You use an app on your mobile phone, you make an appointment, order a product, make a reservation. All these simple daily actions of any unsuspecting citizen can lead to the creation of a digital file, which includes his/her consumer habits, the areas he/she moves, religious beliefs, political and social views, state of health, sexual preferences! Exaggerations? Don’t rush to answer “yes”.
“Every time we use our phones, a large number of shadow entities that are almost unknown to consumers, receive personal data about our interests, habits and behavior. These are factors that are part of the digital marketing and advertising technology industry (adtech),who use this information to track us on all devices in order to create complete profiles for each individual consumer. These profiles can be used to personalize advertising, but also for other purposes, such as discrimination, manipulation and exploitation”,
notes in a recent announcement the Norwegian Consumer Council (NCC).
The Norwegian organisation does not rely on any estimation or intuition. With the financial capacity, as it is also subsidized by the state, it instructed a specialized company to check what is done specifically with mobile phone applications (apps). The company radiated ten popular applications and found a multitude of “shadows” dancing in the digital darkness, sub-scouring sensitive user data.
Specifically, digital traces were found for at least 135 different third parties-companies engaged in advertising or creating behavioral profiles, fueled by the 10 apps.
- Android Advertising ID, which allows companies to track consumers across different platforms, transferred data to at least 70 different third parties! In fact, the data was often accompanied by GPS location and IP address, so that the combination of all of them allows monitoring between apps and devices and the profiling of a complete image for each consumer.
- The Grindr app, used for appointments, shared to a large number of third-party entities information, including position, age, gender, and sexual orientation data.
- Company affiliated with Twitter shared data with the major companies Apptech and OpenX.
- Another dating app passed large amounts of information on sexuality, drug use, political views.
- Google advertising agency DoubleClick got information from eight apps, while Facebook from nine apps.
As the Norwegian Consumer Council (NCC) notes:
“the legal analysis of these findings shows that a large part of this exchange and processing of data appears to be illegal under the General Data Protection Regulation (GDPR)”.
“Out of control“
The title of the study is indicative: “Out of control”. It should be noted that the incidents of mass sale (or interception) of integrated citizen profiles are many internationally and those concerned may be many and beyond the realm of advertising. Insurance companies, private detectives, employers, political influence companies, security services, see such databases as digital… delight.
As The NCC is a member of the European Federation of Consumers (BEUC) informed the consumer organizations of other countries and rang a bell.
“The report concludes that the continuous monitoring and profiling of consumers, which are the axis of the current ecosystem of modern advertising technology, are -by their very nature- exploitative practices which do not comply with the GDPR”,
says to “K” Mrs Vicky Jega, legal adviser to the Consumers’ Union for Quality of Life (CUQL).
“Although the survey was conducted in Norway, the applications examined (Grindr) also operate in Greece, while the advertising technology companies that the NCC complaints concern are also likely to process the data of Greek consumers”.
That is why CUQL informed the National Personal Data Protection Authority about the survey, apparently raising the question of investigating what is going on in Greece and taking the necessary measures.
Similar practices, Mrs. Jega points out,
“flagrantly and systematically violate the principles of fundamental rights and freedoms”.