Blockchain-powered decentralized browser operator Brave () has filed a formal General Data Protection Regulation (GDPR) complaint against Google, stating that the search engine giant has violated regulations pertaining to its users’ data.
Brave claims Google has violated Article 5(1)b of the GDPR, a European Union data protection and privacy law that came into force on May 25, 2018.
Johnny Ryan, Brave’s Chief Policy and Industry Relations Officer, filed the complaint with the Irish Data Protection Commission, Google’s lead GDPR regulator in the EU.
Ryan says that by collecting personal data collected from users worldwide across its platforms, such as its search engine and YouTube, Google has effectively built a monopoly.
Brave has also petitioned the European Commission, as well as a number of European competition watchdogs – including Germany’s Bundeskartellamt, the UK Competition and Markets Authority and France’s Autorite de la Concurrence.
Brave said, in a statement,
“The GDPR purpose limitation principle requires that organizations internally ring-fence personal data and use it only for the narrow purpose it was collected for. Brave’s evidence shows that Google’s internal data free-for-all is unlawful.”
The company added,
“For six months, Johnny Ryan of BRAVE tried to learn what Google does with his data. Brave has now sought recourse from the [Irish] regulator to force Google to reveal what it does with everybody’s personal data. New Brave evidence […] offers a glimpse of what Google does with everyone’s personal data: hundreds of ill-defined processing purposes, and unknown legal bases.”
Brave has released a dossier of 100 documents its says Google has drafted for a variety of business clients, tech partners, lawmakers, developers.
