don't understand how you got modded up.

Re:Is data scraping illegal?

[jdavidb]

I know scanning the data from a yellow pages breaks copyright law, but using an army of typists to copy the same data from the same source is perfectly fine.

To me, anybody who thinks this is a reasonable distinction to make in law shouldn't be making law for other people.

Re:Is data scraping illegal?

Except they can't prove scraping occurred with the current information they have. All they currently have are IP addresses. Scraping is parsing and storing data, web browsers also fit this description.

Re:Is data scraping illegal?

[omnichad]

You can't copyright facts, but you can copyright a compilation. It's likely there are a handful of fake listings in your average yellow pages just to ensure that they can prove copying.

The same happens with fake streets on GPS to prove when maps are copied. I won't do the research for you, but there's plenty of case law out there.

It's Illegal activity, but LinkedIn went too far

[omnichad]

The charges are a bit trumped up and ridiculous. The illegal access by using a bot and breaking the legally binding user agreement is enough.

Claiming that it's a violation of the DMCA (anti-circumvention) and CFAA to circumvent their blacklisting procedures is silly. Not being on a blacklist is not a thing you "circumvent" nor is it a different kind of illegal access than using the bot in the first place.

What security?

[in10se]

How is the site offering security? If a bot can literally crawl/scrape your site, then given enough time, that is something a human could do as well. How is that data secure in any way?

Re:It's Illegal activity, but LinkedIn went too fa

This is just normal legal playbook. You sue for as high as you can and then settle for less. It is easier to go down in value than up. Though if you can get away with it the potential is there to profit more than you truly expect. It is both common business sense and abusive psychotic behavior.

Botnet?

[wcrowe]

So they're saying a botnet was used to gain access to the data, then passed on to third parties. Unless I'm mistaken, the IP addresses will be pointing to machines on the botnet, and the owners of those machines have no idea that is happening. It sounds like a lot of innocent people might get swept up in this.

Also ironic that LinkedIn is owned by Microsoft, who is no doubt responsible for the operating systems running on all those bots on the aforementioned botnet.

Re:Botnet?

It would be funny if in fact that innocent people are Windows 10 users with default "privacy" settings xD

Re:Botnet?

In some countries you are still guilty of providing telecommunications infrastructure for criminal purposes if you provide access to your computer via a bot. Eg: Germany.

Re:Botnet?

So they're saying a botnet was used to gain access to the data, then passed on to third parties. Unless I'm mistaken, the IP addresses will be pointing to machines on the botnet, and the owners of those machines have no idea that is happening. It sounds like a lot of innocent people might get swept up in this.

So you're saying a lot of people have infected machines who would benefit from being contacted and made aware of it?

Also ironic that LinkedIn is owned by Microsoft, who is no doubt responsible for the operating systems running on all those bots on the aforementioned botnet.

But they aren't responsible for the people who decide to use the malicious software.

Er, Pot, Kettle. Linkedin harvested data itself.

Other users giving my email address to linked in is likely a similar violation of my privacy. Who do I sue, linked in or people who didn't know better when they pressed the 'agree' button.

The whole linkedin connections thing is spooky in the way it finds links. I've had some people I knew suggested to me that should /never/ have made connections (and don't have my details) so linkedin has also been not only taking in data from users, but probably importing scraped datasets itself in order to improve it's connections.

I sense a potential sueball at linkedin here.

Curses foiled again

Congratulations your robots.txt didn't work. LinkedIn should really invest in better solutions. Which makes them just a 1/2 step above farcebook.

Microsoft?

" The Microsoft-owned service takes pride in the relationship it has with its users and the security it offers their data."

No, the Microsoft PURCHASED service, none of those users signed to hand their data to Microsoft, they just got shafted.
As to "the security it offers their data", Microsoft BOUGHT their data, LinkedIn handed all that lovely data over as part of the deal, yum yum yum.

LinkedIn itself implemented an API that is licenses to others to access that data, so basically, their entire business is selling your data to others. All the nice info on who works for whom on what projects, all that business intelligence, all waiting to be sold to competitors, recruiters, scalpers, intelligence agencies, anyone for any reason.

LinkedIn has this habit of asking for email passwords, then logging in as you (IMPERSONATING YOU TO THE EMAIL PROVIDER), data mining your contacts and emails, and using that to send fake emails, pretending to be you, inviting others to connect their accounts to yours. They KEEP the login details and REPEAT the data mining periodically to see if you have new contacts.

