The Data Privacy Digest is Californians for Consumer Privacy's weekly round-up of relevant consumer data privacy news. You may subscribe here.
This week, there were national calls for greater control over personal information and light was shed on new shifty data collection practices. While the Golden State was busy passing sweeping consumer privacy rights last year, data brokers were inventing new ways to sell your personal health information. It's no wonder new consumer rights for 40 million Californians are looking good to the rest of the nation.
It’s time for this week’s Data Privacy Digest:
The New York Times Editorial Board asks: "If no one reads the terms and conditions, how can they continue to be the legal backbone of the internet?" Great question.
"The average person would have to spend 76 working days reading all of the digital privacy policies they agree to in the span of a year. Reading Amazon’s terms and conditions alone out loud takes approximately nine hours.
"Americans deserve strong privacy protections. Consent is not enough to replace them. The clicks that pass for consent are uninformed, non-negotiated and offered in exchange for services that are often necessary for civic life. It’s time to start seeing the 'I agree' button for what it really is."
TechCrunch finds many popular iPhone apps secretly record your screen without asking, collecting data as sensitive as unencrypted credit card and password information."You can assume that most apps are collecting data on you. Some even monetize your data without your knowledge. But TechCrunch has found several popular iPhone apps, from hoteliers, travel sites, airlines, cell phone carriers, banks and financiers, that don’t ask or make it clear — if at all — that they know exactly how you’re using their apps.
"Worse, even though these apps are meant to mask certain fields, some inadvertently expose sensitive data."
Politico discusses how your health information is sold and turned into ‘risk scores’ – by one of the biggest data brokers in the world
"Over the past year, powerful companies... have begun hoovering up the data from insurance claims, digital health records, housing records, and even information about a patient’s friends, family and roommates, without telling the patient they are accessing the information, and creating risk scores for health care providers and insurers. Health insurance giant Cigna and UnitedHealth's Optum are also using risk scores.
"There’s no guarantee of the accuracy of the algorithms and 'really no protection' against their use, said Sharona Hoffman, a professor of bioethics at Case Western Reserve University."
Germany Restricts Facebook’s Data Gathering
The German competition authority has ruled that ‘Facebook cannot gather personal data across platforms and websites unless users give permission from each individual site, a decision that could have wide-ranging implications on the company’s ability to target advertising.’
While the approach is different from the CCPA (opt-in vs opt-out), the end result is that it will give consumers control over 3rd parties like Facebook tracking their information as they browse the web.