Apple, Google, Microsoft mum on supporting global-privacy tool; SSO and tracking news; Microsoft backs journalism payments;

Apple, Google, Microsoft mum on supporting global-privacy tool; SSO and tracking news; Microsoft backs journalism payments;

Privacy Beat

Your weekly privacy news update.

VIEW IN YOUR BROWSER

 

ABOVE: The image atop Microsoft’s extraordinary blog post about journalism, platforms and Australia (See second headlined item, below)


At W3C: Apple, Google, Microsoft mum on supporting global-privacy tool; Mozilla equivocates; discussion of SSO registry domains, and Unified ID 2.0 tracking

The two dominant web-browser makers kept quiet this week when given a chance to support an automated data-opt-out privacy function for their users under the California Consumer Privacy Act.  And a third — Firefox maker Mozilla — is equivocating.  Google and Apple would be siding with privacy advocates and against the U.S. advertising industry if they agree to support the Global Privacy Control (GPC) service.

Two weeks ago (second item)  the office of California Attorney General Xavier Becerra “Tweeted” that the CCPA requires websites to respect such automated requests for privacy.  The next week, all major advertising associations shot back that the law was unclear. The issue has been brewing for months.

Now the differing browser positions emerged this week during a virtual meeting of the World Wide Web Consortium’s (W3C) Privacy Community Group to which 90 people logged in.   Washington Post engineer Ashkan Soltani was providing an update on GPC deployment — installed he said by 40 million users on browsers made by Brave and Duck Duck Go. The GPC signal is already being honored by The New York Times, WordPress.co and CafeMedia and will soon be recognized by The Post, he said.

Then W3C meeting participant Henry Lau of Privolta asked:  “I was just wondering across the other browser makers whether it is something you’re considering or whether a formulation of this should fall within the group or be adopted by the browser vendors themselves?”

Representatives Google, maker of the No. 1 Chrome browser, and Apple, maker of the No. 2 Safari browser, did not respond — nor did a representative of Microsoft, maker of the Edge browser.

Mozilla did:  “I think like we’ve talked about before but we’re definitely supportive of the effort but our primary concerns are exposing something to users that has kind of unclear benefits and I just think getting more clarity from the AG is what would be helpful for us,” said Steven Englehardt, from the Firefox browser team.

On another topic, the W3C privacy group discussed a Google test plan for a function called “First Party Sets” (FPS) which will begin an 18-week origin trial installation in new installs of the Chrome browsers. (DETAIL) Each “set” will be limited to five the number of domains in common ownership or control, and with common privacy policies, to which the browser would extend some ability to exchange private user data via browser “cookies.”

With FPS, Chrome and other browsers are attempting to reduce the amount of cross-domain tracking permitted for privacy reasons. A key aspect of the discussion, raised by Apple’s John Wilander — could one of the domains be given the right to be treated as a “registration” domain for purposes of single-sign on? Kaustubha Govind, Google’s Chrome engineering manager, appeared receptive. She also disclosed that when a production version of First Party Sets ships, it will not limit the use of third-party cookies.

A third discussion during the W3C meeting concerned Apple’s just announced Private Click Measurement (PCM) change to its Safari browser, which Apple is lobbying to have adopted as a standard by other browser makers.  PCM is designed to send a message back to an advertiser when a user takes an action attributable to the ad view.

During the discussion, Apple’s Wilander drew a line on questions about changes in PCM which could enable cross-site tracking. Meeting participant Brian May of dstillery asked Wilander if PCM could be used in conjunction with a “deterministic ID based on a user attribute” such as proposed by ad-tech vendor The Trade Desk Inc. in its Unified ID 2.0 identity service.

Wilander said Apple tries not to comment on specific vendors. Then he added: “What we’re writing here is what we mean. This feature and proposed standard is trying to provide a way to preserve user privacy and still allow for click measurement. It is not supposed to be used together with tracking users because then we don’t need PCM. If people are tracked then they are tracked and we don’t have to try  hard to build privacy-preserving technologies..”

