Google is facing a new investigation in Ireland over alleged infringement of GDPR. Reuters is reporting that Google is being investigated by Ireland’s Data Protection Commission (DPC) after numerous complaints against the company’s way of handling its ad business.
Browser maker Brave’s Chief Privacy Officer was the first to file a formal complaint against Google, which triggered the investigation by the DPC. According to Brave, a “massive and ongoing data breach” in Google’s ad tech was leaking people’s personal data, including locations, inferred religious, sexual, political characteristics, what they are reading, watching, and listening to online, and unique codes that allow long term profiles about each person to be built up over time.
That easily violates the GDPR laws, which requires personal data to be tightly controlled and give users complete control over the data.
“A statutory inquiry pursuant to section 110 of the Data Protection Act 2018 has been commenced in respect of Google Ireland Limited’s processing of personal data in the context of its online Ad Exchange,” the Irish DPC said in a statement to Reuters.
Google could face large fines if it’s found guilty by the DPC. The company will face fines of up to 4% of its global revenue if the DPC founds it guilty of infringing GDPR, which would also require the tech giant to change the way its ad business works — at least in Europe.
It’s been almost a year since GDPR came into effect, and Google is one of the biggest companies to face investigations over GDPR infringement, while companies like Microsoft are calling for other countries like the US to introduce its own version of GDPR.