To be fair to LinkedIn they do list a specific and limited set of problems in their letter. They're not asking you to stop building BrowserFlow, but to stop advertising it as a LinkedIn scraping tool, and using their logo to do that. It sounds to me (not a lawyer) that removing all the LinkedIn examples from your website and stopping using their logo would be enough to satisfy their request...

IANAL, but I think this is right.

My understanding of the LinkedIn v HiQ case is that it's legal to scrape public pages no matter what is in the website terms.

Scraping "privet" pages can be illegal as you have had to explicitly agree to the terms.

Your users would be breaking those terms, not you, as they do it on their own machine. As the parent said, just remove all reference to LinkedIn and you can move on.

I am an attorney whose primary focus is in this area of law. And this interpretation of the LinkedIn v. hiQ case is categorically wrong.

https://blog.ericgoldman.org/archives/2022/12/as-everyone-ex...

https://blog.ericgoldman.org/archives/2022/12/hello-youve-be...

Hi (disclaimer: I was the CTO at hiQ)

I think your analysis is pretty much spot-on, but I would ask you as a lawyer to answer this hypothetical:

If hiQ had scrupulously and categorically avoided ever using logged-in accounts (as opposed to the facts claimed re 'Turkers') would LinkedIn still have had the leverage to shut us down?

Also note that LinkedIn, as part of its strategy to force us to settle, threatened to permanently delete the _personal_ LI accounts of everyone who worked at hiQ. How does that sit with you ethically, knowing that a LinkedIn account is precisely what you must have in this business, especially when your company shuts down and you need to seek employment?

That's a really good question. The judge's original rulings were very hiQ-favorable, with those opinions becoming progressively less favorable over time. Whether it was facts learned in discovery or push-back from somewhere else, I wish I knew. Something happened along with the way that made the judge more favorable to LinkedIn and less sympathetic to hiQ. I find it hard to reconcile the early TRO proceedings with what came later. And as I say in the articles, the judge never bothered to explain why he made the 180.

That's pretty shady re: the threat to permanently delete the personal accounts. But it's also not surprising. At this point LinkedIn and their fellow social media cohorts are emboldened by these recent decisions and they're on the warpath. People need to be careful out there.

If you want to have a private discussion on this subject please email me: danbmil99 at gmail dot com

To summarize, hiQ was not found criminally liable under CFAA.

However, they were civilly liable for breaking LinkedIn’s terms of service.

Furthermore, do not assume that a ruling pertaining to hiQ is relevant to you without doing further research.

(This comment is targeted at people browsing HN for entertainment. I am not a lawyer and I don’t know what I’m talking about.)

A better summary:

Summary judgment was granted on behalf of LinkedIn against hiQ Labs for breach of contract. Summary Judgment was denied against hiQ Labs on its CFAA claims. So the court ruled that hiQ breached LinkedIn's contract.

The parties settled their dispute with hiQ Labs agreeing to court-imposed injunction to never again scrape LinkedIn and by paying LinkedIn $500k.

Despite the headlines, the final resolution of these disputes was a win for LinkedIn, not hiQ.

For the longer version, read the posts above.

We definitely need scrapping neutrality. If you allow any third party(including Google) to scrape your public data, you cannot prohibit anyone else doing the same.

Outside of protected classes, I see that argument flying as well as "house party neutrality" for individuals.

The hiQ case is kinda weird because the part people here care about is scrapping public pages, but the claims still being litigated are all concerning activities done while logged-in or at least under the ToS. hiQ can win on the public scrapping claims but lose on the rest, there's no "win/lose" in law except on individual claims. The articles kinda bury that distinction and then claim "you don't want to go out of business like hiQ, get a lawyer".

Do you take new clients? I'm interested in consultation in a related area. How can I contact you?

Shoot me an email at Kieran(at)McCarthyLG.com.

> Your users would be breaking those terms, not you, as they do it on their own machine. As the parent said, just remove all reference to LinkedIn and you can move on.

There is some kind of cloud stuff here though.

It's not trade mark infringement to use a logo to refer to a business entity, fwiw.

There was a recent piece of caselaw relating to scraping, in USA, IIRC. I seem to remember it was allowed for user accessible areas.

I'm not sure LinkedIn have a legal basis for their complaint, but of course that won't stop them.

This is not legal advice and does not relate to my employment.

This reminds me of a time where I was in SF taking pics of "the pigeon whisperer" lady (A lady who would feed the pigeons, and thus had a ton of them around her): She was in an alley near Financial District, and I was taking pics of her and all the pigeons.

Some thug came out of some building telling me I was not allowed to take any pictures.

I told him to get lost. and he said "Policy is that you cannot take pictures"

I said "I am standing on public property. If I can see it with my eyes from where I am standing in public, then I can take pics of it. Get lost."

Same goes for scraping a site: If I can see it in open public from any browser anywhere on the globe: that is open data. I dont give a shit what lawyers or companies think in this regard.

The term "walled garden" exists - if you want your shit hidden... then dont make it available to the open web.

The about certainly sounds right, but do yourself a favor and check with an IP lawyer. A quick consult won't be too expensive and will probably save you down the line.

It's up to the user to use to use it on public pages vs private pages. I believe the most OP should do is be explicit: "This tool is only meant to scrape public pages". Just like a knife can be used to kill, does not mean Walmart should cease selling knives.

>Just like a knife can be used to kill, does not mean Walmart should cease selling knives.

They could put warnings on them, though - much as they do with plastic bags. I'd sure feel safer.

