Data Scraping in EU Regulators’ Sights As Spain Orders Equifax to Delete Information
European data protection regulators are investigating companies’ use of data they scrape from public sources. Spain’s data protection authority recently ordered Equifax Inc. to delete data it collected this way and pay a fine of about $1.1 million for using in credit reports publicly available information from tax authorities and other government sources about individuals’ outstanding debts.
Companies are under growing scrutiny for how they handle data they gather manually or with an automated process from public sources because using it without individuals’ permission can violate European privacy rules. Regulators are looking into recent incidents affecting users of Facebook Inc. and Microsoft Corp.’s LinkedIn, and have sanctioned smaller firms for data scraping.
The Spanish authority’s penalty last month against Equifax highlights the risks companies face when using scraped data from individuals in EU countries.