Share this page!

Wolfie Christl Profile picture
Twitter logo
May 11 9 tweets 3 min read
By introducing 'Shopify Audiences', the e-commerce services provider used by >1m online shops turns into a consumer data broker, exploiting data on purchases from across 'opted-in' shops to 'find' (single out) likely buyers for targeting on FB/Instagram.
shopify.com/audiences
"By enabling Shopify Audiences, you agree to contribute certain store and customer data to the audience network that all participating Shopify merchants contribute to ... This collective data is used to to develop an audience of potential customers"
help.shopify.com/en/manual/prom…
Cross-context personal data sharing at scale to profile and single out individuals, but 'securely' and 'encrypted' and 'designed for privacy' 🤖

It seems that Shopify considers shopper data as its own 'first-party' data. Analysis on a data-industry blog:
mobiledevmemo.com/with-its-audie…
Based on the information available, it seems like Shopify is pooling personal data on shoppers and then sends list of personal identifiers to FB/Insta who link the data to their global database and use the power of its surveillance machine to single out individuals for targeting.
...designed to be as 'compliant' as possible.

Two steps of opaque modeling based on comprehensive personal data, first some kind of aggregation at Shopify, then lookalike targeting and optimization at FB/Insta, connected via the transmission of lists of personal identifiers.
No leakage of personal data to anyone except for the two data giants, who still share massive personal data with each other in order to single out persons, based on massive personal data on behaviors across billions of FB/Insta users and millions of shops, websites, apps etc.
Achilles heels from a GDPR perspective?

- Shops sharing personal data on shoppers
- Shopify using personal data across shops
- Shopify sharing personal data with FB
- FB harvesting on/off-platform personal data
- FB singling out persons for targeting
- Clients using FB targeting
The real Achilles' heel is the personal data sharing between Shopify/FB.

We *really* need effective GDPR litigation that finally stops FB, Google and others from receiving lists of personal identifiers from clients in order to link them to comprehensive platform data #disruption
If we don't want to live in a world where everything we do can affect which ads, contents, functionalities, environments, offers, prices, options and choices we get across myriads of companies, we need to disrupt the seamless exchange of personal identifiers across companies.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Wolfie Christl

Wolfie Christl Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @WolfieChristl

Wolfie Christl Profile picture
May 11
"By reaching into the digital records of state and local governments and buying databases with billions of data points from private companies, ICE has created a surveillance infrastructure that enables it to pull detailed dossiers on nearly anyone, seemingly at any time"
"A review of over 100,000 spending transactions by ICE reveals that the agency spent approximately $2.8 billion between 2008 and 2021 on new surveillance, data collection and data-sharing initiatives", building a "dragnet surveillance system by crossing legal and ethical lines".
One of many findings in @GeorgetownCPT's report on "data-driven deportation" in the US:

The likely supply chain for ICE's access to gas, water, electricity, phone, internet and other utility records 2010-2021 includes a credit data exchange and other commercial data brokers. Image
Read 4 tweets
Wolfie Christl Profile picture
May 10
TikTok joins FB and Google in tracking billions of people across myriads of websites operated by other companies, and in letting myriads of other businesses send email addresses and phone numbers to them in order to link profile data, calling it 'standard industry practice'.
Why? Because "third-party cookie deprecation continues to delay" aka because Google still hasn't stopped it, after so many years.

And because no regulation or regulator stopped companies from constantly sending personal data to FB and Google, or the latter from processing it.
Here's, for example, hm.com processing a TikTok _ttp identifier in a 'first-party' cookie (accessed from Austria).

H&M lists many first-party and third-party identifiers in its privacy/cookie policy, but doesn't mention TikTok/ByteDance:
www2.hm.com/de_at/customer…
Read 5 tweets
Wolfie Christl Profile picture
May 9
"We have spent nearly two decades preparing for this moment. This is our time, and we intend to seize it"

Palantir letter to shareholders, including a rant against 'technocratic elites' in the US and quoting Adorno, of course.
palantir.com/newsroom/lette…
"bad times are very good for Palantir", Karp back in February:
seekingalpha.com/article/448792…
Karp, also in February:

"So we will work in a Hegelian way, so to speak, that is to dissolve the contradiction, which does not exist anyway, between data protection and the fight against terrorism"

12:03
Read 4 tweets
Wolfie Christl Profile picture
May 4
A keyboard app with >100 million installs that has almost full access to the phone and contains tracking code by 20 companies including Google, FB, Amazon, several smaller data brokers, and myTarget, part of mailru/VK and close to the Russian state.

What could possibly go wrong?
Trackers according to @ExodusPrivacy:
reports.exodus-privacy.eu.org/en/reports/259…

Play store link:
play.google.com/store/apps/det…

Why doesn't Google care about users at all? It has full control over its app store, and it has massive resources, made $76 billion in profit in 2021.

But it doesn't want to.
@ExodusPrivacy detects whether mobile apps contain tracking code by certain third parties based on rules.

This doesn't mean these firms actually receive personal information, but very likely they do. It also doesn't mean this is the full list of third parties that receive data.
Read 27 tweets
Wolfie Christl Profile picture
May 3
"Every single entity in the advertising ecosystem has access to the information shared by Grindr and every other app that uses the real-time bidding system. That means thousands of entities have such access" (a spokesperson of a data broker defending its shady business practices)
...remarkable quote from yesterday's WSJ article on Grindr user data being available for sale.
The quote comes from a spokesperson of the data broker UberMedia/Near, which has two entries in the 'vendor list' of IABEurope's deceptive TCF system.

Which means that some hundred million Europeans have allegedly 'consented' to data harvesting by a company they never heard of. Image
Read 4 tweets
Wolfie Christl Profile picture
May 3
FB trying to improve 'civic discourse' on the platform with intrusive profiling+experiments while selling maximized engagement is like an open heart surgery with a chainsaw while punching the patient in every corner of the body.
Regarding profiling+experiments, from the FB docs leaked by Haugen and published by Gizmodo:

While I may even agree with the mission in this case, a private data giant calculating 'civic targeting risk scores' without democratic oversight is…problematic.
documentcloud.org/documents/2156… Image
Users who have a 'high value' for political actors, based on the 'frequency of political ads impressions' and the 'observed premium that political advertisers are willing to pay'. Image
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(