As Google has enacted a series of high-handed, opaque changes to how Youtube monetizes, upranks and censors videos, Youtubers have found themselves battered by the changes: they built Youtube into a global multi-billion-dollar success story, but they don't get a say in how it's managed. Now, a group of Youtubers have teamed up with Germany's powerful IG Metall trade union to fight back, using Europe's broad privacy laws and Germany's broad labor laws to force the company to come to the negotiating table and give them a say in how the service is run. You can read more about it on the Fairtube campaign site. Read the rest

In The Independent, Dora B writes about experiencing a growing and disturbing awareness that they were being shunned and excluded from their field of specialism. Dora eventually used the GDPR—Europe's recent law providing access to the data held on you by companies and institutions—to expose what was going on. Dora was not only professionally blacklisted, the emails revealed, but privately the subject of insults, scorn and abuse from peers that Dora trusted and depended upon for references and appointments.

Firstly, my eminent and influential PhD supervisor had let it be widely known that they thought I was an unpleasant person, impossible to work with, fundamentally stupid, and that I definitely shouldn’t be doing a doctorate.

They complained vigorously about having such an awful student, but never mentioned the two hour-long interviews they conducted with me before agreeing to take me on. After that, one of my PhD examiners had been asked about me off the record, and had advised against me. They repeatedly used insults and demeaning adjectives to block me from several employment positions and speaking engagements.

I approached the individuals and the institutions concerned about the content of my Subject Access Request. They all refused to discuss the matter with me, so I can only speculate as to what was going on. If my conduct had been that awful, I would have received a warning or been subject to some kind of disciplinary procedure, but I wasn’t, so where my supervisor thought I was difficult, it is equally possible that, as a mature student, I merely had clear boundaries.

"Anonymized data" is one of those holy grails, like "healthy ice-cream" or "selectively breakable crypto" -- if "anonymized data" is a thing, then companies can monetize their surveillance dossiers on us by selling them to all comers, without putting us at risk or putting themselves in legal jeopardy (to say nothing of the benefits to science and research of being able to do large-scale data analyses and then publish them along with the underlying data for peer review without posing a risk to the people in the data-set, AKA "release and forget"). Read the rest

Microsoft has a history of attempting to give Microsoft das boot (yes, I know boots in German is stiefel, but work with me here...) Read the rest

After Bloomberg revealed that Amazon secretly sent recordings from Alexa to subcontractors all over the world in order to improve its speech-recognition systems, a whistleblower leaked recordings from Google Home to investigative reporters from VRT, revealing that Google, too, was sending audio clips from its voice assistant technology to pieceworkers through the Crowdsource app. Read the rest

Stalkerware -- spyware sold to people as a means of keeping tabs on their romantic partners, kids, employees, etc -- is a dumpster fire of terrible security (compounded by absentee management), sleazy business practices, and gross marketing targeted at abusive men who want to spy on women. Read the rest

Facebook gave "as many as" 260 contractors at Wipro, Ltd in Hyderabad, India access to users' private messages and private Instagram posts so that the contractors could label them prior to their inclusion in an AI training-data set. Read the rest

Politico shares an investigation into why the GDPR's lead regulator Ireland has failed to bring a single enforcement action against the big tech companies it is supposed to watchdog.

Politico:

Last May, Europe imposed new data privacy guidelines that carry the hopes of hundreds of millions of people around the world — including in the United States — to rein in abuses by big tech companies.

Almost a year later, it’s apparent that the new rules have a significant loophole: The designated lead regulator — the tiny nation of Ireland — has yet to bring an enforcement action against a big tech firm.

That’s not entirely surprising. Despite its vows to beef up its threadbare regulatory apparatus, Ireland has a long history of catering to the very companies it is supposed to oversee, having wooed top Silicon Valley firms to the Emerald Isle with promises of low taxes, open access to top officials, and help securing funds to build glittering new headquarters.

Now, data-privacy experts and regulators in other countries alike are questioning Ireland’s commitment to policing imminent privacy concerns like Facebook’s reintroduction of facial recognition software and data sharing with its recently purchased subsidiary WhatsApp, and Google’s sharing of information across its burgeoning number of platforms.

(Thanks, Antoin!) Read the rest

In a stunning rejection of the will five million online petitioners, and over 100,000 protestors this weekend, the European Parliament has abandoned common-sense and the advice of academics, technologists, and UN human rights experts, and approved the Copyright in the Digital Single Market Directive in its entirety. Read the rest

If you need to build an app quickly and easily, you might decide to use Facebook's SDK, which has lots of bells and whistles, including easy integration of Facebook ads in your app's UI. Read the rest

Germany's Federal Cartel Office (Bundeskartellamt, the country's antitrust regulator) has ruled that Facebook can't combine user data aggregated from different sources (Facebook usage data, data from pages with Facebook Like buttons, data purchased from third parties, etc), because users can't reasonably anticipate the way these different datastreams might be combined, nor the kinds of inferences that could be gleaned thereby. Read the rest

Facebook provides a suite of turnkey app-building tools for Android that are widely used among the most popular Google Play apps, with billions of combined installs; naturally, these tools create incredibly data-hungry defaults in the apps that incorporate them, so that even before you do anything with an app, it has already snaffled up a titanic amount of data, tied it into your Google Ad ID (which is recycled by Facebook to join up data from different sources) and sent it to Facebook. Read the rest

The fight against surveillance capitalism and mass state surveillance has reached a tipping point, the peak-indifference moment, when new privacy advocates are self-radicalizing as they witness firsthand the undeniable risks of overcollection, over-retention, and secret manipulation of personal data. Read the rest

Facebook has notified 6.8 million users that, due to a bug, the company allowed its third-party developers to access all the users' photos, including those marked as private. Read the rest

The European Union's new Copyright Directive contains two hugely controversial, poorly drafted and dangerous clauses: Article 11, which limits who can link to news articles and under which circumstances (and also bans Creative Commons licenses); and Article 13, which mandates that all platforms for public communications surveil all user posts and censor anything that matches (or partially matches) a crowdsourced, unaccountable database of allegedly copyrighted works. Read the rest

The British government has decreed that adult sites must collect age-verification data on everyone who looks at material rated for 18-and-over viewing; this amounts to a database of the porn-viewing habits of every adult in the UK. Read the rest