The WWW inventor wants to reinvent the web

Father of the web Sir Tim Berners-Lee has launched the “Contract for the Web” initiative to rally the global community to revamp the web for the public good.

30 years after he proposed an “information management system” (pictured) while being a scientist at CERN, Sir Tim Berners-Lee believes that he could stand no longer what the web has become of lately. In 2018 Berners-Lee told the Vanity Fair magazine that he was “devastated” by the state of distortion of his creation. As a result, on the 30th birthday of the WWW, he decided to use his influence to bring the web back on the track he envisioned: it should be recognised as a human right and be built for the public good. “If we give up on building a better web now, then the web will not have failed us. We will have failed the web,” Berners-Lee said.

According to Berners-Lee, the dysfunction of the web in recent years has mainly been manifested in three ways:

“1. Deliberate, malicious intent, such as state-sponsored hacking and attacks, criminal behaviour, and online harassment.

“2. System design that creates perverse incentives where user value is sacrificed, such as ad-based revenue models that commercially reward clickbait and the viral spread of misinformation.

“3. Unintended negative consequences of benevolent design, such as the outraged and polarised tone and quality of online discourse.”

To counter these dysfunctional behaviours, the non-profit World Wide Web Foundation (or “Web Foundation”) led by Berners-Lee is launching a civil society initiative, “Contract for the Web”, that calls out to governments, businesses, and private individuals, to pledge their commitments to a better future of the web.

It has different requirements for the three types of constituencies.

It demands governments to ensure everyone can connect to the internet; keep all of the internet available, all of the time; and respect people’s fundamental right to privacy.

It asks businesses to make the internet affordable and accessible to everyone; respect consumers’ privacy and personal data; and develop technologies that support the best in humanity and challenge the worst.

It challenges individuals to hold the governments and businesses accountable; be creators and collaborators on the web; build strong communities that respect civil discourse and human dignity; and fight for the web so the web remains open and a global public resource for people everywhere, now and in the future.

Under these principles, a group of people are working on the specific commitments in each area. The group is open to input from all (institutions and individuals alike) who share the vision, and the results of the work are expected later this year.

Signatories so far include some of the world’s biggest internet companies (e.g. Google, Microsoft, Facebook), other non-profit organisations (e.g. W3C), private citizens and celebrities and former and current politicians (e.g. Sir Richard Branson, Gordon and Sarah Brown), telecom operators (Telefonica), and governments (Die Bundesregierung).

The level of endorsement and commitment the initiative may ultimately garner is yet to be seen and will depend on the specifics being developed. Some governments may be hesitant towards the demand for allowing its citizens to access all the information on the internet without filtering, while others may feel they would prefer to have access to some of the people’s private data to strengthen public security. The demands for businesses may be seen as threatening the very livelihood of some companies whose business models have built on monetising user data.

Sir Tim Berners-Lee never made wealth out of his invention, but his transformational role has been well recognised. Stephen Fry once identified Sir Tim as one of the two living Englishmen that have had the most profound impact on people’s lives worldwide, the other being Apple’s Chief Design Officer Jony Ive.

EU set to proceed with controversial new online copyright rules

Inevitably the EU Copyright Directive, complete with its widely despised Articles 11 and 13, is continuing its glacial progress along the European rubber-stamping conveyor belt.

Last month we reported that the directive appeared to have hit a road bump, but this turned out to be a fleeting inconvenience, resolved by the most token of concessions. Yesterday both the European Commission and European Parliament announced a breakthrough in the fraught negotiations, from which a miraculous consensus was reached.

“To finally have modern copyright rules for the whole of EU is a major achievement that was long overdue,” said VP for the Digital Single Market Andrus Ansip. “The negotiations were difficult, but what counts in the end is that we have a fair and balanced result that is fit for a digital Europe: the freedoms and rights enjoyed by internet users today will be enhanced, our creators will be better remunerated for their work, and the internet economy will have clearer rules for operating and thriving.”

