Home sci-tech Data watchdog slammed for lack of action against Google on UK’s ‘largest ever…

banneraliexp

Data watchdog slammed for lack of action against Google on UK’s ‘largest ever…

by ace
Data watchdog slammed for lack of action against Google on UK's 'largest ever...

Britain's data control body has been criticized for failing to punish the companies involved in what has been described as the biggest data breach on record in the UK.

The breach itself was industrial in scale and conducted through an online advertising process developed by Google and the Interactive Bureau of Advertising (IAB), known as real-time bidding.

After starting its investigation last year, the Office of the Information Commissioner (ICO) now said it would only look for "real improvements" to the pair instead of taking enforcement actions, which could extend to fine them up to 4% of their global revenue. .

Image:
Google was one of the architects of the RTB system

Real-time bidding (RTB) is the market that supports online advertising and has been described as "the biggest data breach ever recorded in the UK" by those who initially complained to the regulator.

RTB effectively sells impressions – as the industry refers to the number of times an ad is loaded in a web browser – through a virtually instant auction that occurs automatically when a browser starts loading a web page.

When that happens, behind the scenes, using tracking cookies and other forms of data that our browsers drag with us across the Web, companies try to show us ads based on the huge, detailed profiles that publishers build in our lives.

RTB is a sector that monetizes a digital surveillance system that records what each person on the web watches, reads and hears.

This system creates a profile for each person who uses the Web, and the details the system collects include age, gender, location and even a historical record of users' browsing.

This record is crucial because it allows for one of the most significant forms of tracking when publishers connect you to what they call "content taxonomies". These are lists of categories used to classify content online. They range from the general (sport, cinema, jazz) to the frighteningly specific.

The Google list, for example, one of two used as a standard across the industry, includes the categories Reproductive Health, Substance Abuse, Health Conditions, Politics and Ethnic and Identity Groups.

Google and the IAB insist that their categories apply only to content. But there is substantial evidence to suggest that they connect with individual people.

Enforcement officers working in the Information Commissioner's Office entering the Cambridge Analytica offices in central London after a Supreme Court judge granted a search warrant. PRESS ASSOCIATION Photo. Date of the photo: Friday, March 23, 2018. See the PA COURTS Cambridge article. Photo credit should be: Yui Mok / PA Wire
Image:
The Information Commissioner's Office refused to take coercive measures

The ICO said that Google now "removes content categories and improves its audit process" and said it was encouraged by the company's plans to suspend support for third-party cookies in the Chrome browser.

He added that the IAB "has agreed to a number of principles that align with our concerns and is developing its own guidance for organizations on security, data minimization and data retention, as well as UK-focused guidelines on content taxonomy" .

However, it took no enforcement action against any organization, causing outrage on the part of many of those involved in the initial complaint against the RTB system.

"The ICO is a regulatory agency, so it needs to enforce the law. It seems to be accepting that the illegal and dangerous sharing of personal data can continue as long as improvements are made" gradually "with no real date for compliance" , said Jim Killock, executive director of the digital rights organization Open Rights Group.

"Last year, the ICO gave a deadline for an industry response to our complaints. Now, the ICO is falling into the trap created by the industry, by accepting incremental but minimal changes that fail to provide individuals with control of their data. personal data they have a legal right to.

"The ICO must take coercive measures against IAB members," continued Killock. "We are considering our position, including the possibility of taking legal action against the regulator for failing to act or individual companies for violating the data protection law."

Dr Johnny Ryan, policy director for web browsing company Brave, criticized the ICO for not taking "any substantive action to correct & # 39; RTB & # 39 ;, the biggest data breach ever recorded in the UK" .

"Google and the IAB have not taken steps to prevent the vast and systematic data breach that transmits what billions of people read, watch and hear online every day," added Ryan.

He said Brave was considering all options, including a judicial challenge to the ICO decision.

Sky News contacted Google for comment.

Related Articles

Leave a Comment

12 + 12 =

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More