Google is secretly using hidden web pages that feed the personal data of its users to advertisers, undermining its own policies and circumventing EU privacy regulations that require consent and transparency, according to one of its smaller rivals.
New evidence submitted to an investigation by the Data Protection Commissioner in Dublin, which oversees Google’s European business, accused the US tech company of “exploiting personal data without sufficient control or concern over data protection”.
The regulator is investigating whether Google uses sensitive data, such as the race, health and political leanings of its users, to target ads. In his evidence, Johnny Ryan, chief policy officer of the niche web browser Brave, said he had discovered the secret web pages as he tried to monitor how his data were being traded on Google’s advertising exchange, the business formerly known as DoubleClick.
The exchange, now called Authorized Buyers, is the world’s largest real-time advertising auction house, selling display space on websites across the internet.
Mr Ryan found that Google had labelled him with an identifying tracker that it fed to third-party companies that logged on to a hidden web page. The page showed no content but had a unique address that linked it to Mr Ryan’s browsing activity.
Using the tracker from Google, which is based on the user’s location and time of browsing, companies could match their profiles of Mr Ryan and his web-browsing behaviour with profiles from other companies, to target him with ads.