Yes, web scraping is legal in Romania under specific conditions, but it is not unregulated. The Romanian Data Protection Authority (Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal, ANSPDCP) enforces compliance with GDPR and local laws, while the 2026 Digital Services Act (DSA) introduces stricter platform obligations. Publicly accessible data may be scraped if it does not involve personal data or violate terms of service.
Key Regulations for Web Scraping in Romania
- GDPR Compliance (Regulation (EU) 2016/679): Scraping personal data without a lawful basis (e.g., consent, legitimate interest) violates GDPR. ANSPDCP actively monitors breaches, with fines up to €20 million or 4% of global turnover.
- Terms of Service (ToS) Violations: Romanian courts (e.g., Curtea de Apel București) have ruled that bypassing anti-scraping measures (e.g., CAPTCHAs, rate limits) breaches contract law under the Codul civil (Civil Code).
- Digital Services Act (DSA) 2026: Platforms hosting scraped data must ensure transparency and user control. Large online platforms (e.g., e-commerce sites) face stricter obligations to prevent unauthorized scraping under DSA’s Article 32.