X Corp. v. Bright Data is the Decision We’ve Been Waiting For (Guest Blog Post)

by guest blogger Guy Rub, The Ohio State University Moritz College of Law

A Web Scraper Beats a Platform: The Same Story, but Different

It seems like we’ve been here before, and not that long ago. A platform sues a web scraper in the Northern District of California for (among others) a breach of its Terms of Service (ToS) —and the platform loses. In January, Meta lost such a claim against Bright Data. In March, X (formerly known as Twitter) lost its ToS breach claim against the Center for Countering Digital Hate (CCDH), and just a few days ago, X lost again, this time to Bright Data.

But this last one is different. While the two previous losses were either under particular circumstances or relatively easy to circumvent, this one—where the ToS were held unenforceable under the conflict preemption doctrine—will be much more difficult to bypass.

When Meta sued Bright Data for breaching Facebook’s and Instagram’s ToS, the defendant successfully argued that since the scraping occurred without logging into its platforms’ accounts, it did not constitute “use” of the platform and thus did not breach the ToS. Furthermore, the court determined that Facebook’s survival clause did not explicitly cover scraping after the termination of Bright Data’s accounts.

From the perspective of a platform’s general counsel, this loss is troubling but not disastrous. If the issue lies in loopholes within the ToS, the solution seems straightforward: draft tighter contracts and perhaps incorporate a browsewrap on your platforms to catch those who don’t hold accounts. Simple.

X’s breach of contract cases against CCDH for violating its ToS by scraping also didn’t fare well. It lost for two reasons: one grounded in contract law and the other external. First, the court held that the damages X incurred (primarily the loss of advertisers after CCDH published negative reports using scraped data) were unforeseeable when the ToS were agreed upon in 2019. Secondly, the court viewed it as a defamation claim disguised as a contractual dispute, which violates the First Amendment.

Our hypothetical platform’s GC should take note of this decision. The issue of damage foreseeability (despite its inherent weaknesses, in my opinion; Eric also had issues with the foreseeability analysis) is likely resolvable with proper notice. Perhaps it would be wise to require users to accept a new ToS that include such a notice. The First Amendment defense, while hard to sidestep, applies narrowly. Unlike CCDH, most scrapers are not sued for the content of their speech.

The First Amendment would not have helped Bright Data. They scraped X’s platform to sell the data. But it won on a different and, in many respects, much broader legal theory: conflict preemption with copyright law.

A Brief Recap on Contract Preemption

To appreciate the significance of this opinion, let’s revisit the law of copyright preemption. The Copyright Act includes an express preemption clause, 17 U.S.C. § 301(a), which preempts state laws “equivalent” to copyright. Can a breach of contract claim be equivalent to copyright? In 2022, in ML Genius v. Google, another dispute involving data scraping, the Second Circuit held it could. However, many courts, most famously the Seventh Circuit in ProCD v. Zeidenberg, disagree, arguing that contracts and copyrights are too dissimilar to be “equivalent.” Importantly, the Ninth Circuit’s caselaw tends to follow this latter approach.

As a few scholars (myself included) pointed out, the main problem with this messy caselaw has less to do with how courts analyze the equivalency question, and more with the question itself. It’s an odd and largely irrelevant inquiry in the context of contract law. The pertinent question should not be whether contracts mimic copyright, but whether they undermine the policies underlying copyright law. If a contract does that, it should not be enforceable as a matter of federal law. Indeed, under the conflict preemption doctrine, state laws, including contracts, cannot undercut federal policy.

How to Correctly Answer the Right Question: Applying Conflict Preemption

In X v. Bright Data, Judge William Alsup finally asked the right question, focusing on the conflict between copyright policy and X’s ToS. This is one of the very few cases to use conflict preemption in this context—and the first to do it in the last few years (although a few motions asking courts to do the same thing are pending in other cases). Using conflict preemption is also a smart way to avoid considering a host of Ninth Circuit cases denying express preemption defenses against breach of contract claims.

