October 3, 2023

In an advisory from over a dozen data protection and privacy authorities from around the world, urge social media platforms to strengthen their defenses against data scrapers.

The UK, Australia, Canada, Hong Kong/China, Switzerland, Norway, New Zealand, Columbia, Morocco, Argentina, and Mexico are among the countries that are co-signatories of the declaration.

Data scraping is a process of gathering data that users have posted on a platform and obtaining substantial amounts of publicly accessible data from websites using automated technologies like bots.


Though they are publicly available, it can be used by threat actors to launch targeted attacks or commit identity fraud when paired with private or supplementary data from other sources.

The issue has gathered frequent hindsight, a major headache to various social media platforms such as Facebook, LinkedIn, and TikTok.

The joint statement emphasizes that data privacy and protection rules continue to apply to information that is publicly available or accessible resulting in social media platforms to enhance anti scraping mechanisms.

Proposed safety measures:

  • Put in place numerous technical and administrative safeguards for protection.
  • Establish a team or specific roles to manage, keep an eye on, and react to scraping activities.
  • Utilize “rate limiting” to limit the number of visits per account per hour or day.
  • Keep an eye out for any suspiciously quick interactions with new accounts.
  • Recognize “bot” patterns, such as frequent accesses made with the same credentials.
  • Use CAPTCHAs to identify bots, and if scraping is discovered, block the associated IP addresses.
  • Take legal action against recognized scrapers, such as sending “cease and desist” letters.
  • In the event of a data breach, notify the affected parties and regulators.
  • Help users understand and control their privacy settings proactively.
  • Ensure privacy laws are followed if security measures handle personal data.
  • Describe the steps done to prevent data scraping to users.
  • Keep an eye out for new threats, adapt, and update your controls.
  • Analyze scrape event metrics to enhance the security framework.

Every user can protect personal data from cybercriminals by:

  • Limiting the amount of information posted online
  • Reading the privacy policies of the online platforms to understand the risks
  • Setting the privacy settings on social media to decrease public exposure as much as possible
  • Thinking long-term because information posted today can live forever online.

Leave a Reply

%d bloggers like this: