![]() Broadly, PII includes any data about the person’s: GDPR harmonised data protection laws across member states and put down extra provisions for what constitutes sensitive personal information (or PII). Every business interacting with EU citizens and/or residents had to comply. We monitor, educate and campaign to secure human rights for everyone in Ireland.In 2018, the EU adopted the General Data Protection Regulation (GDPR) - a set of privacy and data security laws, covering all member states. The Irish Council for Civil Liberties (ICCL) is Ireland’s oldest independent human rights campaigning organisation. ICCL has repeatedly asked the DPC to disclose detailed statistics on its backlog of cross-border complaints and cases, and for transparency about what actions it took when it describes a complaint or case as resolved. The European Commission is due to respond by 15 May. Separately, the EU Ombudsman recently wrote to European Commission President Ursula von der Leyen, following a separate complaint from ICCL, to investigate whether the Commission has adequately monitored Ireland’s application of the GDPR. But it has failed to act in this landmark case, despite the passage of three and a half years and having detailed evidence of Google’s massive and ongoing data breach”. “ The DPC was created to protect us against the illegal collection and use of intimate data about us. The plaintiff in the case is Dr Johnny Ryan, a Senior Fellow at ICCL. ![]() Repeated attempts to get the DPC to take up this rights violation have failed.” The issue at stake here affects the rights of every European and we are going to court to see that digital rights are protected. “We are concerned that the rights of individuals across the EU are in jeopardy, because the DPC has failed to investigate Google’s RTB system over three and half years since first notified by Johnny Ryan in 2018. Liam Herrick, Executive Director of ICCL, said The High Court grants leave for ICCL lawsuit against the DPC for inaction. This excludes data security – the critical issue of the complaint. The DPC announces it has launched an inquiry into Google’s RTB system.ĭPC says it has written a “statement of issues” of what it will investigate (at last). The DPC’s failure to act on this complaint has therefore allowed Google’s massive data breach to continue across the entire EU for 3 ½ years.ģ ½ years of inaction by the Irish Data Protection Commissionĭr Johnny Ryan lodges a GDPR complaint against Google’s and IAB’s Real-Time Bidding systems at the Irish Data Protection Commission. ![]() In fact, no other EU enforcers can act until the DPC does so. Because Google’s EU operation is based in Ireland, the DPC has the lead responsibility to see that it obeys Europe’s data protection law. The DPC was obliged to investigate and act on that complaint under the GDPR. The DPC received a complaint about Google’s RTB data breach 3 ½ years ago. Google operates this unlawful RTB system on millions of websites, broadcasting personal data to other tracking companies billions of times a day. This infringes the cardinal GDPR principle that companies must protect personal data. There is no control over what those companies do with this sensitive data. It happens behind the scenes, and can broadcast private information about you to over a thousand other tracking companies in a split second. Google’s “Real-Time Bidding” (RTB) system selects what ads you will see when a website or app loads. ![]() The Irish Council for Civil Liberties (ICCL) is suing the DPC for its failure to protect people against the biggest data breach ever recorded: Google’s “Real-Time Bidding” online advertising system. ![]()
0 Comments
Leave a Reply. |