logo-meelo
logo-meelo

Is Open Data compatible with GDPR?

Open data is part of a trend considering that certain information is public and of general interest. And that can raise a lot of questions. Starting with its compatibility with the requirements of the General Data Protection Regulation (GDPR). A priori, the large volume of public data collected and the sanctions provided for by the GDPR are a priori totally opposed. How is Open Data compatible with GDPR? What are the rules for keeping this data open to the public? What impacts and benefits in the fight against fraud? Meelo gives you the ins and outs on this often misunderstood subject.
open-data

Open data: data exploitation, the legal framework

An overview of this controversial concept (no controversies) is in order. Let's start with the basics: defining open data.

This term refers to data made public by public or private organizations, which anyone can access, use and share. Open data is defined by three essential criteria: availability, reuse, distribution and universal participation.

The sharing of information considered as public has been reinforced, in France, by the Lemaire law, for a “Digital Republic”. This law establishes the obligation for administrations to make public the data they hold. Big paradigm shift.

Access to this open data is free of rights, as is their use.

Open data is essentially based on interoperability. A pooling of data, essential to derive social or economic benefits from the opening of many sources of information to the public.

This data must therefore allow different organizations and systems to work together by mixing their knowledge, using a common language. 

Open data concerns more and more sectors and there are more and more requests for “opening up” data. Today, documents such as court decisions or real estate transactions recorded in France are published in Open Data.

It is now all the information generated and collected by the administrations that must be made available to citizens. This data may for example refer to the performance of a public service, transport, or public procurement contracts.

 

Open data and protection of personal data: current situation

The GDPR broadly defines what personal data is. This text is intended to protect personal data. It defines it as any information referring to an identified or identifiable natural person. That is to say, a natural person who can be identified, directly or indirectly, via one or more data such as a name, an identifier, a telephone number.

 

GDPR enforcement with open data

The GDPR applies if:

We process personal data in the European Union

If the data is established outside the EU, but processes personal data in connection with the provision of goods or services to persons established in the EU or it analyzes the behavior of these persons.

 

Reconciling open data and GDPR: Reality or wishful thinking?

 

What about open data and GDPR in France?

It may seem that open data is not really compatible with the legislative framework imposed by the GDPR regarding the processing of personal data.

 

Data anonymization

Open data does not basically concern the protection of personal data. The new digital context involves better taking into account, at the level of the provision of data as well as their reuse, the protection of privacy. This anonymization is a source of significant issues is in place to protect the privacy of users' data. But how is it actually used in case studies?

 

GDPR, Open Data and payment risk management

 

Open data data management at Meelo

Meelo collects open data to enrich its analysis tools. 

Only the public information necessary for the effectiveness of our risk and fraud analyzes is collected.

With regard to personal data sent by users of our solutions, Meelo makes a point of maintaining all the necessary security measures to protect this data.

None of our users' data is stored in clear text in our databases and they are regularly erased after a certain period of time defined with our customers to guarantee the quality of our services.

Discover all our articles

Meelo IBAN verification to secure payments

IBAN verification: a necessity in the face of the rise in banking fraud 

The IBAN, or International Bank Account Number, has become a central element in financial transactions, particularly in the context of SEPA transfers. Its role: to precisely identify a bank account in the international network. However, this identifier, however structured, can become a gateway for fraud.
According to the annual report of the Observatory for the Security of Payment Methods (OSMP), published in September 2024, bank transfer fraud represented €312 million in 2023. Nearly half of this fraud (48%) is "fake IBAN scams," whether involving bank account substitutions during exchanges, manipulation of intermediaries, or even online diversions. The scope of vulnerabilities is vast.
In this context, securing payments inevitably requires the systematic verification of IBANs before their use. Manual verification, while possible, is often a source of errors, tedious, and ineffective on a large scale. This need for reliability and automation explains why IBAN verification is now an essential building block of a secure payment system.

Read more
Explanatory diagram of Mobile ID: identity verification solution, component of the Meelo identity confidence score

Mobile ID: Optimize identity verification with our new component

At Meelo, we pride ourselves on constantly innovating to offer you ever more powerful solutions. To meet the growing need for security and fluidity in user identification, we are pleased to introduce Mobile ID, a key component integrated into our Identity Trust Score for Individuals.
Mobile ID allows you to verify identity information more efficiently by relying on data provided by telephone operators. This new identity verification solution optimizes the accuracy of our scores and helps you better protect your business against fraud attempts.

Read more
FIDA, Open Finance

FIDA: supervising the open finance with confidence

The FIDA (Financial Data Access) regulation is a continuation of the DSP2 directive, by expanding the opening of financial data to new sectors. Where DSP2 mainly focused on banking data, FIDA aims to go further: insurance, savings, credit, investment ... so many areas concerned by this new European regulation.

Read more
Anti-fraud metric

The keys to understanding the metrics of meelo anti-fraud tools

Let us continue our Immersion behind the scenes of the Meelo solution with a focus on the evaluation metrics used in our tools to combat fraud. If the Gini index remains a historic and recognized standard in the banking sector, our engagement for ever more efficient and responsible detection pushes us to go further and to integrate the most relevant metrics on the market. It is in this perspective that we have chosen to adopt, in addition to the Gini, an even finer measure in its probabilistic reading: the Brier Score. Our goal? Offer you a precise reading of your predictions and increased confidence in your decision -making. Explanations!

Read more