The Irish DPA Has Opened Investigations Into Google and Tinder

Written by: Chase Langhorne, Esq.

Ireland’s Data Protection Commission (DPC) has opened two separate investigations into Google and Tinder, respectively, for GDPR violations.

Google

The investigation into Google centers around how Google treats location data collected from end users. “The Inquiry will set out to establish whether Google has a valid legal basis for processing the location data of its users and whether it meets its obligations as a data controller with regard to transparency,” the DPC said in a statement. Google has vowed to cooperate with the DPC to reach a swift conclusion.

Tinder

The investigation into Tinder focuses on two potential GDPR violations: (1) determining whether Tinder has been transparent with users regarding how users’ personal data has been handled and shared; and (2) determining whether Tinder has adequately complied with data subject access requests. This is not the first time Tinder has been under scrutiny for its handling of personal data. In March 2016, the Norwegian Consumer Council conducted an investigation into mobile apps and how those apps handle personal data. The report determined that the terms and conditions a user must agree to in mobile apps such as Tinder are in violation of (pre-GDPR) European data privacy laws because they require the user give the mobile app free reign to do anything it pleases in return for providing the app’s service.