This is not legal advice, but here's what I would do:

1. Recognize that they have requested exactly four specific actions from you (bullet points, second page)

2. Do not follow the 4th bullet point, affirming in writing any future conduct only opens you up to liability. (By affirming, you'd create some agreement that they could later make hay about you breaching if they're not happy with your future conduct.)

3. Follow the 3rd bullet point rigorously. They do have a claim on Trademark infringement, and that will hold up well enough. Clean it up ASAP.

4. Take a legal position on where you stand vis-a-vis the LinkedIn User Agreement.

- BrowserFlow (or Road to Ramen LLC) is not a party to that agreement, so you can argue that you're not bound by it. The individual person who is using BrowserFlow is, since they have a LinkedIn account.

- If you want to play it safe, remove the LinkedIn examples from your website. (Bullet two.)

- I would not change the existing functionality of BrowserFlow -- my view here is that this is general-purpose tech and BrowserFlow doesn't have an agreement with LinkedIn. Any consequence of misuse of BrowserFlow is on the end-user, not you. (As spelled out by the terms at https://browserflow.app/terms, which contain a limitation of liability section.)

Do prepare for your LinkedIn account to be banned though.

> Do prepare for your LinkedIn account to be banned though.

From all the recruiter spam I've received over the years, I almost see that as a good thing.

Engineers really love saying this but I take it as a good thing. It's like audibly complaining that you get too many Tinder matches.

I think it's more aptly compared to complaining you get a bunch of Tinder matches from people you don't find attractive.

There's a difference between "recruiters reaching out" and "spam that doesn't match my skills or experience at all from recruiters that barely seem to listen when I tell them that and insist on offering me a job that's not even remotely a good fit".

It really depends on how you look at it. If I get a whole bunch of fake AI matches from Tinder, I don't see that as a good thing either. Unless of course, fake AI is your 'thing'...

If you invent browser which converts every page to pdf - you're in violation of some crap out there?

No, but that doesn't stop a company from having their lawyer send you a cease-and-desist letter.

Not a lawyer but:

> Cease and desist developing, offering, or using software or programs with features developed, marketed, or intended for automating activity on LinkedIn’s website or app, scraping LinkedIn member data, or otherwise violating the LinkedIn User Agreement;

> Cease and desist marketing or advertising Browserflow as a tool or service to be used in a manner that violates LinkedIn’s User Agreement, or promoting Browserflow in any way that represents or suggests functionality or features that can be used to violate LinkedIn’s User Agreement;

> Cease and desist violating LinkedIn’s intellectual property rights by removing from all Browserflow materials all unauthorized uses of logos likely to cause confusion with LinkedIn’s trademark; and

> Affirm in writing that you will not engage in any violations of the LinkedIn User Agreement in the future.

Just remove all LinkedIn examples and tell them you will stop marketing it as a LinkedIn scraping tool in the future. I don't know your extension if you make any "significant" money then get a real lawyer to look it over.

> Affirm in writing that you will not engage in any violations of the LinkedIn User Agreement in the future.

This seems like the weirdest one to me. I mean if they don’t have a LinkedIn user account, why should they abide by the User Agreement?

IANAL, but there is a big chance that this is just a boilerplate cease and desist used for every project that comes up when you google "scraping linkedin". I would not over think it.

Lawyer/legal time is costly, they probably didn't look into it too deep, they just saw the LinkedIn logo with "Scrape LinkedIn" written next to it on OP's main page.

Welcome to the Law! They can ask, and explaining that you are not party to their EULA is a perfectly valid counterargument. They will argue that by accessing their website with the service you are agreeing to the terms, and then you wind up in expensive litigation.

The demands seem pretty reasonable in this case, I'd probably accede.

I clearly don’t know anything about the law but I’d definitely want to talk to a lawyer before agreeing to that point, assuming I didn’t have a LinkedIn account. If I didn’t already have an agreement with LinkedIn, right when they’ve noticed me and are getting litigious sounding seems at least to this layman like the wrong time to start signing agreements they’ve sent.

Why would you assume someone who develops a browser extension marketed in part as a LinkedIn scraping tool does not have a LinkedIn account?

I think the matter of whether they have an account or not is irrelevant. The violations listed are not directed to a LinkedIn account.

The cited EULA terms don't depend for applicability on creating an account, only on accessing LinkedIn. Whether or not that's enforceable and in what jurisdiction is a different question, and not one that's relevant here; unless OP is extremely foolish, we are not about to see that question tested again in court.

In any case, LinkedIn accounts are clickwrapped in the EULA, and you can't build a scraper for stuff behind their auth wall - which, I believe as a direct response to LinkedIn vs. HiQ, is more or less everything they serve - without being able to get past it yourself. So the question of whether or not OP has agreed to the EULA, which LinkedIn complains Browserflow is marketed in part to violate, isn't remotely germane to a meaningful discussion of the issue.

I disagree that it is irrelevant. A contract applies to the person who signed it, not the (inanimate) account.

I mean if they have a contract with LinkedIn and they are violating it, they should stop lol. Since they make money from the tool apparently, and LinkedIn accounts are worthless, I’d probably stop violating the contract by terminating my LinkedIn account.

You don't think a team of Microsoft lawyers could find a way to sue you for marketing to LinkedIn users a tool expressly designed and marketed for the purpose of violating the EULA those users agreed to as a condition of creating their accounts? Thank you for exemplifying the value of the old advice against litigating pro se, I suppose.

