Curious statement from the Data Protection Commission this evening. Is the DPC saying it has only just become aware of MAIDs (mobile device advertising identifiers)? Or location data? Or the particular company selling them? Many data brokers sell these data. Why has the DPC refused for years (since 2017) to investigate the security issue in RTB that is the source of so much of this?
Its a mystery to me why this appears to be 'news' to the DPC... its well past time for them to raise their game...
A DPC/Gemserv recommendation from 2014/15 contained in PIA relating to Eircode. The recommendation was never undertaken.
An oversight within oversight! The mind boggles!
Not sure I’ve ever come across a geolocation vendor located in Ireland 🤔 So what happens if they’re like in the US or Malaysia for eg? Nada? Even better if they are registered data brokers I suppose 🤪
Data Protection & AI Consultant | Author of the Data Protection Implementation Guide, A Legal, Risk and Technology Framework for the GDPR | Qualified Irish Solicitor, NY Attorney & FCCA | Consultant Founder, Mighty Trust
3dThe DPC considers from my experience that it only has statutory remit to investigate individual controllers based on a complaint from an individual and not whole sectors. Johnny Ryan you should be well aware of this after many years as Helen Dixon had stated over the years she had no pathways to look at sectors. Do you consider this analysis incorrect?