Intelligent Web Scraping
The New Beginnings of AI-Powered Web Data Gathering …
Web Scraping: Leave It All to AI or Add a Human Touch?
This article was originally written by Toni Matthews-El.
To say there’s a lot of data on the Internet is an understatement. As of 2020, it’s projected that the “digital universe” holds an estimated 40 trillion gigabytes or 40 zettabytes worth of information. To put this into perspective, a single zettabyte has enough data to fill data centers roughly one-fifth the size of Manhattan.
With such a vast amount of information available to analyze, it makes sense that so many tasks associated with gathering data get left to artificial intelligence. Bots can crawl through web pages at incredible speed, extracting as much relevant information as needed. And while many data scientists and marketers access and use this info in a perfectly ethical fashion, it’s an unfortunate fact that the growing presence of AI online brings with it a growing amount of stigma.
It would be easy to dismiss much of the negativity as an indirect result of Hollywood movies and sci-fi stories where AI is something to be wary of at the best of times. However, the consequence of unethical bot usage by certain web users means that there are crackdowns that affect even those who are working with data professionally and in good faith.
Web scraping remains an essential tool for many professionals, and especially AI. But what can be done about the bot-related stigma?
First, What Is Web Scraping?
For those just joining the conversation, the act of web scraping should be understood as data extraction. Although data scientists and other professionals use scraping to analyze very complex digital stacks of information, the act of copying and pasting text from a website could itself be considered a simple form of scraping.
But even if you can access every part of a website, there’s so much available information, it can take a very, very long time to gather data from just that source. For the most part, web scraping is left to AI, with humans then taking the retrieved data and thoroughly analyzing it for various purposes. But while this is a great convenience to the web scraper, website owners and onlookers are greatly concerned about the rampant use of AI in this way.
Is Web Scraping Better With Bots?
With so much information to analyze, it seems a no brainer turn to artificial intelligence (AI) to gather data. In fact, Google itself is one of the most trusted sources for providing web scraping tools to interested parties. For instance, you can use its dataset search engine to quickly access data deemed freely available for use. You can even customize your search to learn if the information is available for commercial use. All in a matter of a couple of seconds.
This wouldn’t be possible if Google AI wasn’t so incredibly efficient at examining every website within its reach for relevant data. It’s a perfect example of using AI to garner useful information for research or business in a purely ethical fashion. The speed of availability is also a testament to just how “bots” make it so easy to perform web scraping tasks.
That said, it’s hard not to ignore the implication of AI traffic becoming so commonplace, to the point of accounting for more than half of Internet traffic.
Bot Traffic Report
While some find that AI making up the majority of Internet traffic is worrying, the issue is made worse by having a slight majority of AI traffic being made up of “bad bots. ” Even when scraping intentions are good and the approach is ethical, AI stigma feels unavoidable.
Using bots to tackle an insane amount of data is a logical step. In addition to AI, it’s important to consider other essential tools while scraping.
How Proxies Can Help
As explained here, there are multiple advantages to using proxies while web scraping, namely anonymity. For example, if you wish to study a competing brand and use the information to figure how best to improve your own company, you probably don’t want to have it known that you visited their website. In a situation like this, it’s great to use proxies to access and examine data without giving away your identity.
Before we dive further, here’s a quick refresher on the topic of proxy servers:
Proxy servers are designed to act as a middleman between the user and the web server.
Their functionality is diverse: they can be used both by individuals and companies to address specific needs.
One common use of proxies is tied to web scraping: with a proxy server, it is possible to circumvent restrictions set up by webmasters and gather data en masse.
But why set up those restrictions in the first place? Isn’t this data freely available on the web? Yes — for human users. Here’s a typical example: price aggregators’ entire business model is built around accurate information; namely, providing the definitive answer to the question of “Where can I buy Product X for the lowest price? ”
Although this is a great opportunity for customers to save money, vendors aren’t too excited about other companies snooping around in their data: aggregators’ web crawling software (often called “bots” or “spiders”) introduce additional load on the website. Therefore, it’s not uncommon for webmasters to restrict access to their websites if they suspect that the given web activity isn’t carried out by a genuine user.
Another practical use for proxies is evading a censorship ban. Residential proxies, as the name suggests, allow you to appear as a genuine user from Country X — whichever country you prefer. The need for residential proxies is simple: (suspicious) bot activity usually comes from a set of countries, so even genuine users from these countries often encounter geo-restrictions.
Additionally, when you’re trying to gather data from sources that are kept from you for political reasons, proxy usage is especially helpful. There are many ways to use proxies while web scraping but for the sake of building trust within the digital community, we suggest sticking to methods that will build brand trust and authority.
Using Human Visibility and Trusted Brands to Combat AI Stigma
It’s true, for now, that AI outpaces the number of humans surfing the Internet. Still, there’s no telling how Internet usage will evolve in the coming years, and so there’s no reason to immediately assume this trend is irreversible or that it represents an inherently negative trend.