LinkedIn is being a lot more generous here than they really need to be. Getting an Ask HN to the front page about it wasn't terribly smart, but then this is why the only good advice for OP in this thread is "talk to a lawyer", which anyone who's already incorporated an LLC really should not need telling, but whatever.

It is a general purpose tool. I mean autohotkey or any open source web browser could be hypothetically used/modified to scrape websites. What do you think about just removing that example?

It is possible that they have an account, but it is a general purpose tool for scraping, so I assumed it isn’t necessarily the case. If they have an account and are blatantly violating the TOS, that’s just looking for trouble, they should stop.

So if I write on a piece of paper "If bob breathes, he owes me $100" that would also be valid contract?

Not a lawyer, but that is ridiculous. You'd have to accept the terms to even be permitted to read the terms, as they are hosted on linkedin.com.

No of course not, but there's a huge difference between someones bodily autonomy and using a service that you provide. Are you saying that companies should only be able to apply their terms of service to people who make accounts on their website? Or that they should host those terms somewhere besides their own domain so that you can access them without having to abide by them?

To me it’s like building a storefront and asking everyone to not look at it and/or to not speak about it elsewhere, unless you abide. Turn your head and get legally bound.

I know law doesn’t work that way, but it doesn’t make it non-absurd either.

Edit: I remember from my childhood public transport “artists” who could enter a train, perform their “art” and then demand money “because I’ve seen that you watched it”. Not exactly the same, but strong vibes.

The terms of service should only apply to people who use the services. For example if you use Firefox to connect to a website, and violate the TOS of that website, Mozilla would obviously not be involved.

For a couple of reasons, no.

Bob would have to agree. And Bob would have to be getting _something_ out of it.

(I'm not a lawyer)

I'd disagree. The users of OPs tool certainly are, but it doesn't seem like that's the responsibility of the developer.

If they're advertising it as a LinkedIn scraper then it is, and that seems to be what's cited as the actual problem.

> Affirm in writing that you will not engage in any violations of the LinkedIn User Agreement in the future.

“I’ll never do it again” may help decrease the punishment if this ends up in court, but why would you promise that now? IANAL, certainly not for every jurisdiction on earth, but I would think that’s risky from your side in that you’d have to agree to their user agreement, even if, in the future, they put things in it that aren’t legally enforceable.

IANAL. I know the US is messed up but this isn't ending up in criminal court so punishment doesn't seem like the right word. Surely, damages would be ineffective by future conduct. I can't see a jury award punitive damages or exemplary damages for scrapping LinkedIn.

I'd remove any mention of LinkedIn, but I also wouldn't tell them anything. You've removed anything they'd sue you to remove, writing to them afterwards gives them more material to nail you with in the future.

Not a lawyer, either.

> Just remove all LinkedIn examples and tell them you will stop marketing it as a LinkedIn scraping tool in the future. I don't know your extension if you make any "significant" money then get a real lawyer to look it over.

Remove all linked in examples, and indicate that you will not include them in your docs again

I wouldn't admit to writing or advertising this as a linkedin scraping tool regardless of if that was my original intention or not

op should open source their old docs until there are enough forks then pull it.

Do stop using their trademark or making reference to them immediately and let them know you have done so, ie points 1-3. But, I would say do not agree to any future conduct in writing on behalf of your business without talking to a lawyer first - I think you need to carefully word a response around that to avoid liability.

IANAL, this is not legal advice, etc.

could they say something like: you can use it to scrape popular social media sites, a few fictitious examples are: MaceBook, bootube, rinkedrin, rikrok.

people get the meaning without directly naming them.

> but I'd like to continue building Browserflow because it's my livelihood

You're asking random internet weirdos for business legal advice when you should definitely be contacting your lawyer instead.

Since when does everyone have a lawyer waiting at their beck and call?

"Your lawyer" does not need to refer to someone who works exclusively for you, or someone you have on retainer. It could just mean the legal professional who you call when you need help with your business. If you have a business and have never needed a legal professional before, then you would interpret that statement to mean you should find one and start a relationship with them, as a successful business will likely need frequent legal assistance.

I mean, since when does everyone have a chef waiting at their beck and call?

Since they invented restaurants.

If you want a meal made for you, you go to the business and ask for a meal. If you want someone to lawyer for you, you go to the business and ask for some lawyering.

But you never hear:

"I'm hungry"

"Ask your chef to cook you something."

So why do we hear this in law?

Everyone else is making this sound like a dumb question but it's not.

I once got asked to sign a stupid contact. I was pretty sure it was not enforceable, and if I didn't sign I'd be fired and make an annoying enemy.

Me and 3 other guys piled in and hired a lawyer for like an hour to have him look it over and tell us if we should sign it or quit.

In the end, my split was $200 or so, and I didn't really learn anything that googling hadn't already told me. I signed it and then quit on my own terms a couple months later.

Not many people these days, even devs, who will just chuck around money like this for far too little marginal benefit over (as someone else in a comment said) "asking randos on the internet".

How do the other 3 people feel about it? Because that sounds like $200 well spent! Try asking "randos on the Internet" if a non-compete clause in a contract is valid, and if you're lucky, someone will ask you where you're located, which impacts whether or not the clause is legally enforceable. If not, someone will spout off the answer as it affects them, which is great, except if you're in a different state that advice may be dangerously wrong. In this case, the $200 didn't reveal anything drastically different, but at the end of the day, for anything complex, I'd much rather spend my share of $1,000 to make sure I'm not about to get the short end of the stick. If you've gotten the really short end of the stick before, you'll see why $200 is cheap.

