Real-Time Bidding (RTB) systems are the subject of a spate of privacy complaints filed to the European Union, which implicate Google and other major companies for leaking personal data “hundreds of billions of times”.
The complaints have all been filed under Europe’s General Data Protection Regulation (GDPR), which was implemented almost exactly a year ago.
Eticas CEO Gemma Galdon Cavell, who filed one of the complaints in Spain, indicated that more still needs to be done when it comes to data protection and ad tech.
“We hope that this complaint sends a strong message to Google and those using Ad Tech solutions in their websites and products”, said Cavell.
“Data protection is a legal requirement must be translated into practices and technical specifications”.
Similar complaints have been issued to a total of seven EU companies concerning leaky ad techs.
The complaints accuse Google and the Ad Tech industry of sending distinctive information about a specific person’s device – including a person’s inferred religious, sexual and political characteristics and exact GPS location – to tens of thousands of companies in the form of “bid requests” through their RTB systems.
Google’s online advertising arm ‘Authorized Buyers’ (previously known as DoubleClick) is actively gathering data from 8.4 million websites.
What happens after this data has been collected is the subject of concern in the GDPR complaints.
Advocacy group ‘Fix AdTech’ points out that although Google has authorised over 2,000 companies to process this data, it stills relies on these companies to self-report if something goes wrong.
And while it is no secret that such techniques have been in place for years now, the complainants are arguing that this model is now in violation of the sweeping recently introduced GDPR laws.
In particular, Article 5 (1)(f) of the regulation requires personal data to be “processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss”.
The GDPR is known for its harsh punishments for businesses found to be in violation of any requirements.
The fines for the top tier of non-compliance is up to €20 million, or 4% annual global turnover – whichever is higher.
It is not yet clear how the EU and its local bodies will process the complaints.
In his latest guest post, B&T regular Robert Strohfeldt skewers marketers’ latest buzzword – purpose… I used to flick through the various newspapers cartoons each day – reckon it would be tough trying to create a cartoon each day, based on a major news story, that is both funny and insightful. Since the PC mob […]
MILO Cereal has launched its first major marketing campaign for its newly launched Protein cereal, via independent creative communications agency Connecting Plots. Building on MILO’s brand message of fuelling active kids, the new campaign platform, ‘Beast Mode – Activated’, evolves the master brand’s focus on team sports. This aims to celebrate how MILO Protein helps […]
Flight Centre has unveiled a new look and a global brand campaign that poses a tongue-in-cheek challenge to Aussie travellers. The launch also marks the brand’s first global campaign across Australia, New Zealand, the UK, Canada and South Africa, highlighting Flight Centre’s collective travel expertise. Created by Flight Centre Australia’s in-house creative team, ‘There’s Nowhere […]