Sourcing pressure is real. Most of the people you'd love to hire aren't applying — LinkedIn's own figure is that only about 36 percent of workers are actively looking at any given time. So a whole industry grew up around reaching the other 64 percent, and much of it works the same way: browser extensions and AI agents quietly copying public profiles into databases of hundreds of millions of people, which recruiters then search and message.
It feels efficient. But it runs on data that candidates never actually handed over, and — here's the part that gets less airtime — it's a weaker way to hire than the alternative. Let's look at what scraping-based sourcing really involves, the questions worth asking before you rely on it, and the consent-based playbook that beats it.
What scraping-based sourcing actually is
When a sourcing tool advertises 800 million profiles, ask yourself where those profiles came from. Nobody collected 800 million consents.
The data is scraped: pulled by automated tools from public web pages, professional networks, and directories, then stitched together, enriched with contact details, and sold as a searchable candidate database. Collection usually happens one of two ways — crawlers harvesting public pages at scale, or browser extensions capturing profiles while a recruiter browses. AI agents now automate both. The person in the profile almost never knows any of it happened. And that's exactly where the questions start.
Three questions to ask before relying on scraped data
We're not going to play lawyer here — this is general information, not legal advice, and the rules genuinely differ by country, platform, and method. But there are three practical questions any team can ask, and the honest answers are uncomfortable.
Does it respect the platform's rules? The platforms where these profiles live generally prohibit automated collection in their terms, and they enforce those terms — restricting tools, closing accounts, going after vendors. A sourcing stack built on collection a platform forbids is a stack that can stop working overnight.
Does it respect data-protection law? In many places — Europe being the clearest — privacy law covers personal data even when it's publicly visible. "Public" doesn't automatically mean "free to collect and reuse." Regulators in several countries have acted against companies over scraped personal data, and in some jurisdictions people have a right to know when their information was collected from somewhere other than themselves. If your team leans on scraped or purchased profile data, have that conversation with qualified counsel — before the outreach goes out, not after.
Does it respect the person? Even if the first two answers come back comfortable, this one is left. It deserves its own section.
The ethics: scale without consent
Think about what actually happened from the candidate's side. They posted a profile to network and be found professionally. They did not sign up to be copied into a third-party database they've never heard of, enriched with a phone number they never gave, and messaged by a system they can't opt out of — because they don't know it exists.
That's the heart of the problem. The recruiter gets the benefit; the candidate carries the risk — stale records, unwanted contact, no transparency, no real consent. And let's be honest about the gradient here, because it matters: reading someone's public profile and sending one thoughtful, personal note is normal recruiting. Most candidates expect it, and plenty welcome it. Bulk-harvesting thousands of profiles into a private database is a different thing entirely — not a bigger version of the same thing. Scale without consent is where sourcing stops being outreach and starts feeling like surveillance, to the exact people you're trying to impress.
The part nobody advertises: scraped data is bad data
Suppose none of that moves you. The commercial argument should.
Industry estimates put decay in aggregated profile data at roughly 2 percent a month — call it a quarter of your records going stale every year. Ask anyone who's run campaigns off a scraped database: bounced emails, outdated titles, people who left that company two years ago. Every bounce chips at your sender reputation. Every "I don't work there anymore" reply chips at your employer brand. And every hour spent cleaning a rotting list is an hour the tool was supposed to save you.
The consent-based playbook (it wins on the numbers)
So what works instead? Six channels, ranked roughly by yield — and every one of them is a place where the candidate chose to be found.
- Start with the candidates you already have. Past applicants and silver-medalist candidates gave you their data directly, and re-engaging them is the highest-yield channel in recruiting: Gem's 2026 Recruiting Benchmarks found 46 percent of sourced hires now come from candidates already sitting in the company's database — up from 26 percent in 2021. Your next great hire is probably already in your talent pool.
- Build opt-in pipelines. Talent communities, careers-site sign-ups, event and webinar registrations. Candidates put themselves in, so consent is built in — and the data starts out accurate.
