Google has been outspoken about its intention to create a more privacy-focused ad tech environment, but the company is now facing accusations of sneakily circumnavigating security protocols.
Brave, a company that offers a privacy-centric web browser, has released damning information which alleges the tech giant deploys “a mechanism by which Google appears to be circumventing its purported GDPR privacy protections”.
The EU introduced the General Data Protection Regulation (GDPR) last year to set a standard around data collection.
Brave’s chief policy officer Johnny Ryan claimed Google uses secret ‘Push Pages’, that are not visible to the users and show no content, to share profile identifiers about a person when they load a web page.
“This, combined with other cookies supplied by Google, allows companies to pseudonymously identify the person in circumstances where this would not otherwise be possible,” Ryan said.
This is despite the fact Google now claims it prevents the companies that use its DoubleClick/Authorized Buyers real-time bidding (RTB) ad system from combining sensitive data from website visitors with visitor profiles.
Under the GDPR, ‘personal data’ is defined as any information that can be used to identify an individual.
Any company that unlawfully destroys, alters, discloses or accesses personal data is in breach of the GDPR and could face fines of up to €20 million ($32.5 million) or four per cent of annual global turnover, whichever is greater.
Ryan said the ‘Push Pages’ were discovered after analysing a log of his web browsing history.
“Analysis of the network log shows that the Data Subject’s personal data has been processed in Google’s Authorized Buyers RTB system,” said Ryan.
“It further shows that Google has also facilitated the sharing of personal data about the Data Subject between other companies.
“Push Pages, therefore, appear to be a workaround of Google’s own stated policies for how RTB should operate under the GDPR.”
Google has responded, telling the Financial Times it doesn’t serve “personalized ads or send bid requests to bidders without user consent”.
Google is currently under investigation by the Irish Data Protection Commission (DPC) for allegedly violating the GDPR.
Please login with linkedin to comment
In a year where ‘business as usual’ is anything but, AFR BOSS reveals six of Australia’s most inspirational and outstanding young leaders who excelled during the pandemic. The six have been crowned the 2021 BOSS Young Executives in the prestigious awards program, now in its 18th year. Run in conjunction with global leadership consulting firm […]
HUMAN Security (formerly White Ops) today announced two new founding Human Collective members: Index Exchange and MediaMath. Together they participated in thought-provoking panel discussions during the recent IAB Tech Lab CTV & Video Advertising: Growing with Standards virtual event where they emphasized how important it is to work together in the fight against fraud on […]
SCA has announced the appointment of Cathrine McVeigh to head of audio production and operations. She will be part of the content leadership team. In the newly created role, McVeigh will oversee the creation of SCA’s new audio production and content operations hub and lead a combined team across the country to deliver a rapidly […]