Microsoft ad-tech subsidiary is breaking EU law—and not doing right by advertisers, privacy activists claim

Microsoft Ad-Tech Subsidiary Faces Privacy Lawsuit in Europe

A Microsoft subsidiary, Xandr, is under legal scrutiny by the European nonprofit Noyb for allegedly violating privacy laws. Xandr, known for its real-time bidding platform, processes substantial personal data to predict user behavior.

Noyb’s complaint, filed in Italy, suggests Xandr’s practices breach the EU’s General Data Protection Regulation (GDPR). The accusations state that the subsidiary fails to allow users access to or erase their data, and that much of the data used for targeting is inaccurate and contradictory.

Noyb’s investigation revealed significant data inconsistencies. They highlighted that a complainant’s data from Xandr’s supplier, Emetriq, showed contradictory information, suggesting the user was of varying ages, genders, and viewing habits. According to Noyb lawyer Massimiliano Gelmi, these discrepancies may benefit Xandr by allowing them to market to multiple business partners with varying profiles.

Noyb demands that Xandr comply with GDPR by ensuring data accuracy and transparency, allowing user data access and deletion, and receiving a GDPR fine of up to 4% of global revenue. Xandr’s platform claims it only contains pseudonymous data, not easily traceable to specific individuals. However, Noyb argues such data, when combined with other information, can still be linked to individuals.

The case could significantly impact the online ad industry in Europe. Last year, the EU’s highest court ruled against Metas targeted ad business, and recent court decisions affirmed users’ rights to access pseudonymized data.

Neither Microsoft nor Emetriq responded by the publication time.

Source: Microsoft ad-tech subsidiary is breaking EU law—and not doing right by advertisers, privacy activists claim.