The Supreme Korean court says that scraping publicly available data from a competitor’s website is legal (full link here)

On May 12, 2022, the Korean Supreme Court held in Case No. 2021Do1533 that scraping publicly available data from a competitor’s website does not violate the asserted laws.

The case involved 2 online travel agencies, Yanolia, the prosecutor, and GC Company, the defendant.

Yanolia accused GC Company of scraping the prices of accommodations using the company API, sharing this data internally, and then interfering with its business.

The court in the first instance found the defendants guilty of violation of the Information Protection Act, infringement of database producer’s rights under the Copyright Act, and violation of the Criminal Code by criminally interfering with Yanolja’s business involving a computer database.

The appellate court overturned the lower court ruling and the Defendants were found not guilty of all charges. The Supreme Court affirmed the appellate court’s decision.

The decision was taken according to the following points:

• there was no objective evidence showing that access to Yanolja’s API server was restricted or that Yanolja had implemented any technical measures blocking unauthorized access

• Yanolja’s general terms of use were clearly applicable to registered users only (they were browsewrap and not clickwrap)

• Yanolja’s general terms of use did not prohibit the use of packet capture and scraping, which was used by Defendants

• Yanolja’s API server was accessible via a mobile app and a PC web browser

• There was no reason to restrict access to Yanolja’s API server, as it was not used for storing valuable business information

PerimeterX merges with Human Security

On July 27 PerimeterX and Human Security announced their merger. As stated in their CEO's joint announcements, the companies were introduced to each other some time ago by their investors and found some common ground for working together against cybercrime and bot protection.

Omri Iluz, CEO of PerimeterX said: " Coming together makes sense because we share a common vision and together we can deliver even greater value to our customers and shareholders. Bringing the two companies together allows us to combine modern defense with comprehensive account protection capabilities and to provide a richer set of products for customers and career experiences for employees as we work to turn the tables against cyber attackers."

Hackers are using bots to target online Pharma accounts

According to Kasada, a security firm known for its anti-bot solutions, a new trend is emerging. Hackers are using brute force attacks on online pharma websites, using stolen credentials, in order to get access to legitimate prescriptions for controlled and highly addictive substances, such as Adderall and Oxycodone.

The full report, presented at the Las Vegas Black Hat conference, can be found here.