APPLE-GOOGLE-FACEBOOK FACEOFF

BROWSER PRIVACY   

CALIFORNIA PRIVACY

Does your organization need customized privacy compliance solutions? ITEGA  can help.

We bring together support you need to approach compliance with CCPA, GDPR if needed, and future privacy legislation as it emerges.

Learn More

 

IAPP is tracking state privacy proposals with a comparison table and the above map.


Microsoft issues extraordinary call for platforms to support journalism; backs “creative” Australian idea — globally

In an extraordinary affront to major tech rivals Google and Facebook, Microsoft Corp. is not only supporting Australia’s bid to force platforms to pay for news, but is also saying the concept should go global.  The disclosure came on Thursday (Feb. 11) in a lengthy  blog post by Microsoft President Brad Smith.

The “pay for the news” movement is an appropriate reaction, Smith says, to a “two-side disease” afflicting democracies: The tech-driven engines of disinformation and misinformation coupled with the simultaneous “erosion of more traditional, independent and professional journalism.”

Microsoft had already said that its Bing search service would continue to operate in Australia and pay any legally required fees to publishers for using news snippets or articles. Google had threatened to pull out of Australia rather than do so and Facebook says it will remove Australian publishers from its news feeds. Smith says Google suddenly withdrew its threat after Microsoft told the Australian government it would not leave and would compete in Australia.

“This has made for an unusual split within the tech sector, and we’ve heard from people asking whether Microsoft would support a similar proposal in the United States, Canada, the European Union, and other countries,” says the introduction to Smith’s post. “The short answer is yes.”

In his essay, which begins with a dissertation about the necessity of a viable press to a working democracy, Smith makes these points:

  • The Biden administration should reverse a Trump-era policy opposing Australia’s “creative answer” to fund journalism in part via the platforms.
  • A platform’s threat to pull services out of a control “creates a new vulnerability for the world’ s democracies, and it underscores the need for new competition rules . . . . ‘
  • “[A]s we made clear, we are comfortable running a high-quality search service at lower economic margins than Google and with more economic returns for the press,” Smith writes.
  • He asserted news content generates significant value for search and social-media sites — “as much as $4.7 billion annually for Google” and “fresh, broad and deep news coverage is critical to retaining strong user engagement.”

MEDIA AND TECH

STATEHOUSE WATCH 

WASHINGTON WATCH

SECTION 230 

 

SHOWN ABOVE: Chart from Australian competition report

DCN’s Kint posts 23-segment Tweet on Australia, calling Google “monopoly …. On all sides of market”

The CEO of a U.S. trade association representing major legacy publishers that operate big online operations has posted a 23-segment “Tweet” that analyzes the Australian Competition Commission report focused on Google’s advertising-industry dominance.  Jason Kint, CEO of Digital Content Next (DCN) posted this week.

Kint has been a long-time critic of Google and Facebook, arguing for the interests of his membership and for journalism, so his strong language is not new. But it is concentrated in the Tweet after he says he read the 222-page report released a couple of weeks ago.  Back in December he Tweeting having read the Texas attorney general’s antitrust suit naming Google and commented then: “In three words, Google is royally screwed.”

“Woah,” Kint’s his Australian Tweet sequence begins. .” Just had time today to review Australia’s report on adtech (222 pages!) — hands-down the best report I’ve ever seen on adtech complex — creates an overwhelmingly clear picture of the problem. Hint in this image [SEE ABOVE] of a monopoly participating in all sides of the market.”

Kint says the Australian report:

  • “Pretty much summarizes that both sides of the market are screwed due to Google’s adtech monopoly power, tying and conduct . . . . “
  • Talks about data-purpose limitations as a possible area for regulation, as well as requiring big-data companies such as Google to silo pools of data they hold for both privacy and anti-monopoly reasons.

Kint said he was a “strong fan” of such solutions. “Make Google silo its data nd acta s a service provider when it’s acting as  third-party,” he writes.