Similarly. I mean, I knew it would be $200 or so, and I ended up going ahead and doing it. So what I actually ended up doing was in line with your sentiment "$200 is cheap compared to getting fucked".

And if presented with the same scenario again, I'd probably do it again, though probably with some chagrin.

But my point is, $200 isn't a ton but it's not nothing, and if you're already potentially going to be fucked, the probability of $200 being in the "not nothing" category is probably higher. And if it wasn't something a few other people were stuck with too, it'd have been quite a bit more. (Hard to figure the exact bill because one of us decided to talk to him for a lot longer to check on some specific things, so we just venmo'd him for what he thought our % of it was).

So - I guess what I mean is - even for fairly privileged people, "just check with a lawyer" is not something you "just" do.

And I find it super annoying that assholes (like LinkedIn for OP, and the person who was forcing me to sign the contract) can just write shit down and throw it at you and then you're supposed to spend $500+ to check them on their bullshit or you're the one in hot water.

(Though, that said, OP's example isn't perfect because using the LI logo probably should've been a "hmm wait a sec" moment for him. But also if all LI emailed him about was "stop using the logo" then he similarly probably wouldn't be feeling the need to seek legal counsel).

If you want to bring up privilege, privileged people have networks of friends that are also privileged, so the chance of having high powered lawyers (and doctors) friend is quite high. So "just check with a lawyer" becomes "let me email Jerry that I've known for 10 years". Jerry's not going to do a ton of work for free, but he could take 20 mins to read it over and say very directly in which ways you could get fucked over and advise either actually spending time on a lawyer if it's important, or advise against it, in ways a professional connection would not.

Hiring a lawyer isn't magically going to make your problems go away, and it might not even be that useful, and it will definitely be painfully expensive, but the fact remains that (as you just concluded) it's still the right decision in situations like there. OP is facing a situation that could potentially end his business, he needs to hire a lawyer.

If you are selling a product to the public and get a legal threat from a big company, you need to get a lawyer, whether or not you have one to start with. Period, end of story. OP mentions it's their livelihood, so it's worth it.

The point is that lawyers sent the cease and desist, so the other side does have lawyers at their beck and call. If you want to do anything other than what they demand you do, you are risking more lawyery-action. And even if you do comply, that doesn't stop them from continuing to bring action against you for some other reason, or for damages, or whatever they want, really.

It may not be a system that is geared towards fair play, but if you want to play at all, you really should have a lawyer, too.

Anyone running a business needs legal services from time to time.

You don't need to have a lawyer ready all the time, but you can still get one.

This is something that is perfect for a hour or so consulting call and maybe with an additional fee to review the document. You don't need an existing relationship to run things like this by a lawyer. I've had to do it a few times and the charge has never broke the bank and has always been worth the value.

Even the small time mom and pop outfits get lawyers to reviews contracts.. If you have a big legal issue get legal advice, it's like getting a medical when you have a decently worrying health issue

That's what retainers are for. Plenty of people have lawyers on retainer, just waiting for when they need them.

Plenty of people with $$$$

Or who view it as a necessary cost of doing business. I knew a guy who was into some shady stuff and he saved up $10k to give to his lawyer for when he would unexpectedly need some lawyer services.

Lawyers can be random internet weirdos, too.

1) Talk to a lawyer, many will do an initial consultation for free. Expect to pay money to have them help you with response letters. I would not recommend doing this alone

2) It does sound like your app is more general, like you say, similar to browser automation tools or AutoHotKey. The user requests are not coming from an IP you control. Remove references / examples to LinkedIn for sure. This is basically what they are asking you to do. Talk to a lawyer

Side note, I thought LinkedIn lost that case on appeal, and after being sent back down from the Supreme Court for re-evaluation.

https://www.zdnet.com/article/court-rules-that-data-scraping...

Again, this is old news and wrong.

https://blog.ericgoldman.org/archives/2022/12/hello-youve-be...

I assume you are only referring to the LinkedIn losing part of my comment. It would be nice if your comment was more specific to this. Thank you for sharing the link though, I recall seeing that page too

As I understand it, OP built a no-code browser automation extension, which can be used to create a LinkedIn automation. It does not come with this ability out of the box, though it seems easy to install: https://browserflow.app/shared/1ac2a868-02ac-4435-a91f-b0203...

I'm not convinced that LinkedIn has a solid case for Cease and Desist. The court didn't find that someone cannot _build_ such a tool, only that they cannot run it (_conditions & nuances_). OP is not running any such scraping service (except maybe during development), and it is in fact a user of the browser extension who would be violating the ToS. This is not unique to Browserflow and the same situation could exist for any browser automation tool.

That being said, LinkedIn (Microsoft) could bury OP in legal fees, so decide if you want to die on that hill...

Maybe OP could create a community hub and use 230 to shield them self from user submissions of LinkedIn automations?

Read the link; there's plenty of detail there. Not going to comment on the specifics of OP's case in a public forum, but if the OP wants a free consult, I'll do that.

They don't need a case for a C&D. All a C&D does is put the receiving party on notice. They aren't enforceable. What makes them meaningful is that they suggest LinkedIn might sue in the future (or take other adverse action).

There's both local and cloud version of the app. The cloud version of the app runs from the infra that he manages. Hence, he would liable for the violations that happen using the cloud platform that he manages.

A big part of LinkedIn's business is providing tools for recruiters to search the database of profiles and extract information, essentially, your extension is compromising their core revenue-generating product and you're loudly announcing it on your website. I am not a lawyer so take this with a grain of salt, but if you remove all reference to LinkedIn from your website immediately (and maybe go as far as blocking it for use on LinkedIn) you should be fine.

