Data scraping refers to the act of using automated programs to extract and collect data from the internet. In China’s judicial adjudication, judges made different judgments on similar data scraping cases. The fundamental cause lies in the failure to clearly define the conduct and targets of these two types of offences, along with an inadequate analysis of the substantive legal interests protected by the crime of illegally obtaining data from computer information systems. Such act should generally be addressed under the crime of illegally obtaining computer information system data, and the fundamental connotation of data security should be understand as the content security of data information. In addition, illegal data scraping faces several challenges, including excessive criminal regulation, unclear logic regarding whether it should be criminalized and ambiguous boundaries of illegal scraping. In light of these issues, we should insist using prepositive law such as civil law to make dahere regulation, and uphold the spirit of moderation in criminal law. Furthermore, the standards for criminalizing scraping act should be raised. If an act merely violate website agreements, or bypass the anti-scraping measure but there is no explicit prohibition, or involve minor offenses should not be punished by criminal law. The principle of moderation in criminal law must be consistently applied throughout the regulation of such behaviors.