So, there's evidence that a few thousand mobile apps shared location data with the data broker Gravy Analytics (Unacast), whose subsidiary Venntel sold to ICE, CBP, FBI, DEA and other US govt agencies, probably via intermediaries and RTB, including data on Europeans:
https://www.wired.com/story/gravy-location-data-app-leak-rtb/
=> More informations about this toot | More toots from wchr@mastodon.social
Here's the full list of apps [Google doc]:
https://docs.google.com/spreadsheets/d/1Ukgd0gIWd9gpV6bOx2pcSHsVO6yIUqbjnlM4ewjO6Cs/edit
=> More informations about this toot | More toots from wchr@mastodon.social
What stops GDPR regulators from systematically taking action against all these apps?
Ask app vendors about the legal basis for Gravy's data processing (whether location is based on IP or GPS), make them explain in detail how this could happen.
They can still try to explain how their advertising 'service' providers might have misled them. If they fully cooperate and offer regulators detailed info about how intermediaries and Gravy accessed and sold the data, they’ll receive a reduced fine.
=> More informations about this toot | More toots from wchr@mastodon.social
@wchr
That is a very good question indeed.
=> More informations about this toot | More toots from ftg@mastodon.radio
text/geminiThis content has been proxied by September (3851b).