Open in app

Sign in

Write

Sign in

Suing all of ad-tech

Will an EU country finally enforce the GDPR?

Cory Doctorow

--

A giant eyeball whose pupil has been replaced by the EU circle-of-stars flag; it floats in a void of ‘Matrix waterfall’ blackness and green and white letters, numbers and symbols. Image: Carol M Highsmith/Library of Congress (modified) https://www.loc.gov/item/2014632601/

The EU’s General Data Protection Regulation (GDPR) has been a mixed bag, but at its core is an exemplary and indisputable principle: you can’t give informed consent for activities you don’t understand.

Since the dawn of online commercial surveillance, ad-tech sector maintained the obvious fiction that we agreed to allow it to nonconsensually suck in our private information, either by clicking “I Agree” on a garbage novella of unreadable legalese, or just by using a service.

GDPR exposes this “consent theater” for a sham. It says, “Look, if you think users are cool with all this surveillance and data-processing, you’ve got to ask them. Lay out each use of data you want to make, one at a time, and get consent for it.”

https://onezero.medium.com/consent-theater-a32b98cd8d96

That means that if you’re Google and you’re thinking of using the data you ingest in 800 different ways, you’ve got to show your users 800 yes/no questions, defaulting to “no,” to see if they consent to it, and you have to give them a “no to all” box to opt out of everything.

It won’t shock you to learn that virtually no one consents to this. It’s a lesson we learned again when Apple updated Ios to let users install apps but opt out of their…

--

--

Cory Doctorow
Cory Doctorow

Written by Cory Doctorow

200K Followers
601 Following

Writer, blogger, activist. Blog: https://pluralistic.net; Mailing list: https://pluralistic.net/plura-list; Mastodon: @pluralistic@mamot.fr

Responses (2)