Filters








2,209 Hits in 4.7 sec

GDPR Myopia: how a well-intended regulation ended up favouring large online platforms - the case of ad tech

Damien Geradin, Theano Karanikioti, Dimitrios Katsifis
2020 European Competition Journal  
In addition, the GDPR has given large platforms a tool to harm rivals by restricting access to the data they need to compete effectively.  ...  This paper argues that while the GDPR has arguably delivered positive outcomes by enhancing the protection afforded to data subjects, it has also had adverse effects on competition by strengthening the  ...  Acknowledgements The authors advise a variety of ad tech vendors and publishers, including on matters adverse to Google. The views expressed in this paper are the authors' only.  ... 
doi:10.1080/17441056.2020.1848059 fatcat:m6omgqcqyjcnndkh2m5qipi3jm

The Unwanted Sharing Economy: An Analysis of Cookie Syncing and User Transparency under GDPR [article]

Tobias Urban, Dennis Tatang, Martin Degeling, Thorsten Holz, Norbert Pohlmann
2018 arXiv   pre-print
In this paper, we study and evaluate the effect of the GDPR on the online advertising ecosystem.  ...  Furthermore, we analyze the right to data portability by evaluating the subject access right process of popular companies in this ecosystem and observe differences between the processes implemented by  ...  Acknowledgment This work was partially supported by the Ministry of Culture and Science of the German State of North Rhine-Westphalia (MKW grant 005-1703-0021 "MEwM" and "NERD.NRW") and the German Federal  ... 
arXiv:1811.08660v1 fatcat:fefujj2xzra2pjbycsxraytnci

Reflections on the murky legal practices of political micro-targeting from a GDPR perspective

Cristina Blasi Casagran, Mathias Vermeulen
2021 International Data Protecion Law  
study, the possibility to withdraw a user's consent from being micro-targeted on Facebook has been explored. 44 After navigating through all options accessible to Facebook users, it was concluded that  ...  Under the GDPR, data profiling is not forbidden, but it is subject to certain restrictions. 58 Such profiling practices need to be transparent and easily accessible, as the data subject whose data is profiled  ... 
doi:10.1093/idpl/ipab018 fatcat:mk6ossj5nrbnjkn5iy2ql2isma

Privacy Screening of Online Game Platforms: A Case Study of "Gamecell"

Leyla Keser Berber, Ayça Atabey
2020 Annales de la Faculté de Droit d'Istanbul  
Despite strong legal instruments in most countries on data protection and privacy, there is still a need to see child privacy on the ground.  ...  To that extent, this paper looks into Gamecell -a popular online game platform -by addressing "accountability" of the platforms based on their data protection and privacy obligations under the relevant  ...  after their access to the"Content"s on"Gamecell"and advertising applications can be realized to the "User" accordingly."  ... 
doi:10.26650/annales.2020.69.0007 fatcat:lr5c4vltajbe5dven4jejgompa

Information asymmetries: recognizing the limits of the GDPR on the data-driven market

Peter J. van de Waerdt
2020 Computer Law and Security Review  
Online search engines, social media platforms, and targeted advertising services often employ a "data-driven" business model based on the large-scale collection, analysis, and monetization of personal  ...  Consumers are thus faced with an insurmountable lack of transparency which is inherent in, as well as the inevitable consequence of, the magnitude of the information asymmetries present on the data-driven  ...  even after the EU intervention of the GDPR.  ... 
doi:10.1016/j.clsr.2020.105436 fatcat:z4ek66qgd5d25jrmkalfw7g72a

Did App Privacy Improve After the GDPR?

Nurul Momen, Majid Hatamian, Lothar Fritsch
2019 IEEE Security and Privacy  
The data collection was done with the A-ware data capture tool described in [4] , [5] . The data is stored in an online collection database [6] .  ...  Therefore, our study looks for the changes in the developers permission declarations before and after the adoption of the GDPR.  ...  His research interests focus on privacy-enhancing technologies, transparency, usability, mobile communications, and data protection, particularly the security and privacy aspects of access-control models  ... 
doi:10.1109/msec.2019.2938445 fatcat:wh7te5ixyvexbmki4zof6ndvhi

Unpacking the "European approach" to tackling challenges of disinformation and political manipulation

Iva Nenadić
2019 Internet Policy Review  
The European Commission (EC) has recognised the exposure of citizens to online disinformation and micro-targeting of voters based on the unlawful processing of personal data as one of the major challenges  ...  In a response, the EC has put in place several measures creating a "European approach".  ...  There is still limited evidence on the reach of online disinformation in Europe, but a study conducted by Fletcher et al. (2018) suggests that even if the overall reach of publishers of false news is  ... 
doi:10.14763/2019.4.1436 fatcat:3bchdcxakvdybayfqe4lef3r5q

Personal Data as a Market Commodity in the GDPR Era: A Systematic Review of Social and Economic Aspects

Aleksei Zelianin
2021 Acta Informatica Pragensia  
This paper analyses and summarizes existing and emerging social and economic trends, implications and issues caused by clashes between European legislation on personal data protection (the GDPR) and current  ...  Utilizing both quantitative and qualitative data, the article attempts to scrutinize the implications of the conflict between the rising demand for privacy and personal data protection on the one hand  ...  According to one of the studies conducted by TRUSTe/NCSA, 92% of online customers consider data security and privacy as a concern (TrustArc, 2021) .  ... 
doi:10.18267/j.aip.168 fatcat:du5bc3eezzffvl3kmgqa5bkfa4

