Begin typing your search...

Regulators for protecting users from data scraping

Scraped personal information can be exploited for various purposes, 12 key global regulators tell social media giants

image for illustrative purpose

Regulators for protecting users from data scraping
X

26 Aug 2023 1:35 AM IST

Social media companies and the operators of websites that host publicly accessible personal data have obligations under data protection and privacy laws to protect personal information on their platforms from unlawful data scraping, regulators at a dozen international privacy watchdogs have said in a joint statement.

The joint statement, issued at a time when generative AI poses new challenges to people’s data, has been sent directly to Alphabet (YouTube), ByteDance (TikTok), Meta Platforms (Instagram, Facebook and Threads), Microsoft (LinkedIn), Sina Corp (Weibo), and X Corp (X, previously Twitter).

The statement, singed by the key privacy regulators from the UK, Canada, Hong Kong, Australia, Switzerland, Norway, New Zealand, Colombia, Jersey, Morocco, Argentina and Mexico, urged social media platforms to protect users’ public posts from scraping, saying that mass data scraping incidents that harvest personal information can constitute reportable data breaches in many jurisdictions.

Scraped personal information can be exploited for various purposes, such as monetisation through re-use on third-party websites, sale to malicious actors, or private analysis or intelligence gathering, resulting in serious risks to individuals.

“In most jurisdictions, personal information that is ‘publicly available’, ‘publicly accessible’ or ‘of a public nature’ on the internet, is subject to data protection and privacy laws,” they wrote.

Social media companies and the operators of other websites that host publicly accessible personal information also have data protection obligations with respect to third-party scraping from their sites. “SMCs and other websites are responsible for protecting individuals’ personal information from unlawful data scraping,” the privacy regulators added.

As no one safeguard will adequately protect against all potential privacy harms associated with data scraping, SMCs and other websites should implement multi-layered technical and procedural controls to mitigate the risks, they advised.

Social media privacy laws data protection AI SMCs 
Next Story
Share it