In an unusual lawsuit, the Civil Liberties Council of Ireland (ICCL) is prosecuting the nation’s data protection regulator (DPC), for not being responsive to a case filed by one of its senior members.
The core of this lawsuit is the complaint filed by Johnny Ryan, a senior fellow of ICCL who asked DPC to look into Google’s online ad bidding process.
Ryan claimed that the RTB (realtime bidding) of Google is filthy, as the high-velocity trading of web users’ data isn’t justifiable. And since DPC didn’t take any serious action on it yet, Ryan through ICCL is pushing through a lawsuit now.
Suing Ireland’s Data Regulator
Ireland is one of the European nations that are concerned about its citizens’ data security. But, its data regulator is now strangled with a lawsuit from a civil liberties group, over its inaction regarding an important complaint. As per the local Irish reports, the nation’s Data Protection Commission is being sued by the Irish Civil Liberties Council (ICCL).
This is over the proper inaction of the regulator over a complaint pertaining to Google’s real-time bidding (RTB) process. In 2018, Johnny Ryan, also a senior fellow of ICCL now has filed a case with DPC regarding this. Ryan was an ad tech insider turned whistleblower, who’s been ramping up efforts in the EU region for stringent data protection laws and compliance.
Google’s RTB system selects the ads you see on millions of websites and apps.
It causes a data breach by broadcasting what you are looking at to other tracking companies every time a page loads.
Google’s documentation lists 1,500+ recipients.
Scrooooolllllling through the list. pic.twitter.com/MXQUBTHaSQ
— Johnny Ryan (@johnnyryan) March 14, 2022
He accused that Google’s RTB (real-time online ad auction) process isn’t justified by GDPR’s rules. Google has been actively trading the web users’ personal data for targeted ads, and their data-trading systems don’t pay proper attention to the security they should be offering while involved in this business.
Thus, calling this a “massive Google data breach”, Ryan complained to DPC years back. Though the regulator has announced some procedural steps, they aren’t effective in knowing the truth and justifying the GDPR laws. Thus, he’s now pressing charges against DPC through ICCL, where the Irish High Court has agreed to hear the suit soon.