COVID-19 AND IDENTITY

PERSONAL PRIVACY 

Like what you see? Then recommend to a friend.

Subscribe to Privacy Beat

Now Experian thinks it can manage web identity with a “Switchboard” — unveiled by its Tapad subsidiary

Add global user data-warehousing giant Experian to the list of companies trying to corner the market on digital identity not already controlled by Facebook or Google.  Through its recently acquired Tapad subsidiary it announced this week “Switchboard” — a bid to be the central authority that connects the identity graphs of the rest of ad-tech’s major players.

Sounds a little like third-party cookies re-imagined, doesn’t it?  But Experian’s Tapad doesn’t explain it that way. Rather it positions “Switchboard” as an alternative to efforts by browser makers to bring control over user identity onto the device and under the browser software’s control.

“At Tapad we’ve chosen to approach the market with a solution that provides agnostic interoperability for these cookieless identifiers, so that marketers can continue to work with the identity providers of their choice while maintaining the most holistic view of consumers across digital touchpoints,” says Tapad in the “Switchboard” announcement. 

Tapad’s partners at launch include The Trade Desk’s Unified ID 2.0, ID5’s Universal ID, Lotame’s Panorama ID, the BritePool ID, Retargetly IDx and the Audigent Halo ID, according to Allison Schiff’s story on AdExchanger.com about the Tapad announcement.

The Information Trust Exchange Governing Association, a 501(c)3 nonprofit that publishes the Privacy Beat blog, is proposing a shared-user network for identity, privacy and information commerce that it would govern in the public interests. All of the other identity-sharing proposals are commercial ventures, although The Trade Desk has stated it will turn over code and operation of Unified ID 2.0 to an unspecified industry group.

AD TECH 

GLOBAL PRIVACY

PRIVACY BUSINESS

EU PRIVACY 

UPCOMING EVENTS 

UPCOMING:
Identity, Advertising and Future of Journalism | March 4, ITEGA

QUOTE OF THE WEEK

Under CCPA, can a website charge more to a user refusing to share personal data? Perhaps

  • The excerpt below is from the blog post, “Non-Discrimination and Financial Incentives in the CCPA,” authored by M&A/corporate transactions attorney Vincent J. Tennant of the New York office of the firm Nixon Peabody.  It addresses whether a website can charge a user who is unwilling to share personal information.
“The CCPA is explicit that businesses shall not discriminate against consumers for exercising any of the rights granted them by the CCPA, such as the right to opt-out of data sales. Discrimination envisioned by the CCPA includes, but is not limited to, denying services and charging different prices (by way of increasing the price or giving a discount) because consumers assert any of their data rights under CCPA.

“Lawful financial incentives

“The CCPA’s lawful financial incentives, an exception to the non-discrimination provision, allows businesses to offer different service or pricing levels because of consumer’s invocation of data rights without running afoul of the law. Generally, the price or service difference must be reasonably related to the value of the consumer’s data collected as a part of the transaction. For example, a business validly selling consumer data to a third party for $1 per consumer account cannot impose a $100 surcharge on consumers who exercise their CCPA right to opt-out of data sales. A $1 per month surcharge on those same users, however, would not be a discriminatory practice under the CCPA.

“The exception is subject to restrictions. If the business cannot calculate the value of the consumer’s data, then any price or service difference would be considered discriminatory. Further, the business must obtain the consumer’s consent prior, opt-in consent to the price or service difference. For valid consent to be obtained, the consumer must be informed of the estimated value of both the price or service difference and their data.”

ABOUT PRIVACY BEAT

Privacy Beat is a weekly email update from the Information Trust Exchange Governing Association in service to its mission. Links and brief reports are compiled, summarized or analyzed by Bill Densmore and Eva Tucker.  Submit links and ideas for coverage to newsletter@itega.org.

Share Share

Tweet Tweet

Share Share

Forward Forward

Facebook

Twitter

Website

Copyright © 2021 Information Trust Exchange Governing Association, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp

 

Go to Source of this post
Author Of this post: Eva Tucker

By admin