“This deal is an important step towards correcting a situation which has allowed a few companies to earn huge sums of money without properly remunerating the thousands of creatives and journalists whose work they depend on,” said MEP Axel Voss, who seems to speak for the European Parliament on this stuff.

“At the same time, this deal contains numerous provisions which will guarantee that the internet remains a space for free expression. These provisions were not in themselves necessary because the directive will not be creating any new rights for rights holders. Yet we listened to the concerns raised and chose to doubly guarantee the freedom of expression. The ‘meme’, the ‘gif’, the ‘snippet’ are now more protected than ever before.”

As you can see both spokespeople are doing a heavy sell on the directive because they know it’s unpopular. Not that it really matters because In place of actual democratic accountability, the EU has a self-reinforcing system of largely opaque bodies. This is apparently done to create the impression of rigorous due process but it’s very rare for the real power in Brussels – the European Commission – to receive any significant internal resistance once it has decided on a course of action.

The most unpopular part of the Directive is Article 13, which requires sites to either seek licenses for, or pre-emptively block the upload of, any material that may be copyright protected, or face the consequences of any breach themselves. Close second in terms of public derision is Article 11, which will require a license to reproduce all but the shortest snippets of written content and may apply to things like link previews.

Appropriately enough none of the announcements linked directly to the test of the agreement, but once more we indebted to MEP Julia Reda, who quickly blogged on the matter. “The history of this law is a shameful one,” she wrote. “From the very beginning, the purpose of Articles 11 and 13 was never to solve clearly-defined issues in copyright law with well-assessed measures, but to serve powerful special interests, with hardly any concern for the collateral damage caused.”

The special interests she referred to are big publishers, who she reckons have lobbied the EU to protect their traditional revenue streams. This theory would appear to be supported by the fact that smaller publishers and rights holders seem far less keen on the new rules. Reda, who you can see alongside a small number of other dissenting MEPs in the video below, thinks the Directive can still be stopped if the European Parliament can be persuaded to oppose it but this seems like a forlorn hope.

Zoey Forbes, Technology, Media and Entertainment Associate at law firm Harbottle & Lewis, offers another perspective. “On the surface, the agreed text was an early Valentine’s Day present for creatives and the wider content industry,” she said. “Copyright holders will receive additional revenues from the use of their works online as well as greater protection from online copyright infringement.

“However, as with all things, the devil is in the detail and some stakeholders feel the safeguards offered to the tech industry have not only watered down the EU’s original objectives but will actually leave copyright holders worse off. Conversely, the tech industry and those advocating for freedom of expression are not appeased by these safeguards and continue to oppose the directive on an ideological level.”

The EU is positioning all this as protecting the European little guy from voracious Silicon Valley giants who profit from traffic driven by third party content. There is some merit to that position, but it doesn’t seem to have consulted many little guys, nor thought more deeply about the mechanics of the internet, which rely heavily on the viral sharing of stuff. It’s not at all clear that the stated beneficiaries of this set of rules will, in fact, benefit, but the EU supertanker isn’t about to change course over such minor concerns.

 

User backlash after Tencent’s Reddit interest

Chinese internet giant Tencent is reportedly leading the pack for Reddit’s Series D round, with the social media giant aiming to raise between $150 and $300 million, but not everyone is happy.

Reddit, a social media platform for news aggregation, web content rating and conspiracy theories, has been beating its chest to the press over the last couple of weeks to drum up interest for the funding round. According to Alexa website rankings, Reddit is the 17th most visited website worldwide, while it claims to have 330 million monthly active users, 138,000 active communities and 14 billion page views a month.

And it appears to have caught the attention of one of the worlds’ fastest growing internet businesses. According to TechCrunch, Reddit is hoping to raise between $150 and $300 million, which would value the platform between $2.7 billion and $3 billion. Details are thin for the moment, but what is worth remembering is the Tencent stake would be relatively minor.

