← Glossary / Trespass to Chattels (Scraping)

What is Trespass to Chattels (Scraping)?

Trespass to chattels is a common law tort frequently weaponised against web scrapers, alleging that automated requests consume server resources and interfere with the owner's property rights. Unlike copyright or CFAA claims, trespass doesn't rely on what data you extract or whether you bypassed auth — it focuses entirely on the physical burden your crawler places on the target's infrastructure. If your pipeline runs hot enough to degrade site performance, you cross the line from a nuisance to a liable trespasser.

LegalServer LoadRate LimitingCase LawInfrastructure
// 02 — definitions

The cost of
running hot.

Why the sheer volume of your HTTP requests can become a legal liability, regardless of whether the data itself is public.

Ask a DataFlirt engineer →

TL;DR

Trespass to chattels requires the plaintiff to prove that a scraper caused actual, measurable harm to their servers — usually through degraded performance, increased bandwidth costs, or downtime. In the cloud era, proving this is difficult against polite crawlers, but aggressive, unthrottled scraping pipelines routinely hand targets the exact evidence they need for an injunction.

01Definition & structure
Trespass to chattels is an old common law tort that originally applied to interfering with someone's physical property (like taking their horse for a joyride without permission). In the context of web scraping, the "chattel" is the target's server infrastructure. The tort alleges that a scraper is sending unauthorized electronic signals that consume processing power, memory, and bandwidth, thereby depriving the rightful owner of the use of their property.
02The requirement of "Actual Harm"
Unlike real property trespass (where merely stepping on the grass is a violation), trespass to chattels requires the plaintiff to prove actual harm. Simply sending HTTP requests to a public server is not a trespass. The plaintiff must demonstrate that the scraper's volume degraded system performance, caused downtime, or resulted in measurable financial loss (such as massive egress bandwidth bills).
03The shift to cloud infrastructure
In the early 2000s, proving harm was easy: a fast scraper could literally crash a single bare-metal server. Today, modern targets sit behind CDNs and auto-scaling groups. A scraper is unlikely to crash an AWS-backed enterprise site. Instead, the "harm" has shifted from downtime to financial damage. If an unthrottled scraper forces a target's infrastructure to auto-scale, generating thousands of dollars in unexpected compute and bandwidth costs, courts will recognize that as actual harm.
04How DataFlirt handles it
We engineer our pipelines to make trespass claims factually impossible. Our distributed crawlers respect Crawl-delay directives by default. More importantly, we run dynamic latency profiling: if a target's Time to First Byte (TTFB) increases, our scheduler assumes the server is under load and automatically scales down concurrency. By keeping our footprint statistically invisible against organic traffic, we extract data without ever touching the threshold of infrastructure harm.
05Did you know?
The California Supreme Court case Intel Corp. v. Hamidi (2003) set a crucial boundary for this tort. A former employee sent thousands of emails to Intel's internal system. Intel sued for trespass to chattels. The court ruled against Intel, stating that because the emails did not actually slow down or damage the email servers, there was no trespass. The ruling cemented the standard that mere unwanted electronic communication is not a tort unless it causes physical or operational impairment.
// 03 — the liability model

When does traffic
become trespass?

Courts look for measurable impairment. DataFlirt's concurrency models ensure our pipelines operate orders of magnitude below the threshold where infrastructure harm could be reasonably claimed.

Resource Deprivation = Scraper_Load > Server_CapacityOrganic_Traffic
The point where automated requests begin dropping organic user sessions. eBay v. Bidder's Edge (2000)
Safe Concurrency Ratio = Cmax = Target_RPS × 0.001
Keeping scraper traffic under 0.1% of total load negates claims of infrastructure harm. DataFlirt compliance guidelines
Actual Damages = Δ Bandwidth_Cost + Δ Compute_Cost + Lost_Revenue
The financial burden the plaintiff must prove to win a trespass claim. Common Law Tort Requirements
// 04 — the evidence log

What a trespass
looks like in the logs.

An aggressive, poorly configured crawler hitting a target without rate limits. This is the exact server-side evidence used to establish actual harm in a trespass claim.

Nginx access.logResource exhaustionHTTP 503
edge.dataflirt.io — live
CAPTURED
// 10:04:12 UTC - organic traffic baseline
cpu_load: 24% active_connections: 1,204

// 10:04:15 UTC - unthrottled scraper initiates
inbound_reqs: +4,500/sec source_asn: "AS16509"
user_agent: "python-requests/2.28.1"

// 10:04:22 UTC - resource exhaustion
cpu_load: 99% db_pool: exhausted
response_time: 4500ms // organic users timing out

// 10:04:30 UTC - service degradation
status_503: 12,400 events
alert: "P0: Checkout service unavailable"

// legal threshold crossed
damages: measurable downtime & lost revenue
// 05 — risk factors

How scrapers trigger
trespass claims.

The operational behaviors that transform a benign data extraction job into a viable legal threat. Ranked by how frequently they appear in cease-and-desist letters.