If you have the misfortune to have a LinkedIn account, now that thy are owned by Microsoft, there are a myriad of opportunities to cross link that data to Microsoft's advantage and your disadvantage. Microsoft paid $65 per USER, they can extract $65 of value from selling your data to others. Realize that, change your email password, stop updating your LinkedIn account (you can never undo the information you gave them), and walk away.

What a load of bull...

[NaughtyNimitz]

LinkedIn is the most idiotic brain dead company I've ever worked with.

I had a simple question: tell me how i can get the number of jobofferings that my customer's company has posted so i can show this number on their corporate site with a linked to LinkedIn. There must be an API for it, i've got OAuth2 credentials and a signed letter from the God/Darwin..

"Ah, but yes, but no, but yes, but no..."

Long story short, i've written a small program to check the LinkedIn site and get the value manu militari and it works great.
And I know this is not the same level as the bad-ass scrapers do, but I like to see LinkedIn tear in its own flesh...

Botnet

The Microsoft-owned service takes pride in the relationship it has with its users and the security it offers their data... LinkedIn says that a botnet has been used to gain access to user data which is then passed on to third parties.

Hmmm, I wonder what kind of computers that botnet runs on.

Re:Botnet

[Megol]

X86 based notebook and desktop machines running Windows. Why would a botnet creator go for anything but the most common configuration of hardware and software?

Re: Er, Pot, Kettle. Linkedin harvested data itsel

[mSparks43]

thats just a relationship map thing.

several people in your contacts list are connected closely to them and in a similar field.

that applies to all their suggestions. you just only recognise and therefore see the ones you actually recognise.

Unbiased articles...

I love to see things like "The Microsoft-owned service takes pride in the relationship it has with its users and the security it offers their data." in articles that are just reporting a "news story" but have no citations for said statements.

How would you prove this?

I was just refreshing your website every 20ms, not scraping any data.

How would you prove that any "scraping" took place, and why would it be illegal if it's publicly accessible information? If no security breach occurred, how is it different from other users accessing the same information?

Or is it just one of these american things where a corporation pays a large amount of money to lawyers and judges to imprison and/or financially ruin people that did something they didn't like?

dupe from 4 days ago

[tomhath]

Maybe /. should sue LinkedIn for spamming them about this lawsuit

Let's see...

[MitchDev]

Samples from the list of the 100 individuals being sued...

I. P. Freely
Mike Hunt
Hassant bin Laid
Prince Albert-in-a-can
Anna und Elsa
Bartman Simpson

etc, etc, etc

Lol, too funny

[JustAnotherOldGuy]

"The Microsoft-owned service takes pride in the relationship it has with its users and the security it offers their data."

Yes, and slave owners in 1700's took pride in the 'relationship' they had with their slaves and the security it offered their profits.

CFAA?

[campuscodi]

Why is LinkedIn using the CFAA hacking-related law to reveal details about a privacy-related issue. Data scraping is not hacking.

In other words...

[ilsaloving]

They're only pissed that people tried to take the data without paying them first.

VPN and Proxy

Yet another reason to make sure everything you do online is anonymous. What's legal and reasonable today might not be tomorrow. Everything you do is saved forever.

Passing user data on to 3rd parties.

[thegarbz]

As a matter of interest, what is the point of LinkedIn if not to pass my user profile to as many people as possible?

They should be hiring these bots, not taking action against them. The whole purpose of LinkedIn is a public advertisement for work. They like to pretend they are a "social network for business" but really all they are is a giant platform for classifieds, and within that purpose the bots are doing a great job.

Re:Passing user data on to 3rd parties.

to pass my user profile to as many people as possible?

if your work is controversial, then perhaps you don't want the crazy fringe to know your home address, but you do still need to find a job

Scammers harvest LinkedIn for victims

[AnalogDiehard]

I was a (brief) victim of a dating scam. After I got wise and cut them off, I wondered where how they profiled me. My "date" claimed she found me on a FB group but scammers hide their tricks. Googling a quick ego surf revealed that the only place any profile of mine shows up is LinkedIn, which I thought was private. Seeing that I got zero benefit from LinkedIn and I had no other profile stored anywhere, I promptly deleted my LinkedIn account.

This is really about paying for the data

The data is readily available if you get a salesman/vendor type account.

In fact, LinkedIn provides almost no value for the typical person. It's a platform to sell access to computer professional.

I get 10 requests to "link" with a saleman every week. I delete every one of them.

I get 5 requests to apply for jobs... in fields that are unrelated to my experience and degrees.

It's a crap platform these days, and you'd have to be dense not to get that.

Bing scrapes Youtube

Bing scrapes Youtube to index its contents. Bing is Microsoft owned.

