Google/FB vs. 1000s of small firms in surveillance advertising is like 2 giant retailers selling toxic food and abusing their monopoly power vs. 1000s of small firms selling toxic food.
Helping the small firms to better sell toxic food so the giants lose power is not a solution.
Yep going after the small firms' toxic food sales may further increase the power of the giants selling toxic food.
But that doesn't mean going after the small firms is bad. It just means that, at the same time, going after the giants' toxic food sales and power is required, too.
Of course, small toxic food is a part of big toxic foods' supply chain.
Now imagine a new law would make it more difficult to handle toxic food for everyone. What should big toxic food do?
✅ Claim (and make small toxic food associations claim) the law will only benefit big toxic food, because only big toxic food can afford (pseudo) compliance.
This is what G/FB always did when it came to data protection and privacy legislation, in the EU, in the US and elsewhere.
Increasingly under pressure, big toxic food announces it will block parts of its third-party toxic food supply it has built its business on for years.
To some extent big toxic food could increase its own production, it would still dominate, and it's just an announcement anyway.
🚨 Small toxic food: "Big toxic food blocking us jeopardises the economy and will kill millions of jobs"
🚨 (Some) competition authorities: "Big toxic food blocking small toxic food will kill competition. Let small toxic food flourish!"
🙂Big toxic food: "We're fine either way"
I admit the analogy goes only so far ;) ...but I think it still provides some insight.
To stay with the analogy, small toxic food wouldn't exist in the first place if big toxic food had not created the toxic food supply chain for its own benefit.
And small toxic food consists of a variety of different actors, including:
- smaller middle men that take the largest cut, just as predatory as big toxic food
- many shady actors that mislead everyone else
- large corps in related industries that have their own stake in small toxic food
- myriads of small actors that have no choice but to participate
"But but but ...the basic premise is wrong, the food isn't toxic at all!"
And we have filters like privacy policies and settings and choices and promises and stuff that totally protect you and put you in control. 🤖
"Ok, perhaps the food is a bit toxic, but"
Constantly monitoring+profiling everyone and sharing intimate data about the everyday lives of billions across myriads of companies nobody ever heard of is just necessary to preserve the free internet, the free press and democracy! 🤡
In a nutshell:
- No toxic food
- Stop personal data sharing across adtech, publishers, marketers, big tech & others
- Break up, regulate and tax big tech
- Ban utility-scale services from exploiting data for purposes other than providing the service. If they cannot, let them die
+ Find ways to fund public-interest media without relying on surveillance advertising, including public funding
(I guess the analogy's main flaws are:
- many actors in the personal data industry operate in two or multi-sided markets
- scale/network effects in tech
- data exploitation has 2nd/3rd order effects beyond individual health
Not a flaw: a toxic food industry may indeed exist 😬)
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Just tried to help a friend who runs a very small local business that has nothing to do with online marketing but uses a popular cloud-based website system to draft a GDPR-compliant data/privacy policy that makes sense. Almost impossible.
Of course, it's not the law that is to blame, but the cloud services provider, its invasive personal data processing plus third-party embeds that cannot be turned off, as well as the lack of GDPR enforcement against such services, which is why they still exist as they exist.
It's not the first time I've been struggling with such advice. Don't wanna name the system because I spent already enough time with it on a Sunday evening, but no, building a hand-crafted website or setting up a custom CMS is not an option for many.
Anstatt zu schauen, dass endlich keine private Nachhilfe mehr nötig ist, werden 500 Mio Kapital in eine Plattform gepumpt, die sich effizient zwischen Eltern und prekären "Tutoren" schiebt, und die Startup-Community jubiliert. Das is alles derart kaputt. brutkasten.com/gostudent-seri…
Von den €13/Stunde sollen die "Lehrer" dann noch selbst Steuern und Sozialversicherung bezahlen, und wie bei Plattform-Intermediären üblich, versucht GoStudent, sich möglichst von jeder Haftung "freistellen" zu lassen. gostudent.org/agb-tutoren
Adtech/data company "OpenX secretly collected location data and opened the door to privacy violations on a massive scale, including against children"
$2 million settlement b/c of COPPA and FTC Act violations, order to delete "all ad request data": ftc.gov/news-events/pr…
As of today, OpenX 'strongly recommends' app vendors to include the user's exact GPS location in RTB bid requests, and thus broadcasts it to many other data companies in an uncontrolled way.
The FTC's investigation, however, did not focus on harvesting and sharing GPS location data (which it should) but on a specific form of Wi-Fi location tracking.
According to the complaint, OpenX used a 'backdoor method' to circumvent Android permissions. ftc.gov/system/files/d…
Ian Brown on how interoperability could tackle platform power and required safeguards.
Thanks for including my concerns! Done wrong, mandating interoperability can lead to yet other cesspools of data exploitation for the benefit of both small+large businesses rather than people.
I'm much more sceptical about mandating interoperability (aka creating markets) as a fix for platform dominance in several areas. Where it makes sense, data protection law and 'consent' are too weak as safeguards. I think, hard limitations on freedom of contract are the only way.
While I support messenger interoperability, in the EU protected by rights charter article 7 (despite also not trivial), I'm much more sceptical about e.g. financial services.
I'm afraid open banking / PSD2 already led to something similar to 'FB apps for bank transaction data'.
"Collecting data not only from PCs or mobile phones but also from various home appliances ... will lead to a new digital innovation"
Nope, not from a tech company's marketing copy but from a *scientific* paper on personalized advertising 🙄 mdpi.com/2078-2489/12/1…
"psychological factors ... can be utilized to enhance existing personalization models ... Inferring the psychological characteristics of users and inserting them as input variables into a personalization model could significantly improve the results"
"personalized advertisement systems should not only collect… context-related attributes of the user (profile, history, social, time, location, connected devices, etc.) but also combine them with psychological factors that can positively affect the attitude towards ad acceptance"
In 2019, the UK data protection authority found that surveillance advertising is illegal at scale & millions are affected by GDPR violations myriads of companies commit every day. Now the regulator 'reinforces the need to address the concerns'. I mean #wtf ico.org.uk/media/about-th…
The 2019 report was very good, and today's 'opinion' once again contains a sharp analysis of massive non-compliance, which the ICO 'continues to see evidence of', including 'invalid consent', 'unlawful' data processing, and it's not even clear by whom.
But NOTHING happens!
"The Commissioner called for industry to make changes, but also recognised the need for a measured and considered approach due to… a commercially sensitive ecosystem"
Bullshit. The ICO undermines compliance, destroys trust into the GDPR and into information technology at large.