GDPR: one year on
- By Paul Sullivan
It is one year since the General Data Protection Regulation (GDPR) came into effect.
Although we have yet to see the Information Commissioner’s Office (ICO) really flex its new muscle to impose fines of up to €20m (or 4% of turnover – whichever is greater), there are no grounds to be complacent.
Indeed, in the Republic of Ireland, the Data Protection Commission (DPC) recently announced that a statutory inquiry been commenced in respect of Google Ireland Limited’s processing of personal data in the context of its online Ad Exchange. The 2018 turnover of Google Ireland Limited was reportedly €32bn.
The purpose of the DPC's inquiry is to establish whether processing of personal data carried out at each stage of an advertising transaction is in compliance with the GDPR and specifically the principles of transparency and data minimisation as well as retention.
For more information about this article, or any other aspect of our business and personal legal solutions, get in touch. It costs nothing to have a wee chat...