It makes zero difference what EULA terms you put on a public website since the scraper doesn't read or agree to those terms. They don't use your service, they just index your website. If you don't like it Microsoft, don't publish the data publicly, keep the good stuff behind a login and monitor/limit accounts usage of those logins.

Put it this way, if you weren't scraping you, but you let others index the public data (e.g. Google, DuckDuckGo etc.), then they'd scrape Google and DuckDuckGo instead. Once you published it freely, without first showing a screen sayng "here is the EULA, you agree to this by clicking agree, we show you nothing till you agree", once you did that publishing freely, you lost control.

Re:Bing scrapes Youtube

Bing scrapes Youtube to index its contents. Bing is Microsoft owned.

Youtube allows that.

Youtube would look on Bing and Microsoft with disfavor if they started downloading the videos and posting them on their own service.

Public?

This is honestly pretty questionable, legally; I'll definitely be curious to see what the verdict is; it's typically extremely hard to get damages, for something, that's accessible to the public. That kind of goes both ways though: if this is accessible to the public, how is this different, legally, from reading it - then storing it.

scraping without permission

Problem is the bots are reposting everything on other websites. It's all automated. Imagine your site content was stolen, layout redesigned, and hosted as another website. It will look different but has exact same data as yours. Scraping data isn't bad in itself. There are plenty of legitimate and quite frankly awesome uses for scraping. Hosting that data on another site without permission is illegal. It is theft. It's almost impossible for a developer to prevent CDN scrapers these days without legal action. For sites like LinkedIn they can see what accounts are being used to scrape from but since it's free registration they'll just create a new account. Multiply this by hundreds or thousands of accounts and it becomes very tedious for an admin to ban accounts on a daily basis. For the admins own sanity, legal action is a good thing.

Re:scraping without permission

[tomhath]

You like Microsoft's Bing scraping Google results? Pot meet kettle.

Re:scraping without permission

It's not illegal and it's differently not theft. It's only morally wrong. And if only facts are being copied, then it isn't even copyright infringement.

Re:scraping without permission

Imagine your site content was stolen, layout redesigned, and hosted as another website. It will look different but has exact same data as yours.

Oh, that's just where the fun BEGINS. If they aren't using their brains, you can make invisible changes to your site that will wreak havoc on theirs. Alternate image goatse!

Good luck with that...

[drew_92123]

If the folks running the bots are even half as smart as the average geek they'll never figure out who was behind it... but perhaps they'll get lucky? lol

People make it easy

[snookiex]

I've already seen on LinkedIn quite a few guys posting stuff like "Hey this is a crappy Excel sheet that allegedly does what a ton of other applications already do better and for free, why don't you post your emails and I pinky promise I'll send it back to you". By the comment 10K someone says "hey, has anyone received the email?". By the comment 20K someone else says "I hope this is not a scam to harvest our email addresses. Anyway, my email is XXX".

My opinion is that they deserve it.

What if I build....

[snususer]

......a bot which uses my own LinkedIn login and password? As it's my account and I am, a) gaining access to LinkedIn via the same methods I would do manually; and, b) reviewing data that I would also do so manually, would there be an issue? If so, under what premise/guise, etc.?

Re:What if I build....

[fluffernutter]

Actually I just scrolled down to post the same thing. The bot is only seeing the data that linkedin shows everyone anyway. This is definitely not a security issue, if it is even an issue.

Linkedin scrapes U

[WaffleMonster]

Is this the same LinkedIn that created a MITM proxy to scrape whatever it pleases from everyone's emails and proceed to mercilessly spam anyone you've ever known to join their happy little cult?

This is the same company now trying to sue people for scraping data from a publically accessible site?

SILLY SILLY FBI MOLES ...

http://blogs.barrons.com/focusonfunds/2016/06/13/microsoft-buys-linkedin-these-etfs-are-poised-to-jump/

How dare you post a Microsoft story and call it Linkedin?

Also, if you are going to sue for scraping data.. FBI would be the defendants vs over 200 million litigants.

The FBI not only scrape ALL YOUR DATA (Microsoft/Google/Facebook/Markmonitor/Cloudflare/Twitter/more), they share it internationally because the FBI is full of moles.

They also murder people like Ian Murdock who won't go along with their plan, so they can get more access to more people's private data.

They are like ticks and fleas. They want to know all your shit just for a paycheck, no matter who is paying it. Pieces of shits. .. AND Slashdot is FBI.

Re:It's Illegal activity, but LinkedIn went too fa

No one agreed to shit

And it won't hold up in court

Standard Microsoft Procedure:

[jopet]

Hire good lawyers instead of good developers.

MS scraped LinkedIn before they bought it

Time to get off LinkedIn. What's the best alternative?