Law Should Balance Scraping Rules With Privacy, Academics Argue
Online personal data isn't free for the taking and "the law must stop this mass data looting," George Washington University Law School professor Daniel Solove and Boston University School of Law professor Woodrow Hartzog argued in a paper published Thursday.
Sign up for a free preview to unlock the rest of this article
Privacy Daily provides accurate coverage of newsworthy developments in data protection legislation, regulation, litigation, and enforcement for privacy professionals responsible for ensuring effective organizational data privacy compliance.
They called for coherent rules that balance the public interest in scraping with people's privacy.
Legislators should view the systemic, automated mass collection and use of personal data "as a privilege," they said. If scraping is conditioned on serving the public interest, it can be reconciled with privacy protection.
Scraping "is in conflict with nearly all core privacy principles" and must be reconciled, they said. Moreover, courts have delivered mixed results that neither wholly endorse nor ban the practice, leaving those seeking to scrape data for legitimate and desirable purposes in an uncertain situation.
Web-scraping is already in tension with existing laws, which are ambiguous and weakly enforced, the authors said. Most focus on the interests of organizations that maintain personal data rather than on the individuals whose data they hold, and, as a result, legal battles over scraping often ignore privacy concerns.
Privacy laws fail to address scraping because of the common view that "publicly accessible" personal data lacks privacy interests despite the many privacy harms that result from its collection and use, the authors said. The law "fails quite significantly" to account for the privacy implications of mass scraping, leaving people "exposed and vulnerable in the Scraping Wars."
Enforcement agencies are afraid to act on privacy laws out of concern about disrupting promises of AI innovation and boundless prosperity, the paper argued. But much of AI is trained on the massive taking of people's data without consent, oversight, limitation or any consideration of the harms it might create.