LinkedIn Battles Online Scrapers in Perpetual Struggle Over Data

LinkedIn was instrumental in shutting down a company scraping its information earlier this year. Now, it is going after another.

The company, a subsidiary of Microsoft Corp., filed its latest lawsuit this month against ProAPIs Inc., alleging that the company created millions of fake accounts to log on to the LinkedIn site, extracting information about users such as job and education details in addition to their posts, reactions and comments.

“Defendants’ industrial-scale fake account mill scrapes member information that real people have posted on LinkedIn, including data that is only available behind LinkedIn’s password wall and that Defendants’ customers may not otherwise be allowed to access, and certainly are not allowed to copy and keep in perpetuity,” the LinkedIn lawsuit alleges.

LinkedIn has been battling scrapers for years. In July, it announced the resolution of a lawsuit it had brought against Proxycurl for unauthorized scraping. Another lawsuit, which pitted LinkedIn against a company called hiQ Labs, lasted six years from 2017 to 2022 and went to the Supreme Court, resulting in a confidential settlement. In that case, the lower court said that scraping was acceptable in certain circumstances, but companies could bring breach of contract claims for unauthorized scraping.

The emergence of AI technology, which enables the rapid extraction of member information, has now raised the stakes for LinkedIn, which touts more than 1 billion members in 200 countries.

LinkedIn says it has regularly detected and restricted fake accounts from ProAPIs. “But in that time, each such fake account can sometimes scrape hundreds of profiles, if not more,” according to the latest filing.

ProAPIs did not reply to a request for comment. LinkedIn directed queries to an online post by Sarah Wight, a vice president in the legal department. Her post said, “We do not permit members or third parties to scrape personal data and use it in ways our members have not agreed to. Additionally, you must be real—fake accounts are prohibited.”

LinkedIn’s privacy policy says user data may be used for targeted advertising and for AI training.

Data Matters

LinkedIn occupies a unique place among social media sites, making it one of the more valuable public data sources, said Austin Chambers, a partner at Dorsey & Whitney LLP.

“It’s very common for sales people to buy lead lists of people who are employed within your target industry so that you can contact them and try to sell whatever your product or service is,” Chambers said. “Sometimes it’s these marketing type companies where they’re looking for the most up to date sort of lead list of people.”

The market can be lucrative. According to allegations in the lawsuit, customers were paying ProAPIs as much as $15,000 a month to rent their scraping services.

The scraping activity raises costs for LinkedIn, as well.

LinkedIn, Chambers said, argues that it is spending extra resources to defend against this kind of data extraction, from employing more people to increasing server capacity to prevent it from slowing down because of relentless scraping by bots.

“Basically these scrapers are forcing them to buy more server capacity than they could ever conceivably need if their platform were accessed only by human users,” he said.

Legal Angle and Risks

LinkedIn warns in its latest lawsuit that once the data is scraped, it can be used to send spam, sold to scammers or combined with other information to create extensive private databases.

James Gatto, a partner in the intellectual property practice group at Sheppard Mullin, Richter & Hampton LLP, said that social media sites like to monetize their data but want to minimize the ability of others to monetize it. Web scraping per se is not illegal, and some companies might have valid rights to use the data, he said.

“I wouldn’t want to cast the entire practice as illegal and unscrupulous,” he said. “But there’s certainly some folks that might fall into that category.”

Companies must do their due diligence every time they buy data from a third party, he said.

“You understand how they acquired the data,” Gatto said, adding: " You’ve got to make sure that the company both has the information legally and has a right to grant you whatever license you want to use it for.”

While LinkedIn has prevailed in some battles with scrapers, the law remains murky, said Woodrow Hartzog, a specialist in privacy and technology at the Boston University School of Law.

Hartzog says US courts have danced around the question of whether there should be any protection for information that is already accessible to others.

But, he added, “the unfettered scraping of personal data violates every bedrock privacy principle that is enshrined in most privacy laws in the United States and around the world. And the hard part is that the laws simply aren’t sculpted in such a way that it captures that behavior.”

The case is LinkedIn Corporation v. ProAPIs Inc., N.D. Cal., No. 3:25-cv-08393, complaint filed.