Discover and read the best of Twitter Threads about #GDPR

Most recents (24)

1. Good piece on where business is up to on #GDPR & personalisation: linkedin.com/pulse/personal… However, #ePrivacy Directive sets out cookie consent req unless "strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested"
2. There is significant EU case law on "strict necessity", as well as some on "explicit" & "specific" consent. It does not really suggest a "take-it-or-leave-it" rather than opt-in approach to additional "services"/"intrusions" (depending on your perspective) is OK/"debatable".
3. Rather it strongly points to such an approach being NOT legally OK. That may be inconvenient to #ecommerce & even v silly on the part of #EUDataP. However, those factors alone cannot change the meaning of v specifically crafted law, albeit law widely bent (or ignored) online.
Read 5 tweets
The French data protection authority has issued the first formal guidance on the relationship between #blockchain and the #GDPR in the #EU.

I'll tweet some of the main points. Here is the full text: cnil.fr/sites/default/…
1. The @CNIL makes clear that its goal issuing this publication is to provide concrete guidance to actors in the space. This is to be applauded. Many in this space try to build compliant systems but are having a hard time figuring out what this entails.
2. *Data controllers*: unsurprising: where users directly engage with the ledger they can sometimes be controllers.

This, however, is only so where natural or legal persons exercise a professional or commercial activity (broad interpretation of household activity).
Read 19 tweets
This is a good question: what is the root cause of the lack of privacy online today? Why does media track so much? My personal take is that it boils down to browsers and mobile platforms. Not only is that the master fix, but it is within reach. Follow the thread❗👇
First, I have some assumptions that I want to ensure you know:
1) Without a free and well-funded press before long we'd have no privacy at all. This does NOT justify an exception regime for media, but it constrains the solution. Getting rid of media is not the right option.
2) I do not buy into strict deontologism. It's not enough to make a rule, we need to make it work. If you force people into a choice between the law and survival, don't be surprised that they at least bend the rules. If you incentivise defection, expect defectors.
Read 20 tweets
The next #EUelections2019 will take place in May.
We propose new rules to ensure that they are organised in a free and fair manner, and to better protect them from manipulation by third countries or private interests.
europa.eu/!fx67KH #SOTEU #EUprotects
To ensure that Europeans are able to make their political choices next May in fair and secure elections, our new set of measures focus on:
🛡️Data protection
🔍Transparency
🔐Cybersecurity
🌐Cooperation
⚖️Appropriate sanctions
#SOTEU #EUelections2019
More in our factsheet ↓
Recent revelations have shown risks for citizens to have their data misused and be targeted by mass online disinformation campaigns.
We propose sanctions for the illegal use of personal data to deliberately influence elections.
europa.eu/!fx67KH #SOTEU #EUelections2019
Read 5 tweets
There is a massive and systematic data breach at the heart of the behavioral advertising industry. This needs to change.

I together with @jimkillock @mikarv worked with @RaviNa1k to file regulatory complaints today under the #GDPR against adtech.

brave.com/adtech-data-br…
That page was displaying oddly for some people. Being fixed now. Remove the last backslash from the URL and it displays correctly
Here are some highlights from our filing with the Irish Data Protection Commissioner
(PDF at brave.com/DPC-Complaint-…)
Read 3 tweets
Morning campers! I’ll be live-tweeting from the European Court of Justice today about @Google’s “Right to be Forgotten” hearing.

What’s the main point? Should Europe (or France’s #privacy regulator) be able to apply its rules over the internet worldwide.

A recap:
La Vanguardia, a Spanish newspaper, published records in the late 1990s detailing the debt delinquencies of Mario Costeja.

About a decade later, Costeja sued, saying that the publication breached his right to privacy.
After a lengthy legal dispute, the case was referred to the ECJ which, in 2014, ruled that individuals had the right to ask that search engines like @Google remove links (but not the underlying webpages) from search results
Read 60 tweets
Today @Brave wrote to @IAB @IABTechLab to provide feedback on the OpenRTB 3.0 #adtech spec. It appears to severely infringe Article 5 of the #GDPR 1/ brave.com/iab-rtb-proble…
Our letter contains a summary of the various personal data that are broadcast in the OpenRTB system. Note that these data are very likely to include “special categories” of personal data, since they show what the person is watching and reading, can include brokers’ segment IDs 2/
Unless OpenRTB 3.0 is very radically altered, so that no personal data are contained in the bid request, it appears that it will severely infringe Article 5 of the #GDPR, and all that flows from Article 5’s principles. 3/
Read 6 tweets
Thanks @Buttarelli_G for this Op-Ed: "Big tech is still violating your #privacy" The "take-it-or-leave it" 'consent' approach shows how strongly network effects lock-in people washingtonpost.com/news/theworldp…
to the incumbent platforms. It's a paradox that the Founding Fathers in the US were fearful of accumulation of power in government but that recent successive governments have let the accumulation of power in Big Tech unchecked supposedly on the belief that competition would keep
actors in check. When #data is increasingly perceived as being an essential facility for a at least number of sectors and its dominant players, it is consequently challenging to build a service which provides the choices that competitive markets are meant to provide when
Read 7 tweets
I thought the spirit of #GDPR was supposed to be that it should be easy and simple to control how my data is used by websites. Yet this is what I had to go through in order to do that when I tried to read a @HuffPostUK tweet... (1)
First, I had to NOT press okay on this screen. Instead I had to press "here". (2)
Then I had to find the "Privacy Dashboard" option in this very very very very long page of links. (3)
Read 27 tweets
It's a criminal offence to falsifying a legal instrument. But if the #MetPolice / #LBRUT do it, then there is not even an investigation. 12 years of silence. Evidence to prove it - ukcoverup.com/search-warrant-

