Getting you up to speed with all the latest in the Catching up.
The roundup
Gold rush/Brexit woes/Android double clampdown/GDPR cookie consent/Secret Instagram profiling/Scared Sundance.
The next gold rush…
San Fran-based investment firm SparkLabs Global Ventures has published an article about the new “gold rush” for
cultivated data (such as ERP data). It highlights the fact that many industries
are only just beginning to understand the importance of obtaining actionable customer
insights. With Fortune 1000 companies
more willing to pay for cultivated data, it is now becoming appropriately
valued and even key to a company’s success. The article also points out that
with the lack of AI experts on the market, analytics platforms today not only need
to give users access to data that is both relevant
and actionable but that also empowers them to become their own data scientists.
Data that is accessible to everyone is the future and “the time to
mine it for insights and prosperity is now”.
Brexit and data flows
With Brexit
looming, companies are being advised to prepare for a no-deal scenario. Many DPOs will therefore be
looking for alternative ways to legally transfer data once Britain leaves the
EU. One of the safeguards companies can use to transfer data in compliance with
the GDPR is Standard Contract Clauses (SCCs), as
recommended by the UK ICO. SCCs are standard sets of contractual terms
and conditions which the sender and the receiver of the personal data both sign
up to. They include contractual obligations which help to protect personal data
when it leaves the EU and the protection of the GDPR.
However,
companies relying on SCCs may have cause for concern with upcoming cases
challenging their legality of SCCs in the European Court of Justice. Repeated hearings in the past have shown the extent to which US
authorities (i.e. surveillance agencies) engage in the
mass processing of European’s data and have questioned whether SCCs provide
enough protection. While multinational companies will surely take advantage of
(costly and time-consuming) Binding Corporate Rules, SMEs who currently rely on SCCs
are being advised to stay up to date with the latest information and see how the Brexit saga rolls out in a few weeks.
Android under fire
Google has been once again been accused of abusing its dominant position on
Android by placing its default search engine on it. German ‘ethical’ search
engine Ecosia has charged
Google with artificially limiting user options with unethical, anti-competitive
and damaging monopolistic behaviour. Google announced in early August that it will hold an auction to allow alternative search engines to
become the default providers on mobile devices in Europe from 2020. This means
that all users who set up a new Android device, or factory reset their existing
device, will see a choice screen asking them to choose which search engine they
want to use as a default – essentially making Google’s competitors pay at
auction for each installation of a non-Google search engine. Following on from
its $5 billion
fine in 2018 by European
Union regulators, this is more smooth work from the tech
giant…
Android pay-out for 28 million French users?
Google is also
in the limelight in France once again, this time by consumer rights group UFC-Que Choisir, accused of “drowning consumers in endless
confidentiality rules”.
A first of its kind for both France and Europe, this compensation claim could
mean that 28 million Android users in the country are eligible for up to €1000
each. The group’s president, Alain Bazot points out that your phone geolocates
you 340 times a day even when you’re not using any of Google’s services, which
constitutes a genuine “invasion of privacy”. He also advocates pursuing more
class action lawsuits against the major tech companies, calling Google’s €50
million CNIL fine a mere ‘mosquito bite’ out of its $36.3 billion revenue from
last year.
GDPR cookie-consent pop-ups: “meaningless and manipulative”
A recent study has flagged up the dubious nature of the GDPR cookie-consent notices that bombard users on a
daily basis. In a paper entitled (Un)informed Consent: Studying GDPR Consent
Notices in the Field,co-authored by academics at Ruhr-University
Bochum, Germany, and the University of Michigan in the US, researchers gathered
1000’s of online cookie notices and looked at the range of cookie consent
mechanisms in place. It turns out that many use subversive techniques to obtain
consent and that “the vast majority of cookie consent notices are not compliant
with European privacy law” – who would have guessed?
Instagram ad partner’s secret user-tracking
Instagram
ad partner Hyp3r reportedly collected and stored location and
other data secretly on millions of users. Hyp3r is a location-based marketing
platform that allows advertisers to target users attending specific events.
Listed until recently in the official Facebook Marketing Partners directory, the company was taking advantage of Instagram’s
Location pages to collect and save personal account stories and build detailed
shadow user-profiles. The fact that Facebook allowed such a blatant violation
of the prohibition against automated data collection to carry on for so long
remains a mystery.
How to terrify Sundance audiences
On a
lighter note (!!!), The Great Hack caused quite a stir at the Sundance festival this year. Labelled as “one of
2019’s best horror films” the film looks into Cambridge Analytica, election
rigging and how our data has become weaponised. Here’s an in-depth article by data-privacy crusader Carole
Cadwalladr who also features heavily in the film. 1984-style mass data
manipulation and global brainwashing – what better way to round off the summer holidays?
See you next time on the Internets!
Credits: Netflix.com 2019
