Video thread
Meet the Six Horsemen of the Digital Apocalypse.
Horseman 1: The quality of information in democracy is collapsing. Broken and fraud-riddled online advertising market is crushing journalism and monetising disinformation.

Plus, social media toxic "recommender system" algorithms artificially amplify hate and disinformation, and push self harm and suicide at children.

People – not Big Tech’s algorithms – should decide what they see and share online. The European Commission should learn from @CNaM_ie’s example, and give everyone in Europe the freedom to decide.
iccl.ie/2023/the-europ… These systems are acutely dangerous. Just one hour after @AmnestyTech’s researchers started a TikTok account posing as a 13-year-old child who views mental health content, TikTok’s algorithm started to show the child videos glamourising suicide.

New report: how data about Europe's political leaders, judges, and military personnel flow to foreign states and non-state actors.
RTB's security problem is a national security problem. iccl.ie/digital-data/e… Our investigation highlights a widespread trade in data about sensitive European personnel and leaders that exposes them to blackmail, hacking and compromise, and undermines the security of their organisations and institutions.

The U.S. Federal Trade Commission @FTC is considering new privacy rules.
Today, ICCL @ICCLtweet & @OpenMarkets & @TACD_Consumers (a forum of 75 NGOs) make a major submission showing the need for action against commercial surveillance.
iccl.ie/digital-data/f… The private things we do online, and where we move in the real world, are tracked by a vast online system called “Real-Time Bidding” (RTB). It works behind the scenes on almost every website and app. It tracks and exposes Americans' secrets 107 trillion times a year.

Newly unsealed court documents reveal data anarchy at @Meta.

We've just sent the European Commission @vestager +@ThierryBreton @dreynders new material revealing Meta’s internal data systems
+how Meta infringes the new EU Digital Markets Act + GDPR
iccl.ie/news/unsealed-… We examined thousands of pages of unsealed docs and depositions of Meta engineers from a long running case against Meta in Northern California. We found a data free-for-all inside Meta that makes compliance with the new EU Digital Markets Act an impossibility.

Today we release (staggering) new data on the "RTB" online ads data breach.
“Real-Time Bidding” tracks and shares what people view online and their real-world movements 178 Trillion times a year in the U.S. & Europe.
iccl.ie/digital-data/i… Google says 4,698 companies are allowed to receive its RTB data about what people in the U.S. are viewing online, and where they are. That number includes companies in Russia and China.

My op-ed this morning in @IrishTimes:
Ireland blew its chance to lead EU in online safety.
#DigitalServicesAct #DSA

There are stories within this story... The first story is about the Digital Services Act, which is weak on the algorithmic recommender systems that promote hate. Facebook’s internal studies found that these systems amplify unlawful material at enormous scale, and pushed people toward extremism. wsj.com/articles/faceb…

I and @Cristianapt have a new paper examining whether IAB Europe's solutions can fix the problems of the TCF.

Do the "Vendor Compliance Programme" and "Global Accountability Platform" actually protect TCF data (including RTB data)?

Paper --> papers.ssrn.com/sol3/papers.cf… The 2 February decision against IAB Europe requires that IAB Europe introduce data security (see b and c in the @APD_GBA decision summary).
IAB Europe has to explain how it proposes to do this in early April.

Re the Commission and CMA inquiry in to Google & Facebook's dodgy "Jedi Blue" deal...
This follows the Texas and other US State Attorneys General suit v Google. Those pleadings, filled in October 2021, indicated serious problems... Google has made noise about reducing its data leakage to other firms, but continues to operate a vast internal data free-for-all. Paragraph 156 of the State AG’s pleadings.

Momentous news.
5 long years.
The TCF is finally ruled unlawful. All data collected through it by Google, Amazon, Microsoft's tracking businesses is unlawful and must be deleted.
iccl.ie/news/gdpr-enfo… The findings:
The TCF consent system infringes the GDPR as follows:
-Fails to ensure personal data are kept secure and confidential (Article 5(1)f, and 32 GDPR)
-Fails to properly request consent, and relies on a lawful basis (legitimate interest) that is not permissible ...

Tracking industry body claims it can audit what thousands of companies do with our personal data.
Here is why that is impossible.
#TCF #RTB #adtech
iccl.ie/digital-data/i… Real-Time Bidding (RTB) data broadcasts are impossible to see or audit because they happen behind the scenes between servers.

