Oracle hits back at "meritless" GDPR lawsuit

The Privacy Collective is accusing Oracle and Salesforce of collecting and sharing cookie tracking data without consent

A class-action lawsuit has accused Oracle and Salesforce of breaching GDPR rules with the way they process and share personal data through third-party cookies.

Non-profit organisation The Privacy Collective has filled the lawsuit accusing the two tech firms of misusing consumers personal data through 'Bluekai' and 'Krux', which are cookies used for dynamic ad pricing services.

Oracle's EVP and general counsel Dorian Daley hit back at The Privacy Collective with a strong statement that called the lawsuit "meritless action based on deliberate misrepresentations of the facts".  

"As Oracle previously informed the Privacy Collective, Oracle has no direct role in the real-time bidding process (RTB), has a minimal data footprint in the EU, and has a comprehensive GDPR compliance program," Daley said in a statement. 

"Despite Oracle's fulsome explanation, the Privacy Collective has decided to pursue its shake-down through litigation filed in bad faith. Oracle will vigorously defend against these baseless claims." 

The lawsuit has been filed in Amsterdam, with a similar claim to be filed at the High Court of London later in August. The Privacy Collective said the Dutch case is the biggest-ever class action in the country that concerns the GDPR and could cost Oracle and Salesforce up to €10 billion. 

Under the GDPR, consent for processing personal data must be informed, specific and freely given. The "Bluekai' and 'Krux', cookies are hosted on a number of websites, such as Comparethemarket, Dropbox and Ikea. The Privacy Collective is accusing Salesforce and Oracle of sharing cookie data from harmful ads with hundreds of other companies via a real-time bidding process, without the proper consent or knowledge of the user. 

"Everyone who has ever used the internet is at risk from this technology. It may be largely hidden but it is far from harmless," said Dr Rebecca Rumbul, class representative and a claimant on the suit in England. "If data collected from internet use is not adequately controlled, it can used to facilitate highly targeted marketing that may expose vulnerable minors to unsuitable content, fuel unhealthy habits such as online gambling or prey on other addictions."

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021