LEGAL PRECEDENT ·  ·  ·   eBay v. Bidder's Edge
KEY REQUIREMENT ·  ·  ·   Actual harm
DEFENSE ·  ·  ·  ·  ·  ·  Strict rate limiting
01

Ignoring Crawl-delay

Direct evidence · Violating robots.txt limits shows willful disregard for server capacity
02

Unbounded concurrency

Resource drain · Spawning thousands of async workers against a single origin
03

Heavy payload extraction

Bandwidth cost · Downloading high-res media or massive JSON blobs repeatedly
04

Database-heavy queries

Compute cost · Hitting expensive search endpoints that lock database tables
05

Cache busting

Edge bypass · Appending random query params to force origin server rendering
// 06 — operational safety

Crawl politely,

or pay for the servers.

Trespass to chattels is the legal system's answer to DDoS-by-scraper. In the early 2000s, a few rogue crawlers could easily topple a server. Today, CDNs and auto-scaling groups absorb the blow, meaning the 'harm' often shifts from downtime to inflated AWS bills. DataFlirt mitigates this entirely by enforcing strict, target-aware concurrency limits. We profile the target's response latency; if TTFB degrades by more than 15%, our scheduler automatically backs off. We never become the reason a target's pager goes off.

Crawl Safety Policy

Active constraints on a DataFlirt pipeline to prevent infrastructure impact.

target.capacity_est 15,000 req/s
df.max_concurrency 15 req/s0.1% load
latency.baseline 240ms
latency.current 245msstable
robots.txt.delay honoredcompliant
cache.utilization ETag matching enabled
legal.risk_status negligiblesafe

Stay ahead of the pipeline

Data engineering
intel, weekly.

Anti-bot shifts, scraping infrastructure updates, dataset delivery patterns, and business outcomes from our pipelines. Short, technical, no fluff.

By submitting, you acknowledge our Privacy Notice.

// 07 — FAQ

Common
questions.

Common questions about the legal boundaries of server load, historical case law, and how to scrape without committing a tort.

Ask us directly →
What exactly is trespass to chattels in a digital context? +
Historically, it meant interfering with someone's physical property. In cyber law, courts have adapted it to mean sending electronic signals (like HTTP requests) that consume a server's processing power, memory, or bandwidth to the point where it impairs the system's normal functioning or costs the owner money.
Do I have to actually crash the site to be liable? +
No. While downtime is the clearest evidence, courts have ruled that significantly depleting server resources or causing the owner to incur substantial bandwidth and compute costs is enough to constitute 'actual harm.' If your scraping spikes their AWS bill by $10,000, that is measurable damage.
How did the eBay v. Bidder's Edge case shape this? +
In 2000, Bidder's Edge scraped eBay's auction listings. eBay sued for trespass to chattels and won an injunction. The court ruled that even though Bidder's Edge only consumed about 1.5% of eBay's system capacity, the cumulative effect of such scrapers would cause severe degradation. It established the precedent that unauthorized scraping can be a trespass.
Does respecting robots.txt protect me from a trespass claim? +
Largely, yes. If a site specifies a Crawl-delay and you honor it, it is extremely difficult for them to argue that your requests caused unexpected infrastructure harm. Ignoring robots.txt and hammering the site is what provides the 'unauthorized interference' element of the tort.
How does DataFlirt ensure pipelines don't trigger these claims? +
We operate on a 'do no harm' principle. Our schedulers dynamically monitor Time to First Byte (TTFB). If we detect latency increasing, we automatically throttle our concurrency. We also heavily utilize conditional GET requests (ETags) to avoid re-downloading unchanged payloads, minimizing bandwidth consumption.
Is this the same as a CFAA violation? +
No. The Computer Fraud and Abuse Act (CFAA) deals with 'unauthorized access' — hacking, bypassing passwords, or breaching authentication. Trespass to chattels is about the physical burden of the requests themselves. You can scrape public data without violating the CFAA, but still commit trespass if you do it so aggressively that you damage the server.
$ dataflirt scope --new-project --target=trespass-to-chattels-(scraping) READY

Tell us what
to extract.
We do the rest.

20-minute scoping call. Pilot dataset within the week. Production within two. Whether you need a one-off catalogue dump or a continuous feed across millions of records — we scope, build, and operate the pipeline.

Start a pipeline → View pricing
hello@dataflirt.com  ·  Bengaluru  ·  IST  ·  typical reply < 4h
// 08 — keep reading

Related glossary terms

Scraping Security

Scraping-Induced Server Load

The technical metric that translates directly into the legal concept of actual harm.

Read →
Scraping Security

Computer Fraud and Abuse Act (CFAA)

The federal anti-hacking statute often paired with trespass claims in scraping lawsuits.

Read →
Scraping Security

robots.txt Legal Standing

Why ignoring crawl delays is treated as evidence of willful interference by courts.

Read →
Network Layer

Rate Limiting

The primary technical defense targets use to prevent resource exhaustion before lawyers get involved.

Read →