According to the German Consumer Federation, the EU's #psd2 directive turned bank transaction data into a commodity and created a 'pipeline' for data flows to fintechs and other parties without much oversight.
Creating a market for financial profiling, especially if not effectively regulated at all, may once again shape a whole industry in a way we regret later. But as soon as it's there it will be incredibly difficult to make a change.
Financial profiling affects the lives of many, especially of the disadvantaged.
If we don't get #psd2 right, we'll soon see a large number of predatory financial data firms, expanded credit scoring and a further consolidation of risk+marketing surveillance.
Also, big (fin)tech.
I think #psd2 (and #openbanking globally) deserve much more attention.
It's about competition, data/consumer protection, actually about society at large.
I feel like the only ones who care are industry lobbyists. Thus, I find the German consumer federation's report very worthy.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
The large number of breaches shouldn't lead to the conclusion that data protection doesn't matter anymore, quite the contrary.
It shows that making the legitimacy to use personal data dependent on the functioning of technical measures or privacy self-management is totally over.
Of course, orgs must care about security, and they must be liable for not doing so. But there will always be shady actors who will use dirty data for shady purposes.
In any case, we need to make sure that legit entities cannot legally use dirty data without risking everything.
Regulating how entities can legally use/process personal data is basically what the EU data protection regime is about. Enforcing it requires bureaucratic procedures from documenting data processing to audits to general deterrence etc.
I missed this comprehensive investigation by @kfranasz from Oct 2020 that found that 502 out of 537 websites by US senators and congressional reps (.house.gov/.senate.gov) transmitted personal data on visitors to Google, 309 to Facebook, 69 to Oracle. Bad. adalytics.io/blog/is-congre…
Actually, no website should send behavioral data to Google, FB or other surveillance marketing companies, including sites by parties and politicians.
Apart from that, formal .gov sites should really not share data with any company that exploits it for commercial purposes at all.
This is even more true for sites by public authorities.
Like the US Customs and Border Protection website that just sent personal data on my visit to FB, Google, Microsoft, The Trade Desk, mdhv.io (?) and other parties during my visit as observed in my browser.
Lobbying spend by 25 companies registered as 'data brokers' in the US, including Oracle, RELX, Experian, Equifax, TransUnion, LiveRamp, Neustar, Venntel, Zeta Global, Aristotle, X-Mode.
Update, FB received personal data on me from 1573 apps and websites over the last 6 months, up more than two-fold from January 2020 when it introduced its 'Off-Facebook Activity' tool.
Methodology: For a part of my daily web activity I use a browser without any tracking protection or ad blocker, which is also logged into FB. Like many others. Annoying and painful, but what has to be done has to be done.
Correction: The new number seems to cover >6 months.
Some sites sent data about my activities to FB hundreds of times. Media websites are among the worst offenders:
- Daily Mail: 297x
- The Independent: 280x
- The Guardian: 203x
- Vice: 158x
- Reuters: 91x
- The Atlantic: 87x
- Forbes: 72x
- The New Yorker: 53x
- Politico: 46x
Come on, this pseudo-insightful PR piece carefully crafted by a team of unknown authors in the name of the former UK Deputy Prime Minister, now Facebook's "Vice President of Global Affairs" aka chief lobbyist, is horrible, and nobody should endorse it 😡 nickclegg.medium.com/you-and-the-al…
Take a look at this chart. All the major optimization goals are simply missing - all the relevant KPIs, maximizing engagement, user retention etc. Pure misinformation.
It's a carefully crafted compilation of most of Facebook's PR spins, distractions and lies from recent years.