GDPR Update: Scraping Publicly Available Personal Data
The idea that GDPR does not apply to scrape public personal data is a popular one. Many companies falsely assume that data that has been made publicly available on another website can be scraped without consequence. Actually, there are no blanket exemptions for public personal data in GDPR; the same analysis that must be performed before scraping any other personal data must also be performed when scraping public personal data. The Information Commissioner’s Office (ICO) has a helpful rundown of the GDPR’s exemptions, which should be considered. Since this topic often causes misunderstanding, we’ll focus on publicly available information on identifiable individuals in this essay.
In a recent ruling, the Polish GDPR authority unequivocally said that even when dealing with public personal data, GDPR compliance was still required.
A corporation was fined £187,000 by the Polish authority in March 2019 for harvesting and utilizing public personal data without the consent of the data subjects. According to reports, the corporation in issue obtained personal information on more than six million Polish citizens from the nation’s Central Electronic Register and Economic Activity Information. However, it claimed that “high operational costs” precluded it from reaching more people and informed only 90,000 of the people for whom it possessed email addresses. The company sought to make the case that it took an excessive amount of time and effort to notify everyone for whom they lacked email addresses. Still, the Polish regulator did not find that to be persuasive. It should be highlighted that it’s not clear if they performed a thorough DPIA, which is something we always advise if you are collecting personal information without the subject’s knowledge or permission or in violation of a contract.
This makes it obvious that you must inform people when you collect their public personal data; there is probably no way around this. You must give the required notifications if you have their email, phone number, home address, or another way to get in touch with them. Additionally, if you’re under investigation, be sure you’re taking steps to address any problems. Otherwise, you risk receiving more unwarranted fines. Finally, if you choose to use a DPIA, ensure that it is thoroughly documented and that you let the data subjects know about it if you can.
To remain web compliant, it is crucial for Web scraping businesses to stay up to speed on the laws and guidelines governing data extraction. So that you may ensure that your scraping process is efficient and courteous, we will discuss this topic and many others later in detail.
If you are thinking of starting a web scraping project for your company that could harvest personal information from open websites and you want to be sure it complies with GDPR, don’t hesitate to get in touch with us. A custom web scraping solution can be created for your unique needs by our engineering team.
Frequently asked questions:
Is web scraping compliant with GDPR?
Scraping names and emails from a website to generate leads without the consumers’ consent is one of the practices that GDPR forbids. Services Agreement In addition to the GDPR, you also need to think about the demands that websites place on you.
What falls outside of GDPR’s definition of personal data?
Personal data does not include information about organizations or governmental entities. However, information about people who are sole proprietors, workers, partners, or corporate directors may qualify as personal data if the information relates to them specifically and may be used to identify the person.
Does GDPR consider an email address to be personal data?
A name and a business email address are two examples of data that can be used to identify a specific person.
At Hir Infotech, we know that every dollar you spend on your business is an investment, and when you don’t get a return on that investment, it’s money down the drain. To ensure that we’re the right business with you before you spend a single dollar, and to make working with us as easy as possible, we offer free quotes for your project.