In order to answer that question, the court used a framework that the Second Circuit set forth in its 2020 decision in In Re Jackson (which I asked/begged courts to do). In that decision, Judge Leval (drawing on the scholarship of Rebeca Tushnet, Jennifer Rothman, and others) divided the conflict preemption analysis into two sub-questions. First, he assessed the interests that the relevant state law, as applied to the case at hand, aims to promote. The more these interests align with those of copyright law, the higher the likelihood of finding preemption. Second, he evaluated the potential conflict between the state law claim and the federal copyright system. The greater the conflict, the more probable state law will be preempted.

In In Re Jackson, Judge Leval applied this approach to a right of publicity claim, but it is applicable to any state law cause of action, and in X v. Bright Data, Judge Alsup applied it to X’s breach of contract claim. He identified two primary tensions between X’s ToS and the Copyright Act. First, because X does not own the copyright in the scraped posts, its ToS impede its users’ ability to exploit their copyright in their tweets. While this conflict might seem minor (X’s users, after all, are not in the business of granting scraping licenses), the next one was not: Fair use. Judge Alsup suggested that X’s ToS conflict with copyright law by prohibiting scraping irrespective of whether it qualifies as fair use. In my opinion, this is the crux of the decision, and critics might argue that the court is coming quite close to treating fair use as a right rather than just a defense against a copyright infringement claim. But if Judge Alsup’s approach prevails, it could challenge almost all anti-scraping provisions.

The other step in the In Re Jackson’s framework involves examining the state interests at stake and comparing them to those underpinning copyright law. Here, because X is willing to sell the same data, the primary interest appears to be rooted in a desire to be paid for the use of information, closely mirroring copyright law’s objectives. This slightly opens the door for other platforms to claim that their ToS protect different interests, such as users’ privacy.

If I were drafting the opinion, I would add that the interests here are also similar to copyright due to the use of standard form agreements, which create an almost property-like regulatory scheme (a point that Judge Alsup mentioned in another part of his opinion). If the agreement in question was a negotiated one, even if its goal was to allow the platform to exploit data for profit, the case against preemption would have been significantly stronger as the state’s interest would then be to promote human autonomy and efficient resource allocation through voluntary transactions. But those interests are much weaker when standard form agreement are involved.

Conflict Preemption For the Win (maybe)

Prepared by DALL-E

If it wasn’t already apparent (and it probably was), I am a fan of using conflict preemption. This approach avoids the complexities and arbitrariness of the express preemption caselaw by asking the right questions and offering flexible answers. Contracts designed solely to control the flow of information are distinguished from those protecting other values, such as privacy. Agreements with commercial entities might be treated differently from those with non-profit organizations. Standard form agreements can be separated from negotiated contracts.

This method is preferable to obscuring a policy-oriented approach under the guise of contract interpretation, as seen in Meta v. Bright Data and (to some extent) in X v. CCDH. If a breach of contract claim is dismissed because the contract did not cover a specific situation, the contract can simply be amended for future cases. Choice of law and forum provisions can also sometime assist in shielding contractual claims from active judicial interpretation. However, if a breach of contract claim is preempted due to conflict with federal law, neither a simple amendment nor a choice of law or forum provisions will allow the platform to enforce its anti-scraping ToS.

I doubt, however, that Judge Alsup’s opinion is the last word on this matter, or even in this case. Platforms like X can present reasonable counterarguments. As Kieran McCarthy has pointed out, in several of its recent opinions, including this one, the Northern District cited and relied on the Ninth Circuit’s decision in HiQ v. LinkedIn for the proposition that platforms should not be allowed to control the use of public information while somewhat overlooking the ultimate outcome of that case: LinkedIn prevailed by enforcing its User Agreement. Only time will tell whether the Ninth Circuit—and perhaps eventually the Supreme Court—will choose to scrutinize data-related contracts under the conflict preemption doctrine after decades of refusal to do so under the express preemption approach.