The Irish Data Protection Commission (DPC) exists to uphold data privacy rights and enforce GDPR requirements in Ireland. But their recent track record has raised some concerns. In September 2021, the Irish Council for Civil Liberties (ICCL) claimed that the DPC focused on new privacy legislation at the expense of GDPR enforcement, which could potentially allow privacy violations to go unchecked for a long time. And earlier this week, the ICCL explained that they believe the DPC had failed to counter the largest data breach in history.

“This is the Largest Data Breach Ever”

According to the ICCL’s press release, the DPC received official GDPR complaints about Google’s Real-Time Bidding (RTB) system and its use of private data in September 2018. The RTB system, which determines which ads you see when a website loads, collects and transmits massive amounts of private data in a fraction of a second. This provides all kinds of companies and organizations with sensitive information, and places virtually no restrictions on how this data can be used. This clearly violates GDPR principles regarding data security and privacy. The ICCL has labeled this “the largest data breach ever”.

When informed about this, the DPC waited nearly 7 months until launching an inquiry in May 2019. Only in January 2022 did the DPC publicly release a list of issues that they planned to investigate. The ICCL announced this week that they are suing the DPC for their inaction on the complaints.

Google Continues to Clash with GDPR

Between a $57 million fine in 2020, the recent scrutiny of Google Analytics, and now the ICCL’s lawsuit, Google and the GDPR clash regularly. It’s unclear how long it will take for Google to make substantial changes. What is clear, however, is Europe’s commitment to enforcing the GDPR and demanding that their governments take action against questionable data usage.

Keeping Your GDPR Compliance on Track

The ICCL believes that Google’s data collection and usage habits violate the GDPR. This could prove to be a costly mistake on Google’s part. If there’s one primary takeaway from this story, it’s this: if even Google itself can be fined for privacy law violations, what could happen to a smaller company in the same boat?

Fortunately, you don’t have to find out. With 4Comply, our specially developed privacy compliance software for managing customer consent, you can easily continue to maximize your marketing efforts while staying fully compliant. 4Comply ensures that you use customer data only as relevant privacy laws permit. Even better, all your activity is recorded so you can prove your compliance whenever needed. Interested in learning more? Contact us today for a free demo.