The Information Commissioner’s Office has criticised real-time bidding carried out by the likes of Google and Facebook because the practice goes against the General Data Protection Regulation.

As the automation of advert-selling, real-time bidding has come under fire in recent months by many experts in the UK for the ways in which it muddies the waters of data processing.

Earlier this year Cairncross Review wrote:

“The programmatic display advertising market is seen as particularly complex, and lacks transparency across the advertising supply chain.”

The UK regulator feels that the manner by which data is harvested by advert sellers through the process of real-time bidding amounts to a violation of the GDPR. The EU’s new data laws set tough new standards regarding how data controllers may collect, store and use personal information.

In a report, the ICO said:

“The ad-tech industry appears immature in its understanding of data protection requirements. Whilst the automated delivery of ad impressions is here to stay, we have general, systemic concerns around the level of compliance of RTB.”

If the words in the report are not yet enshrined in law, the ICO is nonetheless clear on its intent to actively bring down the levels of data that the real-time bidding process typically throws around.

A function called “DoubleClick” by Google relies on an algorithm which attributes an advert deemed best suited to a particular user based on that users search results and other online data.


GDPR Summit Series is a global series of GDPR events which will help marketers to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond. Further information and conference details are available at http://www.gdprsummit.london/