New data: tracking-based ads imperil rights & publisher sustainability.
They divert data & revenue from publishers (and cause disinformation, fraud, dangerous data leakage).
@paultang @AlexandraGeese @BirgitSippelMEP @echo_pbreyer @kimvsparrentak @woelken iccl.ie/digital-data/s… @paultang @AlexandraGeese @BirgitSippelMEP @echo_pbreyer @kimvsparrentak @woelken Tracking-based ads siphon publishers’ audience data to Google & Facebook.
(Publishers, read Google's terms carefully policies.google.com/technologies/p…) /2

The UK Government now points to @IABEurope's (the tracking industry body) “consent” spam pop-ups as an example why it needs to abandon the GDPR. We remind @OliverDowden @DCMS that those pop-ups are illegal under the GDPR. bbc.co.uk/news/technolog… Back in 2017, a year before starting to spam Europe with consent popups, @IABEurope admitted that its tracking and adtech would be “incompatible with consent under GDPR” in a private note to the European Commission. I obtained that note under FOI.

https://twitter.com/johnnyryan/status/1164835435257847808?s=20

We are going to court. Our lawsuit takes aim at Google, Facebook, Amazon, Twitter, Verizon, AT&T and the entire online advertising/tracking industry by challenging industry rules set by IAB TechLab. ⁦@ICCLtweet⁩ iccl.ie/rtb-june-2021/ The online advertising industry causes the world's biggest data breach. We are going to court to stop it. iccl.ie/rtb-june-2021/

Google has announced a big change to its advertising system. That big change raises 4 big questions. iccl.ie/digital-data/4… It relies on privacy safeguards such as “trusted servers”, isolating data on the person’s device, and targeting groups of people rather than individuals. However, these safeguards are vaguely described. iccl.ie/digital-data/4…

A reminder, ahead of news today, that we alerted the European Commission in October that it could not grant the UK a free data flow "adequacy decision" because of failings of @ICOnews.
@ICCLtweet
iccl.ie/monitoring-hum…

https://twitter.com/johnnyryan/status/1315551079317278720

Problems with the draft:
1. GDPR Article 46(2)a tells the Commission what to consider when granting an adequacy decision. One must be able to take the ICO to court for mistakes. Ask @OpenRightsGroup @jimkillock @RaviNa1k whether this is notional or real.
ec.europa.eu/info/sites/inf…

Data Protection Authority investigation of our complaints finds that the IAB Transparency and Consent Framework infringes the GDPR.
iccl.ie/human-rights/i… Press statement iccl.ie/news/gdpr-watc…

Today, we release new data on the consequences of the biggest data breach of all time: Real-Time Bidding. Two years after my complaint about the RTB privacy crisis, @DPCIreland has failed to end it.
@ICCLtweet
iccl.ie/human-rights/i… This morning, @Politico @markscott82 has the story
politico.eu/article/google…

@robinberjon @therevoltingx @BrendanEich @samtingleff @acfou @kickstand @mrr619 @WolfieChristl @johnwilander @brave @random_walker I suspect that @therevoltingx is talking about internal data free-for-alls here.

https://twitter.com/therevoltingx/status/1302048981833244674

@robinberjon @therevoltingx @BrendanEich @samtingleff @acfou @kickstand @mrr619 @WolfieChristl @johnwilander @brave @random_walker While RTB is a vast external data breach (infringing GDPR Article 5(1)f in particular), Facebook, Google, etc. cross use data internally (infringing GDPR Article 5(1)b in particular). I set out this external / internal picture here. brave.com/competition-in…

The online advertising market requires both internal & external #GDPR enforcement.
@Brave's new submission to @CMAgovUK shows why we need to act against the vast RTB data breach, but also act against Google's internal data-free-for-all too.
brave.com/competition-in… @brave @CMAgovUK Google, and Facebook, operate internal data free-for-alls that sustain their monopolies. In competition law, that's a problem. But it's also a problem in data protection law - and data protection law happens to have a handy *consumer-led* remedy!

New report from @brave: people seeking help for addiction, disability, and poverty on council websites are profiled by private companies in the UK. brave.com/ukcouncilrepor… @brave JavaScript inventor and @brave's CEO @BrendanEich calls on Elizabeth Denham @ICOnews to finally act against RTB and adtech in his foreword.