On September 30, 2021, a Texas district court granted Southwest Airline Co.'s ("Southwest") request for a preliminary injunction against online travel site Kiwi.com, Inc. ("Kiwi"), barring Kiwi from, among other things, scraping fare data from Southwest's website and committing other acts that violate Southwest's terms. (Southwest Airlines Co. v. Kiwi.com, Inc., No. 21-00098 (N.D. Tex. Sept. 30, 2021)). Southwest is no stranger in seeking and, in most cases, obtaining injunctive relief against businesses that have harvested its fare data without authorization - ranging as far back as the 2000s (See e.g., Southwest Airlines Co. v. BoardFirst, LLC, No. 06-0891 (N.D. Tex. Sept. 12, 2007) (a case cited in the current court opinion)), and as recently as two years ago, when we wrote about a 2019 settlement Southwest entered into with an online entity that scraped Southwest's site and had offered a fare notification service, all contrary to Southwest's terms.
In this case, the Texas court found that Southwest had established a likelihood of success on the merits of its breach of contract claim. Rejecting Kiwi's arguments that it did not assent to Southwest's terms, the court found that Kiwi had knowledge of and assented to the terms in multiple ways, including by agreeing to the terms when purchasing tickets on Southwest's site. In all, the court found the existence of a valid contract and Kiwi's likely breach of the terms, which prohibit scraping Southwest's flight data and selling Southwest flights without authorization. The court also found that Southwest made a sufficient showing that Kiwi's scraping and unauthorized sale of tickets, if not barred, would result in irreparable harm. In ultimately granting Southwest's request for a preliminary injunction, the Texas court also found that Southwest also demonstrated the threatened injury if the injunction is denied outweighed any harm to Kiwi that will result if the injunction is granted and that the injunction would be in the public interest.
What made this result particularly notable is that the preliminary injunction is based on the likelihood of success on the merits of Southwest's breach of contract claim and Kiwi's alleged violation of Southwest's site terms, as opposed to other recent scraping disputes which have centered around claims of unauthorized access under the federal Computer Fraud and Abuse Act (CFAA).
Perhaps the most interesting part of this decision is how the court parsed the 2019 hiQ ruling from the Ninth Circuit as it relates to Southwest's breach of contract claim. We have written extensively about the ongoing hiQ scraping litigation, where the Supreme Court recently vacated the Ninth Circuit landmark 2019 opinion and remanded the case to the Ninth Circuit for further consideration in light of the Supreme Court's decision in Van Buren v. United States. In 2019 the Ninth Circuit, in the now-vacated hiQ opinion, ruled that: "It is likely that when a computer network generally permits public access to its data, a user's accessing that publicly available data will not constitute access without authorization under the CFAA." While not an issue in the Texas district court's preliminary injunction decision, Southwest had asserted a CFAA claim in its second amended complaint. One of Kiwi's main arguments against the injunction was that since it was scraping publicly available data, the ruling in hiQ means that Southwest cannot establish a likelihood of success on the merits of its contract claim. In deflecting this argument, the district court pointed out that the Ninth Circuit itself in hiQ had stated that "entities that view themselves as victims of data scraping are not without resort, even if the CFAA does not apply.." As the Texas court stated:
"The Court is not persuaded the hiQ case means that Southwest cannot establish a likelihood of success on the merits for its breach of contract claim. hiQ involved whether a preliminary injunction was appropriate under the CFAA. The opinion acknowledges a plaintiff could have a breach of contract claim even in the absence of a CFAA violation. Further, the Supreme Court recently vacated the hiQ judgment and remanded for further consideration in light of new authority on the application of the CFAA."
Thus, it appears Southwest, instead of building its injunction request on the merits of its CFAA claim - an unsettled legal area - followed the prescription of the Ninth Circuit and decided to seek relief based on its breach of contract claim (backed by a sufficient showing of the potential for irreparable harm). It also appears that while the vacated hiQ opinion appears to discourage CFAA-based strategies against web scraping (at least for now), this latest ruling highlights that other challenges to scraping may still be viable.
While we wait for the Ninth Circuit to take up once again the hiQ case and the issue of the CFAA and publicly available data (oral argument is scheduled for October 18, 2021), we will continue to watch the Southwest-Kiwi litigation as the legal landscape surrounding web scraping just got more interesting.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.