That has not stopped criticism on the platform from users however. Many are linking the Chinese distaste for free speech with the demise of Reddit. Some are using the freedoms afforded by the Reddit platform to voice their concerns that Tencent might be able to block certain conversations and impose some levels of censorship. Reddit is currently blocked by the Great Firewall of China, though some fear with Tencent’s involvement the censorship could be extended elsewhere.

What is worth noting is Tencent is not acquiring the business but investing in it. Depending on the total amount pumped into Reddit, Tencent will certainly gain some influence from a strategic and development perspective, all investor do to a degree, but it will be very limited. Another factor to consider is that depending on the type of shares which Tencent acquires, it might not even be granted a seat on the Board of Directors.

That said, such is anti-China rhetoric around the world, this deal will catch the attention of politicians. There is perhaps little which can be done to prevent the investment, though the involvement of a Chinese business might bring greater scrutiny down on Reddit. While it has not be the centre of any scandals to date, it certainly does have the capability of influencing a wide, deep and highly engaged audience. The success of the business will partly rely on the management team’s ability to manage this new dynamic with politicians.

While Reddit is one of the most popular social media platforms on the internet, it is rarely considered in the same bracket as sites such as Facebook or Twitter. The number speak for themselves, though as the site does not look anywhere near as polished and as it does not feel as overtly commercial, it has snuck under the radar to escape the same scrutiny which is placed on the other platforms. We suspect this will change over the coming months however.

Recently the business has been going through somewhat of a refurbishment to take it into the big leagues. With a site redesign, the introduction of a native video player and the team has started to sell cost-per-click ads in addition to promoted posts, cost per impression and video adverts, it is starting to get the feel of a genuine internet business. This, alongside investment from a Chinese company, might bring it more to the attention of governments and regulators, many of whom are attempting to crack down on internet companies.

For Tencent, this is an investment which makes sense. Having created a monstrous business in China, primarily through the influence of WeChat and QQ, the team is looking to spread its wings in the international markets. There certainly has been some organic growth into the international space, though Tencent has certainly not been shy about investments and acquisitions.
Over the last few years Tencent has invested in several game developers including a minority stake in Robot Entertainment, videogame developer and publisher Glu Mobile paying $126 million and 84.3% of Finland-based developer Supercell for $8.6 billion. The firm also has holdings in Riot Games, Epic Games and Activision Blizzard. All of these titles have increased the presence of the firm in the international arena, as well as its influence in the data economy.

While expansion into the international arena is nothing new, attempting to muscle into the social media and news aggregation segment has got a few people anxious. Considering the Chinese approach to freedom of speech, Tencent’s involvement in Reddit has gotten a few users asking questions, while governments are bound to wade into the equation sooner rather than later.

Is telecom losing Europe’s next generation employees?

Telecoms companies did not feature in the top employers’ lists chosen by the current and potential young employees in a recent multi-country survey.

The Swedish consulting firm Academic Work recently published the results of a survey on current and future young employees in six European countries, which asked the respondents to choose their most “aspired” employer, hence the title of the survey “Young Professional Aspiration Index (YPAI) 2018”. Among the three Nordic countries where it broke down the details of the employers the young people most like to work for, Google came on top in all of them (it tied with Reaktor in Finland, the consulting firm behind the country’s big AI drive). None of the telecom companies, be it telcos or telecom equipment makers, made to the top-10’s.

 YPAI 2018

The survey was done in the four Nordic countries (Sweden, Finland, Norway, Denmark) plus Germany and Switzerland. Nearly 19,000 young people, a mixture of students (22%), current employed (59%), as well as job seekers (15%) answered the survey. The majority of the respondents came out of Sweden, while just under 1,000 respondents were registered from Finland and Norway. Presumably the sample sizes were not big enough in the other three countries to break down the top-10 company lists.

