12 votes

California’s new privacy law is off to a rocky start

2 comments

  1. [2]
    pallas
    Link
    How exactly do I read this article? When I click on the link, I get a modal dialogue saying that I need to consent to tracking and data collection by Verizon Media by clicking OK, or click Manage...

    How exactly do I read this article? When I click on the link, I get a modal dialogue saying that I need to consent to tracking and data collection by Verizon Media by clicking OK, or click Manage options. This leads to the labyrinth described below, where every path leads to consenting to data collection and sale:

    Clicking on Manage options brings me to a page that lets me know that I have the option to "let us set cookies to collect your data" that "helps us improve and create new products, enhance our product security, and give you personalised content and ads", or "you will not be able to access our sites and apps."

    But wait. You can "customise what data you share to personalise your experience across our network". Clicking that "Manage" link brings me to the "Our partners" page, which then has links to a "Privacy dashboard" and another page that should let me customize which partners can use my data.

    The link to the privacy dashboard actually just goes to their privacy policy. However there is a link to the "Dashboard" on the left. That points out that "Your privacy is important to us" and has a set links to 11 different dashboards for 11 different brands. Clicking on the techcrunch one brings you to a reCAPTCHA. Five reCAPTCHA panels and 25 clicks later, the page proceeds to an "Oh no... We were unable to process your request."

    So let's try the "See and customise which partners can use your data." That brings me to two tabs, one for "Foundational partners," whose data collection I can manage by clicking on apparently 27 different privacy policy and settings links, and an "IAB partners" tab, which appears to have well over a hundred companies. The latter has an on/off switch for each, and a way to deselect all of them, but then notes that actually, "some partners require you to make choices directly through their Privacy Policy," because they require "opt-outs." This appears to be about 50% of them.

    At any point in this process, all buttons lead back to consenting to data collection and sale.

    If you look through their privacy policy, if you are a resident of California, you can opt-out of sales... on the inaccessible privacy dashboard page. Or, alternatively, by emailing them. If you're a resident of the EU, I suppose your only option is to make a complaint to your national data protection agency.

    But oh well. I'm feeling combative, so let's start torbrowser. So, yes, after some notes about how people feel companies have completely ridiculous implementations of supposed CCPA and GDPR compliance, we come to the real story that we should clearly care about: that these horrible laws let hackers break into accounts, but that's just an "unfortunate consequence", and that there are unscrupulous companies that offer to help delete your data, but they'll probably mess up.

    It's a bit hard to take seriously an article about the CCPA from a company that behaves this way.

    4 votes
    1. Keegan
      Link Parent
      I debated changing the link to this one, but it removes the images. https://outline.com/FyNSPt

      I debated changing the link to this one, but it removes the images.

      https://outline.com/FyNSPt