Yes, scraping public data in Colorado is generally permissible, but strict adherence to state and federal laws is required. Public records under the Colorado Open Records Act (CORA) are accessible, yet automated scraping may trigger legal scrutiny if it violates terms of service or disrupts systems. The Colorado Attorney General’s 2024 guidance emphasizes compliance with the Colorado Consumer Protection Act (CCPA) when handling scraped data, particularly for commercial use.
Key Regulations for Scraping Public Data in Colorado
- Colorado Open Records Act (CORA): Grants access to public records but prohibits scraping if it circumvents reasonable access fees or burdens public agencies. Requests exceeding 25 records annually may require formal approval under CORA § 24-72-204(3).
- Computer Crime Law (C.R.S. § 18-5.5-102): Prohibits unauthorized access to computer systems, including aggressive scraping that mimics bot traffic or exceeds rate limits, risking felony charges under the 2023 amendments.
- Colorado Consumer Protection Act (CCPA): Imposes liability for deceptive scraping practices, such as misrepresenting bot identity or harvesting personal data without disclosure, with penalties up to $20,000 per violation under § 6-1-113.
Local jurisdictions like Denver’s Open Data Program impose additional constraints, requiring API-based access for high-volume requests. The 2026 Colorado Privacy Act (CPA) further complicates scraping by mandating opt-out mechanisms for personal data, even if sourced from public records. Entities must conduct due diligence to distinguish between public records and protected personal information under CPA § 6-1-1304.