France: Issued ruling in CNIL investigation into KASPR for alleged unlawful data scraping

On 5 December 2024, the National Commission on Informatics and Liberty (CNIL) imposed a fine of EUR 240'000 on KASPR for unlawful data scraping in violation of the General Data Protection Regulation. The ruling highlighted that KASPR aggregates and distributes contact details, including a database of approximately 160 million contacts. CNIL found that KASPR unlawfully collected LinkedIn users’ contact details despite restricted visibility settings and retained data for disproportionate periods. It also failed to provide timely and transparent information to individuals and inadequately responded to access requests. The ruling requires KASPR to cease unlawful data collection, halt automatic data retention renewals, inform individuals in an understandable language, and provide full details of data sources upon request. KASPR is required to comply with the ruling by 18 June 2025.