Facebook & Google Are Already Facing Allegations of Breaching the New EU Privacy Legislation (GDPR) - What About Steemit?
9 days ago I posted about the new EU Privacy legislation (GDPR) and its implications for the Steem blockchain. Today the legislation became effective and already activists have opened cases against Google and Facebook for violations of the legislation - despite both corporations having invested over 18 months work into complying!
As you can see in this piece from Reuters and this piece from Gizmodo - it seems some have jumped at the opportunity to hold the biggest tech companies to account for alleged violations of the new EU regulations. Since the potential for fines reaches into multiple billions for these companies, it's a pretty big deal for them.
The GDPR aims to enforce digital 'rights' (remembering that real rights can neither be given, nor taken away and that these are actually just the imaginings of politically minded people), such as the right to data transport between internet service providers and the right to have your data removed from their systems (among others). Previous legislation was aimed in a similar direction but did not go anywhere near as far as this new version does in terms of its requirements for the insertion of new functionality into existing apps and also the level of fines involved for non compliance.
“The GDPR explicitly allows any data processing that is strictly necessary for the service - but using the data additionally for advertisement or to sell it on needs the users’ free opt-in consent,” Max Schrems from the European Center For Digital Rights said in a statement.
Schrems refers to the pop-ups that users in European countries now see regularly, and points to the fact that there’s been no improvement in what would be called “informed consent” about what kind of data companies like Facebook and Google are collecting that they don’t necessarily “need” in order to provide you with their services.
“If companies realize that annoying pop-ups usually don’t lead to valid consent, we should also be free from this digital plague soon,” Schrems continued. “GDPR is very pragmatic on this point: whatever is really necessary for an app is legal without consent, the rest needs a free ‘yes’ or ‘no’ option.”
Source: Gizmodo
So there is an issue regarding the opting-in of users to advertising, since advertising are not absolute requirements for the systems to perform their functions of allowing social interactions between people. From the sound of the complaints, it appears that these big tech companies have assumed that their advertising is not covered by the privacy legislation - whereas aspects of it may well be.
Max Shrems was further quoted on Reuters as saying:
“You have to have a ‘yes or no’ option,” Austrian Max Schrems said before filing complaints in European jurisdictions. “A lot of these companies now force you to consent to the new privacy policy, which is totally against the law.”
This appears to be referring to the way that the big companies basically give you the choice between choosing to accept their new privacy terms or to stop using the service, which previously was an accepted 'best practice', but which now appears to be an issue. Max Shrems (An Austrian lawyer who has previously sued Facebook successfully) is referring to the fact that we can now no longer use Facebook and other such sites unless we agree to their new privacy policy (we are locked out if not). I do not exactly know which clause in the legislation prohibits this, but according to his interview in this second piece on Reuters he appears to be very confident that the GDPR has been violated.
Andrea Jelinek, who heads both Austria’s Data Protection Authority and a new European Data Protection Board set up under GDPR, appeared to express sympathy with Schrems’ arguments at a news conference in Brussels.
Asked about the merits of Schrems’ complaints, Jelinek said: “If there is forced consent, there is no consent.”
Source: Reuters
I am a little unclear as to why the idea of requiring agreement to a privacy statement before using a service might now be considered illegal, since ultimately it is our decision to use the service or not and no-one is forcing us to use the service. However, I can see that if I cannot log in to the service, then I cannot transfer my data away from the service to another service - which is now a feature that is supported by 'the right of portability'!
Steem
Thankfully, this activism against Facebook and Google appears to be motivated by desire to stop them monetizing people's private lives and disrespecting basic human/social boundaries. Therefore, it seems unlikely that Steem will attract such an investigation in the near future - however, it remains a possibility and as far as I am aware, Steemit Inc. has not performed any kind of audit or produced any changes of policy in response to this yet.
Comments?
What do you think? Do you have any direct experience with implementation of GDRP policy? What would you like to see occur with Steemit's policies?
Wishing you well,
Ura Soul
Vote @ura-soul for Steem Witness!
View My Witness Application Here
(Witnesses are the computer servers that run the Steem Blockchain.
Without witnesses there is no Steem, Steemit, DTube, Utopian or
Busy... You can really help Steem by making your 30 witness votes count!
Don't forget, there are more than the 50 witnesses you see on the witness voting page in steemit.com)
It depends on what "personally identifiable" data that steemit.com stores. As I see it, they may be storing IP addresses, emails, phone numbers, location addresses (using bluetooth, gps on apps as stated in their privacy policy) and steem wallet addresses. Now using these a person can be personally identified and they should definitely beware of the new GDPR and update policies and procedures on how such information is stored anonymously for European users, better for all users.
And since they have a huge list of third parties they are saying may share such information with (which definitely includes export to regions outside the EU) , it is highly likely steemit.com will be sued in the near future given the market cap of steem these days and the worth of the site itself.
https://steemit.com/privacy.html
The big social media platforms and the search engines have been violating both local and international law for years, specifically the Declaration of Human Rights, adopted in 1976 as law by all UN charter members, has been ignored completely.
What 'rights' in particular are you thinking of?
That's an easy one: Article 12.
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.
People are harassed, stalked, bullied, revenge porn'd, extorted, spied on and black mailed on line all the time; this goes on for years. There were more than 200 such websites, most of them tackled by individuals as gubmints refused to do so.
Read the original 1948 draft here, people should read it, it's interesting stuff especially since all UN charter members signed on: https://www.un.org/en/universal-declaration-human-rights/index.html
The Declaration was the first step in the process of formulating the International Bill of Human Rights, which was completed in 1966, and came into force in 1976, after a sufficient number of countries had ratified them. Second paragraph: https://en.wikipedia.org/wiki/Universal_Declaration_of_Human_Rights
I could continue for a while, but I think most will be able to relate any of these laws to reality on the ground in their particular location.
I see, ok - I only recall looking at the EU version previously - which is basically a corruption that inserts caveats that render the whole thing pointless.
https://en.wikipedia.org/wiki/European_Convention_on_Human_Rights#Article_8_%E2%80%93_privacy
Well, the 1976 adoption still stands even if they write clauses clearing themselves of any wrongdoing, as long as the original draft is not enforced. Malaysia was the only Nation with the balls to convict Bush & co for war crimes when the UN should have done this. Peculiar this didn't make front page news: https://www.foreignpolicyjournal.com/2012/05/12/bush-convicted-of-war-crimes-in-absentia/
I also question the intent of lawmakers. You have to wonder when a single law can exceed 74,000 pages, if it was meant to ever be read/understood in the first place. Throw in 20,000+ new laws every year and no one can reasonably keep track of what is legal.
Yes I have read your nine days earlier and the case has been filed on Facebook and Google. I have learned quite a bit about the high steemit. I do not think much about steemit will be something that steemit home security should be a suggestion.
I mean what did you expect from a centralized system... lots of corruption, cheating, etc. A reputable decentralized system with big-time transparency like STEEM is very unlikely to attract such investigations. It's high time people moved from such platforms to STEEM for their well being and safety.
hm, no comment, thanks for these recent news and hope that these orgnaization will consider our rights as human and protect, not trade it.
I am glad i'm not longer part of Facebook.
Although this new law seems ethical I do wonder about its intentions in the long run, why the concern all of a sudden. Indeed your point about having to agree to the terms or not use the platform is an interesting one. I think there could potentially be my answer here. AS the big corporations take over and the small companies are priced out we are going to be forced into either using and agreeing to these conditions or loosing out I have massive concerns about this in the long run. Yes it's all part of the program but the naivety of the masses is worrying I feel were walking into a big trap here 💯🐒