It's a never ending game of whack-a-mole, where Peter Swire already talked about technological escalation wars back in 2012 when chairing the W3C DNT efforts.
It used to be "it's not PII hence privacy legislation doesn't apply". The scope of action with respect to data privacy legislation has broadened, on both sides of the Atlantic.
Yet similar dodging techniques are now also being applied to actual existing and enforced legislation. Under the CCPA, the California Consumer Privacy Act, it's about not going beyond 25 million $ a year in revenue, avoiding employee data and this US based legislation not being applicable to governmental institutions (hail to surveillance capitalism fed by public authorities!).
We've long talked about ePrivacy being unclear while the legislator does move towards applying the GDPR also to digital data.
Those are the legislative loopholes but then also come the technical techniques Simo is going to talk about as we both come to the same conclusion: players are influencing the data, possibly seeing a way to compete not on analytics but on privacy?
As companies, even US based ones such as Apple and Microsoft, recognise privacy to be a fundamental right, let's explore which risks companies are facing and what some of the emerging best practices could look like.
2. @aureliepols
Data Governance & Privacy Engineer
Data is the New infrastructure – Privacy is the New Green – Trust is the New Currency
Dutch nationality, French mother tongue, works in English, lives in Spain
AURELIE POLS,
DATA GOVERNANCE
& PRIVACY ENGINEER
• DPO for mParticle (Customer Data platform) – contractor (USA, New York)
• Chief Visionary Officer – Competing on Privacy; Founder – Aurélie Pols and Associates
• Professor of Ethics & Privacy in Big Data & Business Analytics Master – Instituto de Empresa (IE), Madrid (ES);
visiting fellow DPO certification courses Maastricht University, faculty of law (NL) & Solvay Business School Brussels (B)
• Board Member European Center On Privacy and Security, Maastricht University (NL)
• Ethics Advisory Group (EAG) – European Data Protection Supervisor (EDPS) Towards a digital ethics
• Former Vice-chair P7002 – Data Privacy Process – IEEE
• Speaker/writer/consiglieri: Mobile World Congress, SWSX, Strata (+ Hadoop World), IAPP, Piwik, AT Internet, industry
associations, AdTech & MarTech vendors, …
2003:
OX2 Co-founder
Webanalytics.be
2008:
Sold to Digitas LBi
(Publicis)
2
10. ePrivacy
Where are we now?
• No where?
• Cf. Thierry Breton..
• Off the table or further
amended?
• Stuck in council
• January 21 update from
Croatia: on the roadmap
https://iapp.org/news/a/croati
an-presidency-tempers-
expectations-on-eprivacy-
progress/