Google's lesson is one we could all learn

The story about Google and its hefty fine for breach of GDPR is perhaps a reminder to all of us about the seriousness of data protection.

Whilst the Information Commissioners Office (ICO) said in the early days of the legislation that GDPR would land fairly softly, actually, the first complaint was filed on the same day the legislation took effect. It was around the same time, May 2018, when complaints against Google started to come in, as it was believed there was a lack of transparency around their advertising policy.

Two privacy rights groups filed the complaints around inadequate information and lack of valid consent regarding the personalisation of advertising. What’s more, these privacy rights groups claimed there was no valid legal basis for Google to process user date for the personalisation of ads – something which is strictly outlined in GDPR legislation.

The outcome was ruled against Google, with findings stating that users were not able to fully understand the extent of the processing operations being carried out. When under investigation, it was also found that Google has no valid legal basis to process user data in this way.

Google has now been fined 50 million Euros.

However, whilst Google is in the spotlight, they are not alone. A number of tech giants are currently under investigation for failing to comply with GDPR regulations around the right to access. When under investigation by NOYB, a separate privacy rights group, Amazon, Apple, Spotify and YouTube were amongst the culprits in either delaying access or providing unintelligible data.

Put simply, GDPR legislation was introduced to allow for transparency around our personal data and how it is held by companies. The rule of thumb is generally that data should be both machine readable and easily understood by customers. It should also be produced in an acceptable time frame in accordance with the right to access guidelines.

Let’s use Google as a reminder to us all that data privacy is extremely important – and the ICO will follow up complaints and issue big fines for those who do not comply.

If you would like some further information about GDPR compliance, contact Downs Solicitors to see how we can help.


David Seals

David Seals

Partner

Tel: +44 (0) 1306 502218

Office: Dorking Office

Email: d.seals@downslaw.co.uk

Complaints ProcedureContact usSitemap

Cobham Office

15A High Street
Cobham
Surrey
KT11 3DH

T: 01932 589599
F: 01932 505087

SRA: 631669.

Dorking Office

156 High Street
Dorking
Surrey
RH4 1BQ

T: 01306 880110
F: 01306 471230

SRA: 446286

Godalming Office

The Tanners
75 Meadrow
Godalming
Surrey
GU7 3HS

T: 01483 861848
F: 01483 431965

SRA: 446294

 Downs Solicitors LLP is a limited liability partnership registered in England and Wales, registered number is OC 321831
Registered office: 156 High Street, Dorking, Surrey, RH4 1BQ. VAT number: GB 209927442

A list of members names is available for inspection at the above address
Authorised and reguated by the Solicitors' Regualtion Authority SRA: 446286. 

© Copyright 2015 - 2024