The Irish Data Protection Commission (DPC) resolved 4,476 GDPR-related complaints last year, many involving securing access to their personal data, according to the organization’s Annual Report 2021.
Among the complaints filed were 144 concerning “electronic direct marketing.” These included “66 complaints in relation to email messages, 73 complaints in relation to text messages, and five complaints concerning phone calls.
The findings shed light on the types of issues faced by companies as they attempt to serve consumers.
The DPC continues that a total of “149 electronic direct marketing investigations were concluded in 2020. This figure comprises one complaint from 2018, 51 from 2019 and 97 from 2020. The DPC prosecuted 6 companies during 2020 for direct marketing infringements.”
In one case, a Irish citizen filed a complaint against Cardmarket, a German ecommerce platform that had been hacked. The case was resolved by the Berlin DPA.
Of the 4,476 concluded cases, 1,660 were for complaints received prior to 2020. Last year, the DPC resolved over 60% of the cases filed within the calendar year.
The most frequent GPR topics “continued to be: Access Requests; Fair-processing; Disclosure; Direct Marketing and Right to be Forgotten (delisting and/or removal requests)."
The DPC also reports a new phenomenon — “of both organizations and individuals attempting to misuse the GDPR to obfuscate or pursue other agendas.
Altogether, the DPC received 23,200 emails, 10,000 telephone calls and 2,000 postal communications.