IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Oracle hits back at "meritless" GDPR lawsuit

The Privacy Collective is accusing Oracle and Salesforce of collecting and sharing cookie tracking data without consent

A class-action lawsuit has accused Oracle and Salesforce of breaching GDPR rules with the way they process and share personal data through third-party cookies.

Non-profit organisation The Privacy Collective has filled the lawsuit accusing the two tech firms of misusing consumers personal data through 'Bluekai' and 'Krux', which are cookies used for dynamic ad pricing services.

Oracle's EVP and general counsel Dorian Daley hit back at The Privacy Collective with a strong statement that called the lawsuit "meritless action based on deliberate misrepresentations of the facts".  

"As Oracle previously informed the Privacy Collective, Oracle has no direct role in the real-time bidding process (RTB), has a minimal data footprint in the EU, and has a comprehensive GDPR compliance program," Daley said in a statement. 

"Despite Oracle's fulsome explanation, the Privacy Collective has decided to pursue its shake-down through litigation filed in bad faith. Oracle will vigorously defend against these baseless claims." 

The lawsuit has been filed in Amsterdam, with a similar claim to be filed at the High Court of London later in August. The Privacy Collective said the Dutch case is the biggest-ever class action in the country that concerns the GDPR and could cost Oracle and Salesforce up to €10 billion. 

Under the GDPR, consent for processing personal data must be informed, specific and freely given. The "Bluekai' and 'Krux', cookies are hosted on a number of websites, such as Comparethemarket, Dropbox and Ikea. The Privacy Collective is accusing Salesforce and Oracle of sharing cookie data from harmful ads with hundreds of other companies via a real-time bidding process, without the proper consent or knowledge of the user. 

"Everyone who has ever used the internet is at risk from this technology. It may be largely hidden but it is far from harmless," said Dr Rebecca Rumbul, class representative and a claimant on the suit in England. "If data collected from internet use is not adequately controlled, it can used to facilitate highly targeted marketing that may expose vulnerable minors to unsuitable content, fuel unhealthy habits such as online gambling or prey on other addictions."

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Most Popular

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

13 May 2022
Preparing for the 3G sunset
Network & Internet

Preparing for the 3G sunset

18 May 2022
(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security
Careers & training

(ISC)2 launches free scheme to get 100,000 UK citizens into cyber security

17 May 2022