Data brokers like Acxiom and Oracle are among the seven companies accused of violating the GDPR laws. The GDPR is replacing all the old data privacy laws to have a common regulation and compliance for different organizations to follow; where organizations can be held responsible for personal data as immense data leaks seem to happen regularly. A formal complaint has also be sent filed against ad-tech companies like Tapad, Quantcast and Criteo.

Ailidh Callander a legal officer at Privacy International said “The complaints target companies that despite exploiting the data of millions of users are rarely being questioned on their data practice. These companies’ have a business model based on data exploitation.”

Data brokers usually mine data from different sources this includes personal information from the social profile, browser history, and e-commerce data. A profile is created on each subject including political learning’s, income, and influencing data points. Acxiom claims to have data from more than 700 million people globally, consumers don’t hand the data directly to these companies they are being mined from different sources.

The alleged lack of consent is precisely what the privacy international is targeting. The non-profit company also said that these companies lack a legitimate interest in processing personal data. This data is usually used to influence the subject on different political, ethnic and religious situations.