One of the best ways to upend the negative speech about so much AI traffic on the web is to find ways to restore a human touch to AI usage across the Internet. Additionally, it’s important to use AI in ways that build trust and doesn’t feed misplaced concerns.
Stick to trusted products and services offered by highly recognizable and trusted brands. Wondering which criteria make the vendor “trusted”? Our guide answers this question.
Adhere to ethical scraping practices. Don’t abuse trust by ignoring the file on a website or flood a site with a number of bots in a short window of time.
Use data in a responsible and professional manner. Verify that you have permission to use scrapped data for your intended purpose.
Be informative. Talk about how and why web scraping to build public awareness. The more informed others are about the benefits of using AI to get access to and study vast amounts of data, the less likely scraping and bots will constantly be viewed in a uniformly negative light.
As ideal as it would be to manually access website data through purely human efforts, there’s just too much information to make this a viable option. The amount of data available is practically limitless, and AI is our best means of navigating websites and analyzing their data as efficiently as possible.
For data scientists and other professionals aiming to make the most of their web scraping efforts, we strongly suggest using reliable proxies as they can protect your identity and privacy as you access the information you need for your analysis efforts.
Opinions expressed by DZone contributors are their own.
Is Web Scraping Illegal? Depends on What the Meaning of the Word Is
Depending on who you ask, web scraping can be loved or hated.
Web scraping has existed for a long time and, in its good form, it’s a key underpinning of the internet. “Good bots” enable, for example, search engines to index web content, price comparison services to save consumers money, and market researchers to gauge sentiment on social media.
“Bad bots, ” however, fetch content from a website with the intent of using it for purposes outside the site owner’s control. Bad bots make up 20 percent of all web traffic and are used to conduct a variety of harmful activities, such as denial of service attacks, competitive data mining, online fraud, account hijacking, data theft, stealing of intellectual property, unauthorized vulnerability scans, spam and digital ad fraud.
So, is it Illegal to Scrape a Website?
So is it legal or illegal? Web scraping and crawling aren’t illegal by themselves. After all, you could scrape or crawl your own website, without a hitch.
Startups love it because it’s a cheap and powerful way to gather data without the need for partnerships. Big companies use web scrapers for their own gain but also don’t want others to use bots against them.
The general opinion on the matter does not seem to matter anymore because in the past 12 months it has become very clear that the federal court system is cracking down more than ever.
Let’s take a look back. Web scraping started in a legal grey area where the use of bots to scrape a website was simply a nuisance. Not much could be done about the practice until in 2000 eBay filed a preliminary injunction against Bidder’s Edge. In the injunction eBay claimed that the use of bots on the site, against the will of the company violated Trespass to Chattels law.
The court granted the injunction because users had to opt in and agree to the terms of service on the site and that a large number of bots could be disruptive to eBay’s computer systems. The lawsuit was settled out of court so it all never came to a head but the legal precedent was set.
In 2001 however, a travel agency sued a competitor who had “scraped” its prices from its Web site to help the rival set its own prices. The judge ruled that the fact that this scraping was not welcomed by the site’s owner was not sufficient to make it “unauthorized access” for the purpose of federal hacking laws.
Two years later the legal standing for eBay v Bidder’s Edge was implicitly overruled in the “Intel v. Hamidi”, a case interpreting California’s common law trespass to chattels. It was the wild west once again. Over the next several years the courts ruled time and time again that simply putting “do not scrape us” in your website terms of service was not enough to warrant a legally binding agreement. For you to enforce that term, a user must explicitly agree or consent to the terms. This left the field wide open for scrapers to do as they wish.
Fast forward a few years and you start seeing a shift in opinion. In 2009 Facebook won one of the first copyright suits against a web scraper. This laid the groundwork for numerous lawsuits that tie any web scraping with a direct copyright violation and very clear monetary damages. The most recent case being AP v Meltwater where the courts stripped what is referred to as fair use on the internet.
Previously, for academic, personal, or information aggregation people could rely on fair use and use web scrapers. The court now gutted the fair use clause that companies had used to defend web scraping. The court determined that even small percentages, sometimes as little as 4. 5% of the content, are significant enough to not fall under fair use. The only caveat the court made was based on the simple fact that this data was available for purchase. Had it not been, it is unclear how they would have ruled. Then a few months back the gauntlet was dropped.
Andrew Auernheimer was convicted of hacking based on the act of web scraping. Although the data was unprotected and publically available via AT&T’s website, the fact that he wrote web scrapers to harvest that data in mass amounted to “brute force attack”. He did not have to consent to terms of service to deploy his bots and conduct the web scraping. The data was not available for purchase. It wasn’t behind a login. He did not even financially gain from the aggregation of the data. Most importantly, it was buggy programing by AT&T that exposed this information in the first place. Yet Andrew was at fault. This isn’t just a civil suit anymore. This charge is a felony violation that is on par with hacking or denial of service attacks and carries up to a 15-year sentence for each charge.
