The Privacy and Data Protection Journal has published an article by Duc Tran and Erin Bibb, which addresses the Joint Statement issued by the UK's Information Commissioner's Office ("the ICO") in conjunction with eleven other national data protection authorities on data scraping practices and protecting privacy.
The Joint Statement served to remind organisations that publicly available personal data is still subject to data protection and privacy laws and made clear that data protection authorities expect social media companies and other website operators to take responsibility for the content that they host online, including in relation to third-party scraping from their websites and platforms.
The Joint Statement comes in the wake of a surge in the practice of mass scraping of publicly available data from websites and online platforms following the increased availability and capability of data scraping technologies, including those assisted by AI, to collect and process individuals' personal data from the internet and at a time when a number of organisations are facing enforcement action and significant regulatory fines from data protection authorities around the world both in relation to scraping data from online sources and failing to put adequate measures in place to prevent unlawful scraping of data under their control.
This article sets out best practice recommendations and other considerations that organisations that either engage in data scraping or are susceptible to being scraped need to consider in light of the Joint Statement.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
