The UK’s data watchdog has restarted an investigation of adtech practices that, since 2018, have been subject to scores of complaints across Europe under the bloc’s General Data Protection Regulation (GDPR).
The complaints contend that the high-velocity trading of Internet users’ data can’t possibly comply with GDPR’s requirement that such information is adequately secured.
Other concerns attached to real-time bidding (RTB) focus on consent, questioning how this can meet the required legal standard with data being broadcast to so many companies — including sensitive information, such as health data or religious and political affiliation and sexual orientation.
Since the first complaints were filed, the UK’s Information Commissioner’s Office (ICO) has raised its concerns over what it said are systemic problems with lawfulness in the adtech sector. But last year announced it was pausing its investigation on account of disruption to businesses from the COVID-19 pandemic.
Today it said it’s unpausing its multi-year probe to keep on prodding.
In an update on its website, ICO deputy commissioner Simon McDougall, ICO, who takes care of “Regulatory Innovation and Technology” at the agency, writes that the eight-month freeze is over. And the audits are coming. We have now resumed our investigation,” he says. “Enabling transparency and protecting vulnerable citizens are priorities for the ICO. The complex system of RTB can use people’s sensitive personal data to serve adverts and requires people’s explicit consent, which is not happening right now.