And for future reference, be very careful when promoting the way that people are using your product: plausible deniability is your friend.

> And for future reference, be very careful when promoting the way that people are using your product: plausible deniability is your friend.

That seems like excellent advice. After looking at the examples on the site, I'm kinda surprised LinkedIn is the only company that's complaining. It'd be safer to make some leading suggestions to get people thinking of all the interesting things they could automate, but without ever using names, company specific-terminology, etc. Otherwise this arguably isn't a general purpose tool, it's advertising specific features.

IANAL. You probably should get a lawyer ASAP.

Linkedin vs hiQ was about the ability to scrape public data. (https://calawyers.org/privacy-law/ninth-circuit-holds-data-s...)

Pretty much everyone agrees that you need to follow the Linkedin terms if you are logged in, and those say no scraping. Your site has examples of scraping data from logged-in pages.

Normally you could say "it's just a tool, there are legit uses, go after the users", like in the Betamax case: https://en.wikipedia.org/wiki/Sony_Corp._of_America_v._Unive....

By including examples of breaking the Linkedin ToS on your site though, you might have opened yourself up to some kind of claim, maybe tortuous interference. I don't really know though, you should get a lawyer to look for you.

Again, I am not a lawyer, do not trust me, I am just some idiot who likes to read about copyright law about the internet on the internet. Get your own lawyer.

There was a third ruling in November 2022 for the case, so I wouldn’t say hiQ won. Based on a quick scan, the ruling ended up being that hiQ did violate TOS but that no action ended up being taken for either side.

https://www.natlawreview.com/article/court-finds-hiq-breache...

oh interesting, thanks for the link. Yeah I guess they only "won" on the CFAA claims and even then your link makes it sounds less clear than the older link I provided.

What is clear is that Linkedin is not playing around about logged-in scrapping.

If its your livelihood, hire a lawyer to look into this. The dweebs on this forum are not going to be able to help you here.

The problem here is that one of his examples involves "scraping linkedin". Just get rid of that

Not a lawyer.

Showing people examples of a website really looks like you're advertising that your extension will work with that site, and it's probably not too far from successfully arguing intent. So begin by getting rid of that.

Maybe add a couple disclaimers:

"The terms of service of some websites do not allow automated workflows. This extension is not intended to be used to collect data in contradiction to a site's Terms of Service. Please thoroughly read and understand the site's Terms of Service before using this extension. [Developer] cannot assume any responsbility for any action a website may take against you or your account as a result of the use of this tool."

A few years ago I got multiple cease and desist emails from a FAANG for a Chrome extension they didn't like. I ignored them and they eventually went away. Sending scary sounding emails to indie devs is extremely low cost.

How could the OP make it a higher cost without necessarily having to get a lawyer themselves? This kind of behavior by LinkedIn leaves a bad taste in my mouth because it’s essentially bullying and I wish there was a way to bleed them a little by forcing them to have their $500/hr lawyer respond to some inane but legally necessary requests.

Seems like a pretty simple thing you can do here is just remove any mention of LinkedIn from your product and its marketing. People can use a generic tool to mess with LinkedIn, but that's not your problem, and it's not what the C&D is saying. You went out of your way to market your extension as a tool for messing with LinkedIn in ways their user agreement prohibits. Consider just not poking the bear anymore.

I would talk to a lawyer before sending them a written response, but you probably don't need legal advice just to scrape LinkedIn out of your product materials.

> As the Court in hiQ Labs, Inc. v. LinkedIn Corp. found when it granted LinkedIn summary judgment against hiQ [1] ...

Keep in mind, LinkedIn ultimately lost that case [2]

> LinkedIn requires that you affirm that you have complied with LinkedIn’s requests, listed above, by February 10, 2023 ... In the event you do not comply with LinkedIn’s requests, LinkedIn will take appropriate action to protect its members and platform.

Definitely listen to the rest of the people who are saying talk to a lawyer. LinkedIn has obviously been doing the same in the interim; it'd be foolish to be the only side unprepared.

[1]: https://browserflow.app/linkedin.pdf [2]: https://en.wikipedia.org/wiki/HiQ_Labs_v._LinkedIn

> Keep in mind, LinkedIn ultimately lost that case

Not really - the wiki page is confusing but the link is there: "In a November 2022 ruling the Ninth Circuit ruled that hiQ had breached LinkedIn's User Agreement and a settlement agreement was reached between the two parties." [0]

It was a mixed ruling: hiQ successfully defended against the CFAA argument, and LI won the User Agreement argument.

This is why OP needs to talk to a lawyer of their own who deeply understands this area of law. We all can paste links till the cows come home but only a real lawyer is going to have useful advice.

More analysis by lawyers:

https://blog.ericgoldman.org/archives/2022/12/as-everyone-ex...

https://blog.ericgoldman.org/archives/2022/12/hello-youve-be...

(Disclaimer: I work at LI but don't work in and have no special insight into this area; comments are my own)

0: https://www.natlawreview.com/article/hiq-and-linkedin-reach-...

This is another way of saying that LinkedIn won the case; hiQ needed to win both of these legs of the case, and LinkedIn only needed to win one.

