“(…) then is the GDPR just a kind of collective hallucination?”Dr. Johnny Ryan – Adtech scores a pandemic pause from UK privacy oversight.
I don’t think this is an “unexpected upside” as TechCrunch put it. Instead, it is a step back on what used to be the biggest internet privacy movement. It is good news for the ad networks relying heavily on user data for targeting purposes.
Dr. Johnny Ryan is Chief Policy & Industry Relations Officer at Brave, one of my favorite privacy-first browsers. They have been tracking RTB (real-time bidding) data breaches and were using GDPR as a battle flag.
It makes sense that the ICO (information commissioner’s office) decides to pull back resources on RTB breaches investigations, as the COVID-19 became a more pressing priority.
I read one of Dr. Ryan’s papers, “Behavioural advertising and personal data“. He is claiming that ad networks, like Google, track your movements, store your IP and device information, and share it with partners (DSP like SmartlyAds, for example.) without any consent (which is true.)
I used to be one of the software engineers working on tracking technologies, and I can tell you is far from accurate. Removing cookies is indeed a way to disincentive the pinpoint of anonymous users. The truth is that once you log into a network, like Facebook, cookies are useless, and first-party data becomes the more accurate way to know that it is you.
I’m in favor of protecting the privacy of anonymous users, but to ICO’s decision, we have a bigger problem to solve with COVID-19 right now.