Johnny Ryan – Court Ruling (Ireland, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A court ruled on a case involving Johnny Ryan's complaint against Google for its data processing practices. The complaint raised concerns about Google’s targeted advertising system and its potential data breaches. This ruling is crucial as it indicates ongoing scrutiny of big tech companies and their data handling practices.
What happened
The court addressed a complaint about Google’s real-time bidding system for targeted advertising.
Who was affected
Individuals whose personal data was potentially mishandled by Google’s advertising practices.
What the authority found
The court noted that the inquiry into Google’s practices would continue, focusing on transparency and legal compliance.
Why this matters
This case highlights the importance of data security and transparency in online advertising. It signals that complaints against large companies will be taken seriously and investigated thoroughly.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
On 12 September 2018, a data subject submitted a petition to the DPC concerning Google Ireland Ltd’s (the controller) data processing for targeted advertising through its real time bidding (RTB) online advertising system. A petition is an informal request which does not give a petitioner party rights in a GDPR procedure. Thus, in 2019, the data subject followed up his petition with a complaint alleging violations of Articles 5(1)(a), (c) and (f) GDPR. In particular, the complaint emphasised the lack of adequate safeguards to ensure the integrity of personal data. The complaint claimed that the controller’s use of the RTB system on millions of websites and broadcasting of personal and sometimes sensitive data to other tracking companies with no controls constituted the biggest data breach ever seen. In January 2020, the DPC informed the data subject that it had initiated an ex officio inquiry into substantially the same issues as the complaint. While the DPC confirmed that the data subject’s case was being treated as a complaint, the DPC also said that it was examining matters in the context of an inquiry that could substantially overlap with and influence the outcome of the complaint. Thus, it stated that it would handle the complaint in line with and based upon the progress of the inquiry. As the inquiry unfolded, it became clear that the data subject and DPC disagreed about how confidentiality and security concerns were implicated. The scope of the DPC's inquiry focused on legal basis and transparency issues rather than the Article 5(1)(f) GDPR claims. In several communications, the DPC stressed that it would “continue[] to have an open mind in relation to the central matters” of the inquiry and that when it resumed its examination of the Complaint, it would again consider whether issues relating to data security should be the subject of scrutiny. It also noted that the result of its investigation may end up being functionally the same, with the effect that the
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Johnny Ryan in IE
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Johnny Ryan - Ireland (2024). Retrieved from cookiefines.eu
Last updated: