Californians for Consumer Privacy is launching a weekly round-up of relevant consumer data privacy news. You may subscribe here.
This week, compromising data privacy is costing major corporations big bucks. Meanwhile, the New York Times gave ethical ad sales a try. And it turns out, the kids are alright – high school students in the Bay Area put together an answer to the digital privacy problems of today. What did they do? They gave consumers more data rights.
It’s time for this week’s Data Privacy Digest:
U.S. regulators are rumored to be discussing imposing a record-setting fine against Facebook for violating the 2011 consent decree with the FTC.
"Record-setting" for privacy violations isn't a high bar, the agency's largest fine for a privacy case was for $100M against Lifelock (part of which go towards consumer refunds), $25M against Google for violation of their 2011 consent decree, and $3.5M against Lenovo for selling laptops pre-loaded with software that compromised security protections in order to deliver ads to consumers.
Google has been fined nearly $57 million by French regulators for violating GDPR by failing to fully disclose to users how their personal information is collected and what happens to it.
Google was also charged for not properly obtaining users’ consent for the purpose of showing them personalized ads, the watchdog agency said.
What happens when you ask 12th graders to write their own federal privacy law?
They give consumers data access rights; they require specific opt-in consent for political, health and other sensitive data; and they double the FTC's annual budget.
In January, 2019, as part of Global Week at Castilleja School, 12th graders took a four-day workshop called “Tech For Good: Making Digital Innovation More Ethical.” Over the course of the workshop, students studied, discussed and debated the promise, and potential pitfalls, of emerging technologies including facial recognition and digital phenotyping — the use of social media and other non-health data to make health predictions.
The result: they decided to allow data collection by default for most consumer personal information. Yet they carved out an exception for data they deemed “sensitive,” including health-related, religious, political or precise location data. They also denied consumers an express private right of action — instead directing the Federal Trade Commission to expand its definition of privacy harms to include predictive analytics, or algorithmic decision-making, that could negatively affect a consumer’s life trajectory.
After GDPR, The New York Times cut off ad exchanges in Europe — and kept growing ad revenue
To comply with GDPR, the NYT blocked behavioral targeting and open-exchange ad buying in Europe, instead utilizing on contextual and geographic targeting. I.E. Rather than track European user’s behavior to target ads, the NYT opted to target users based on the content of the stories they were reading (i.e car ads shown for auto stories) or where they might be located (for example, based on their IP address).
The result: “We have not been impacted from a revenue standpoint, and, on the contrary, our digital advertising business continues to grow nicely.”
Specifically, contrary to the rhetoric, behavioral tracking is not the only way to make money on the Internet. Traditional direct-sold ads based on context of the stories and information the user reveals during that session is often sufficient for monetizing much of the content on the internet.
About Californians for Consumer Privacy
Californians for Consumer Privacy sponsored the California Consumer Privacy Act ballot referendum signed by 629,000 Californians to qualify for the November ballot. After the initiative qualified, the California State Legislature passed groundbreaking consumer privacy legislation in June, which was signed into law by California Governor Jerry Brown.
Californians for Consumer Privacy is dedicated to protecting and expanding privacy rights for consumers.