Online advertising group fined for tool that violates EU privacy law

IAB Europe, an association of online advertising companies, was fined €250,000 and given an ultimatum by Belgium’s data watchdog for developing an ad targeting tool that violated regional data protection law. Protection of private life.

“Strong penalties” were needed because the tool “could, for a large number of citizens, lead to a loss of control over their personal data”, the Belgian data protection agency said in an emailed statement on Wednesday. .

In addition to the fine, the advertising group has been ordered to put in place a “series of remedies” to comply with European Union rules.

The findings stem from proceedings brought by complainants to the Belgian Data Protection Authority, coordinated by the Irish Civil Liberties Council.

“It’s been a long battle,” said Dr Johnny Ryan of the Irish Council for Civil Liberties.

“Today’s decision frees hundreds of millions of Europeans from consent spam and the deeper risk that their most intimate online activities will be transmitted by thousands of companies.”

IAB Europe’s so-called Transparency and Consent Framework enables websites and publishers to obtain consent from users for the processing of their personal data for targeted advertising purposes.

Real-time bidding

The tool aims in particular to facilitate real-time bidding, an advertising technology used by publishers. Companies such as Google are coming under increased scrutiny in Europe over the allegedly harmful way people’s data is processed in advertising transactions.

Google is also under Irish investigation over its use of data in advertising transactions and has announced changes to real-time bidding to better protect people’s privacy.

IAB Europe said it had “serious reservations” about the authority’s decision. The group rejected the regulator’s conclusion that IAB Europe can be held liable for this data, saying it “will have major unintended negative consequences that go far beyond the digital advertising industry”.

He said he was “considering all options” for a legal challenge. The EU’s General Data Protection Regulation came into force in May 2018 and allowed national data watchdogs to impose fines of up to 4% of a company’s annual turnover for breaches. the most serious. –Bloomberg