The Privacy and Data Protection Journal has published an article by Duc Tran and Erin Bibb, which addresses the Joint Statement issued by the UK's Information Commissioner's Office ("the ICO") in conjunction with eleven other national data protection authorities on data scraping practices and protecting privacy.
The Joint Statement served to remind organisations that publicly available personal data is still subject to data protection and privacy laws and made clear that data protection authorities expect social media companies and other website operators to take responsibility for the content that they host online, including in relation to third-party scraping from their websites and platforms.
The Joint Statement comes in the wake of a surge in the practice of mass scraping of publicly available data from websites and online platforms following the increased availability and capability of data scraping technologies, including those assisted by AI, to collect and process individuals’ personal data from the internet. It also comes at a time when a number of organisations are facing enforcement action and significant regulatory fines from data protection authorities around the world both in relation to scraping data from online sources and failing to put adequate measures in place to prevent unlawful scraping of data under their control.
This article sets out best practice recommendations and other considerations that organisations that either engage in data scraping or are susceptible to being scraped need to consider in light of the Joint Statement.
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.