YPAI 2018 respondents

In addition to asking the respondents to name their preferred employers, the survey also asked them about their most important criteria when choosing a place to work. “Good working environment and nice colleagues” came on top in four out of the six countries (chosen by 60% of the respondents in Sweden, 78% in Denmark, 73% in Germany, and 66% in Switzerland). It tied with “Leadership” in Sweden. In Finland coming on top was “varied and challenging tasks”, chosen by 60% of those who answered the survey, while in Norway 64% of the young people surveyed chose “training / development opportunities” as the most important criterion.

Once upon a time (i.e. around the turn of the century), telecom was THE industry to work in. It has been losing some of its old lustre to the internet giants. If they “aspire” to re-take the top spot of the young people’s mind share, the Ericssons and Nokias and Telenors of the world may want to refer to these criteria when promoting their corporate image, as a starting point.

With elections looming the EU pressures internet companies over ‘disinformation’

Having signed up to the EU’s code of practice against disinformation, a bunch of tech companies are inevitably being told they need to do more.

The EU extracted a formal promise at the end of September 2018 from Google, Facebook, Twitter, Mozilla and the trade associations representing the advertising sector to try to tackle whatever the EU deemed to be political disinformation online. When we covered it we reckoned it would be the thin end of the wedge and would be used to extract further concessions in future, and so it has turned out.

A European Commission missive today called on signatories to the code of practice to do better. It said there had been some progress in things like removing fake accounts, but wants full transparency of political ads by the start of the campaign for the European elections in all EU Member States.

“Signatories have taken action, for example giving people new ways to get more details about the source of a story or ad,” said Andrus Ansip, Vice-President for the Digital Single Market.  “Now they should make sure these tools are available to everyone across the EU, monitor their efficiency, and continuously adapt to new means used by those spreading disinformation. There is no time to waste.”

As if to illustrate the homogeneous hive mind that is the EC the release featured quotes from three other Commissioners saying almost exactly the same as Ansip. Seriously, check it out.

“With the launch of European election network with EU authorities last week and this report today, we are stepping up the pace on all fronts to ensure free and fair elections,” said Věra Jourová, Commissioner for Justice, Consumers and Gender Equality. “I expect companies will fully follow up on their rhetoric and commitment. Time is short so we need to act now.”

“Given the proximity of the European elections, any progress made in the fight against disinformation is welcome,” said Julian King, Commissioner for the Security Union. “But we need to go further and faster before May. We don’t want to wake up the day after the elections and realise we should have done more.”

“Today’s reports rightly focus on urgent actions, such as taking down fake accounts,” said Mariya Gabriel, Commissioner for Digital Economy and Society. It is a good start. “Now I expect the signatories to intensify their monitoring and reporting and increase their cooperation with fact-checkers and research community. We need to ensure our citizens’ access to quality and objective information allowing them to make informed choices.”

As ever the signatories will have armies of experts calculating the precise minimum level of compliance required to keep the EC off their back, but they should avoid trying to be too cute because the EC can get pretty vindictive when it feels the private sector is being insufficiently deferential.

The companies will now get their work marked on a monthly basis and they’d better not slack off, or else. “By the end of 2019, the Commission will carry out a comprehensive assessment at the end of the Code’s initial 12-month period,” concludes the announcement. “Should the results prove unsatisfactory, the Commission may propose further actions, including of a regulatory nature.”

Reading between the lines, the entire Eurocracy is presumably pretty worried about how May’s European elections will play out. They have traditionally been able to count on voter apathy to ensure nice compliant MEPs. But upheaval across the continent, vividly demonstrated via the gilet jaunes movement, means people might actually bother to vote this time, and for some pretty out-there candidates. This could be an attempt to limit the ability of such candidates to spread their message.

British parents are increasingly worried about the Internet – Ofcom

Research into children’s media consumption published by UK telecoms regulator Ofcom revealed that only 54% of parents agreed the benefits of the internet outweighed its risks, the lowest level since 2011.

The report, “Children and parents: Media use and attitudes report 2018” (and its Annex) and “Life on the small screen: What children are watching and why” were made by Ofcom with analysis of 2,000 British children aged 3-15 years and their parents. Less than half of the parents of 3-4-years agreed that the internet is doing more good than bad.

