#DataPrivacyDay: Our Roundup of MUST-READs on Privacy

By David Lim

29 January 2021

If you were on Linkedin at all yesterday, you probably noticed that January 28th is #DataPrivacyDay (if you didn’t already know, now you know) . A day created to bring awareness to the work many of us do every day with data, privacy, cybersecurity and protecting the user. We thought for a bit of a change we would roundup some of the most relevant, recent news and must-read articles to catch you up on what’s going on in the world of data privacy. If you don’t have the time to read, don’t worry, we got you. Check out the TLDR under each article 😉.

Three Ps: Privacy, Publishers, Platforms

Privacy is a topic that most of us care about for our own personal safety yet it's become a massive undertaking for both Publishers and Platforms. Take a look at some of the articles below on privacy risks and the repercussions. 

Living Single...

Dating App, Grindr fined almost € 10 Mio over GDRP Complaint

TLDR: Grindr, which recently received complaints from the Norwegian Consumer Council and the European privacy NGO noyb.edu over illegally sharing of user’s data with five adtech companies. Grindr was directly and indirectly sending personal data such as user location, and when a user used the app to hundreds of advertisers. They would gather data and create comprehensive profiles about a user, which can then be used for targeted advertising. The complaint against Grindr was the fact that users were not properly informed, the consent wasn’t specific enough, as users had to agree to the entire privacy policy. Grindr made use of the app condition on consenting to the data sharing or paying a subscription fee. The worst part about this is the fact that Grindr failed to control and take responsibility for their data sharing with third parties, which went from 19 third party companies to over 4000+. 

Cookie Monsters...

Complaints filed against European Parliament for data transfer to the U.S and insufficient cookie information

TLDR: The European Parliament offered employees and members of the European Parliament (MEP) COVID-19 PCR tests through an intranet website. When accessing the website, members of the European Parliament discovered that the website sent over 150 third-party requests, which dropped cookies on their browsers. The website’s cookie banner notification did not list all of the cookies placed on the browser and nudged users to accept all cookies, which fell short of a valid legal basis. It also violated EU laws of personal data from the EU to the US, which is subject to very strict conditions. Websites must refrain from transferring personal data to the US where an adequate level of protection for personal data cannot be ensured. 

WhatsApp With That...

WhatsApp to delay new privacy policy amid mass confusion about Facebook data sharing

WhatsApp has pushed back it’s new privacy policy update as folks were concerned with rumors of the app data sharing with Facebook. Although the new update does not expand ability to share data with Facebook, users have been fleeing to competitor messaging platforms such as Signal and Telegram due to numerous media reports and social media spreading information around the broad language in the privacy policy, which WhatsApps claims to be misinformed. Unfortunately, Facebook doesn’t have the best track record when it comes to privacy and data, which is the result of this backlash.

giphy-1

Source: Giphy 

As publishers and platforms, ads are what keeps the business running but it comes with risks around privacy. Advertisers need detailed information around a user in order to provide the most relevant ad and third-party cookies are the answer to doing that but without consent from the user, you risk trouble similar to Grindr, and the European Parliament. 

Google’s solution for Privacy: FLoC

If you didn’t already know by now, Google’s been working on a solution to fix these privacy concerns. Unless you’ve been under a rock, you heard about Google ending third-party cookies for Chrome. It shook the advertising world and put the industry in a bit of panic. Why would they do such a thing? Well, their reasoning is around protecting people’s privacy and keeping their information safe. On Monday, January 25th, Google introduced their new solution, which will replace third-party cookies, and it’s called FLoC.

What the FLoC...What is FLoC?

Building a Privacy-First Future for Web Advertising 

TLDR: FLoC stands for Federated Learning of Cohorts, which is an API that enables ad targeting based on user’s general interests. As Chetna Bindra, product manager at Google points out, “it’s a new way for businesses to reach people with relevant content and ads by clustering large groups of people with similar interests.” Unlike third-party cookies, which targets an individual user’s browser and web behavior through cookie-dropping, FLoC hides individuals “in the crowd” and uses on-device processing to keep a person’s web history private on the browser. It’s already proven to be an effective replacement signal for third-party cookies, showing that advertisers can expect to see at least 95% of the conversions per dollar spent when compared to cookie-based advertising.

Coming Soon 

Only time will tell if Google’s solution will work for the industry but in the meantime, companies have turned to Consent Management Platforms  (CMP) in the hopes that they will comply with the law. Confiant’s Senior Product Manager, Danielle Koffler puts it simply,  “you may understand ad tech, does your CMP? CMPs don’t protect you from rogue tracking in real-time” This is why we’re working on something that’ll help you identify unauthorized tracking and help you understand the risk level of your known (and unknown) ad tech partners. Stay tuned 😏.