CDP Institute

Civil rights group, NOYB (abbr. for “none of your business”), founded by activist Max Schrems, filed complaints in Berlin against Germany’s major political parties claiming violation of General Data Protection Regulation (GDPR) during the 2021 election campaign. The goal is to stop the microtargeting of online political advertising and its processing, a practice that has become widespread, including in the UK and US. GDPR does protect the data of people’s political views. This follows a vote last month by the European Parliament to ban political microtargeting on online platforms.

Australia has been the target of major data breaches in recent months and now a massive records hack has been announced by consumer finance group, Latitude Group Holdings.  Included are numbers from nearly 8 million Australian and New Zealand driver’s licenses, 53,000 passport numbers, and more than 6 million customer records. This ranks as one of Australia’s biggest data thefts, after Singapore Telecommunications’, Optus’ and Medibank’s.

The French National Assembly has proposed a controversial law critics worry will cross a new frontier in video surveillance. Article 7 of the “Bill relating to the 2024 Olympic and Paralympic Games” has been condemned by human rights organizations for permitting algorithmic AI video surveillance to be used at major events, possibly as soon as the Rugby World Cup in September, and subsequently at the 2024 Paris Olympic Games.  Algorithmic video surveillance is a new area of machine technology that utilizes AI to monitor, learn from and assess behavior and movement over time, so for example in this scenario, to anticipate crowd movement and predict and alert about “risky” behavior, based on AI estimation.

A survey of 1,670+ consumers conducted for Razorfish’s Data Privacy Paradox study found a big disconnect between the hyper-targeting and personalization companies offer, and what consumers prioritize – which is respect for privacy and transparency and to not have their data shared without consent. So, while 81% liked personalized experiences, only 17% were willing to give up data for them; and more than 50% reported they stop buying from companies that share their data without consent.

Over objections, Utah’s governor has signed The Social Media Regulation Act (SB 152), with the intent of protecting the mental health of teens by put the onus on parents to grant permission for social media use and requiring social media companies to verify ages of users. Opponents, including the Electronic Frontier Foundation, believe the legislation encroaches on children’s right to information and their privacy.

Yet another technology to know us better – very possibly better than most of us will want. Not content just checking our cardiovascular, respiratory, digestive and reproductive systems, Big Tech is rapidly developing brain-tracking devices to learn what we think, feel and remember, purportedly yes, to help with health diagnoses and management.  It also crosses our last personal, private frontier.

A Dutch court has ruled against Facebook in a suit brought by the advocacy group, Data Privacy Foundation (DPF) and the not-for-profit consumer group, Consumentenbond. They allege the company’s Irish subsidiary processed local user data without consent. Additionally, data was found to have been sold to third parties without consumers’ knowledge.

A Brooklyn resident charged in a class action that Amazon’s New York City Amazon Go stores collected biometric data of customers without sufficient notification, which puts the company in violation of New York’s 2021 Biometric Identifier Information (BII) Law. The law, which came into effect in January 2022, requires companies to notify store customers of scanning or other electronic data collection via prominent in-store signage. Amazon Go stores, which established a track-in-store-pay-later shopping model, had, according to the suit, failed to sufficiently comply.

By unanimous votes in the State House and Senate, Iowa is poised to pass the 6th US state privacy bill, though Consumer Reports and other consumer advocates are urging Iowa’s governor not to sign the Consumer Privacy Act (aka Senate File 262) into law. Concerns are that while the bill seemingly includes key consumer safeguards such as the right to know information companies have collected and the right to have information deleted, the verbiage in the law serves to weaken the protections provided to consumers and strongly favors business.

A survey by Digital Third Coast of more than 800 Americans found U.S. consumers are fearful they are being tracked wherever they go. Four in five were concerned about ad tracking, with Baby Boomers and Gen Z most concerned at 84% each. There’s also a level of paranoia about always being spied on, with 60% surveyed reporting they believe their phone is listening to them, 3 of 4 believing Alexa and other devices are always listening, and 60% reporting they believe the government is tracking their phone data.

The US Federal Trade Commission has finalized its order for Epic Games saying it must pay $245 million for its use of dark patterns to get Fortnite players to make unwanted purchases and to persuade children to accrue unauthorized charges without parental consent. The FTC also charged Epic with having locked accounts of customers who disputed unauthorized charges. Consumers can visit FTC.gov/Fortnite to learn more about eligibility for getting a refund.

The company, which came out of stealth in August with $6 million seed funding, can automatically map the flow of data from collection through how it is stored to whether it is being shared with third parties, then can create a trouble ticket to alert an engineering team when there’s a problem.