Updates on the adtech probe

Concise updates about the latest developments in the GDPR complaints against the data breach at the heart of the IAB and Google "real-time bidding" adtech system.

In September 2018, Brave initiated a campaign of formal GDPR complaints against Google and the IAB’s “real-time bidding system” (RTB), which leaks the personal data of Internet users hundreds of billions of times a day. This is a sample of the evidence submitted to European data protection authorities so far.

The campaign for GDPR action to fix the Google and IAB real-time bidding system now includes Brave, the Open Rights Group, Dr Michael Veale of the Turing Institute, the Panoptykon Foundation, Bits of Freedom, Eticas Foundation, Exigo, Dr Jef Ausloos of the University of Amsterdam, Pierre Dewitte of the University of Leuven, Liberties.eu, the Society for Civil Rights, Digitale courage, Digitale Gesellschaft, Netzwerk Datenschutzexpertise, Deutsche Vereinigung für Datenschutz, the Italian Coalition for Civil Rights and Freedoms, the Bulgarian Helsinki Committee, the Association for the Defense of Human Rights in Romania, the Italian Coalition for Civil Rights and Freedoms, the Estonian Human Rights Centre, the Peace Institute. 

Click here to see selected evidence submitted to data protection authorities.

Sign up for future Brave Insight notes on policy matters
Competition issues in digital markets

Competition issues in digital markets

Oct 7, 2019

This note presents a submission from Dr Johnny Ryan of Brave, and Dr Orla Lynskey of the London School of Economics, to the UK Competition & Markets Authority. 
Response to IAB Europe statement on its failure to answer the Irish Data Protection Commission

Response to IAB Europe statement on its failure to answer the Irish Data Protection Commission

Aug 13, 2019

Dr Johnny Ryan responds to a statement from IAB Europe regarding its failure to answer the Irish Data Protection Commission. Four months on, both I and the Data Protection Commission are still waiting for the first explanation of how “IAB Europe is confident that the way it obtains consent for the use of cookies on its website complies with the requirements of the law”.
Ad Tech GDPR complaint is extended to four more European regulators

Ad Tech GDPR complaint is extended to four more European regulators

May 20, 2019

GDPR complaints about Real-Time Bidding (RTB) in the online advertising industry were filed today with Data Protection Authorities in Spain, the Netherlands, Belgium, and Luxembourg. The complaints detail the vast scale of personal data leakage by Google and other major companies in the “Ad Tech” industry.
French regulator shows deep flaws in IAB’s consent framework and RTB

French regulator shows deep flaws in IAB’s consent framework and RTB

Nov 20, 2018

French regulator's decision against Vectaury confirms that IAB “Transparency & Consent Framework” does not obtain valid consent, and illustrates how even tiny adtech companies can unlawfully gather millions of people’s personal data from the online advertising “real time bidding system” (RTB).