Web scraping is a controversial topic, as the Dutch Data Protection Authority deems it illegal in almost all cases. According to the authority, scraping quickly gathers personal data and should only be done for a specific purpose.
The Dutch Data Protection Authority has released a guide for organizations that engage in web scraping activities. The authority takes a strict stance on this issue, emphasizing that just because information is available online doesn't mean it can be freely collected through scraping.
Organizations that wish to use scraped data must have a valid basis for doing so, as personal data is often collected during the scraping process. The Dutch Data Protection Authority highlights the importance of adhering to the principles outlined in the GDPR, particularly emphasizing the concept of legitimate interest. However, the authority cautions that meeting the criteria for legitimate interest can be challenging when it comes to scraping.
Legal experts and the European Commission support the Dutch Data Protection Authority's stringent stance on web scraping, with the authority stating that commercial purposes alone cannot justify scraping activities. The authority unequivocally states that scraping websites will almost always violate the GDPR.
The Dutch Data Protection Authority does make exceptions for certain cases, such as personal or targeted use of scraping for specific purposes. For example, scraping news websites for relevant information about a company may be considered acceptable.
While the guidance provided by the Dutch Data Protection Authority applies to private individuals and companies, governments also need to be mindful of scraping activities. The authority plans to develop separate guidelines for government entities, as different rules and laws may apply in those cases.
English (US)