In 2016, Congress passed its first legislation specifically to target bad bots — the Better Online Ticket Sales (BOTS) Act, which bans the use of software that circumvents security measures on ticket seller websites. Automated ticket scalping bots use several techniques to do their dirty work including web scraping that incorporates advanced business logic to identify scalping opportunities, input purchase details into shopping carts, and even resell inventory on secondary markets.
To counteract this type of activity, the BOTS Act:
Prohibits the circumvention of a security measure used to enforce ticket purchasing limits for an event with an attendance capacity of greater than 200 persons.
Prohibits the sale of an event ticket obtained through such a circumvention violation if the seller participated in, had the ability to control, or should have known about it.
Treats violations as unfair or deceptive acts under the Federal Trade Commission Act. The bill provides authority to the FTC and states to enforce against such violations.
In other words, if you’re a venue, organization or ticketing software platform, it is still on you to defend against this fraudulent activity during your major onsales.
The UK seems to have followed the US with its Digital Economy Act 2017 which achieved Royal Assent in April. The Act seeks to protect consumers in a number of ways in an increasingly digital society, including by “cracking down on ticket touts by making it a criminal offence for those that misuse bot technology to sweep up tickets and sell them at inflated prices in the secondary market. ”
In the summer of 2017, LinkedIn sued hiQ Labs, a San Francisco-based startup. hiQ was scraping publicly available LinkedIn profiles to offer clients, according to its website, “a crystal ball that helps you determine skills gaps or turnover risks months ahead of time. ”
You might find it unsettling to think that your public LinkedIn profile could be used against you by your employer.
Yet a judge on Aug. 14, 2017 decided this is okay. Judge Edward Chen of the U. S. District Court in San Francisco agreed with hiQ’s claim in a lawsuit that Microsoft-owned LinkedIn violated antitrust laws when it blocked the startup from accessing such data. He ordered LinkedIn to remove the barriers within 24 hours. LinkedIn has filed to appeal.
The ruling contradicts previous decisions clamping down on web scraping. And it opens a Pandora’s box of questions about social media user privacy and the right of businesses to protect themselves from data hijacking.
There’s also the matter of fairness. LinkedIn spent years creating something of real value. Why should it have to hand it over to the likes of hiQ — paying for the servers and bandwidth to host all that bot traffic on top of their own human users, just so hiQ can ride LinkedIn’s coattails?
I am in the business of blocking bots. Chen’s ruling has sent a chill through those of us in the cybersecurity industry devoted to fighting web-scraping bots.
I think there is a legitimate need for some companies to be able to prevent unwanted web scrapers from accessing their site.
In October of 2017, and as reported by Bloomberg, Ticketmaster sued Prestige Entertainment, claiming it used computer programs to illegally buy as many as 40 percent of the available seats for performances of “Hamilton” in New York and the majority of the tickets Ticketmaster had available for the Mayweather v. Pacquiao fight in Las Vegas two years ago.
Prestige continued to use the illegal bots even after it paid a $3. 35 million to settle New York Attorney General Eric Schneiderman’s probe into the ticket resale industry.
Under that deal, Prestige promised to abstain from using bots, Ticketmaster said in the complaint. Ticketmaster asked for unspecified compensatory and punitive damages and a court order to stop Prestige from using bots.
Are the existing laws too antiquated to deal with the problem? Should new legislation be introduced to provide more clarity? Most sites don’t have any web scraping protections in place. Do the companies have some burden to prevent web scraping?
As the courts try to further decide the legality of scraping, companies are still having their data stolen and the business logic of their websites abused. Instead of looking to the law to eventually solve this technology problem, it’s time to start solving it with anti-bot and anti-scraping technology today.
Get the latest from imperva
The latest news from our experts in the fast-changing world of application, data, and edge security.
Subscribe to our blog
Frequently Asked Questions about intelligent web scraping
Is web scraping artificial intelligence?
But even if you can access every part of a website, there’s so much available information, it can take a very, very long time to gather data from just that source. For the most part, web scraping is left to AI, with humans then taking the retrieved data and thoroughly analyzing it for various purposes.Sep 25, 2020
Is web scraping legal?
So is it legal or illegal? Web scraping and crawling aren’t illegal by themselves. After all, you could scrape or crawl your own website, without a hitch. … Big companies use web scrapers for their own gain but also don’t want others to use bots against them.
Do hackers use web scraping?
For this purpose smart web scraping is your number one growth hacker tool. Developing strong, reliable leads has always been a key feature of web scraping, and it’s as simple as understanding where your target audience is active online and scraping those sites for specific information.