Tracking in apps' privacy policies [article]

Konrad Kollnig
2021 arXiv   pre-print
We analysed 15,145 privacy policies from 26,910 mobile apps in May 2019 (about one year after the GDPR came into force), finding that only opening the policy webpages shares data with third-parties for  ...  Data protection law, including the General Data Protection Regulation (GDPR), usually requires a privacy policy before data can be collected from individuals.  ...  The data collection was conducted on 11 May 2019, about one year after the GDPR came into force.  ... 
arXiv:2111.07860v2 fatcat:njer4bao2fd5tbcizkxp6mhuf4

Automating GDPR Compliance Verification for Cloud-hosted Services

Masoud Barati, George Theodorakopoulos, Omer Rana
2020 2020 International Symposium on Networks, Computers and Communications (ISNCC)  
Cloud-hosted business processes require access to customer data to complete a transaction, to improve a customer's on-line experience or provide useful product recommendations.  ...  the same abstraction, and implement the abstraction in a model checking tool (Uppaal) in order to automatically verify compliance of business process activities with GDPR.  ...  Access activity: Let t k be a reachable state just after the execution of access operation α in a timed automaton p.  ... 
doi:10.1109/isncc49221.2020.9297309 fatcat:jv6ss4mz7bcmja6q6kgtdpn5sm

Web Tracking Under the New Data Protection Law: Design Potentials at the Intersection of Jurisprudence and HCI

Timo Jakobi, Gunnar Stevens, Anna-Magdalena Seufert, Max Becker, Max von Grafenstein
2020 I-COM: A Journal of Interactive and Cooperative Media  
One example of this is web tracking: It helps designers to improve the utility and usability of their websites based on, in part, extensive (personal) data collection, or enable operators to finance them  ...  The GDPR regulates at present the handling with personal data fundamentally new and thereby opens new leeway. At the same time, it creates great uncertainty among those affected.  ...  [61] show, counterintuitively, explicitly opting-out of online behavioural advertising leaves companies with room to still track users, even after introduction of GDPR.  ... 
doi:10.1515/icom-2020-0004 fatcat:r4jx7frqk5g2leze3cid7m4fui

Data is power: Towards additional guidance on profiling and automated decision-making in the GDPR

Frederike Kaltheuner, Elettra Bietti
2018 Journal of Information Rights Policy and Practice  
provide the strongest protections for data subjects.  ...  In contrast to automated decision-making, profiling is a relatively novel concept in European data protection law.  ...  A 2015 study by Carnegie Mellon University researchers, for instance, found that Google's online advertising system showed an ad for high-income jobs to men much more often than it showed the ad to women  ... 
doi:10.21039/irpandp.v2i2.45 fatcat:ghtgyytm3fbbrmlfwj6kfblid4

Privacy & Cloud Services: Are We There Yet?

Davit Marikyan, Jose Llanos, Masoud Barati, Gagangeet Aujla, Yinhao Li, Kwabena Adu-Duodu, Sabeen Tahir, Omer Rana, Savvas Papagiannidis, Rajiv Ranjan, Madeline Carr
2021 2021 IEEE International Conference on Service-Oriented System Engineering (SOSE)  
GDPR compliance verification for a cloud provider is aimed to confirm that personal data provided by a user is shared in-line with the requirements of this legislation, so that any subsequent audit carried  ...  out on the provider does not lead to a financial penalty.  ...  Similarly, in a study commissioned by IAB Europe, 11,000 people across the EU were asked about their attitudes towards online media and advertising, it was reported that only '20% would be happy for their  ... 
doi:10.1109/sose52839.2021.00006 fatcat:pas56xa72za2lmgsui47e3f6ry

Claudette Meets GDPR: Automating the Evaluation of Privacy Policies Using Artificial Intelligence

Giuseppe Contissa, Koen Docter, Francesca Lagioia, Marco Lippi, Hans-W. Micklitz, Przemysław Pałka, Giovanni Sartor, Paolo Torroni
2018 Social Science Research Network  
This, given the amount of privacy policies online, is a task worth investing time and effort. Our study indicates that none of the analysed privacy policies meets the requirements of the GDPR.  ...  Executive Summary This report contains preliminary results of the study aiming at automating legal evaluation of privacy policies, under the GDPR, using artificial intelligence (machine learning), in order  ...  Additionally, regarding consent for processing expressed by a child, Amazon, Apple, Epic Games and Steam all mention a minimum age of 13, while the GDPR specifies 16 as the age of consent as a general  ... 
doi:10.2139/ssrn.3208596 fatcat:jro5to24brbdvn62j2nveg2n2a

GDPArrrrr: Using Privacy Laws to Steal Identities [article]

James Pavur, Casey Knerr
2019 arXiv   pre-print
These findings suggest a critical need to improve the implementation of the subject access request process.  ...  The General Data Protection Regulation (GDPR) has become a touchstone model for modern privacy law, in part because it empowers consumers with unprecedented control over the use of their personal information  ...  data subject may be all that's needed for many of the organizations implicated in this study.  ... 
arXiv:1912.00731v1 fatcat:majenwkclvcunczmei4uy6anym
« Previous Showing results 1 — 15 out of 2,209 results