Today I filed a formal complaint against #YouTube with the Irish Data Protection Commissioner for their illegal deployment of #adblock detection technologies.
Under Article 5(3) of 2002/58/EC YouTube are legally obligated to obtain consent before storing or accessing information already stored on an end user's terminal equipment unless it is strictly necessary for the provisions of the requested service.
In 2016 the EU Commission confirmed in writing that adblock detection requires consent.
There’s a whole area of legislation called contract law. An exchange of value requires consideration, ie payment. They invite you in for free, then take your data without consideration. In particular, you only have use of the website while you visit it and so long as they host it in that current form, but they claim rights to your data in perpetuity. They have no obligation to continue hosting the website, because that is a separate arrangement to the data collection.
It’s how things have been going so far, but the law always takes a long time to catch up with new innovation. The law is not always right or comprehensive, which is why it has a facility to be changed. The GDPR cookie splash screen was the first real attempt at this, it falls well short but if everything works as it should then further laws should come.
Frankly though, I think what should happen is that businesses should be allowed to continue collecting data as they are, but their raw dataset should be publicly available for a small nominal fee. This way Google et al can still keep their proprietary data processing magic to themselves, but everyone can make use of the datasets and drive competition. It also gives people a reasonable opportunity to actually see their data, and act accordingly.
Businesses will complain about giving away “their” data, but the reality is that the data belongs to the users and the business merely has a licence. The cat is already out of the bag and it’s not practicable to put it back in, so the best choice is to embrace it openly.
There’s a whole area of legislation called contract law. An exchange of value requires consideration, ie payment. They invite you in for free, then take your data without consideration. In particular, you only have use of the website while you visit it and so long as they host it in that current form, but they claim rights to your data in perpetuity. They have no obligation to continue hosting the website, because that is a separate arrangement to the data collection.
It’s how things have been going so far, but the law always takes a long time to catch up with new innovation. The law is not always right or comprehensive, which is why it has a facility to be changed. The GDPR cookie splash screen was the first real attempt at this, it falls well short but if everything works as it should then further laws should come.
Frankly though, I think what should happen is that businesses should be allowed to continue collecting data as they are, but their raw dataset should be publicly available for a small nominal fee. This way Google et al can still keep their proprietary data processing magic to themselves, but everyone can make use of the datasets and drive competition. It also gives people a reasonable opportunity to actually see their data, and act accordingly.
Businesses will complain about giving away “their” data, but the reality is that the data belongs to the users and the business merely has a licence. The cat is already out of the bag and it’s not practicable to put it back in, so the best choice is to embrace it openly.