A reminder, ahead of news today, that we alerted the European Commission in October that it could not grant the UK a free data flow "adequacy decision" because of failings of @ICOnews. @ICCLtweet iccl.ie/monitoring-hum…
Problems with the draft: 1. GDPR Article 46(2)a tells the Commission what to consider when granting an adequacy decision. One must be able to take the ICO to court for mistakes. Ask @OpenRightsGroup@jimkillock@RaviNa1k whether this is notional or real. ec.europa.eu/info/sites/inf…
2. GDPR Article 46(2)b tells the European Commission that there must be an "effective[ly] functioning" a supervisory.
Paras 85-98 of the draft decision give a positive review of @ICOnews' performance.
But in fact the ICO failed to act on RTB, the biggest data breach in history.
These problems are additional to the UK acting as a back door for transfer of EU data to US security organisations. Judging by Article 46(2)(a) and (b), that there is a problem with processing of data in the UK itself.
Google has announced a big change to its advertising system. That big change raises 4 big questions. iccl.ie/digital-data/4…
It relies on privacy safeguards such as “trusted servers”, isolating data on the person’s device, and targeting groups of people rather than individuals. However, these safeguards are vaguely described. iccl.ie/digital-data/4…
Google said that it would not use unique identifiers in its own ad products. Even so, competition and self-preferencing questions arise. Google will be exposed to competition complaints and litigation if it leaves any room for doubt on any of these three points.
Data Protection Authority investigation of our complaints finds that the IAB Transparency and Consent Framework infringes the GDPR. iccl.ie/human-rights/i…
Today, we release new data on the consequences of the biggest data breach of all time: Real-Time Bidding. Two years after my complaint about the RTB privacy crisis, @DPCIreland has failed to end it. @ICCLtweet iccl.ie/human-rights/i…
Here is a list of the companies that Google sends RTB data to in Europe. It is 25 pages long!
(US list is longer, and has companies from many nations) iccl.ie/wp-content/upl…
The online advertising market requires both internal & external #GDPR enforcement. @Brave's new submission to @CMAgovUK shows why we need to act against the vast RTB data breach, but also act against Google's internal data-free-for-all too. brave.com/competition-in…
@brave@CMAgovUK Google, and Facebook, operate internal data free-for-alls that sustain their monopolies. In competition law, that's a problem. But it's also a problem in data protection law - and data protection law happens to have a handy *consumer-led* remedy!
@brave@CMAgovUK@Kartellamt@ICOnews It is tricky, because the vertically integrated platforms can hide behind three layers of infringement. Data protection authorities have to knock down all three. But once they do, the Googles and Facebooks have nowhere to hide.
New report from @brave: people seeking help for addiction, disability, and poverty on council websites are profiled by private companies in the UK. brave.com/ukcouncilrepor…
@brave JavaScript inventor and @brave's CEO @BrendanEich calls on Elizabeth Denham @ICOnews to finally act against RTB and adtech in his foreword.