When prompted with the major concerns parents have about their children’s online life, “companies collecting information about what their child is doing online” came the top with 50% of parents expressing concern. Three other issues have increased in their level of concern from the similar research a year ago: the child damaging their reputation (42% vs. 37%), the pressure on the child to spend money online (41% vs. 35%), and the possibility of the child being radicalised online (29% vs. 25%).

Ofcom 2019 1 parent concerns

Published by Ofcom today, the reports showed that on average, a 5-15-year old child would spend more than four hours a day in front screens, including 2 hours 11 minutes online (same as a year ago) and 1 hour 52 minutes watching TV on the TV sets (8 minutes shorter than 2017).

“Children have told us in their own words why online content captures most of their attention. These insights can help inform parents and policymakers as they consider the role of the internet in children’s lives,” said Yih-Choung Teh, Strategy and Research Group Director at Ofcom. “This research also sheds light on the challenge for UK broadcasters in competing for kids’ attention. But it’s clear that children today still value original TV programmes that reflect their lives, and those primetime TV moments which remain integral to family life.”

There are differences in media consumption patterns between age-groups and between social groups. For example, the older the age group, the more time the children would spend online, from less than nine hours per week for the 3-4-year olds to 20.5 hours for the 12-15-year olds. Or, children of the 3-4-year old group in C2DE households spend more time going online, playing games and watching TV on a TV set, compared to those in ABC1 households.

Ofcom 2019 2 weekly hours

When it comes to device ownership and the devices used for media consumption, the research found that 1% of 3-4-year olds already have their own smartphones, and 19% have their own tablets. The penetration rates go up to 83% and 50% respectively in the 12-15-year old group. Again, there are differences between sub-groups on the devices used to consume media on their devices. While TV sets are still being used by more than 90% of children across all the sub-groups, the percentage of them also watching TV on other devices increased from 30% in the 3-4-year olds to 62% in the 12-15-year group.

The penetration of streaming services including Netflix, Now TV, and Amazon Video is already fairly high among all the sub-groups, with 32% of 3-4-year olds using at least one of them, going up to 58% in the 12-15-year olds. But YouTube is still leading in popularity. 45% of 3-4-year olds have watched YouTube, the penetration would go up to 89% in the 12-15-year olds.

As well as content consumption, content creation is also on the rise among children, with “making a video” one of the most popular online activities. While on average 40% of 5-15-years have made an online video, nearly half of all 12-15-year olds have done so.

Ofcom 2019 3 making video

Time spent on online gaming has remained largely unchanged from a year ago, ranging from a little over 6 hours per week in the 3-4-year group to nearly 14 hours in the 12-15-year group. But gaming is the online activity that demonstrates the biggest gender disparity. While boys in all age groups spent more time on gaming than girls, the difference went up to over 7 hours in the 12-15-year olds. On average girls in this group spent 9 hours 18 minutes playing online games while boys of this age spent 16 hours 42 minutes.

Social networks are another important type of media consumption by children. Facebook remained to be the most popular social media among the 12-15 years group, but its downward trend has continued to the lowest level of 72% penetration since the high of 97% in 2011. Gaining popularity are Instagram (65%, up from 57% in 2017), Snapchat (62%, up from 58%), and WhatsApp (43%, up from 32%). More significantly, when asked to name their “main site or app”, equal number of 12-15-year olds (31%) named Facebook and Snapchat.

Ofcom 2019 4 social networks

Astoundingly, 1% of 3-4-year olds, 4% of 5-7-year olds, and 18% of 8-11-year olds already have social network accounts, despite that most social networks set their minimum age at 13. WhatsApp raised its minimum age for EU users to 16 prior to GDPR came into effect. At the same time, less than a third of parents were aware of Facebook’s age limit, with even less awareness for the age restrictions of Instagram and Snapchat.