You have should do the following immediately

1) Take down this post. LinkedIn's lawyers will almost certainly eventually read it and use whatever you've said here against you

2) Get an IP/Copyright lawyer and start following their instructions

This is really your only set of actions you should take if this extension is your "livelihood"

Linked in can get fucked ;

"Cease and desist developing, offering, or using software or programs with features developed, marketed, or intended for automating activity on LinkedIn’s website or app, scraping LinkedIn member data"

-

Then let me see exactly to whom you have been selling MY user data to, how much you made from it.

THEY need a cease and desist - because you are directly competing with their business model.

Fuck linkedin.

If you want anyone to stop scraping data, then you need to provide a dashboard to EVERY single linkedin user on exactly how linkedin has been using their PII to profit.

We need a change in the way people regard PII in silicon valley.

Just like it was stated - the only reason silicon valley is going after TikTok ban, is they cant compete with TikTok - so BAN them....

Linkedin does exactly what you are doing, thus they want you to cease and desist.

As an attorney who deals with responding to (and, well, also drafting) letters like this, I think LinkedIn may very well go away if you remove any reference to LinkedIn from your website and otherwise refrain from stating or implying that your tool can be used to scrape LinkedIn.

If you are ok with that, a carefully drafted response letter that shows that you take their concerns seriously and are taking steps to effect the above changes might end this. At a minimum, you'll be able to get clarity as to whether they want more that just stop referencing them.

I can scrape linkedin with a python script. That doesn't mean linkedin can shut down python. I would think removing all the references to their company in particular would be enough for them to call off the dogs. For clarity, I am not a lawyer and I have thrown away every cease and desist I have ever received with no repercussions at all. You may not be so lucky and should probably talk to a lawyer.

>I can scrape linkedin with a python script. That doesn't mean linkedin can shut down python.

Well said!

Also, what about copy-and-paste? The last time I checked, data could be highlighted in the browser, copied, and pasted to another application...

Does that mean that LinkedIn can shut down the copy-and-paste capability of someone's browser and/or operating system?

What about the "Save Page As..." functionality (the ability of a browser to save a page offline?)

Can LinkedIn shut down "Save Page As..." ?

Also, what about the Print Screen (take a screen snapshot) capabilities of someone's operating system?

Can LinkedIn shut down that?

Finally, there's literally oodles of software that can be used for web scraping; what follows below is just one non-canonical list:

https://github.com/lorien/awesome-web-scraping

Is LinkedIn going to shut down all of that software, all at the same time?

LinkedIn is apparently trying to use Law -- to try to solve what is, in essence, a technological problem!

Anyway, an excellent point using Python!

> Even if I removed all the LinkedIn examples, Browserflow could still be used to automate or scrape LinkedIn because, well, it's a browser automation tool. Is LinkedIn demanding that I stop developing Browserflow altogether?

First, talk to a lawyer. LinkedIn is highly litigious about scraping, and browser plugins often fall in that category. The law isn't settled on the issue at all, and here's a law firm (Farella Braun + Martel) article about HiQ vs LinkedIn from just a few weeks ago: https://www.fbm.com/publications/what-recent-rulings-in-hiq-...

As people have said, just contact a lawyer willing to provide a consultation, and likely take their services to get assistance in addressing a response.

You have time to get a consultation and draft a response; the language in use is overly broad in the letter and intentionally so. This is to be rebutted and basically tell them "you will stop advertising that it _can_ scrape LinkedIn, but LinkedIn cannot outright ban any tool that might be used for scraping as that's not their right." A real attorney will write this in a very nice way with proper wording that you will stop advertising that it can scape LinkedIn but they can stuff the other parts of the demands wherever is convenient for them.

It will cost a bit of money regrettably, but it should be manageable.

Get legal advice.

It is not clear how is it that your company is violating their user agreement, when it is the users using the extension that are. The extension on its own does nothing? This is my very layman reaction and first thing I would seek to understand better from legal council.

- not a lawyer here -

I'd immediately remove every reference to linkedin -anywhere- and hard-block their domain in the code. Only after, I'd probably seek a release from the injunction.

Perhaps you should involve a lawyer, but if you won't, then limit yourself to a brief matter of fact explanation of what you've changed, focusing especially on the block in the source code. Do not address their points yourself. Refrain from any commentary, apologies, admissions.

I wouldn't go any further without a lawyer.

The fact that a "cease & desist" or "terms & conditions" exists doesn't necessarily mean anything. It does not automatically, intrinsically carry legal weight or meaning of any sort. Any random person can put a "licence" or T&C page on their website, or send an email with a couple of supposedly legal terms in it, but that doesn't mean anything.

For example (assuming they can actually construct a prosecutable legal case), if you are outside the claimant's and any related court's jurisdiction, you just don't need to give a **. The worst they will ever be able to do to you is disable your account.

You aren't (edit: though saw others say you provide examples of scraping on site so you may be) in violation of user agreement (since as you say it's a tool rather a user) but you're in trademark violation if you indeed use LinkedIn's logo.

>Even if I removed all the LinkedIn examples, Browserflow could still be used to automate or scrape LinkedIn because

Technically you can block it from being used on LinkedIn. But all they ask is not advertise that can do it. (And remove any trademarks of course.)

He logged into LinkedIn, did scraping and documented the whole action. He definitely violated the user agreement at least once. Then he still provides instructions and tooling on how to do so, pls he does access LinkedIn servers on behalf of his customers.

This is like building a bomb, publishing instructions, shipping the chemicals to the customer’s door, "building it for the customer" for a fee, and still claiming no responsibility.

IANAL, but… it would certainly sound sketchy to the least litigious lawyer in a room.

What I'm saying, he violated, by utilizing his own account to scrape & provide examples of the process and basically even having an account and developing a tool advertising those features, but the tool perse doesn't violate anything.

