Irish data regulator investigating Google and Tinder for data processing violations

Both companies face an "own-volition statutory inquiry" after complaints made to the regulators

The Irish Data Protection Commission (DPC) is investigating complaints made about Google and Match Group for alleged GDPR violations.

The DPC said it had received a number of complaints from across the EU, in which concerns were raised with regard to Google's processing of location data.

For Match Group, also known as MTCH Technology Services, the commission said it had been monitoring complaints regarding possible "systemic" data protection issues on its Tinder platform. These issues pertain to the ongoing processing of users personal data and the transparency surrounding it.

"The DPC has commenced an own-volition Statutory Inquiry, with respect to MTCH Technology Services Limited, pursuant to section 110 of the Irish Data Protection 2018 law and in accordance with the cooperation mechanism outlined under Article 60 of the GDPR," the regulator said. 

Advertisement - Article continues below
Advertisement - Article continues below

"The Inquiry of the DPC will set out to establish whether the company has a legal basis for the ongoing processing of its users' personal data and whether it meets its obligations as a data controller with regard to transparency and its compliance with data subject right's (sic) requests."

Related Resource

Building a modern information governance strategy

How to rethink your approach to develop a more modern information governance strategy

Download now

IT Pro has approached Match Group for comment. 

Google will also face an "own-volition statutory inquiry" that will set out to establish whether the tech giant has a valid legal basis for processing the location data of its users and whether it meets its obligations as a data controller with regard to transparency. These will also fall under section 110 of Ireland's 2018 data protection law and in accordance with the cooperation mechanism outlined under Article 60 of the GDPR. 

"We will cooperate fully with the office of the Data Protection Commission in its inquiry, and continue to work closely with regulators and consumer associations across Europe," a Google spokesperson told IT Pro. "In the last year, we have made a number of product changes to improve the level of user transparency and control over location data."

What is interesting this time is that the DPC's statement refers expressly to Article 60, according to GDPR specialist lawyer Frank Jennings. This, he told IT Pro, indicates that it wants to take the lead over the investigation, expecting the other EU authorities to fall in line and cooperate. 

"For now, while the UK remains part of the EU, the UK Information Commissioner will cooperate too but, with a no-deal Brexit a possibility at the end of the year, the UK will become a 'third country' and will fall outside data fortress Europe and the cooperation regime."

  • General Data Protection Regulation (GDPR)
Featured Resources

Digital Risk Report 2020

A global view into the impact of digital transformation on risk and security management

Download now

6 ways your business could suffer if you don’t backup Office 365

Office 365 makes it easy to lose valuable data regularly, unpredictably, unintentionally, and for good

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now

8 digital best practices for IT professionals

Don't leave anything to chance when going digital

Download now

Most Popular


How to use Chromecast without Wi-Fi

5 Feb 2020
operating systems

How to fix a stuck Windows 10 update

12 Feb 2020

The top ten password-cracking techniques used by hackers

10 Feb 2020

Microsoft to add Defender antivirus software to Linux, iOS and Android

21 Feb 2020