The European Union introduced the General Data Protection Regulation (GDPR) one year ago, but has received a large numbers of complaints against Google's interpretation of it. Finally, the Irish Data Protection Commissioner (DPC) said that it is opening a probe to check whether the accusations are true.
According to Reuters, “a number of submissions, including from privacy-focsued web browser Brave” claim that when a person visits a website, personal data is broadcasted directly to tens or hundreds of companies without the consent of the user in order to auction and place targeted adverts.
The Irish DPC stated that an inquiry has been commenced in respect of Google Ireland and its Ad Exchange platform. It would establish whether Google is complying with the GDPR by considering the lawful basis for processing, the principles of transparency and data minimization.
Most of the US companies have offices in Dublin, Ireland, therefore they fall under the watch of the Irish DPC. Regulators are allowed to impose fines for violations of the GDPR regulations that can go as high as 4% of the global revenue or €20 million, whichever is higher. The regulator said earlier this month that 51 large-scale investigations are underway, 1/3 of them against tech companies like Twitter, LinkedIn, Apple, and Facebook subsidiaries.