#skynews #lbc #theresamay #uk #bbcnews #coverup #c4news #worldnews #ukgov
Welcome to the #Metpolice who also changed & falsified my arrest details. Have a look at the evidence here ukcoverup.com/arrest-details as it's all easy to prove & that's why it's never addressed

#R4today #corruption #coverup #leadership #values #corevalues #bbcnews #skynews #itvnews
Read 97 tweets
When it comes to #DataProtection ..
Indians must ask for all the rights mentioned in #GDPR from Article 12 to Article 22 ..
If govt don't want to give apply Article 23 .. I won't even press for it ..
Stop writing sham of laws Mr. @rsprasad ..
India demands Real GDPR
#GDPR Article 15 has "Right of access by the data subject" (Screenshot 1)
In Prasad babu's #Dataprotection it become "Right to Reconfirmation and Access"
Huge and Vast differences ..Means, It has no rights at all for the Indians
#GDPR Article 16 Gives CLEAR & UNAMBIGUOUS "Right to rectification"
Prasad Babu's #DataProtection Section 25 becomes "Right to correction etc"
A Wholesome Cocktail of Ambiguous Processes and obfuscations so User may have to wait "from Weeks to Forever" to rectify
Read 8 tweets
Here's someone who's highly engaged in politics, news and society but didn't know about #MyHROptOut until this morning.

If you're in media and wondering if this needs more coverage, here's your answer. #MyHealthRecord #Privacy
Opting out doesn't appear to be going well for people so far. I've seen multiple reports of long wait times on the phone and web server crashes.

I've you're planning to opt out, I'd suggest maybe not doing it today, but definitely not waiting too long.

#MyHealthRecord #Privacy
For the record, I've gone back and forward on opting out myself.

As a journalist with strong interests in tech and privacy, I really want to see the system for myself. Kick its tyres and experience its flaws and limitations personally. But ...

#MyHealthRecord #Privacy
Read 142 tweets
My keynote, tomorrow #Computing2018: "No, let’s not put it on the blockchain".

"To carve out some scenarios where blockchain optimist narratives fall short, & specific properties of distributed ledgers & blockchain work against requirements. Includes GDPR, but no 20M fines."
#blockchain Keynote was well received.
The scenarios in this thread, link to slides at the end.
1. Short-term information of any value. Everybody will have to keep it forever and you can't get rid of it.
2. Information that will remain valuable over a longer period.
Of course you encrypt, it but while it's forever on the blockchain, the crypto may be proved broken, Moore's law may cause key to be too short, or quantum may happen (yeah right). I said "crypto", I meant it :)
Read 13 tweets
(thread) Do you want to take control of your online presence? Check out what the #GDPR offers! #GDPRexplained gdprexplained.eu
The #GDPR is the new EU regulation that protects you from having your personal data abused by private businesses, state administrations and other organisations. #GDPRexplained gdprexplained.eu
Personal data is any information that can be linked to an identifiable individual. It can be very broad since linking can be done by connecting pieces of information you leave behind in many different (online & offline) places. gdprexplained.eu #GDPRexplained
Read 8 tweets
My @Uber driver last night, going home from airport asked me where was I coming from.
Told here about #WCEU
- what is that, she asked.
- the European Conference for #WordPress, I said.
Her eyes sparkling, she grabbed the wheel firm, looked in the rear view mirror at me and said,
almost whispering:
- I installed that last week on my own, I want to sell accessories for women online, to support my kids.
No wedding ring on her hand, but I did not ask details, not sure if single mom or not.
Instead, once we arrived, I spent 30’ going over ecommerce options
for WordPress, recommended @WooCommerce, explained #SSL and #GDPR.
She only interrupted a few times to say “wait, wait!” as she was writing notes on her phone.
I was cold, exhausted, my family waiting inside, yet I was fascinated to share as much as possible with her. #WCEU
Read 10 tweets
This troll has published a thread attacking @Femi_Sorry for his video on EU democracy. I don’t like feeding trolls, but this one is getting attention for the wrong reason and his thread deserves detailed rebuttal. It’s a staggering tissue of lies and half-truths.
The EU always consults national govts in areas where it has exclusive competence. It does this through the “comitology” process - a network of committees in which member state governments advise, consult, and manage the EU civil service in its work.
When it comes to actually legislating in areas of exclusive competence, in the vast majority of all cases the Member States (Council) and elected MEPs are the legislators acting on a proposal from the Commission.
Read 32 tweets
Will #eprivacy be the next expansion of #gdpr? MSFT #Skype, #Whatsapp, Facebook #Messenger would have to provide #privacy controls/consents/disclosures for tracking/logging realtime communication and messaging.
technologyreview.com/the-download/6…
This matters in a few ways. First, live chat and messaging are features of many kinds of products and services. So #ePrivacy jurisdiction may touch nearly every website, service, and gadget.
Second, #ePrivacy demands transparency for the middle part of a call, exactly where companies like @Amazon, @Google, @Skype and @SlackHQ create new value and new partner ecosystems. Translation, bots, commerce to enhance your conversation will need specific disclosures.
Read 8 tweets
Today is a challenge - on and off for the next 12 hours, now that the GDPR dust is settling, I am going to try and Tweet about nothing but the #EUCopyrightDirective - BECAUSE, YE GODS, YOU NEED TO KNOW ABOUT THIS:

