Privacy International lines up US firms for GDPR breaches

UK data protection and privacy advocacy group Privacy International has submitted complaints to European watchdogs suggesting GDPR violations at several US firms including Oracle, Equifax and Experian.

The complaints have been submitted to regulators in the UK, Ireland and France, bringing the data broker activities of Oracle and Acxiom into question, as well as ad-tech companies Criteo, Quantcast and Tapad, and credit referencing agencies Equifax and Experian. The complaints are specifically focused on the depth of personal data processing, which Privacy International believes violates Articles five and six of the General Data Protection Regulation (GDPR).

“It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect,” a Privacy International statement read. “Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more stringent obligations on those processing personal data, and provides for stronger regulatory enforcement powers – in theory. In practice, the real test for GDPR will be in its enforcement.

“Nowhere is this more evident than for data broker and ad-tech industries that are premised on exploiting people’s data. Despite exploiting the data of millions of people, are on the whole non-consumer facing and therefore rarely have their practices challenged.”

The GDPR Articles in question relate to the collection and processing of information. Article Five dictates a company has to be completely transparent in how it collects and processes information, but also the reasons for doing so. Reasonable steps must be taken to ensure data is erased once the purpose has been fulfilled, this is known as data minimisation. Article Six states a company must seek consent from the individual to collect and process information for an explicit purpose; broad brush collection, storage and continued exploitation of data is being tackled here.

In both articles, the objective is to ensure companies are being specific in their collection of personal information, and that it is utilised in a timely manner before being deleted once it has served its purpose. These are two of the articles which will hit the data-sharing economy the hardest, and it will be interesting to see how stringently GDPR will be enforced if there is any evidence of wrong-doing.

This is where Privacy International is finding issue with the firms. The advocacy group is challenging the business practises on the principles of transparency, fairness, lawfulness, purpose limitation,

data minimisation, accuracy and integrity and confidentiality. It is also requesting further investigations into Articles 13 and 14 (the right to information), Article 15 (the right of access), Article 22 (automated decision making and profiling), Article 25 (data protection and by design and default) and Article 35 (data protection impact assessments).

While GDPR sounds very scary, the reality is no-one has been punished to the full extent of the regulation yet. This might be because every company has taken the guidance on effectively and is operating entirely within the legal parameters, though we doubt this is the case. It is probably a case of no-one being caught yet.

The threat of a €20 million fine, or one which is up to 3% of a business’ total revenues, is nothing more than a piece of paper at the moment. If there is no evidence or fear authorities will punish to the full extent of the law, GDPR doesn’t act as much of a protection mechanism or a deterrent. When a genuine violation of GDPR is uncovered, Europe needs to bear its teeth and demonstrate there will be no breathing room.

This has been the problem for years in the technology industry; fines have been dished out, though there has been no material impact on the business. The staggering growth of revenues in the industry has far exceeded the ability of regulators to act as judge and executioner. Take the recent fines for Apple and Samsung over planned obsolescence in Italy. The $10 million and $5 million fines for Apple and Samsung would have taken 20 and 16 minutes respectively to pay off. This is not good enough.

Regulators now have the authority to hold the suspect characters in the industry accountable for nefarious actions concerning data protection and privacy, but it has to prove itself capable of wielding the axe. Until Europe shows it has a menacing side, nothing will change for the better.

Europe lets Ireland off the hook after €13bn Apple tax collection

After the Irish government announced it has recovered Apple’s €13 billion tax debt, the European Commission has confirmed it will also drop its lawsuit against the country.

Having begrudgingly collected €13 billion in back taxes from the iLeader, it seems the Irish government has jumped through enough hoops to avoid the courtroom and having to explain why it was willing to help Apple’s tax avoidance strategy.

“In light of the full payment by Apple of the illegal State aid it had received from Ireland, Commissioner Vestager will be proposing to the College of Commissioners the withdrawal of this court action,” Commission spokesman Ricardo Cardoso said in an email statement to Reuters.

While the lawsuit, which was filed on the grounds Apple was receiving illegal tax benefits, was filed last year, Ireland did not collect the first payment until May. That said, the full amount has been collected, currently placed in escrow due to an Irish appeal, and it would seem this is enough for the European Commission.

“While the Government fundamentally disagrees with the Commission’s analysis in the Apple State Aid decision and is seeking an annulment of that decision in the European Courts, as committed members of the European Union, we have always confirmed that we would recover the alleged State Aid,” Irish Finance Minister Paschal Donohoe said.

