On April 30, 2020, the French data protection authority, the CNIL, published a guidance surrounding considerations behind what it calls “commercial prospecting,” meaning scraping publicly available website data to obtain individuals’ contact info for purposes of selling such data to third parties for direct marketing purposes.  The guidance is significant in two respects.  First, it speaks to the CNIL’s view of this activity in the context of the GDPR and privacy concerns.  Second, beyond the context of direct marketing related privacy issues, the guidance lays out some guiding principles for companies that conduct screen scraping activities or hire outside vendors to collect and package such data.

In a year when behavioral advertising was already expected to be at the top of the hot button privacy issues list, on January 13, 2008, the Center for Digital Democracy (“CDT”) and U.S. Public Interest Research Group (“US PIRG”) filed a document with the Federal Trade Commission (“FTC”) urging the FTC to investigate online mobile marketing practices, to take new actions to stop mobile marketing activities that “abuse consumer rights,” and to recommend new federal legislation and enhanced enforcement power for the FTC in this area. The document expands on the groups’ concerns about online behavioral advertising generally – the delivery of ads tailored to consumers’ interests based on browsing habits and/or consumer demographics – to the mobile space. In doing so the groups cite the potential for even greater consumer harm because of the additional possibility of location-based targeting linked to a cell phone or other mobile device that is typically tied to a single consumer who uses it for multiple applications, including voice, video and data.