Share this page!

Johnny Ryan Profile picture
Twitter logo
27 Aug, 10 tweets, 8 min read
The UK Government now points to @IABEurope's (the tracking industry body) “consent” spam pop-ups as an example why it needs to abandon the GDPR. We remind @OliverDowden @DCMS that those pop-ups are illegal under the GDPR. bbc.co.uk/news/technolog…
Back in 2017, a year before starting to spam Europe with consent popups, @IABEurope admitted that its tracking and adtech would be “incompatible with consent under GDPR” in a private note to the European Commission. I obtained that note under FOI.
IAB "TCF" consent spam is compliance theatre.
(@mmatthiesen its primary designer says “the most seen — but least read — text on the Internet”)
The UK enforcer could have stepped in to stop this when the UK was in the EU.
It still can. I hope it will under @JCE_PC
Here is what the UK's own enforcer reported about this consent spam. Note the date. But has yet to take action. We remind @OliverDowden that this is a problem the UK can and could have addressed. Before or after Brexit. It has not done so.
This is why we at @ICCLTweet, together with @Jausl00s @PiDewitte @bitsoffreedom @panoptykon @liguedh_be are pressing the Belgian enforcer @APD_GBA to apply the GDPR and end this consent spam.
We also remind @VeraJourova and @Vestager of our concern about the granting of an adequacy decision to the UK. We are dismayed that the UK now points to consent spam, itself an infringement of the GDPR, as a device to discredit EU data protection law.
We note from its own documents (that we obtained under FOI) that the UK’s enforcer (ICO) has devoted only 1% of its staff to tech investigation. We urge @OliverDowden to recognise the need to modernise the UK's enforcement agency.
And to be clear, the UK's enforcer failed to protect vulnerable UK citizens by using the GDPR action against IAB consent spam even and data leaking on UK Council websites.
For example
My DMs are open to reporters.
Also talk to @PrivacyMatters @1Br0wn @RaviNa1k @jimkillock @mikarv

New UK position risks the UK-EU data deal. That deal is worth £85B per year to the UK economy, according to UK HMG papers.
This is 13% of the UK's global trade.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Johnny Ryan

Johnny Ryan Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @johnnyryan

Johnny Ryan Profile picture
16 Jun
We are going to court. Our lawsuit takes aim at Google, Facebook, Amazon, Twitter, Verizon, AT&T and the entire online advertising/tracking industry by challenging industry rules set by IAB TechLab. ⁦@ICCLtweeticcl.ie/rtb-june-2021/
The online advertising industry causes the world's biggest data breach. We are going to court to stop it. iccl.ie/rtb-june-2021/
Our evidence includes the “IAB Audience Taxonomy”, the data broker industry rulebook that specifies what can be in companies hidden dossiers about you: Your health problems, your debt...
iccl.ie/rtb-june-2021/
Video: a peek inside the system building secret dossiers about you.
Read 9 tweets
Johnny Ryan Profile picture
9 Mar
Google has announced a big change to its advertising system. That big change raises 4 big questions. iccl.ie/digital-data/4…
It relies on privacy safeguards such as “trusted servers”, isolating data on the person’s device, and targeting groups of people rather than individuals. However, these safeguards are vaguely described. iccl.ie/digital-data/4…
Google said that it would not use unique identifiers in its own ad products. Even so, competition and self-preferencing questions arise. Google will be exposed to competition complaints and litigation if it leaves any room for doubt on any of these three points.
Read 7 tweets
Johnny Ryan Profile picture
19 Feb
A reminder, ahead of news today, that we alerted the European Commission in October that it could not grant the UK a free data flow "adequacy decision" because of failings of @ICOnews.
@ICCLtweet
iccl.ie/monitoring-hum…
Problems with the draft:
1. GDPR Article 46(2)a tells the Commission what to consider when granting an adequacy decision. One must be able to take the ICO to court for mistakes. Ask @OpenRightsGroup @jimkillock @RaviNa1k whether this is notional or real.
ec.europa.eu/info/sites/inf… ImageImageImage
2. GDPR Article 46(2)b tells the European Commission that there must be an "effective[ly] functioning" a supervisory.
Paras 85-98 of the draft decision give a positive review of @ICOnews' performance.
But in fact the ICO failed to act on RTB, the biggest data breach in history.
Read 7 tweets
Johnny Ryan Profile picture
16 Oct 20
Data Protection Authority investigation of our complaints finds that the IAB Transparency and Consent Framework infringes the GDPR.
iccl.ie/human-rights/i…
Press statement iccl.ie/news/gdpr-watc…
Relevant thread...
Read 15 tweets
Johnny Ryan Profile picture
21 Sep 20
Today, we release new data on the consequences of the biggest data breach of all time: Real-Time Bidding. Two years after my complaint about the RTB privacy crisis, @DPCIreland has failed to end it.
@ICCLtweet
iccl.ie/human-rights/i…
This morning, @Politico @markscott82 has the story
politico.eu/article/google…
Here is a list of the companies that Google sends RTB data to in Europe. It is 25 pages long!
(US list is longer, and has companies from many nations)
iccl.ie/wp-content/upl…
Read 14 tweets
Johnny Ryan Profile picture
5 Sep 20
@robinberjon @therevoltingx @BrendanEich @samtingleff @acfou @kickstand @mrr619 @WolfieChristl @johnwilander @brave @random_walker I suspect that @therevoltingx is talking about internal data free-for-alls here.
@robinberjon @therevoltingx @BrendanEich @samtingleff @acfou @kickstand @mrr619 @WolfieChristl @johnwilander @brave @random_walker While RTB is a vast external data breach (infringing GDPR Article 5(1)f in particular), Facebook, Google, etc. cross use data internally (infringing GDPR Article 5(1)b in particular). I set out this external / internal picture here. brave.com/competition-in…
@robinberjon @therevoltingx @BrendanEich @samtingleff @acfou @kickstand @mrr619 @WolfieChristl @johnwilander @brave @random_walker There must be enforcement to stop infringement of the purpose limitation principle (companies operating unlawful internal data free-for-alls), and against infringement of the security principle (RTB’s big external data breach).
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @johnnyryan has new unrolls!

Check out other threads from @johnnyryan!

Read all threads by @johnnyryan

:(