Ireland is clearly not happy, though you can understand why. In allowing Apple to conduct ‘creative’ accounting practises, the technology industry has thrived in the country. Apple is not the sole reason for this recovery, though it would certainly be a contributing factor. €13 billion is of course a lot of money, though a technology renaissance has meant a lot more to the Irish economy and society. No wonder Ireland was content in keeping Apple happy.

What is always worth remembering is the employment history of European Commission President Jean-Claude Juncker. Prior to bagging the top job in Brussels, Juncker was the 23rd Prime Minister of Luxembourg and also the Minister for Finances, during which time the country turned into a major European centre of corporate tax avoidance. This was also a time Juncker spent a considerable amount of time secretly blocking EU efforts to tackle tax avoidance by multinational corporations.

But at least he’s willing to sue Ireland for facilitating tax avoidance now it suits his agenda.

Iliad takes a bite of Irish telco Eir

French operator Iliad has teamed up with its founders private investment vehicle, NJJ, to buy a majority stake in Ireland’s largest telco, Eir.

As part of the new deal, Iliad will pay roughly €320 million to acquire 31.6% of Eir, while NJJ will take 32.9%, while existing shareholders Anchorage Capital Group and Davidson Kepner will retain a combined 35.5% of the Irish telco. While this is a minority stake for the moment, there are options for Iliad to take operational control of the telco in 2024.

The call option is exercisable in 2024 and would enable Iliad to acquire 80% of NJJ’s stake in Eir, at a 12.5% discount of fair market value. This discount would be determined by an independent valuation expert.

Such an acquisition will serve to feed Iliad’s geographical diversification ambitions, offering a strong entry into the Irish market. Aside from the domestic French market, Iliad has made moves into Switzerland and Italy also.

Eir is currently the market leader on the fixed line side, commanding a 32% market share, while it is in an attractive challenger position for mobile, holding 18% of the market. Revenues across Eir for the financial year ending June 2017 stood at €1.3 billion.

The news follows several months of debt restructuring for the Irish telco, and upon completion of the deal, its current CEO Richard Moat has said he will step down. The new management team will be determined by Iliad and NJJ.

Huawei goes on a road-trip

Networking vendor Huawei’s quest for global domination shows no sign of slowing in the run up to Christmas, with raids on Dublin and Cairo.

There’s nothing Huawei likes more than photos of people in business attire, symbolically shaking hands or signing important-looking pieces of paper. Visits to Trinity College, Dublin and the Cairo ICT conference afforded rich pickings for the company photographer.

A new research partnership with Trinity is, we’re told, emblematic of Huawei’s growing R&D footprint in Ireland. Rotating CEO Guo Ping and Patrick Prendergast – Provost of Trinity – can be seen below holding up bits of paper in time-honoured fashion. Apparently Huawei is dropping $21 million on R&D in Ireland this year.

Huawei Dublin

“Huawei’s continued investment in Ireland illustrates the innovative technology ecosystem we have developed, with more and more major international tech firms basing and growing their operations here,” said Irish Taoiseach Leo Varadkar (pictured below, with Guo Ping). “The company’s new research partnership with Trinity and its expanding R&D footprint across its Dublin, Cork and Athlone operations are a strong endorsement of Ireland’s tech credentials and illustrates Huawei’s ongoing commitment to its Irish operations. Bilateral trade between Ireland and China is now worth over €12 billion each year, and by strengthening our links with companies like Huawei we can increase this further in the years ahead.”

Huawei Varadkar

Meanwhile Huawei launched the Cairo OpenLab in… Cairo, during the Cairo ICT 2017 conference, also, conveniently, in Cairo. It managed to get a bunch of dudes to take a commemorative photo of the occasion, which you can see at the top of this piece.

“We established the OpenLab in Cairo so that we can make full use of the advantages of Egypt and serve all of Northern Africa,” said Ni Zheng, President of Huawei Enterprise Business Group, Northern Africa Region. “First, the ICT industry market in Cairo is relatively mature and its marketing capabilities influence surrounding countries.

“Second, Egypt recognizes the significance of industrial digital transformation, and the local industry chain ecosystem supports this transition for a number of industry enterprises. In addition, the education industry in Egypt is relatively well developed, with more than half of the top 15 African universities of UK QS Ranking located in Egypt, also contributing to the advancement of the region.”

