Google Targeted By Fresh Round Of GDPR Complaints

Civil liberties campaigners on Tuesday filed complaints with national regulators across Europe alleging data protection violations by online advertising real-time bidding systems, and Google’s Authorised Buyers programme in particular.

The complaints leverage stricter GDPR data protection rules introduced last year, according to Berlin-based campaign group Liberties, which is coordinating the actions.

The group argues that behavioural advertising systems “broadcast the personal data of users to hundreds if not thousands of companies”.

Free content and services online are effectively paid for with users’ personal information, which includes “our browsing history, our location, our sexual orientation, our religion and our online identity”, said Liberties legal expert Eva Simon in a blog post.

Data leak

The actions, filed in the UK, France, Germany and nine other countries, are intended as a wake-up call to national regulators, Simon said.

The aim is to get regulators to coordinate with one another and with the European Data Protection Board, she said, arguing that a joint action on behalf of EU data protection offices would be “the most effective way” to force changes in the online ad industry.

“The GDPR is in effect, but has yet to be truly enforced,” Simon stated.  “We would like to change this with our campaign.”

She said that real-time bidding goes against GDPR rules by failing to obtain users’ informed consent and by introducing a “very high” risk of data leaks.

Industry standards

“Our data is broadcast to thousands of companies across the world,” Simon wrote.

The other countries in which actions were filed are Belgium, Bulgaria, the Czech Republic, Hungary, Estonia, Ireland, the Netherlands, Poland and Slovenia.

Liberties advocacy officer Orsolya Reich said the group is not taking issue with organisations who make use of real-time bidding, but with those who set  industry standards.

“We want them to comply with the laws, which at present, as far as we can tell, they aren’t doing,” she said in a statement.

The worldwide online ad industry, in which Google and Facebook are dominant players, is set to grow to $273 billion (£215bn) this year, according to eMarketer.

In the most serious cases, the GDPR allows for companies to be fined up to 20 million euros (£18m) or 4 percent of their global turnover, whichever is larger.

In January privacy-oriented browser company Brave targeted Google and the Internet Advertising Bureau (IAB) with a GDPR complaint similarly alleging that privacy flaws are inherent in current ad standards, while last month the Irish data protection regulator launched a probe into GDPR’s compliance.

Google’s shares closed down 6 percent on Monday following reports of a possible antitrust probe by US regulators.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

2 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

5 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

6 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

7 hours ago