Expert Advice Community

Guest

Processing of publicly available personal data

  Quote
Guest
Guest user Created:   Nov 29, 2017 Last commented:   Nov 29, 2017

Processing of publicly available personal data

How does the GDPR apply to software that is crawling the web and gathering publicly available email addresses (in order to help others quickly find business emails connected to a domain)? This is public data (not collected from individuals, but found on websites and also found on Whois). But the what that bothers me is that the data has to be cached/stored so that the software can work and that could be problem. I would really appreciate if you could point me in the good direction of my research. So far I found nothing very relevant (except that for example Whois is still in debate with GDPR representatives).
0 0

Assign topic to the user

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR & ISO 27001 INTEGRATED DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Andrei Hanganu Nov 29, 2017

Answer:

Regarding the processing of publically available personal data you would have to consider the fact that processing needs to be in line with the scope for which that data was made publically available by the data subject.

For example, you could get email addresses from LinkedIn and it would be fine to use those to contact the data subjects for recruitment purposes or to buildup a CV data base using the information fro m LinkedIn if you are a recruiting company.

However, if the email addresses were to be uses for marketing purposes this processing will most likely be unlawful unless you obtain the consent of the data subjects.

You could also check out this case law in Italy which you might find useful - https://europrivacy.info/2016/10/31/italiano-dati-personali-resi-manifestamente-pubblici-dallinteressato-e-uso-di-dati-pubblicati-su-social-network-prime-osservazioni-allart-9-co-2-lett-e-gdp/

The issue regarding Whois is still under debate but most likely changes would follow such as granting access to the information on domain holders only for law enforcement agencies.

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Nov 29, 2017

Nov 29, 2017

Suggested Topics

Guest user Created:   Jan 19, 2023 EU GDPR
Replies: 1
0 0

GDPR in Sweden

Guest user Created:   May 27, 2020 EU GDPR
Replies: 1
0 0

E-privacy laws compliance

Guest user Created:   Feb 22, 2018 EU GDPR
Replies: 3
0 0

Company data