Late last month, the French data protection authority, the CNIL, published guidance surrounding considerations behind what it calls "commercial prospecting," meaning scraping publicly available website data to obtain individuals' contact info for purposes of selling such data to third parties for direct marketing purposes. The guidance is noteworthy in two respects. First, it speaks to the CNIL's view of this activity in the context of the GDPR and privacy concerns. Second, and of more general interest, the guidance lays out some guiding principles for companies that conduct screen scraping activities or hire outside vendors to collect and package such data.
Originally published Proskauer, May 2020
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.