Privacy Matters Profile picture
Apr 17, 2018 16 tweets 3 min read Twitter logo Read on Twitter
April 13. Bulgarian Presidency updated working dc on the #ePrivacy Regulation.…

"recital 21 now provides an example where making access to a website conditional on the acceptance of cookies is not considered justified"
But much to review and .. hmmmm

"Access to specific website content may still be made conditional on the well-informed acceptance of the storage of a cookie or similar device identifier, if it is used for a legitimate purpose ,,"
“… This will for example not be the case of a cookie which is recreated after the deletion by the end-user."
Must have been some serious industry lobbying. Cookies a legitimate tool for measuring the effectiveness of advertising …
"this Regulation should provide for the possibility to express consent by using the appropriate settings of a browser or other application.” < well, I already set DNT .. so how about enforcing that ...
Sneaky. Eroding data protection by design and default. Defaults matter greatly …. what a ‘privacy setting' is defaulted to is hugely important and can provide or erode privacy. The ePR needs an explicit data protection and privacy by design and default obligation
Subtleties of policy. Eroding consent and shifting the burden of responsibility to ‘software’ providers …..
YOUR location privacy seems to matter less to policy makers. Hmm .. more to consider
Good "direct marketing communications also may include messages sent by political parties that contact natural persons via electronic communications services in order to promote their parties.” “The same .. applies to messages sent by other non-profit organisations "
"End-users who have consented to the processing of electronic communications data as set out in point (c) of Article 6(2) and points (a) and (b) of Article 6(3) shall reminded of the possibility to withdraw their consent at periodic intervals of [no longer than 12 months"
processing of communications metadata permitted for "scientific research or statistical purposes provided it is based on Union or Member State law” under specific measures + safeguarding of rights & interests of individuals .. without consent .. but with right to object ..
hmm Art 6(2)(f) . a public authority can request the processing of communications metadata for the purpose of statistical counting
implications for entities analysing content of communications for advertising - Article 6(3) (a) (aa) (b)
Art 6(3a)(a) ECS providers will need to exclude communications metadata that reveal special categories of personal data pursuant to Article 9 of the GDPR .. where technically feasible … <think of those SSID that reveal a location that may be a Mosque, or a health clinic
Article 10 in what should be data protection and privacy by design and default has essentially been butchered at the alter of industry.
Good "Member States shall ensure, in the framework of Union law and applicable national law, that the legitimate interest of end-users that are legal persons with regard to unsolicited direct marketing communications .. are sufficiently protected."

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Privacy Matters

Privacy Matters Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @PrivacyMatters

Sep 29, 2018
1/ I note the issues around the conservative party conference app .. BUT OMG! I took a peek at the Conservative Campaigner app - "the official mobile app for supporters of The Conservative Party” and OH BOY …
2/ the app was developed by Social Political Media, the same entity behind the anti-abortion apps LoveBoth & MY8 used in the Irish referendum on abortion, .. but Social Political Media also developed the …. Vote Leave app, the Trump-Pence 2016 app, the French Renaissance app
and the same ‘developer’ is behind the NRA’s official app. Oh boy.

Yep, the UK @Conservatives official campaign app is developed by a US based political campaigning app platform UCampaign

OK need to go make Son’s supper - back soon. and Oh boy
Read 36 tweets
Aug 31, 2018
An NHS app intended to get people from ‘couch to 5k’.

“Analytics and Advertising tracking SDKs. As these features are critical to Our ability to provide users with free, high quality mobile applications it is not possible to opt out from tracking features.” < WTH! No. No. No.
I don’t have time to go through this at the mo .. but I will, given that family has asked me “is it ok from a privacy perspective? .. it is the NHS after all.” <visions of #HanCocksApp
“We are also working closely with third parties (including, for example, business partners, sub-contractors, delivery services, analytics providers, search information providers) and may receive information about you from them” <much to dig into
Read 34 tweets
May 31, 2018
Ohh look @DPCIreland look at the term ‘consent’ in the URL. Now let’s consider consent under the GDPR, I know. In know. It’s not really consent
Ooh. Choice. Not really. Take it or leave it says Facebook
Facebook Terms first. I’m sure the majority of people will be able to immediately comprehend the suite of Facebook Products .. and Business Tools that they are ageeeing to 🤔
Read 8 tweets
Mar 6, 2018
So @AskLloydsBank is using legitimate interests under the GDPR to seek consent to contact customers 🤔
It’s one of the most confusing updates I’ve seen. What precisely is LloydsBank relying on for ‘consent’ and what for ‘legitimate interests’ for marketing/direct marketing/product development for example? #GDPR
Many other things are wrong. Its of ‘please contact us’ but no hyperlink with info on how/mechanism to contact.
Read 6 tweets
Feb 1, 2018
Oooh 👀
whoah! OMG. You’d think the Digital Minister and one responsible for data protection package would get privacy right.
1/ Hold me twitter. Here goes. (1) no Privacy Policy on the App landing page which doesn't meet Apples guidelines (2) The app is promoted as the 'Official App for Matt Hancock' but the 'seller' is Disciple Media Ltd (3) Individuals must tick to 'accept' a Privacy Policy and ToS
Read 43 tweets
Sep 8, 2017
🤔 Sorry, the breach of 143m people’s data #equifax does not make today a good day to be a DPO. It’s a day when potentially 143m people will
will be concerned and anxious. They’ll be starting a journey that may last years or their lifetime in seeking to address the impact
of “identity theft” as which can have adverse impacts on multiple dimensions of their lives. It’s not a good day to be a DPO. It’s a bad day
Read 11 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!