GDPR privacy violations reported by enforcement organisation
A test by noyb, a European non-profit organisation for privacy enforcement, shows violations of privacy law by most streaming services. In more than 10 test cases was able to identify violations of Article 15 of the General Data Protection Regulation (GDPR) by companies including Amazon, Apple, DAZN, Spotify and Netflix, and it has filed 10 strategic complaints against 8 companies. Under Article 15, users enjoy a “right to access”. Users are granted a right to get a copy of all raw data that a company holds about the user, as well as additional information about the sources and recipients of the data, the purpose for which the data is processed or information about the countries in which the data is stored and how long it is stored. No service fully complied in noyb’s test, and all major providers engaged in “structural violation” of the law, says Max Schrems, director of noyb.
While many smaller companies manually respond to GDPR requests, larger services like YouTube, Apple, Spotify and Amazon have built automated systems that claim to provide the relevant information. When tested, none of these systems provided the user with all relevant data. Says Schrems: “Many services set up automated systems to respond to access requests, but they often don’t even remotely provide the data that every user has a right to. In most cases, users only got the raw data, but, for example, no information about who this data was shared with. This leads to structural violations of users’ rights, as these systems are built to withhold the relevant information.” Two providers, DAZN and SoundCloud, ignored the request, says noyb. The rest of the streaming services provided at least some raw data in response to the access requests. However, these responses were lacking background information, such as the sources and recipients of data or on how long data is actually stored (retention period). Raw data was provided in cryptic formats that made it extremely hard or even impossible for an average user to understand. Read more
- Wednesday, 23 January 2019