The tool is instructing his servers to access LinkedIn. You could argue he’s just the messenger in this case, or you could argue that his servers are accessing LinkedIn’s for scraping.

Scraping is a grey area - nobody likes their site being worked by bots, except maybe by Google! Even if other companies you advertise didn't send you letters yet, they will, once your product starts being popular and they notice an uptick in unproductive traffic. I'd advertise it as an automation tool only, without any concrete examples. And maybe create an "unaffiliated" forum site where users share their own scripts that just happen to scrape this or that ...

Without a lawyer (get a lawyer!) I would remove all references to linked in and add an exception to the extension that prevents it working on linked in (perhaps display a message with a link to the cease and desist message).

I wouldn't bother trying to fight it as a one-person operation. Just accept that life is unfair and carry on. Unless that is you feel very strongly about it and am prepared to sacrifice yourself and future income and potentially employment prospects for the cause.

Good luck.

I received a cease and desist letter from a company at one point. After the initial shock, I was able to just work with them with what they wanted - a name change and terms added to my product that indicated that I was not associated with them in any way.

It was easier than me hiring a lawyer and/or fighting them in court or wherever that would have lead to. And allowed me to keep doing my development. YMMV

Scraping is a grey area, even if other companies you advertise how to scrape didn't send you letters yet, they will once your product starts being popular. I'd advertise it as automation tool only, without any concrete examples. And maybe create an "unaffiliated" forum site where users share their own scripts that just happen to scrape this or that ...

It's high time for lawyers acting in bad faith to be slapped down. In your response make sure to cite the relevant barratry statutes.

For all the legal people here, what's the legality of something like "Return YouTube Dislike"? https://chrome.google.com/webstore/detail/return-youtube-dis...

"I'd be fine with removing all the LinkedIn examples from the website, but I'd like to continue building Browserflow..." -- my advice is to do just that. IANAL but you will be in the right (not always the same as being on the right side of the law, but more important imo).

You absolutely want to find legal representation and ask them. Point out the things you pointed out in this post and ask what they think. Beyond that, I would hesitate to advise. Heed the advice of your legal counsel; find legal counsel if you have not already.

The EFF can help. Send an email to [email protected] and say you want some Coders Rights advice.

Go look at Proxycurl - they’ve been scraping LinkedIn for ages; have a lawyer look it over.

I'd remove the LinkedIn examples first. And then regain some of the LinkedIn exposure by astroturfing blog posts, YouTube videos, etc that show how to use Browserflow to scrape LinkedIn. While NOT connecting these two in any other way.

Remove all mentions of LinkedIn, logos, links and examples ASAP. Don't fight it.

That's rich coming from a subsidiary of the company behind copypilot (which would of course be Microsoft)!

Hopefully you manage to get out of this with your project still relatively intact and yourself otherwise unscathed.

You’re using logos and trademarks of various companies in the context of helping people to violate ToS. The fact that only LinkedIn has reached out so far is quite interesting. I would expect more letters.

terrible advice that may be parody, but just in case you're being sincere: you cannot bank on a big corporation getting cold feet about legal action because legal action is as much about the message it sends to future opposition as it is about the individual action. For example, in the message received by the OP, LinkedIn refer to their legal action taken against HiQ. LinkedIn doesn't want to sue people but they would do it without a second thought if it was judged to be beneficial to them. The cost of being sued and losing and going bankrupt for the OP is huge, and while some people are willing to lose everything to take a principled stand, it's irresponsible to encourage it. If the OP wants to risk everything to stick it to LinkedIn, he should go for it, life is short, but if he's a pragmatic person concerned about his livelihood, he should rollover immediately and live to fight another day.

So, because you disagree that LinkedIn will pursue expensive litigation for no real benefit to them, you're dismissing everything? You're saying the OP should be afraid? Should spend a fortune on attorneys? Should not declare bankruptcy upon loss? I respect that you disagree. I do not respect your focus on a minor detail to dismiss everything.

A portion of your comment was aligned with my own view, sure, but I read the substance of your comment to be regarding the likelihood of LinkedIn following through on their threat and the correct course of action for the OP if that happens.

The OP should absolutely be very afraid because they’re posing a threat to LinkedIn’s hundreds of millions of dollars in revenue from a very vulnerable position. Bankruptcy is brutal and expensive, the OP’s focus should be on avoiding litigation no matter what: telling LinkedIn to suck it is not an option, and bankruptcy is not the “oops hehe bad roll I’ll try again” option you portray it to be.

Well, that's what I would do. They can't squeeze blood out of a turnip.

This is absolutely terrible and irresponsible advice. "Declare bankruptcy immediately and protect your assets" is the worst possible way to handle the situation, since: 1. Losing the court case does exactly what you don't want to happen here; 2. On top of that, you get to go bankrupt! Ruin!

You keep your primary car, house, and retirement accounts in bankruptcy. It’s not the end of the world.

It's much worse than that. You will be on the hook for garnished wages for years to pay off your creditors. And you will have plenty of creditors because the GP's advice says "go lose a civil case". You know what a civil case has? Damages. You know how large the damages are if your strategy is to lose? Big. They have a trademark case so they could get attorney's fees. We're talking about a seven figure bill in fees alone if the case goes to trial. Following this advice could have the OP getting his wages garnished as long as he lives to pay off a multimillion dollar debt. Good luck with that.