Ofcom 2019 5 parent awareness

40 execs sign a pledge to make the internet a nice place

Industry lobby group the GSMA has launched its ‘digital declaration’, signed by executives from 40 technology firms and telcos, aiming to make the digital economy a safer place, accessible to all.

With the likes of Bharti Airtel, China Mobile, Sharp, SK Telecom and Vodafone signing the deal, the GSMA is embracing its hippy calling of peace, love and digitisation. The declaration pins the hopes and dreams of the industry onto several different principles, which theoretically should lead to a warm and embracing internet.

“Social, technological, political and economic currents are combining to create a perfect storm of disruption across all industries,” said Mats Granryd, Director General of the GSMA. “A new form of responsible leadership is needed to successfully navigate this era.

“We are on the cusp of the 5G era, which will spark exciting new possibilities for consumers and promises to transform the shape of virtually every business. In the face of this disruption, those that embrace the principles of the Digital Declaration will strive for business success in ways that seek a better future for their consumers and societies. Those that do not change can expect to suffer increasing scrutiny from shareholders, regulators and consumers.”

Looking at the principles themselves, they are relatively simple. Respect the privacy of digital citizens; handle personal data securely and transparently; take meaningful steps to mitigate cyber threats; and ensure everyone can participate in the digital economy as it develops whilst combatting online harassment. Its broad enough to allow wiggle room, but accurate enough to ensure all the right buzzwords are ticked off the list. You can have a look at the full declaration here.

While it is certainly a step in the right direction to get these organizations to sign a document recognising the importance of often ignored concepts such as inclusion and security, perhaps the next step should be to engage governments and regulators.

The CEOs of these technology and telco giants will certainly play an influential role in the success of the internet, though these are companies which will be playing within the rules set by higher powers. Policy, regulation, legislation and public funding will play an incredibly powerful part, though with such varied political regimes across the world, getting them to at least acknowledge these constant principles should be a priority.

Another interesting omission from the list are the powerful and influential internet players. The likes of Google, Amazon and Facebook will perhaps play a more significant role than the telcos and technology vendors who have already signed the document as they slip into the grey areas of regulation. The OTTs have been effectively doing what they like to date, such is the difficulty in matching regulation with the pace of change in this segment, and while such a document is little more than a PR ploy, it would at least demonstrate some accountability.

Lobbying on the up as Silicon Valley feels the regulatory squeeze

The internet giants have started filing their lobbying reports with the Center for Responsive Politics with records being shattered all over the place.

Each quarter US companies are legally required to disclose to Congress how much has been spend on political lobbying. Although the figures we are about to discuss are only for the US market, international players will certainly spend substantially more, it gives a good idea of the pressure which the internet players are facing. Governments are attempting to exert more control and Silicon Valley doesn’t like it.

Looking at the filings, having spent $4.9 million in the final three months, Google managed to total $21.2 million across the whole of 2018, a new high for the firm. This compares to $18.3 million spent across 2017.

Facebook is another which saw its lobby bill increase. In its latest filing, Facebook reported just over $3 million for Q4, and totalled almost $13 million across the year. In the Facebook case it should hardly be surprising to see a massive leap considering the scale and the depth of the Cambridge Analytica scandal which it has not been able to shake off.

More filings will be due over the next couple of days, the deadline for the fourth quarter period was January 22, though the database search tool is awful. What is worth noting is this is set to be the biggest year for internet lobby spend, however it is still nothing compared to the vast swathes which are spend elsewhere.

Lobby tableIn total, the internet industry might have spent a whopping $68.7 million on lobbying Washington over 2017 (2018 data is still not complete), but that is nothing compared to more mature industries. The Oil and Gas segment spent $126 million, while Insurance pumped $162 million into the lobbyists pockets, but the winner by a long was the pharmaceutical industry spending an eye-watering $279 million on lobbyists across the year (see image for full list).

As you can see, the ceiling has been set very high for lobbying and it will almost certainly increase over the next couple of years. All around the world governments and regulators are attempting to exert more control over the internet industry, and while the lobbying process isn’t necessarily attempting to block these new rules, the aim will be to get the best deal possible.

