Report on Supply Chain Compliance 3, no. 4 (February 20, 2020)
After a number of complaints regarding Google‘s processing of location data, the Irish Data Protection Commission opened an investigation into whether or not Google “has a valid legal basis for processing the location data of its users and whether it meets its obligations as a data controller with regard to transparency.”[1]
On the same day, the commission revealed it was investigating MTCH Technology Services Limited, the company that owns Tinder, following similar complaints. According to the news release, the issues pertain to “MTCH Technology Services Limited’s ongoing processing of users’ personal data with regard to its processing activities in relation to the Tinder platform, the transparency surrounding the ongoing processing, and the company’s compliance with its obligations with regard to data subject right’s requests.”[2]
The Data Protection Commission is one of the most critical in the European Union, as several major tech companies are based out of Ireland due to the country’s attractive corporate tax structure.