RTL Group, a large European media company majority-owned by Bertelsmann, sells its US adtech subsidiary SpotX, yet keeps operating its EU subsidiary Smartclip.
Both SpotX and Smartclip engage in large-scale personal data processing and digital profiling. rtlgroup.com/en/press_relea…
Smartclip states it uses 'anonymous identifiers' and 'anonymous user IDs for TV devices' and the 'advertiser ID' for devices, and it is 'synchronizing anonymous user IDs' with DMPs and DSPs to 'match users to user information on that 3rd party systems' 🙄 privacy-portal.smartclip.net
On their privacy info page, they use the word 'anonymous' 22 times.
IDs cannot be 'anonymous' according to the GDPR, this is just misleading.
SpotX boasts of its business relationships with all kinds of consumer data brokers and helps publishers to profile people and to sell 'audience segments' i.e. lists of personal identifiers referring to people with certain characteristics and behaviors. spotx.tv/platform/
• • •
Missing some Tweet in this thread? You can try to
force a refresh
The location data set included a "unique ID for each user that is tied to a smartphone. This made it even easier to find people, since the ... ID could be matched with other databases containing the same ID, allowing us to add real names, addresses" nytimes.com/2021/02/05/opi…
Many app vendors + data brokers are still using the deceptive notion that the use of mobile advertising IDs would make personal data somehow 'anonymous' both in marketing materials and legal docs.
But everyone knows that information linked to mobile ad IDs is just PERSONAL DATA.
Data linked to ad IDs is 'personal data' according to the GDPR, and also according to Californian privacy law. To be more specific, it is 'pseudonymous' personal data.
It cannot get 'de-anonymized', because it's not anonymized at first. Perhaps, it can get 'de-pseudonymized'.
- Why focus on cookies only? What about web storage, cache headers etc?
- Why focus on client storage at all and not on the processing/transmission of personal data, its purposes and legal bases?
- What about enforcement rather than analysis w/o any assessment of compliance? 😬
Btw. Classifying third parties based on the purposes mentioned in their privacy policies is not very helpful.
I'd classify most adtech firms as data brokers, but classifying LiveRamp, BlueKai, Neustar, ID5, Weborama etc as 'advertising agencies' really doesn't make much sense.
MS Viva, a "new suite of employee management tools", provides "human resource functions like payroll, management tools to track employee performance and resources for staff covering benefits, career development and other aspects of their life at work" wsj.com/articles/micro…
"Microsoft Viva Insights uses data and signals from Microsoft Teams, Outlook, and other Microsoft 365 apps and services, and can also access data from an existing ecosystem of ... tools and services, including Zoom, Slack, Workday, and SAP SuccessFactors" techcommunity.microsoft.com/t5/microsoft-v…
"Viva Insights gives individuals, managers, and leaders personalized and actionable insights that help everyone in an organization thrive ... [it] will, over time, bring the power of Microsoft Workplace Analytics and Microsoft MyAnalytics together under the Microsoft Viva brand"
"Nervig und sinnlos: Alle hassen Cookie-Banner", schreibt @suka_hiroaki und ja, es ist ein Desaster.
Hab mit ihm gesprochen. Entweder individualisiertes Tracking wird verboten oder Frage nach "Einwilligung" wird durch strenge Auslegung endlich unrentabel. derstandard.at/story/20001236…
Letzteres wurde 2018 versäumt. Damals wäre wohl der optimale Zeitpunkt gewesen, die "Einwilligung" in der DSGVO in einer Art auszulegen und durchzusetzen, die dazu geführt hätte, dass viele nicht eingewilligt hätten und es sich ökonomisch nicht mehr ausgezahlt hätte, zu fragen.
Hätte es 2018 überall in der EU gleich einige Verfahren gegen größere Website-Publisher gegeben, die Daten ohne adäquate Einwilligung verarbeiten und weitergeben, ähnlich wie jetzt die norwegische Datenschutzbehörde gegen Grindr, stünden wir ganz woanders.
"The best employee monitoring software can look to improve productivity, improve security, or both"
I love this guide on worker monitoring software because it describes employer interests and purpose creep in such a blunt way. H/T @JeremiasPrassl techradar.com/uk/best/best-e…
"Monday.com is mostly though of as a project management tool, but it's worth pointing out that if you are tracking tasks and ... which jobs are being done by whom then you effectively have a basic form of employee monitoring"
"Reasons to buy: Attractive interface"
"SentryPC is designed for a wide range of uses, from blocking access to websites to enhancing productivity and conducting investigations"
The Norwegian data protection authority plans to fine the dating app Grindr €9.6 million for sharing personal data with advertising/data firms like MoPub, Xandr and OpenX without a GDPR legal basis, more than 10% of its assumed annual turnover of "at least" $100m.