CFAA (Computer Fraud and Abuse Act) & Our Access Rules

What Scravio is (and isn’t)

• User-directed B2B tool. Scravio helps you locate and structure publicly available business contact fields from pages that are accessible without signing in.
• No private areas, no circumvention. We don’t reuse cookies/sessions, don’t log in on your behalf, and don’t circumvent paywalls, CAPTCHAs, robots.txt, or rate limits.
• Not a data broker. We don’t sell lists; exports include source URLs so you can meet downstream transparency/notice duties.

Why “public access” matters (key U.S. cases)

• Van Buren v. United States (U.S. Supreme Court, 2021): “Exceeds authorized access” targets getting info from off-limits parts of a computer, not mere misuse of access you already have. This narrowed the CFAA’s scope.
• hiQ Labs v. LinkedIn (9th Cir., 2022, on remand): The court affirmed a preliminary injunction allowing access to public profiles, concluding hiQ raised serious questions that accessing publicly available data is not “without authorization” under the CFAA. (Other claims, like contract/trespass, can still apply.)
• Meta v. Bright Data (N.D. Cal., 2024): On Meta’s contracts, the court held logged-off scraping of public Facebook/Instagram data did not breach Meta’s Terms (summary judgment for Bright Data; a tortious-interference claim remained). Outcome was tied to Meta’s specific terms.
• Facebook v. Power Ventures (9th Cir., 2016): Contrast: after a cease-and-desist and IP blocks, continuing to access the site by evading technical measures supported CFAA liability. We treat platform C&Ds as hard-stops.

Takeaway for customers: Public pages only. Avoid any gated area or blocked access. Respect site terms, technical controls, and removal requests.

Our access rules (built-in controls)

• No account logins (no credential use) and no cookie/session reuse.
• No paywall/API/captcha bypass; built-in throttling and conservative concurrency.
• Respect robots.txt and site-provided signals; configurable domain-level blocklist.
• C&D response team: we promptly pause, block, and suppress re-collection upon credible platform complaints.
• Auditability: exports include source URL and last checked; actions are logged.

How we handle complaints & platform requests

• Acknowledge the request and open a ticket.
• Suppress the domain/URL, remove pointers from future results, and purge any cached snippets tied to that pointer.
• Notify affected accounts and document steps taken.
• Escalate repeat-infringer behavior per our AUP.

Customer responsibilities (you must…)

• Use Scravio only for public webpages you’re entitled to access.
• Follow applicable site terms, anti-spam rules, and privacy laws for your outreach.
• Stop contacting any domain/owner who objects or opts out; respect C&D and removal requests.
• Don’t attempt to log in, defeat paywalls/CAPTCHAs, or evade technical blocks.

Notes for non-U.S. users

Computer-misuse laws vary. In the UK, for example, the Computer Misuse Act 1990 criminalizes unauthorized access to computer material; your activity must remain within authorized public access.

Contact

• Platform access concerns / C&D: [email protected]
• Security & abuse reports: [email protected]

Last updated: 29 September 2025