Swipe Insight Swipe Insight Logo

Microsoft's AdTech Arm Xandr Accused of Breaching EU Privacy Regulations

July 10, 2024 at 9:20:40 AM

TL;DR Microsoft-owned adtech business Xandr faces a GDPR complaint in Italy, supported by privacy group noyb. Xandr is accused of transparency failings and data access rights breaches, allegedly denying all data access and deletion requests. The complaint could lead to fines up to 4% of Microsoft's global turnover. Xandr claims pseudonymous data exempts it from GDPR compliance, but noyb argues this is not credible.

Microsoft's AdTech Arm Xandr Accused of Breaching EU Privacy Regulations

Microsoft-owned adtech company Xandr is facing a complaint from the European privacy advocacy group noyb, alleging GDPR violations. The complaint, filed in Italy, accuses Xandr of failing to provide transparency and breaching data access rights for individuals in the EU. If successful, this could result in fines up to 4% of Microsoft's global annual turnover.

Key Allegations

  • Transparency Failings: Xandr is accused of not responding to data access requests, thus violating GDPR Articles 5(1)(c) and (d); 12(2); 15 and 17.
  • Inaccurate Data: The complaint claims that Xandr holds inaccurate information about individuals, impacting the quality of its ad targeting services.
  • Non-compliance with Data Access Requests: Xandr allegedly denied all access and deletion requests in 2022, citing the pseudonymous nature of the data as a reason for non-compliance.
  • High Levels of Inaccuracy: Research indicates that Xandr's data on individuals is often contradictory and inaccurate, raising questions about its ad targeting efficacy.

Regulatory Risks

  • Acquisition Background: Microsoft acquired Xandr in late 2021 to bolster its digital advertising business. However, this acquisition has introduced regulatory risks.
  • Data Access Metrics: Xandr's own web page reveals it denied all 1,294 access requests and 600 deletion requests in 2022, claiming it couldn't verify the identity of the requestors.
  • Legal Implications: GDPR considers pseudonymous data as personal data, requiring compliance with data access rights. The European Data Protection Board (EDPB) guidelines suggest adtech companies should be able to identify individuals requesting data access.

Inaccuracy and Data Quality

  • Contradictory Data: Data obtained from Xandr's supplier, emetriq, showed wildly inaccurate and contradictory personal data about individuals, questioning the reliability of Xandr's ad targeting.
  • Potential Misuse: The chaotic variety of conflicting information could allow Xandr to sell the same user profile differently to various business partners.

The noyb-backed complaint against Xandr underscores significant GDPR compliance issues, particularly around data access and accuracy. The outcome could have substantial financial and operational implications for both Xandr and its parent company, Microsoft.

Have more questions on this topic? Ask our AI assistant for in-depth insights.

Read more from sources 👇

noyb
noyb
- Microsoft-owned adtech business Xandr faces a GDPR complaint in Italy, supported by privacy group noyb. Xandr is accused... Visit Source Open external source URL

The Only Digital Marketing Feed You'll Ever Need.

Stay informed your way. Tailored updates when and how you want them. 100% Free.

10,000+ Users

500+ Sources

1000+ Tools

Or

Related Posts

The Ultimate Google Analytics Audit Tool

The Ultimate Google Analytics Audit Tool

Sponsored
GA4 Auditor
GA4 Auditor

Verified Sponsor

Verified Sponsor

GA4 Auditor is a Verified Sponsor. Want to get featured here? Contact us.

Verified Sponsor
Open Source
Google Argues Closed Ad Ecosystem Enhances Security Amid DOJ Antitrust Claims

Google Argues Closed Ad Ecosystem Enhances Security Amid DOJ Antitrust Claims

Paid Search Compliance Monitoring +1 more
Google Faces Scrutiny Over 'Off the Record' Chats in Antitrust Trial

Google Faces Scrutiny Over 'Off the Record' Chats in Antitrust Trial

Compliance Monitoring SEO
EU Court Upholds $2.65B Fine Against Google for Antitrust Abuse Trending ️‍🔥

EU Court Upholds $2.65B Fine Against Google for Antitrust Abuse

Paid Search Compliance Monitoring +1 more
DOJ vs Google Battle Over Ad Tech Monopoly Control Begins

DOJ vs Google Battle Over Ad Tech Monopoly Control Begins

Paid Search Compliance Monitoring +1 more
Meta Rolls Out Secure Third-Party Chat Interoperability in Europe

Meta Rolls Out Secure Third-Party Chat Interoperability in Europe

Compliance Monitoring Facebook +2 more
Meta
Meta

Official Source

Official Source

Meta is a Official Source. The source has been verified by Swipe Insight team.

Official Source
Yelp Files Antitrust Lawsuit Against Google Following DOJ Victory

Yelp Files Antitrust Lawsuit Against Google Following DOJ Victory

Compliance Monitoring Local SEO
Google Suggests Advertisers Target Teens, Violating Own Policies

Google Suggests Advertisers Target Teens, Violating Own Policies

Google Ads Compliance Monitoring

Related Tools

GA4 Auditor logo

GA4 Auditor

Verified Tool

Verified Tool

GA4 Auditor is a Verified Tool. Want to get this badge? Contact us.

Verified Tool

Automated GA4 audits with actionable insights

Data Analysis
Open in new tab

Get Featured Here

Showcase your tool in this list.

Contact Us