Yes, scraping public data in Romania is generally permissible, provided it complies with national and EU data protection laws. Publicly accessible information—such as court rulings, legislative texts, or municipal records—can be collected, but automated extraction must respect privacy rights and avoid circumventing technical protections.
Key Regulations for Scraping Public Data in Romania
- General Data Protection Regulation (GDPR): Applies if scraping involves personal data, requiring lawful bases (e.g., public interest) and data minimization under Law No. 190/2018 transposing GDPR into Romanian law.
- Law No. 544/2001 on Free Access to Public Information: Permits access to administrative documents but prohibits scraping if it disrupts system functionality or exceeds reasonable request volumes.
- Digital Services Act (DSA, 2024): Imposes obligations on large platforms to ensure transparency in data access, indirectly affecting scraping practices targeting their interfaces.
Scraping must avoid:
- Technical circumvention (e.g., bypassing rate limits or CAPTCHAs), which may violate Law No. 167/2022 on cybersecurity.
- Reuse of personal data without explicit consent or a statutory exemption, per the Romanian Data Protection Authority (ANSPDCP) guidance.
- Commercial exploitation of scraped data if it conflicts with terms of service or infringes copyright (e.g., Law No. 8/1996 on copyright).
Recent shifts in 2026 compliance frameworks emphasize proportionality tests for automated data collection, particularly for public sector datasets. Organizations should conduct Data Protection Impact Assessments (DPIAs) when scraping involves systematic monitoring or large-scale processing.