|
|
|
|
|
|
by Nextgrid
1448 days ago
|
|
|
From a GDPR point of view the scraper would be acting as a data processor on behalf of their customer, no different from using a cloud storage service for your contacts. It's fine as long as the third-party doesn't misuse the scraped data or share it with third-parties and there's no evidence they did so in this case. |
|
|
Indeed; the users probably wanted to make the data public, if scraper accounts could see it. There is a GDPR allowance for data "manifestly made public by the data subject".
https://gdpr-info.eu/art-9-gdpr/
Here, it's just Facebook wanting to keep the data inside a walled garden.
For the same reason, I quit LinkedIn and made my own site. I don't want people to have to sign in to see my profile.