Wrong. That is the whole point of declaring bankruptcy, because the debts can't be paid. Nearly all debt, including civil damages, will be wiped clean, and this includes one's own attorneys fees. Why would you say these things when it is abundantly clear you have absolutely no idea? If what you said was true, no one would ever declare bankruptcy. It's the whole point of it, to be free of debt. No one gets their wages garnished after declaring bankruptcy. Never happened, ever.

[0] https://en.wikipedia.org/wiki/Chapter_11,_Title_11,_United_S...

Depends on the type of bankruptcy and in what jurisdiction. Even in the US with very creditor-favourable bankruptcy laws, you can’t just declare bankruptcy to get out of financial obligations: owing a bunch of people money is not the basis for bankruptcy. Yes, if bankruptcy is approved, wage garnishing will stop, but it can resume depending on the type! Bankruptcy is not a get out of debt free card, it’s the last stop after ruin.

Before ruin, you mean. It prevents ruin, defranchising and homelessness. The worst thing about it is what it does to your credit rating. That's not unbearable.

> Then declare bankruptcy immediately and protect your assets.

Invert this: protect your assets before considering bankruptcy. As "the creator and sole developer" OP may not get any liability protection from their LLC.

Not a lawyer, but I would strongly recommend not responding to that letter until you've spoken to one (and possibly never, even after talking to a lawyer, if that is their guidance)

Funny how Microsoft is suing you but they can basically rape the internet at large to build their GPT bot. It is true if you have enough money you can just do whatever you want.

Careful using any trademarks without permission. Trademark law has some teeth. Remove anything without explicit consent to use. Business side it looks like an endorsement.

Funny LinkedIn is so proactive given that, of my hundreds of unique-per-org email addresses, the only one that gets spam is my LinkedIn email.

On a side note, this is why you should try to build web scrapping tools which don't deviate too far from normal user behavior.

you, as the provider of the extension, are not violating the rules. in fact, you are not even giving specialized linkedin features.... it's one of the general purpose automation stuff.

I would be surprised if their letter has any teeth besides scaremongering.

get an opinion from legal, i am definitely not a lawyer.

LinkedIn User Agreement may apply for people who agree to it, not everybody on the planet Earth.

(edit: I see someone says you posted the letter as a pdf link and I missed it. And that you might be using their trademarks. Be very very very careful about trademarks: I often come on here to tell people not to fuck with trademarks if you do stuff like this as that's often the only case these companies have and it is so easy to avoid. I am tired though and have a meeting and am not going to read the pdf, especially as that will verge even more into the danger zone of me giving you legal advice. The rest of what I said here stands.)

I am not a lawyer. I deal in this area, but I have lawyers--lots of lawyers--and my primary recommendation is that if you work in this space you have a lawyer.

I am going to tell you something, though, about this cease and desist. From the perspective of it effectively being "advice", I encourage you to consider it a "this is the minimum level of damage they can do to you": I am not saying there aren't interesting things that I don't know off--that's like, why we have lawyers--that would really screw you. I also haven't analyzed your extension in any way to know anything about your situation other than what you wrote.

> Cease and desist developing, offering, or using software or programs with features developed, marketed, or intended for automating activity on LinkedIn’s website or app, scraping LinkedIn member data, or otherwise violating the LinkedIn User Agreement.

The user agreement is an agreement that has limited consideration and limited recourse. Typically, they can take their balls back and send you home (it's their court, so they don't have to leave), so if they want to they can terminate your account... it isn't illegal to violate the terms of even a well-accepted and carefully done contract (which terms of service ain't), but the recourses for such a limited consideration is also pretty limited, and they know this enough that it even says it in the agreement: they can terminate your account.

If this were me, I barely use LinkedIn. I haven't had a normal looking job in forever and I have no interest in getting one ever again. I don't care about my profile (despite updating it every decade or so) and I only check for new connections and messages once every year or so. I really only use the service for cyberstalking, and never understood why people care so much about it. If they wanted to terminate my account, well, "big whoop", right? I'd tell them to go pound sand. Hell: that user agreement--which they are really trying to make legit--seriously says you can terminate it at any time (in exchange for your account being terminated).

But maybe you like LinkedIn and need your account. If that's the case, you should cease and desist and maybe even try to apologize while pleading a lack of knowledge of what you were doing or why it was a problem. (But of course, if they then terminate your account, come back with a literal vengeance and refuse to deal with them until they give you back your account.) But like, just realize: you likely aren't coming out of this one with a LinkedIn account if you want to keep developing this extension. FWIW, I have definitely done stuff like this for years despite large companies with lawyers wishing they could stop me.

That said, you also might get sued. You can always get sued: that's how our legal system works. They might not have a case, and maybe you can get it thrown out, but that's a leap. You should have a lawyer, and they can advice you on the risks of that. But I can say: if you can't afford to sit around in court for a year arguing with them about this, you might be playing in the wrong league, as the court system in the United States requires you to be prepared at any time to pay to be in court and very much assumes anyone doing commercial activity has a lawyer.

Again: I am not a lawyer. For all I know, you are also violating the CFAA or a law I have never heard of. I have not seen your extension. You also only gave us one sentence of the letter verbatim and one other reference (to hiQ) summarized (edit: I missed the pdf link, per above). And I have a lawyer I would consult before responding, a lawyer I have not consulted today on your behalf: I am just a guy who is telling you "expect to lose your account" and "the account wouldn't have mattered to me and I wouldn't be afraid, as someone who has successfully done stuff like this for years and has multiple lawyers" (edit: but also as someone who is super anal about trademarks).

ignore it.