DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Joint statement on data scraping and data protection

Posted on August 24, 2023 by Dissent

The Information Commissioner’s Office and eleven other data protection and privacy authorities from around the world have today published a joint statement calling for the protection of people’s personal data from unlawful data scraping taking place on social media sites.

Data scraping is an automated way to pull large amounts of information from the web. Scraping from social media creates privacy risks and potential harms, such as the information people post online being used for reasons they don’t expect, exploited in cyberattacks or used for identity fraud.

The joint statement published today sets expectations for how social media companies should protect people’s data from unlawful data scraping. It also recommends steps people can take to minimise risks when sharing information online.

“This joint statement helps provide certainty, and consistency across borders, in how data protection applies to information people post online. Organisations must have a lawful reason for collecting and using people’s data, even when it is publicly available.

“Social media companies have obligations under UK data protection law to protect the information people post on their platforms.

“We are seeing increased reports of mass data scraping from social media and remind organisations that such incidents may require reporting to the ICO as a personal data breach.”

– Stephen Bonner, ICO Deputy Commissioner for Regulatory Supervision

The joint statement is signed by twelve authorities brought together by the Global Privacy Assembly. Social media companies are invited to respond and demonstrate how they protect people from unlawful scraping.

The signatories of the joint statement are:

  • Office of the Australian Information Commissioner
  • Office of the Privacy Commissioner of Canada
  • Information Commissioner’s Office – United Kingdom
  • Office of the Privacy Commissioner for Personal Data – Hong Kong, China
  • Federal Data Protection and Information Commissioner – Switzerland
  • Datatilsynet – Norway
  • Office of the Privacy Commissioner – New Zealand
  • Superintendencia de Industria y Comercio – Columbia
  • Jersey Office of the Information Commissioner
  • CNDP (Commission Nationale de contrôle de la protection des Données à caractère Personnel) – Morocco
  • AAIP (Agency for Access to Public Information) – Argentina
  • INAI (National Institute for Transparency, Access to Information and Personal Data Protection) – Mexico

Source: ICO

Category: Breach LawsCommentaries and AnalysesOf Note

Post navigation

← Rochester Public Schools announces cause behind spring cyberattack
Proposed UN Cybercrime Treaty Threatens to be an Expansive Global Surveillance Pact →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • Class action settlement following ransomware attack will cost Fred Hutchinson Cancer Center about $52 million
  • Comstar LLC agrees to corrective action plan and fine to settle HHS OCR charges
  • Australian ransomware victims now must tell the government if they pay up
  • U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
  • Victoria’s Secret takes down website after security incident
  • U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
  • St. Cloud Provides Update on Ransomware Attack in 2024
  • Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent
  • Trump Taps Palantir to Compile Data on Americans
  • The US Is Storing Migrant Children’s DNA in a Criminal Database

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report