Latest updates: read more about the RTB complaints.
Dr Johnny Ryan responds to a statement from IAB Europe regarding its failure to answer the Irish Data Protection Commission.
When dealing with questions of trust, and competence, it is best to be very clear.
I made a complaint to the Irish Data Protection Commission, via my solicitors, about IAB Europe’s cookie wall on 2 April 2019. The complaint said that IAB Europe’s website infringes the GDPR. It also challenged IAB Europe’s guidance to the industry about the GDPR and consent. Here is a link to the full text of my complaint.
Last Friday morning, on 9 August, my solicitor received an email from the Data Protection Commission of Ireland (DPC). The DPC told us it had not received answers to even the preliminary questions it put to IAB Europe and that, to move the matter on, it has now forwarded the complaint to the Belgian Data Protection Authority.
Only IAB Europe knows the reason for its failure to respond. Belatedly, last Friday afternoon, it heatedly issued a statement that this failure didn’t represent a refusal to answer. IAB Europe did not give any explanation for why it had not answered the Irish Data Protection Commission.
Fours months ago, in April, the day after the complaint was lodged, IAB Europe said in a statement “We will issue a full rebuttal of Ryan and his employer’s accusations in due course”.
Now, four months later, we (both I and the Data Protection Commission) are still waiting for the first explanation of how “IAB Europe is confident that the way it obtains consent for the use of cookies on its website complies with the requirements of the law”.
The file has now been transferred to the Belgian Data Protection Authority. Under the GDPR, the Belgian Data Protection Authority has the power to compel answers from IAB Europe, if required.