UK privacy watchdog warns adtech the end of tracking is nigh – TechCrunch

UK privacy watchdog warns adtech the end of tracking is nigh – TechCrunch

It’s been well over two years since the UK’s data protection watchdog warned the behavioural advertising industry it’s wildly out of control.

The ICO hasn’t done anything to stop the systematic unlawfulness of the tracking and targeting industry abusing Internet users’ personal data to try to manipulate their attention — not in terms of actually enforcing the law against offenders and stopping what digital rights campaigners have described as the biggest data breach in history.

Indeed, it’s being sued over inaction against real-time-bidding’s misuse of personal data by complainants who filed a petition on the issue all the way back in September 2018.

But today the UK’s (outgoing) information commissioner, Elizabeth Denham, published an opinion — in which she warns the industry that its old unlawful tricks simply won’t do in the future.

New methods of advertising must be compliant with a set of what she describes as “clear data protection standards” in order to safeguard people’s privacy online, she writes.

Among the data protection and privacy “expectations” Denham suggests she wants to see from the next wave of online ad technologies are:

• engineer data protection requirements by default into the design of the initiative;

• offer users the choice of receiving adverts without tracking, profiling or targeting based on personal data;

• be transparent about how and why personal data is processed across the ecosystem and who is responsible for that processing;

• articulate the specific purposes for processing personal data and demonstrate how this is fair, lawful and transparent;

• address existing privacy risks and mitigate any new privacy risks that their proposal introduces

Denham says the goal of the opinion is to provide “further regulatory clarity” as new ad technologies are developed, further specifying that she welcomes efforts that propose to:

• move away from the current methods of online tracking and profiling practices;

• improve transparency for individuals and organisations;

• reduce existing frictions in the online experience;

• provide individuals with meaningful control and choice over the processing of device information and personal data;

• ensure valid consent is obtained where required;

• ensure there is demonstrable accountability across the supply chain;

The timing of the opinion is interesting — given an impending decision by Belgium’s data protection agency on a flagship ad industry consent gathering tool. (And current UK data protection rules share the same foundation as the rest of the EU, as the country transposed the General Data Protection Regulation into national law prior to Brexit.)

Earlier this month the IAB Europe warned that it expects to be found in breach of the EU’s General Data Protection Regulation, and that its so-called ‘transparency and consent’ framework (TCF) hasn’t managed to achieve either of the things claimed on the tin.

But this is also just the latest ‘reform’ missive from the ICO to rule-breaking adtech.

And Denham is merely restating requirements that are derived from standards that already exist in UK law — and wouldn’t need reiterating had her office actually enforced the law against adtech breache(r)s. But this is the regulatory dance she has preferred.

This …….


Advertise online