Regulatory

Oracle And Salesforce Hit With $10 Billion GDPR Class-Action Lawsuit

0
Oracle
Share this article

Tech giants, Oracle and Salesforce will face class-action lawsuits for breaching and sharing of personal data to sell online advertising in the UK and Netherlands.

The cases are being brought by The Privacy Collective, a European non-profit foundation that is dedicated to claiming compensation for the wrongful use of personal data.

The group claims the two companies are misusing consumers’ personal data through their third-party cookies ‘Bluekai’ and ‘Krux’, which are used to track, monitor and collect the personal data of internet users and share it in a process called real-time bidding. These cookies are hosted on a number of popular websites, the group claims, such as Amazon, Booking.com, Dropbox, Reddit and Spotify.

The Privacy Collective is accusing both Oracle and Salesforce of breaching GDPR rules by facilitating sales via harmful ads, holding personal information that consumers did not proactively consent to sharing, and inconsistently securing personal data.

“Everyone who has ever used the internet is at risk from this technology. It may be largely hidden but it is far from harmless,” said Dr Rebecca Rumbul, class representative and a claimant on the suit in England and Wales.

“If data collected from internet use is not adequately controlled, it can be used to facilitate highly targeted marketing that may expose vulnerable minors to unsuitable content, fuel unhealthy habits such as online gambling or prey on other addictions.”

The lawsuit has been filed in Amsterdam, with a similar claim to be filed at the High Court of London later in August. The Privacy Collective said the Dutch case is the biggest-ever class action in the country that concerns GDPR and could cost Oracle and Salesforce up to €10 billion.

Oracle’s EVP and general counsel Dorian Daley hit back at the lawsuit, and slammed it as “meritless action based on deliberate misrepresentations of the facts”.

“As Oracle previously informed the Privacy Collective, Oracle has no direct role in the real-time bidding process (RTB), has a minimal data footprint in the EU, and has a comprehensive GDPR compliance program,” Daley said in a statement.

“Despite Oracle’s fulsome explanation, the Privacy Collective has decided to pursue its shake-down through litigation filed in bad faith. Oracle will vigorously defend against these baseless claims.”

A spokesperson for Salesforce said it “disagrees with the allegations and intends to demonstrate they are without merit”.

Share this article

Three Interesting Fintech Partnerships in Abu Dhabi to Know About

Previous article

Sombank to Deliver Digital Islamic Banking Services in Somalia with Temenos’ Cloud-Native Technology

Next article

You may also like

Comments

Comments are closed.

More in Regulatory