paint-brush
Post-GDPR: What’s left to do?by@michielmulders
642 reads
642 reads

Post-GDPR: What’s left to do?

by Michiel MuldersJuly 1st, 2018
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

The ongoing abuses and data breaches that have compromised our data highlight the extent to which today’s ad-tech model is flawed. Over the last few weeks alone, data leakage from powerful companies like Yahoo, Uber, Equifax, Twitter and lately the Facebook-Cambridge Analytica scandal are examples of current and growing problems in this area.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Post-GDPR: What’s left to do?
Michiel Mulders HackerNoon profile picture

The ongoing abuses and data breaches that have compromised our data highlight the extent to which today’s ad-tech model is flawed. Over the last few weeks alone, data leakage from powerful companies like Yahoo, Uber, Equifax, Twitter and lately the Facebook-Cambridge Analytica scandal are examples of current and growing problems in this area.

Overall impact

The General Data Protection Regulation came into effect May 25, 2018. It has not only affected European organisations, as well as businesses that serve customers who are EU citizens. This regulation update sounds like an adversity to lots of business owners, but don’t we all want our data privacy?

Yes, it’s a costly and annoying operation to be compliant to GDPR. However, if there is one thing that people know about the GDPR it’s that GDPR fines (administrative fines) can go up to 20 million Euros or 4 percent of annual global turnover, whichever of both is highest (upper-level fines).

Data giants Facebook and Google

Within the first hours of GDPR enforcement, Facebook, Google, Instagram, and Whatsapp have been hit with a raft of lawsuits accusing the companies of coercing users into sharing personal data. The lawsuits, which seek to fine Facebook 3.9 billion and Google 3.7 billion Euro, were filed by Austrian privacy activist Max Schrems, a longtime critic of the companies’ data collection practices.

Privacy-advocacy group Noyb.eu [1] said the four companies are forcing people to adopt a “take it or leave it” approach with regard to privacy — essentially demanding that users submit to intrusive terms of service. Tons of ‘consent boxes’ popped up online or in applications, often combined with a threat, that the service cannot longer be used if user[s] do not consent…

GDPR is not meant to make people stop using online services they depend on, it’s only here to provide better protection for your data. Facebook and other online platforms are playing a dirty game with there “take it or leave it” attitude.

What’s left to do?

One problem users are still facing post- GDPR is the dispersal of their data across the web. Since a user’s data is being collected every time they shop, post on social media, read an article or search for something online, they need to knock on a lot of doors to access their data from all the various digital companies that are harvesting their personal information [2].

In addition, GDPR won’t stop data breaches. Technology moves too fast to make data breaches inevitable. Centralized storage systems, for housing all the data a business gathers on its users, will still be a beacon for hackers and vulnerable to attack.

Possible solutions

In the world of blockchain, a self-sovereign identity is one of the newest innovations towards data privacy and data control. Self-sovereign identity is a concept, where an individual is able to control his/her identity attributes (that is, the pieces of personal data), no matter where they reside in. The control over the identity attributes is asserted by creating trust relationship between the data owner (individual) and the holder (e.g. organization). These identity attributes (aka “claims”) can then be freely used and distributed by the owner [3].

This means that I can request control over my personal data (for example, my health records) and then distribute that data at will, in a digital format.

One possible answer that implements a similar concept is offered by the Liberdy Data Foundation, a non-profit made for users to protect their own data. It leverages the GDPR and the power of blockchain technology to turn users into data owners, enabling them to be paid for the use of their data.

Liberdy uses an application that integrates with popular data giants like Google, Facebook, Twitter, Amazon, Instagram and more. The app enables users to take back control over their data by exporting the data from the digital providers and anonymizing their data, so it’s impossible to find out who the data belongs to.

In this context, data giants can still use users’ data to display personalised ads, however, the user is compensated every time their data is consulted. In addition, a user can decide to stop sharing his data with a certain app so he will not be targeted but he can continue to use the app. In this solution, blockchain technology adds transparency and security, which is much needed to change the data privacy landscape drastically. No single entity like Google or Facebook is able to control and abuse your data as every usage is registered in the ledger.

The General Data Protection Regulation limits the stronghold of large corporations over user data and limits their ability to hold and use personal information, which marks a landmark for user data liberation, creating a unique window to build a new and enduring ad-tech ecosystem.

More importantly, the Liberdy Data Foundation is breaking new ground in terms of enabling users to reclaim control over their data and be compensated for its use. If you want to find out more about the project, you can join their communities: Telegram, Twitter, Facebook or Linkedin.

An interview with Koby Ram — CEO Liberdy.io

This is an extract from an interview with CEO Koby Ram.


_What’s the reason for creating Liberdy?_“As ad-tech veterans, we’ve watched the industry struggling to compete with Google and Facebook’s dominance. When we looked for a way to change the balance of power, we realised that Data could be the key. We all understand that Data is the new oil, but how much does it cost? How much do get for producing 1 unit of Data? This is exactly where blockchain comes in as the token economy enables us to establish a Data marketplace where the value of the data is the price of the token.”

Koby Ram noticed the online struggles user have to aggregate all the data they have created online. The data portability clause in the GDPR regulation says that every user has right to get a digital copy of his or her personal data and can transfer that file anywhere he or she chooses to.

“Liberdy is also on a mission to create a more fair and democratic data marketplace that redresses the balance of power for users. We are committed to creating a more secure and transparent data ecosystem, that for the first time, puts the user in control and pays them for the use of their personal data.”

Current issues ad-tech industry?

  • Lack of transparency and accuracy.
  • Market concentration: 70% of the mobile advertising industry is controlled by Facebook and Google alone.
  • We pay more and get a bad service because there is not much competition.

What do you think about GDPR? Is it sufficient to protect users’ data or do we need to elaborate on these rules?

“It’s a start. We are also hearing about possible steps to regulating privacy in California in the States. The GDPR is a groundbreaking law that acknowledges that the users have a right for privacy and that they need to be in control of their data and how it is being used. It is the foundation for an equal triangular relationship where users become an equal partner in the advertising ecosystem which up until now was all about publishers and advertisers.”

Koby believes that more jurisdictions will follow the trend and work towards regulation that protects our privacy. 10 years from now, all programmatic advertising will be based on consent and Liberdy will be at the front providing the hub for all GDPR data.

Disclaimer: This is a promoted article.

Sources



[1] CNET, Sean Keane on GDPR fines.[2] Liberdy.io on post-GDPR effects.[3] Antti Kettunen on self-sovereign identity.