Does anyone know what "gaining unauthorized access to data on its Web site" means in this case?
If you're posting links to the content on your site (I roll my eyes at this condition, but there's the AT&T case, so I added it), and there's no login screen in front of the data, is there any expectation of privacy for the data?
I'm guessing scraping was a no-no. Unlike a search engine, which shows excerpts pertaining to the block of searched text, a lot of these services displayed the entire content of the listing.
What was ruled here is that they don't have an exclusive right to user-generated content, however other sites simply can't spider and re-list all the entries. That's essentially a mirror of Craigslist not on Craigslist.
I'm not sure how it works in the US, but in Canada, you can't copyright raw data. (ie: data that has no creative value) So it's legal to, for instance, "scrape" the contents of a phone book into another format.
If I understand correctly, Padmapper was scraping location, and pricing information, which is raw data. So even though they're scraping that data, there shouldn't be anything wrong with that.
See Section 5 of the Craigslist TOS [1]. Then see sections 11 and 12, which link to their liquidated damages policy [2].
I would imagine that Craigslist's future arguments would now hinge on the fact that people must access their servers in a way that they have defined, via their TOS, to be unauthorized.
From the liquidated damages document: "each day that CL's servers are accessed to facilitate one or more of the violations enumerated therein shall constitute one Instance of Unauthorized Conduct" And, in particular, Section 6 of that document: "you agree to pay $25,000 per Instance of Unauthorized Conduct: (a) copying, aggregation, display, distribution or derivative use of craigslist or any content posted on craigslist (including, but not limited to, by means of spiders, robots, crawlers, scrapers, framing, iframes, or RSS feeds)" ... (etc)
What is the enforceability of a TOS that you aren't forced to see? It seems silly to make this a legally enforceable contract when you didn't even so much as click through it, or checked a box that says you clicked through it.
When it's possible to, in good faith, use a website without once seeing its TOS, how can it be legally enforceable?
Also, what's the enforceability of a TOS that disallows actions that would otherwise be legal?
There are 4 standard forms of IP protection that would prevent people from using your work: copyright, trademark, patents, and trade secrets. The data on Craigslist isn't protected by any of these, so are they still able to make it illegal to use that data just because they said so?
Craigslist's advantage is that it's one of the most well known; not that it came up with the listings idea by itself (papers have had these ads for ages). Their lawsuit angle was that this was a question of "method" which isn't unique.
Aggregation, on the other hand, is a different matter entirely since that's essentially scraping the listings data.
If you're posting links to the content on your site (I roll my eyes at this condition, but there's the AT&T case, so I added it), and there's no login screen in front of the data, is there any expectation of privacy for the data?