Conversation
buherator
buherator
Edited 8 months ago
Is EU's fight against the "pay or consent model" about generally restricting the commercialization of private information?
Suppose that Meta obeys EU's will, and becomes paid only (I know, absurd, but this is just an example). Also, I fund a company that pays you for installing our spyware on your phone. Now people can use Meta by selling their PII, with an extra step.
Would be my business legal in the EU? If so, what makes Meta's "pay or consent" model special?
Edit, for clarity: Does the EU want to restrict the commercialization of PII in general (my company would be illegal, you can't deal PII here), or do they only see "pay or consent" as naughty? If the latter, why?
#privacy #EU
Suppose that Meta obeys EU's will, and becomes paid only (I know, absurd, but this is just an example). Also, I fund a company that pays you for installing our spyware on your phone. Now people can use Meta by selling their PII, with an extra step.
Would be my business legal in the EU? If so, what makes Meta's "pay or consent" model special?
Edit, for clarity: Does the EU want to restrict the commercialization of PII in general (my company would be illegal, you can't deal PII here), or do they only see "pay or consent" as naughty? If the latter, why?
#privacy #EU
3
1
0
@stf OK so the users of my theoretical company definitely give consent (you don't have to install my app if you don't want to sell your PII), and can subscribe to paid FB with the money they earn. This is fine, right?
My point would be that this is the same as "pay or consent", only the latter is much more user-friendly.
E.g. FB can copy/buy my company, and create an USD balance for each user, that grows with harvested data and drains with social interaction.
My point would be that this is the same as "pay or consent", only the latter is much more user-friendly.
E.g. FB can copy/buy my company, and create an USD balance for each user, that grows with harvested data and drains with social interaction.
1
0
0
buherator
buherator
OK I read up on this and things are becoming clearer.
DMA is not a privacy but an anti-trust regulation, so it works that way, _selectively_ regulating entities based on their market power. So the problem is not the "pay or consent" model, but Facebook specifically hoarding data. If my theoretical micro company wanted, it could operate like this.
I'm not sure though, that attacking a problem this way wouldn't result in small enough players hoarding data until they grow large enough to be regulated (the seeds of the problem remain)? Is having a number of small data hoarders qualitatively better than having one large one (considering all of the loot can be bought by EvilCorp)?
I guess such questions will be resolved in new anti-trust cases, lawyers need to put food on the table...
/cc @stf
DMA is not a privacy but an anti-trust regulation, so it works that way, _selectively_ regulating entities based on their market power. So the problem is not the "pay or consent" model, but Facebook specifically hoarding data. If my theoretical micro company wanted, it could operate like this.
I'm not sure though, that attacking a problem this way wouldn't result in small enough players hoarding data until they grow large enough to be regulated (the seeds of the problem remain)? Is having a number of small data hoarders qualitatively better than having one large one (considering all of the loot can be bought by EvilCorp)?
I guess such questions will be resolved in new anti-trust cases, lawyers need to put food on the table...
/cc @stf
1
0
0
buherator
buherator
@stf OK so I read that piece again and I find it very manipulative with slippery slope arguments and implying that FB (and other social media) is a public utility that people just _must_ use. This is wrong.
A reasonable point they make is that a) ppl seriously undervalue their data and at the same time b) FB overprices privacy even compared to its real market value. This effectively means that FB has an obscene EUR/privacy exchange rate, that probably should be sanctioned. Point a) is still a major issue though, and "pay or consent" may have the benefit of showing people how much value their data has (similarly to how price tags without VAT help you understand how much money the gov is really taking from you when you face the real cost of your basket at check out).
As for going against a single business model (instead of regulating the exchange of particular goods in general), see my previous argument.
A reasonable point they make is that a) ppl seriously undervalue their data and at the same time b) FB overprices privacy even compared to its real market value. This effectively means that FB has an obscene EUR/privacy exchange rate, that probably should be sanctioned. Point a) is still a major issue though, and "pay or consent" may have the benefit of showing people how much value their data has (similarly to how price tags without VAT help you understand how much money the gov is really taking from you when you face the real cost of your basket at check out).
As for going against a single business model (instead of regulating the exchange of particular goods in general), see my previous argument.
1
0
1
Wow, I didn't know this cash-for-data scheme was actually implemented, but apparently it was, by FB itself :O
https://techcrunch.com/2019/01/29/facebook-project-atlas/
/cc @stf
https://techcrunch.com/2019/01/29/facebook-project-atlas/
/cc @stf
0
1
2