Lastly, back in China, Huawei Wireless X Labs was instrumental in the creation of a Wireless Connected Factory Special Interest Group (SIG). This is actually the third SIG this bit of Huawei has got involved in, and looks set to be a cracker, with half of the company apparently involved in the inevitable photo (below).

“The mission of exploring future wireless use cases lies with X Labs,” said Ying Weimin, Huawei Wireless R&D President. “Huawei hopes that SIGs such as those set up by X Labs can discover and inspire many more 5G use cases and promote 5G technologies’ application in future smart manufacturing. Such efforts will contribute to the rise of connected factories. Huawei will work diligently alongside its partners to simulate further growth and innovation.”

Huawei SIG

Amazon is latest focus of Europe’s tax raid on US tech companies

The European Commission has ruled that Luxembourg illegally let Amazon off €250 million of taxes and must now get them back.

This is the latest round of a general purge by the EC of European countries effectively bribing US tech companies to use them as their European hub by dangling the carrot of reduced taxes. Last year the EC ruled that Apple owed Ireland €13 billion in back taxes, on which more later.

“Luxembourg gave illegal tax benefits to Amazon,” said Commissioner Margrethe Vestager. “As a result, almost three quarters of Amazon’s profits were not taxed. In other words, Amazon was allowed to pay four times less tax than other local companies subject to the same national tax rules. This is illegal under EU State aid rules. Member States cannot give selective tax benefits to multinational groups that are not available to others.”

On one level this seems fair enough; why should big companies get special tax treatment? On the other hand you could argue that if a country wants to use the tax system to general local jobs then that’s its business, so this comes down to a matter of sovereignty. But unless countries are going to take the brave step of leaving the EU then they have to put up with it. Here’s a handy infographic if you’re struggling to get your head around the matter.

EC Amazon tax

The EC has also piped up on the matter of Apple’s Irish billions, grassing Ireland up to the European Court of Justice for dragging its feet over the matter. Ireland politely disagreed with the original decision and accordingly doesn’t seem to have acted on it, hence the referral to the ECJ.

“Ireland has to recover up to 13 billion euros in illegal state aid from Apple,” said Vestager. “However, more than one year after the Commission adopted this decision, Ireland has still not recovered the money, also not in part. We of course understand that recovery in certain cases may be more complex than in others, and we are always ready to assist. But member states need to make sufficient progress to restore competition. That is why we have today decided to refer Ireland to the EU Court for failing to implement our decision.”

While it’s safe to assume the phrase ‘feckin euro eejits’ may have been uttered at subsequent Irish cabinet meetings, it’s hard to see what alternatives they have. This escalation by Europe, however, may at least give Ireland more legal weapons to use in its bid to recover the cash and it wouldn’t be surprising if the sanctions against Apple start ramping if it doesn’t make more of an effort to resolve the matter.

Lastly, in other Ireland/ECJ news, the latter has been asked to rule on the case brought by Austrian Lawyer Max Schrems, challenging the Safe Harbour/Privacy Shield system whereby US companies can transfer European data to the US. This specifically concerns Facebook which, by complete coincidence, is based in Ireland. We’ve no doubt it pays absolutely loads of tax there but Ireland has nonetheless asked the ECJ to make a ruling on the matter, the details of which you can access here.

BT confidence Sky-high after Irish contract win

Sky Ireland has signed an exclusive wholesale contract with BT Ireland for its rollout of ultrafast broadband across the country.

As part of the agreement, BT will provide Sky Ireland with various different services, including backhaul network, to help bring its ultrafast broadband offering to the market. Part of this rollout includes rural homes which are included in the National Broadband Plan.

“This deal with BT reflects our continued commitment to investment in infrastructure in Ireland and will mean our customers can avail of the highest fibre speeds in the country across the widest possible footprint,” said JD Buckley, MD of Sky Ireland. “It will also allow us to bring fibre to currently underserved rural customers as part of the Government’s National Broadband Plan.”

“We are delighted that Sky Ireland chose BT to support the next phase of its rollout of next generation broadband technology,” said Shay Walsh, MD of BT Ireland. “It’s great news for the market in general, because competition brings choice and now consumers and businesses will have more providers to choose from for phone and broadband services.”

BT Ireland claims to be the only ‘access agnostic provider’ of wholesale broadband services in Ireland, counting more than 50 providers as customers.