Ireland Authority Imposes 5.5 Billion Euro Fine for Inadequate Targeted Advertising Consent

The Irish Data Protection Commission (DPC) has imposed a fine of 5.5 billion euros on Google for inadequate consent obtained from users for targeted advertising purposes. The DPC, which is the lead data protection authority in Ireland, found that Google had not adequately informed its users about how their personal data was being used and had failed to obtain valid consent from them. The investigation into Google’s practices began in May 2018 after the European Union’s General Data Protection Regulation (GDPR) came into effect. Under GDPR, companies must provide clear and concise information to users about how their personal data is being used and obtain explicit consent before processing it. Google argued that it had obtained valid consent from its users but the DPC disagreed, finding that Google’s methods were “inadequate” and “not transparent enough” to meet GDPR requirements. The fine imposed by the DPC is one of the largest ever issued under GDPR and sends a strong message to other companies about the importance of obtaining proper user consent when processing personal data. In response to the ruling, Google said it was “disappointed” with the decision but would comply with it fully. It also noted that since 2018 it has made significant changes to its policies and processes related to user privacy and data protection in order to ensure compliance with GDPR requirements going forward.