In comparison to other industries, the internet specifically and technology on the whole is relatively new. You have to take into account the internet as a mass market tool is only in its teen years and is demonstrating the same rebellious tendencies as young adults do. New ideas are being explored and boundaries are being pushed; with some breakthroughs rules do not exist, while the emergence of new business models means companies fall into the grey areas of regulation. The internet has been operating relatively untethered over the last few years, though this is changing.

2018 was a year where it all started to hit home. Countless data breaches demonstrated the digital world is one where security has not been nailed, while data privacy scandals have shown how dated some regulations are. It doesn’t help that Silicon Valley seems to operate behind a curtain which only the privileged few are allowed to peak behind, but even if this barrier was thrown open, only a small percentage of the world would actually understand what was going on or how to regulate it effectively.

GDPR was a step in the right direction in handing control of personal information back to the user, but this only applies to European citizens. Other countries, such as India, are learning from these regulations with the ambition of creating their own, but it is still very early days. The rules and regulations of the digital economy are being shaped and the internet giants will certainly want to influence proceedings to ensure they can still continue to hoover up profits in the manner which they have become accustomed to.

Looking at where money has been spent, data privacy and security concerns is a common theme with all the internet players who want to protect their standing in the sharing economy, though mobile location privacy issues is another shared concern. With data getting cheaper, more people will be connected all the time, opening the door for more location-based services and data collection. This could be big business for the internet giants, though it has been targeted by privacy advocates looking to curb the influence of Silicon Valley. Other issues have included tax reforms, antitrust and artificial intelligence.

So yes, a remarkable amount of cash is being spent by the likes of Google and Facebook at the moment, but this will only grow in time as regulators and legislators become more familiar with the business of the internet and, more importantly, how to govern it.

France fines Google for being vague

The French regulator has swung the GDPR stick for the first time and landed it firmly on Google’s rump, costing the firm €50 million for transparency and consent violations.

The National Data Protection Commission (CNIL) has been investigating the search engine giant since May when None Of Your Business (NOYB) and La Quadrature du Net (LQDN) filed complaints suggesting GDPR violations. The claims specifically suggested Google was not providing adequate information to the user on how data would be used or retained for, while also suggesting Google made the process to find more information unnecessarily complex.

“Users are not able to fully understand the extent of the processing operations carried out by Google,” the CNIL said in a statement.

“But the processing operations are particularly massive and intrusive because of the number of services offered (about twenty), the amount and the nature of the data processed and combined. The restricted committee observes in particular that the purposes of processing are described in a too generic and vague manner, and so are the categories of data processed for these various purposes.”

This seems to be the most prominent issue raised by the CNIL. Google was being too vague when obtaining consent in the first instance, but when digging deeper the rabbit hole become too complicated.

Information on data processing purposes, the data storage periods or the categories of personal data used for the ad personalization were spread across several pages or documents. It has been deemed too complicated for any reasonable member of the general public to make sense of and therefore a violation of GDPR.

When first obtaining consent, Google did not offer enough clarity on how data would be used, therefore was without legal grounding to offer personalised ads. Secondly, the firm then wove too vexing a maze of red-tape for those who wanted to understand the implications further.

It’ll now be interesting to see how many other firms are brought to the chopping block. Terms of Service have been over-complicated documents for a long-time now, with the excessive jargon almost becoming best practise in the industry. Perhaps this ruling will ensure internet companies make the legal necessities more accessible, otherwise they might be facing the same swinging GDPR stick as Google has done here.

For those who are finding the NOYB acronym slightly familiar it might be because the non-profit recently filed complaints against eight of the internet giants, including Google subsidiary YouTube. These complaints focus on ‘right to access’ clauses in GDPR, with none of the parties responding to requests with enough information on how data is sourced, how long it would be retained for or how it has been used.