- Work referrals and alumni. Relationship-based, consent-native, and consistently among the strongest quality signals in hiring.
- Pay for official platform licenses when you need reach. Recruiter seats and resume databases where candidates deliberately uploaded themselves keep everything inside the platform's rules. Reach, without the harvest.
- Source from consented networks. Marketplaces and hiring networks where people registered specifically to be discovered. Consent handled at the network level, not scraped at the edge.
- Nurture with respect. Honor unsubscribes and do-not-contact instantly, keep the data minimal and current, delete what you no longer need. A pipeline built this way compounds. A scraped one decays.
Where uRecruits Fits In
uRecruits built its Talent CRM on the consent-based model from day one. Candidates enter your pool through consent-based channels only: they apply, you invite them, you import data you already hold, or you find them in the uRecruits candidate network — registered candidates who created accounts and chose to be discoverable. Every client gets two databases: a private client database for your own candidates, plus access to that network, so you can search the wider pool and pull people straight into your private pipeline, in the open.
The rest of the design follows the same principle. When a nurtured candidate is ready, "Invite to Job" turns the relationship into a real application that flows into your ATS, with the candidate's own account created along the way. A Do Not Contact status is always respected. Everything is scoped to your company on a secure, multi-tenant architecture, with single sign-on and resumes kept in private encrypted storage behind time-limited access links. And uRecruits doesn't auto-reject or auto-rank candidates anywhere — sourcing decisions stay with the recruiter, where they belong. Talent CRM is available on the Recruitment and Full Cycle plans, and every plan starts with a 30-day free trial, no credit card required.
Want the deeper background first? See our guides to what a talent CRM is and what recruitment software does.
FAQs About Ethical Sourcing
Is it OK to collect candidate data from public profiles?
The rules differ by country, platform, and method. Platform terms generally restrict automated collection, and in many regions privacy law covers personal data even when it's publicly visible. If your team relies on scraped or purchased profile data, talk it through with qualified counsel. This article is general information, not legal advice.
What is the difference between sourcing and scraping?
Sourcing is finding and engaging candidates. Scraping is one collection method: automated harvesting of profile data at scale, usually without the person's knowledge. You can source effectively without it — through past candidates, opt-in pipelines, referrals, official platform licenses, and consented networks.
Is it OK to look at someone's public profile and contact them?
Yes — reading a public profile and sending a personal, professional note is normal recruiting, and most candidates expect it. The line is scale without consent: bulk-copying profiles into a private database the person doesn't know exists.
Why is scraped candidate data low quality?
Industry estimates put decay in aggregated profile data at roughly 2 percent a month, so around a quarter of records go stale within a year — old titles, dead emails, departed employees. That means bounced outreach, wasted recruiter time, and damage to sender reputation and employer brand.
What is the highest-yield alternative to scraped databases?
Your own database. Gem's 2026 benchmarks found 46 percent of sourced hires come from candidates already in the company's CRM or ATS — past applicants, silver medalists, and earlier outreach contacts — up from 26 percent in 2021.
What should a consent-based sourcing process include?
Clear opt-in channels (applications, talent communities, registered networks), instant honoring of unsubscribes and do-not-contact requests, minimal and current data, defined retention, and a human making the call on who gets contacted and advanced.
How does uRecruits source candidates?
Through consent-based channels only: candidates who apply, candidates you invite or import from data you already hold, and registered candidates in the uRecruits network who chose to be discoverable. There's no auto-ranking or auto-rejection anywhere, and a Do Not Contact status is always respected.
Final Thoughts
The scraping era of sourcing grew out of a real problem — most great candidates never apply — but it solved that problem by taking what wasn't offered, and the costs are showing: platform crackdowns, regulator attention, and databases that rot faster than they fill roles. The consent-based playbook solves the same problem the durable way. People who chose to be found respond better. Their data is accurate. And every relationship you build is an asset no platform can switch off.
Build the pipeline people opted into. It's not just the ethical way to source — on the evidence, it's the better one.



