Google in cross hairs of Irish data protection authority for location tracking

PRESS RELEASE - 04.02.2020

The Irish data protection commission (DPC) announced today that it will start a formal investigation into Google’s practices to track the location of consumers. The investigation follows a series of complaints by several national consumer groups across the EU, all BEUC member organisations, in November 2018. [1] The Irish DPC is the authority in charge of dealing with these complaints.

 

BEUC’s members, representing individual consumers, referred Google to their national data protection authorities in relation to how the company tracks its users’ location. The information about the places we visit like bars, shops, places of worship grant companies like Google the power to draw conclusions about our personality, religion or sexual orientation, which can be deeply personal traits.

Consumer organisations argue that the consent to “share” users’ location data was not freely given and consumers were tricked into accepting privacy-intrusive settings. Such practices are not compliant with the EU’s data protection law GDPR.

It is good that the Irish data protection commission has eventually decided to go forward with this investigation into Google’s massive location data collection. European consumers have been victim of these practices for far too long. BEUC expects the DPC to investigate Google’s practices at the time of our complaints, and not just from today. It is also important that the procedural rights of consumers who complained many months ago, and that of our members representing them, are respected.

Monique Goyens, Director General of The European Consumer Organisation (BEUC), said:

“Consumers should not be under commercial surveillance. They need authorities to defend them and to sanction those who break the law.

“Considering the scale of the problem, which affects millions of European consumers, this investigation should be a priority for the Irish data protection authority. As more than 14 months have passed since consumer groups first filed complaints about Google’s malpractice, it would be unacceptable for consumers who trust authorities if there were further delays. The credibility of the enforcement of the GDPR is at stake here.”

In November last year, 12 months after the initial complaint, BEUC and its member groups sent letters to the Irish and national data protection bodies to remind them about the urgency of the issue. [2]

ENDS
[1] Forbrukerrådet (Norway), Consumentenbond (The Netherlands), Ekpizo (Greece), dTest (Czech Republic), Zveza Potrošnikov Slovenije (Slovenia) and Sveriges Konsumenter (Sweden). Our press release from November 2018: http://bit.ly/2SeOcet
[2] Our letter to Irish data protection commissioner Helen Dixon: http://bit.ly/2RUBjHm