techdirt.com/articles/20180…

HT @mmasnick CC @OpenRightsGroup
If you want a video about how YOU should demand that the EU #DeleteArt13 of the #EUCopyrightDirective, maybe start with this one:
If you would like an authoritative voice regards why we YOU need to act to get the EU to #DeleteArt13 - to avoid the Internet and Web being swamped with a "Link Tax", here is the perspective of German Euro-MP, Julia Reda: juliareda.eu/2018/05/censor…
Read 16 tweets
There is a new Twitter signup/onboarding process.
What it looked like in 2017:
What it looked like in early 2018:
Auto-locking of accounts:

Per default they want a phone number instead of mail.
Instead of a full page signup flow, it is now a modal window.

First screen after entering Name and phone/mail looks like #GDPR. Everything opt-in as the law requires.

URL: twitter.com/i/flow/signup
I don't know why I get the same screen again. But there is now a button to actually sign up.

Next they want me to enter a password. But the account is already set up (see name and empty avatar at the top right).
Read 15 tweets
Because of #GDPR, USA Today decided to run a separate version of their website for EU users, which has all the tracking scripts and ads removed. The site seemed very fast, so I did a performance audit. How fast the internet could be without all the junk! 🙄
5.2MB → 500KB
They went from a load time of more than 45 seconds to 3 seconds, from 124 (!) JavaScript files to 0, and from a total of more than 500 requests to 34.
look at this!
Read 5 tweets
#StateOfTheHack follow up. Thank you to everyone who tuned in, and we apologize for the technical difficulties and audio. We are going to get that figured out for future iterations. I wanted to follow up with indicators I talked about at the end to prove a point regarding #GDPR.:
My team develops sources and methods for pursuing adversaries across our customers networks, and beyond. We do not become reliant on a single source, nor do we allow the loss of a source to cripple our collection efforts. Loss of WHOIS information is not a deal breaker.
This is the domain I dropped in our #StateOfTheHack discussion today. The screenshot indicates we illuminated it on day zero of the adversary establishing it. The WHOIS information is privacy protected. However, we didn't discover the domain through registrant information.
Read 5 tweets
THREAD. I've seen the presentation given to Team Barnier yesterday by the UK Brexit negotiators on data protection after #Brexit. It puts "some" flesh on the bones of the PM's Mansion House speech (1)
UK said that the @ICOnews should remain part of the Supervisory Board of the #GDPR which comes into force this week. And UK should remain in the "one stop shop" system where people and businesses only deal with one national regulator. UK also going above and beyond #GDPR. (2)
UK says the EU should be able to judge the equivalence of British legislation but that a standard adequacy decision like New Zealand or Israel won't be enough for the breadth and depth of the future relationship. (3)
Read 5 tweets
#Zuckerberg | You remind me of “Kalden” in the book “The Circle”; the founder of a big data company, growing out of his control, influencing elections.
#Zuckerberg | Nearly every year since 2003 there was a wrongdoing or problem for which you had to apologise; twice in 2017 and three times in 2018 and we are only May! Are you capable to fix it?
#Zuckerberg | You said you will apply the new #GDPR, but are you telling the truth? Since the outbreak of the #CambridgeAnalytica scandal, you transferred European data of non EU citizens to servers outside Europe, which is forbidden.
Read 5 tweets
Facebook is confronting EU users a new “terms of service” dialogue that denies access until a user opt-ins to tracking for ad targeting, and various other data processing purposes...
These Terms refer to the “data policy” that says “we use the information we have about you – including information about your interests, actions and connections – to select and personalise ads, offers and other sponsored content that we show you.”
The data policy also says “We use the information [including] the websites you visit and ads you see … to help advertisers and other partners measure the effectiveness and distribution of their ads and services, and…” See facebook.com/about/privacy/…
Read 37 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!