Legal risk / Jul 10, 2026 / 4 min
The Crawl Comes Before the Filter Now
On July 8, the European Data Protection Board adopted Guidelines 03/2026 — the first pan-EU rulebook for AI training scrapes — requiring lawful basis and data-minimisation filters before the crawl starts, not after the petabyte ships, the same week OpenAI's IPO roadshow ships GPT-5.6 and U.S. courts fight over whether training logs even exist.
On July 8, the European Data Protection Board adopted Guidelines 03/2026 — the first pan-EU framework for web scraping in generative AI training — declaring that publicly posted content is not free training data, that legitimate interest requires a documented case-by-case balancing test with no blanket exemption, and that data-minimisation filters must run before the crawl starts, not after the petabyte ships — the same week OpenAI's IPO roadshow needs investors to treat training-data risk as a solved American legal question.
What Brussels adopted: At its July 8 plenary, the EDPB released Guidelines 03/2026 on web scraping for generative AI (Version 1.0, adopted July 7) alongside companion anonymisation guidelines establishing a three-criterion test for whether data truly escapes GDPR.
Both are open for public consultation until October 30, 2026.
The core holding: GDPR applies whenever web scraping includes personal-data processing — collection, storage, organisation, retrieval — regardless of whether the source content is publicly visible.
"Public" on the internet is not "free" for model training.
What changes in the pipeline:
- Before the crawl: Controllers must define collection criteria, exclude sites that oppose scraping (robots.txt, CAPTCHA), and filter out unnecessary personal-data categories — not downstream during dataset cleaning
- Lawful basis: Legitimate interest under Article 6(1)(f) requires three cumulative tests — genuine interest, necessity, and a balancing calculation — documented case by case. No industry-wide blanket pass
- Accuracy: Scrape from reliable sources, timestamp the data, validate before training
- Special categories: Health, biometric, and other sensitive data are generally prohibited; incidental collection may invoke the CJEU's GC & Others (C-136/17) framework only with technical measures to prevent dissemination — assessed individually, not assumed
The accountability gap: The guidelines land after years of national enforcement without a unified standard.
Italy's Garante fined OpenAI €15 million in November 2024 over ChatGPT training transparency and lawful-basis failures — then Rome's Court annulled the penalty on March 18, 2026, on jurisdictional grounds after Ireland became OpenAI's EU lead authority, without ruling on the merits.
Ireland's DPC separately forced X to permanently stop processing EU users' posts to train Grok and delete previously scraped data.
Dutch and French regulators have targeted smaller developers.
Guidance proliferated. Final enforcement against frontier launches produced one decision — now voided on procedure.
Why IPO week matters: OpenAI confidentially filed its S-1 in June and shipped GPT-5.6 Sol publicly on July 9.
Thursday's Times sanctions motion alleges discovery misconduct over training logs in Manhattan federal court.
Brussels is writing a different receipt — not about whether journalism was copied, but whether anyone's personal data entered a training corpus with documented legal basis before the spider ran.
An AI developer who buys a scraped dataset from a broker inherits separate accountability for its own processing — the guidelines distinguish scraper, developer, and joint-controller roles case by case.
The quotes that matter:
-
EDPB (Guidelines 03/2026 executive summary): "Compliance with certain GDPR requirements can be challenging when web scraping collects data that include personal data" — and controllers "should conduct their scraping activities in a way that enables them to ensure compliance."
-
EDPB (press release, July 8): Web scraping "often operates without individuals being aware, and which may pose significant risks to the protection of their personal data."
-
EDPB Chair Anu Talus (on companion anonymisation guidelines): "The guidelines mark a significant milestone in clarifying the notion of anonymous data, establishing clear standards that facilitate the use of data while protecting individuals' fundamental rights."
-
EDPB (on special categories): "There is no general exemption from the requirements of Art. 9 GDPR and each case must be assessed individually."
What this is not: The guidelines are not final law — they are adopted for consultation.
They do not replace the EU AI Act's parallel obligations.
They do not decide U.S. fair-use fights.
They do tell every frontier lab that the default scrape-then-scrub pipeline is now documented non-compliance in Europe.
Convina's view: Silicon Valley built the AI boom on a crawl-first, lawyer-later pipeline — vacuum the web, filter the PII in post-production, cite legitimate interest in a privacy policy nobody reads. Brussels just said the filter belongs at the front door, the balancing test belongs in a file an auditor can open, and "publicly available" is not a get-out-of-GDPR card. Labs racing toward public markets are pricing training data as an American copyright question while Europe is writing it as a personal-data question with timestamps and exclusion lists. The Rome court killed Italy's only frontier-AI fine on jurisdiction, not substance — which means the next enforcement wave will arrive with these guidelines attached. If your data room still treats scraping as infrastructure and compliance as a post-IPO line item, you are underwriting the wrong risk.