Share this page!

Wolfie Christl Profile picture
Twitter logo
5 Feb, 5 tweets, 2 min read
The location data set included a "unique ID for each user that is tied to a smartphone. This made it even easier to find people, since the ... ID could be matched with other databases containing the same ID, allowing us to add real names, addresses" nytimes.com/2021/02/05/opi…
Many app vendors + data brokers are still using the deceptive notion that the use of mobile advertising IDs would make personal data somehow 'anonymous' both in marketing materials and legal docs.

But everyone knows that information linked to mobile ad IDs is just PERSONAL DATA.
Data linked to ad IDs is 'personal data' according to the GDPR, and also according to Californian privacy law. To be more specific, it is 'pseudonymous' personal data.

It cannot get 'de-anonymized', because it's not anonymized at first. Perhaps, it can get 'de-pseudonymized'.
Geolocation records can be 'personal data' even if not linked to mobile ad IDs.

If linked to mobile ad IDs or other unique identifiers, geolocation records are certainly 'personal data', in any case.
"While some Americans might cheer the use of location databases to identify Trump supporters who converged on the Capitol, the use of commercial databases has worrying implications"

Anyway, excellent piece, a must read: nytimes.com/2021/02/05/opi…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Wolfie Christl

Wolfie Christl Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @WolfieChristl

Wolfie Christl Profile picture
6 Feb
RTL Group, a large European media company majority-owned by Bertelsmann, sells its US adtech subsidiary SpotX, yet keeps operating its EU subsidiary Smartclip.

Both SpotX and Smartclip engage in large-scale personal data processing and digital profiling.
rtlgroup.com/en/press_relea…
Smartclip states it uses 'anonymous identifiers' and 'anonymous user IDs for TV devices' and the 'advertiser ID' for devices, and it is 'synchronizing anonymous user IDs' with DMPs and DSPs to 'match users to user information on that 3rd party systems' 🙄
privacy-portal.smartclip.net ImageImage
On their privacy info page, they use the word 'anonymous' 22 times.

IDs cannot be 'anonymous' according to the GDPR, this is just misleading.
Read 4 tweets
Wolfie Christl Profile picture
5 Feb
"We periodically analyze the 1000 most used web sites in France in order to reveal these practices and follow their evolution"

Very basic examination of web tracking vs third-party cookies by French data protection authority @CNIL_en /ht @montezumachavez

linc.cnil.fr/obs-cookies/en/
- Why focus on cookies only? What about web storage, cache headers etc?
- Why focus on client storage at all and not on the processing/transmission of personal data, its purposes and legal bases?
- What about enforcement rather than analysis w/o any assessment of compliance? 😬
Btw. Classifying third parties based on the purposes mentioned in their privacy policies is not very helpful.

I'd classify most adtech firms as data brokers, but classifying LiveRamp, BlueKai, Neustar, ID5, Weborama etc as 'advertising agencies' really doesn't make much sense.
Read 6 tweets
Wolfie Christl Profile picture
4 Feb
MS Viva, a "new suite of employee management tools", provides "human resource functions like payroll, management tools to track employee performance and resources for staff covering benefits, career development and other aspects of their life at work" wsj.com/articles/micro…
"Microsoft Viva Insights uses data and signals from Microsoft Teams, Outlook, and other Microsoft 365 apps and services, and can also access data from an existing ecosystem of ... tools and services, including Zoom, Slack, Workday, and SAP SuccessFactors" techcommunity.microsoft.com/t5/microsoft-v…
"Viva Insights gives individuals, managers, and leaders personalized and actionable insights that help everyone in an organization thrive ... [it] will, over time, bring the power of Microsoft Workplace Analytics and Microsoft MyAnalytics together under the Microsoft Viva brand"
Read 4 tweets
Wolfie Christl Profile picture
31 Jan
"Nervig und sinnlos: Alle hassen Cookie-Banner", schreibt @suka_hiroaki und ja, es ist ein Desaster.

Hab mit ihm gesprochen. Entweder individualisiertes Tracking wird verboten oder Frage nach "Einwilligung" wird durch strenge Auslegung endlich unrentabel.
derstandard.at/story/20001236…
Letzteres wurde 2018 versäumt. Damals wäre wohl der optimale Zeitpunkt gewesen, die "Einwilligung" in der DSGVO in einer Art auszulegen und durchzusetzen, die dazu geführt hätte, dass viele nicht eingewilligt hätten und es sich ökonomisch nicht mehr ausgezahlt hätte, zu fragen.
Hätte es 2018 überall in der EU gleich einige Verfahren gegen größere Website-Publisher gegeben, die Daten ohne adäquate Einwilligung verarbeiten und weitergeben, ähnlich wie jetzt die norwegische Datenschutzbehörde gegen Grindr, stünden wir ganz woanders.
Read 13 tweets
Wolfie Christl Profile picture
30 Jan
"The best employee monitoring software can look to improve productivity, improve security, or both"

I love this guide on worker monitoring software because it describes employer interests and purpose creep in such a blunt way. H/T @JeremiasPrassl
techradar.com/uk/best/best-e…
"Monday.com is mostly though of as a project management tool, but it's worth pointing out that if you are tracking tasks and ... which jobs are being done by whom then you effectively have a basic form of employee monitoring"

"Reasons to buy: Attractive interface"
"SentryPC is designed for a wide range of uses, from blocking access to websites to enhancing productivity and conducting investigations"

"Reasons to buy: Stealthy. Inexpensive"

"Reasons to avoid: Potential privacy issues"
Read 6 tweets
Wolfie Christl Profile picture
26 Jan
The Norwegian data protection authority plans to fine the dating app Grindr €9.6 million for sharing personal data with advertising/data firms like MoPub, Xandr and OpenX without a GDPR legal basis, more than 10% of its assumed annual turnover of "at least" $100m.

This is huge.
Here's the 28p draft decision, a must read for every mobile app publisher:
datatilsynet.no/contentassets/…
This is the result of our 2019 investigation of mobile data/adtech, led by the Norwegian Consumer Council.

App vendors are responsible for data sharing with third parties. The decision has the potential to change how apps share data across the ecosystem.
Read 13 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @WolfieChristl has new unrolls!

Check out other threads from @WolfieChristl!

Read all threads by @WolfieChristl