Privacy Shield binned after EU court rules transatlantic data protection arrangements 'inadequate'
The complaint has been filed by a private individual whose name is redacted, referred to as "the complainant." According to the document, "the complainant was never requested such consent, neither during the first setup of the system, nor at a later stage."The document also notes the widespread use of the AAID for functions including identifying a specific device or application, personalising advertising, and customer-matching across IDFA and AAID.
The document requests that the French authority investigates the matter, orders Google to bring its data processing into conformance with privacy law, and imposes a fine. According to noyb, CNIL (Commission Nationale de l'Informatique et des Libertés) can take action "without the need for cooperation with other EU Data Protection Authorities." This is the second complaint against Google filed by the pressure group. An earlier complaint filed in Austria includes the observation that the AAID cannot be deleted, only reset, and that resetting the AAID does not delete previously collected data nor prevent further data from being collected. The work of Schrems has had a powerful impact in the past. His action complaining about Facebook data being transferred to the US resulted in the invalidation of the the EU-US Privacy Shield agreement. ®