As GDPR is still a relatively new set of regulations for the courts to ponder, the complaints from NOYB and LQDN were filed almost simultaneously as the new rules came into force, this case gives some insight into how sharp the CNIL’s teeth are. €50 million might not be a monstrous amount for Google, but this is only a single ruling. There are more complaints in the pipeline meaning the next couple of months could prove to be very expensive for the Silicon Valley slicker.

Privacy champion Max Schrems is back with another lawsuit

The man who is largely credited with the downfall of Safe Harbour has re-emerged from the shadows to take eight of the internet giants to court over GDPR violations.

As user privacy increasingly seems to be an alien concept to Silicon Valley and the other internet players, Austrian data privacy champion Max Schrems has jumped into the limelight once again. This time he is challenged eight internet companies and their data privacy practices, suggesting they are violating Europe’s General Data Protection Regulation (GDPR).

Through a filing with the Austrian Data Protection Authority, by Schrem’s non-profit NOYB, the complaints focus on the ‘right to access’ enshrined in Article 15 GDPR and Article 8(2) of the Chart of Fundamental Rights. Amazon, Apple, DAZN, Filmmit, Netflix, Sound Cloud, Spotify and YouTube are on the receiving end of the lawsuit, with the potential penalties ranging from €20 million through to €8 billion.

“Many services set up automated systems to respond to access requests, but they often don’t even remotely provide the data that every user has a right to,” said Schrems. “In most cases, users only got the raw data, but, for example, no information about who this data was shared with. This leads to structural violations of users’ rights, as these systems are built to withhold the relevant information.”

GDPR is supposed to hand control of personal data back to said individual. Its aim is to hold the digital society accountable to their actions and provide a certain level of justification for holding onto, and potentially monetizing, an individual’s personal information. Several clauses are also aimed at transparency to ensure the user is fully informed, or at least offering the user the opportunity to be, about how these software and services providers commercialise data.

In addition to what raw data is being stored, individuals do now also have the right to know where this data was sourced, the recipients and also the purpose. This is where a few of the complaints are focusing specifically, as this is the information which was absent from some of the responses.

If privacy is an alien concept, then transparency is a dirty, inconceivable word to the internet players. It seems former habits have been hard to shake.

NOYB Snip

As you can see from the table above, Schrems has tested out how some of the internet players have reacted to the introduction of GDPR. Progress has been made, except in the case of Sound Cloud and DAZN, but that is irrelevant. The introduction of GDPR on May 25 2018 was not the starting line to gradually move yourself through to compliance, day one was a hard introduction of the rules. There are some circumstances where companies can avoid penalties, but these are scenarios where non-compliance would be seen as out of the control of the company, or best efforts have been made.

This is where these firms might find themselves in a bit of hot water. An automated response which offers up some information but not all which is required through the new regulation should not be considered good enough. The pair ignoring the requests completely should be very worried about the repercussions. And finally, the Austrian regulator will also have to decide whether four weeks is an appropriate response time or too long. None of these firms are in a safe place right now.

Another interesting aspect will be the readability of the data. In the complaint, Schrems notes the raw data was provided in what would be considered cryptic form for the general public. Users would not be able to read the data therefore it is not being made accessible by the company. Whether this is taken as a violation of GDPR remains to be seen, though Austria could set precedent.

Many of the internet giants have resisted the calls from data privacy advocates and governments around the world, but GDPR is supposed to be a stick to keep the segment in line. These are companies which will want to avoid giving too many details away as the power and depth of the data sharing economy has the potential to spook large swathes of the general public. Too much light shed on data processing and exchanging practices would also offer more ammunition to the blood-thirsty politicians, many of whom are on a PR crusade to make heads roll.

Ultimately this will give us a good indication as to how sharp European regulators’ teeth actually are. In passing GDPR, the European Commission has offered a stick to the pro-privacy regulators, but how hard they swing it remains to be seen. The dreaded ‘up to’ phrase is present when looking at potential fines, so let’s see whether these regulations have the stones to dish out appropriate punishments.