I feel like Senator Brown is missing a huge part of this equation. Nobody agreed to give this info to Yodlee. They may have signed a long EULA at some point with their bank that said "We reserve...
"I take these reports very seriously," Senator Brown told Motherboard in a statement. "When consumers trust companies like Yodlee with their personal and private information, they expect these companies to keep their information private.
I feel like Senator Brown is missing a huge part of this equation. Nobody agreed to give this info to Yodlee. They may have signed a long EULA at some point with their bank that said "We reserve the right to provide data to trusted partners for the optimization of our services" or some similar bullshit, but I'm pretty sure nobody anywhere has ever said "I want a company called Yodlee to sell my private data in bulk to anyone who pays"
I feel like GDPR and CCPA leave a huge "data processors" hole where data aggregators are effectively immune to data access requests or right to be forgotten.
I feel like GDPR and CCPA leave a huge "data processors" hole where data aggregators are effectively immune to data access requests or right to be forgotten.
How is a data processor different from a data broker? I'm starting to send CCPA requests to data brokers and was thinking of including Envestnet in my list, but you're saying they won't be held...
How is a data processor different from a data broker? I'm starting to send CCPA requests to data brokers and was thinking of including Envestnet in my list, but you're saying they won't be held liable under the CCPA?
I feel like Senator Brown is missing a huge part of this equation. Nobody agreed to give this info to Yodlee. They may have signed a long EULA at some point with their bank that said "We reserve the right to provide data to trusted partners for the optimization of our services" or some similar bullshit, but I'm pretty sure nobody anywhere has ever said "I want a company called Yodlee to sell my private data in bulk to anyone who pays"
I feel like GDPR and CCPA leave a huge "data processors" hole where data aggregators are effectively immune to data access requests or right to be forgotten.
How is a data processor different from a data broker? I'm starting to send CCPA requests to data brokers and was thinking of including Envestnet in my list, but you're saying they won't be held liable under the CCPA?
There should be an easy, one click on/off opt out for this kind of data collection that has massive fines attached if it’s not honored by a company.