Brussels (Brussels Morning) New privacy complaints in six EU member states target US tech giant Google and digital advertisers as of Thursday. At issue is the real-time bidding system through which they sell ads to potential advertisers, Reuters reported today.
Google and members of the Interactive Advertising Bureau (IAB), a lobbying group of more than 650 media and tech companies that sets industry standards, use the real-time bidding system by which tech companies collect users’ browsing histories and send the data to potential advertisers to bid for ad placement.
The information is shared without users’ consent and may contain intimate personal data.
The Civil Liberties Union for Europe (Liberties), the Open Rights Group and the Panoptykon Foundation, human rights groups from Germany, the UK and Poland, respectively, helped their counterparts in Croatia, Cyprus, Greece, Malta, Portugal and Romania to file complaints to their respective national privacy watchdogs.
Complaints about the bidding system, which is central to today’s online advertisers, and breaches of EU privacy regulations have been filed in 15 EU member states since 2018. Liberties’ senior advocacy officer Orsolya Reich says the advertising model is invasive, and adds that it is high time data protection authorities stepped in and to end these “harmful and illegal practices.”
She notes that more and more civil society groups are standing up to protest the business model. The group, she notes, has also called on privacy bodies in the six EU member states to work in tandem with supervisors in Belgium and Ireland since they too are examining similar complaints.
The group stresses the importance of a joint investigation because “real-time bidding functions in the same way across borders and produces the same negative effects in all EU member states.”
Google and IAB’s position
Google previously announced its willingness to comply with the EU’s General Data Protection Regulation (GDPR), even stressing that it had already put privacy protections in place in consultation with EU regulators.
Earlier this week, the IAB rejected the Belgian data enforcer’s preliminary report, claiming it shows deep misunderstanding of the industry standard that companies use to comply with the GDPR.