Content
Introduction
The QVC v. Resultly dispute offers a glimpse into how courts may differentiate negligent from intentional conduct under the Computer Fraud and Abuse Act (“CFAA”), specifically Section 1030(a)(5)(A). While the case was ultimately settled out of court, the court’s dismissal of QVC’s motion for injunctive relief provides a valuable framework for interpreting intent and liability in cases involving web scraping and server disruption.
Case background
QVC, Inc. (“QVC”), known as a “television and online retail giant” that sells a wide range of products through live televised shopping programs and other channels, including QVC.com, filed a lawsuit against a startup Resultly, LLC (“Resultly”) that used open source computer code to scrape websites of online retailers to aggregate the information on its platform and advertise to the public the merchandise of these entities in real-time.
Unfortunately, Resultly's web-crawling program overloaded QVC's servers, preventing QVC's customers from accessing its website and resulting in substantial lost sales of approximately $2 million, based on internal QVC estimates.
Upon notification of a possible problem, Resultly immediately stopped crawling QVC.com and entered into negotiations with QVC.
Resultly’s arguments
In its defense, Resultly argued that its web scraping was not intended to harm QVC or disrupt its operations for several reasons:
- Use of an open-source software program known as “abot” for crawling a website
Resultly used the abot whose code is an open source web crawler, which means it is in the public domain on the internet. Resultly emphasized that any negative impact on QVC’s servers was unintentional and a byproduct of standard data-gathering techniques rather than malicious or reckless conduct.
- Resultly’s business model
Considering Resultly's business model, the company actually needs the retailers' websites to be functional so that its users can complete purchases of items they discover through Resultly. This suggests that it would contradict their best interest to take down the QVC website.
- Identification of its IP addresses
QVC argued that because Resultly's user agent did not identify itself as a crawler, QVC believed the requests were coming from individual customers instead of a bot. Resultly defended themselves, saying that “because Resultly's IP addresses are registered, QVC could have identified Resultly from its IP addresses either by referencing the American Registry of Internet Numbers (“ARIN”), by typing any of the IP addresses into the address bar of a web browser, or conducting a “reverse look-up” of one of the IP addresses, which would have shown Resultly's name.”
- Requests rate
Resultly argued that no industry standard for determining a crawl rate existed. It is up to the website owner to determine technical limits to protect the website's performance.
Even though Resultly promised to refrain from the activity and tried to resolve the matter amicably, QVC proceeded with a motion for temporary restraints and preliminary injunction to enjoin Resultly from selling its software to a third party that would use it to crawl QVC's server further.
Intent vs. negligence
The key outcome of the court's decision to dismiss QVC’s motion is that mere negligence when conducting web scraping was not likely to constitute a breach of Section 1030(a)(5)(A) of CFAA as the intent is one of two essential elements. According to the court, the plain language of the statute clearly requires that a Section 1030(a)(5)(A) defendant both knowingly transmit a code and intend to cause damage to the plaintiff's computer.
In light of all actions taken by Resultly before the motion was filed as described above, the court found that Resultly did not act with malicious intent. Instead, its scraping activities, while problematic, were seen as potentially negligent but not intentionally harmful.
Conclusion
Resultly managed to build their defense and manifest that they did not intend to harm QVC in any way. The court’s opinion may suggest that scrapers who operate transparently and without the aim of disrupting the host website are less likely to face legal consequences under the CFAA.
We are lawyers, but we are not your lawyers. Even though we want to help as much as we can, we do not know the details of your project. For professional legal advice, please talk to a certified lawyer in your country.
An informal talk with Apify's COO and former lawyer, Ondra Urban, explaining the legal status of web scraping
Further reading
Learn more about the legal status of web scraping below:
