Google Targeted By Fresh Round Of GDPR Complaints

Civil liberties campaigners on Tuesday filed complaints with national regulators across Europe alleging data protection violations by online advertising real-time bidding systems, and Google’s Authorised Buyers programme in particular.

The complaints leverage stricter GDPR data protection rules introduced last year, according to Berlin-based campaign group Liberties, which is coordinating the actions.

The group argues that behavioural advertising systems “broadcast the personal data of users to hundreds if not thousands of companies”.

Free content and services online are effectively paid for with users’ personal information, which includes “our browsing history, our location, our sexual orientation, our religion and our online identity”, said Liberties legal expert Eva Simon in a blog post.

Data leak

The actions, filed in the UK, France, Germany and nine other countries, are intended as a wake-up call to national regulators, Simon said.

The aim is to get regulators to coordinate with one another and with the European Data Protection Board, she said, arguing that a joint action on behalf of EU data protection offices would be “the most effective way” to force changes in the online ad industry.

“The GDPR is in effect, but has yet to be truly enforced,” Simon stated.  “We would like to change this with our campaign.”

She said that real-time bidding goes against GDPR rules by failing to obtain users’ informed consent and by introducing a “very high” risk of data leaks.

Industry standards

“Our data is broadcast to thousands of companies across the world,” Simon wrote.

The other countries in which actions were filed are Belgium, Bulgaria, the Czech Republic, Hungary, Estonia, Ireland, the Netherlands, Poland and Slovenia.

Liberties advocacy officer Orsolya Reich said the group is not taking issue with organisations who make use of real-time bidding, but with those who set  industry standards.

“We want them to comply with the laws, which at present, as far as we can tell, they aren’t doing,” she said in a statement.

The worldwide online ad industry, in which Google and Facebook are dominant players, is set to grow to $273 billion (£215bn) this year, according to eMarketer.

In the most serious cases, the GDPR allows for companies to be fined up to 20 million euros (£18m) or 4 percent of their global turnover, whichever is larger.

In January privacy-oriented browser company Brave targeted Google and the Internet Advertising Bureau (IAB) with a GDPR complaint similarly alleging that privacy flaws are inherent in current ad standards, while last month the Irish data protection regulator launched a probe into GDPR’s compliance.

Google’s shares closed down 6 percent on Monday following reports of a possible antitrust probe by US regulators.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Google Jarvis AI Extension Leaked On Chrome Store

Seemingly accidental leak reveals Google is developing Jarvis AI extension that can browse the web…

10 hours ago

Amazon Mulls New Multi-Billion Dollar Investment In Anthropic – Report

Amazon is reportedly in talks to pump billions of dollars more into AI start-up Anthropic,…

14 hours ago

FTX’s Caroline Ellison Begins Her Two Year Prison Sentence

Star witness for the US prosecution of FTX founder Sam Bankman-Fried, has begun her two…

15 hours ago

More Layoffs For iRobot Staff After Abandoned Amazon Deal

After axing 31 percent of its workforce when it failed to be acquired by Amazon,…

1 day ago

Mozilla Foundation Confirms Layoffs, Eliminates Advocacy Division

Mozilla Foundation axes 30 percent of its staff, and is eliminating its Advocacy Division that…

1 day ago

Google To Make MFA Mandatory Next Year

Improving security. Mandatory multi-factor authentication (MFA) is coming to the Google Cloud by the end…

1 day ago