IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Irish data regulator investigating Google and Tinder for data processing violations

Both companies face an "own-volition statutory inquiry" after complaints made to the regulators

The Irish Data Protection Commission (DPC) is investigating complaints made about Google and Match Group for alleged GDPR violations.

The DPC said it had received a number of complaints from across the EU, in which concerns were raised with regard to Google's processing of location data.

For Match Group, also known as MTCH Technology Services, the commission said it had been monitoring complaints regarding possible "systemic" data protection issues on its Tinder platform. These issues pertain to the ongoing processing of users personal data and the transparency surrounding it.

"The DPC has commenced an own-volition Statutory Inquiry, with respect to MTCH Technology Services Limited, pursuant to section 110 of the Irish Data Protection 2018 law and in accordance with the cooperation mechanism outlined under Article 60 of the GDPR," the regulator said. 

"The Inquiry of the DPC will set out to establish whether the company has a legal basis for the ongoing processing of its users' personal data and whether it meets its obligations as a data controller with regard to transparency and its compliance with data subject right's (sic) requests."

Related Resource

Building a modern information governance strategy

How to rethink your approach to develop a more modern information governance strategy

Download now

IT Pro has approached Match Group for comment. 

Google will also face an "own-volition statutory inquiry" that will set out to establish whether the tech giant has a valid legal basis for processing the location data of its users and whether it meets its obligations as a data controller with regard to transparency. These will also fall under section 110 of Ireland's 2018 data protection law and in accordance with the cooperation mechanism outlined under Article 60 of the GDPR. 

"We will cooperate fully with the office of the Data Protection Commission in its inquiry, and continue to work closely with regulators and consumer associations across Europe," a Google spokesperson told IT Pro. "In the last year, we have made a number of product changes to improve the level of user transparency and control over location data."

What is interesting this time is that the DPC's statement refers expressly to Article 60, according to GDPR specialist lawyer Frank Jennings. This, he told IT Pro, indicates that it wants to take the lead over the investigation, expecting the other EU authorities to fall in line and cooperate. 

"For now, while the UK remains part of the EU, the UK Information Commissioner will cooperate too but, with a no-deal Brexit a possibility at the end of the year, the UK will become a 'third country' and will fall outside data fortress Europe and the cooperation regime."

Featured Resources

Accelerating AI modernisation with data infrastructure

Generate business value from your AI initiatives

Free Download

Recommendations for managing AI risks

Integrate your external AI tool findings into your broader security programs

Free Download

Modernise your legacy databases in the cloud

An introduction to cloud databases

Free Download

Powering through to innovation

IT agility drive digital transformation

Free Download

Most Popular

Actively exploited server backdoor remains undetected in most organisations' networks
cyber attacks

Actively exploited server backdoor remains undetected in most organisations' networks

1 Jul 2022
Former Uber security chief to face fraud charges over hack coverup
data breaches

Former Uber security chief to face fraud charges over hack coverup

29 Jun 2022
Why India wants to become a chipmaking powerhouse
components

Why India wants to become a chipmaking powerhouse

28 Jun 2022