Irish data regulator investigating Google and Tinder for data processing violations

Both companies face an "own-volition statutory inquiry" after complaints made to the regulators

The Irish Data Protection Commission (DPC) is investigating complaints made about Google and Match Group for alleged GDPR violations.

The DPC said it had received a number of complaints from across the EU, in which concerns were raised with regard to Google's processing of location data.

For Match Group, also known as MTCH Technology Services, the commission said it had been monitoring complaints regarding possible "systemic" data protection issues on its Tinder platform. These issues pertain to the ongoing processing of users personal data and the transparency surrounding it.

Advertisement - Article continues below

"The DPC has commenced an own-volition Statutory Inquiry, with respect to MTCH Technology Services Limited, pursuant to section 110 of the Irish Data Protection 2018 law and in accordance with the cooperation mechanism outlined under Article 60 of the GDPR," the regulator said. 

"The Inquiry of the DPC will set out to establish whether the company has a legal basis for the ongoing processing of its users' personal data and whether it meets its obligations as a data controller with regard to transparency and its compliance with data subject right's (sic) requests."

Related Resource

Building a modern information governance strategy

How to rethink your approach to develop a more modern information governance strategy

Download now

IT Pro has approached Match Group for comment. 

Google will also face an "own-volition statutory inquiry" that will set out to establish whether the tech giant has a valid legal basis for processing the location data of its users and whether it meets its obligations as a data controller with regard to transparency. These will also fall under section 110 of Ireland's 2018 data protection law and in accordance with the cooperation mechanism outlined under Article 60 of the GDPR. 

Advertisement - Article continues below
Advertisement - Article continues below

"We will cooperate fully with the office of the Data Protection Commission in its inquiry, and continue to work closely with regulators and consumer associations across Europe," a Google spokesperson told IT Pro. "In the last year, we have made a number of product changes to improve the level of user transparency and control over location data."

What is interesting this time is that the DPC's statement refers expressly to Article 60, according to GDPR specialist lawyer Frank Jennings. This, he told IT Pro, indicates that it wants to take the lead over the investigation, expecting the other EU authorities to fall in line and cooperate. 

"For now, while the UK remains part of the EU, the UK Information Commissioner will cooperate too but, with a no-deal Brexit a possibility at the end of the year, the UK will become a 'third country' and will fall outside data fortress Europe and the cooperation regime."

  • General Data Protection Regulation (GDPR)
Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now

Most Popular

Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
data breaches

EasyJet faces class-action lawsuit over data breach

26 May 2020
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020