Skip to content
By using Twitter’s services you agree to our Cookies Use. We and our partners operate globally and use cookies, including for analytics, personalisation, and ads.
  • Home Home Home, current page.
  • About

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @
  • Language: English
    • Bahasa Indonesia
    • Bahasa Melayu
    • Català
    • Čeština
    • Dansk
    • Deutsch
    • English UK
    • Español
    • Filipino
    • Français
    • Hrvatski
    • Italiano
    • Magyar
    • Nederlands
    • Norsk
    • Polski
    • Português
    • Română
    • Slovenčina
    • Suomi
    • Svenska
    • Tiếng Việt
    • Türkçe
    • Ελληνικά
    • Български език
    • Русский
    • Српски
    • Українська мова
    • עִבְרִית
    • العربية
    • فارسی
    • मराठी
    • हिन्दी
    • বাংলা
    • ગુજરાતી
    • தமிழ்
    • ಕನ್ನಡ
    • ภาษาไทย
    • 한국어
    • 日本語
    • 简体中文
    • 繁體中文
  • Have an account? Log in
    Have an account?
    · Forgot password?

    New to Twitter?
    Sign up
johnnyryan's profile
Johnny Ryan
Johnny Ryan
Johnny Ryan
@johnnyryan

Tweets

Johnny Ryan

@johnnyryan

FRHistS. Chief Policy & Industry Relations Officer at @Brave. Author of 'A History of the Internet and the Digital Future' http://amzn.com/1861897774 .

Dublin
brave.com/dr-johnny-ryan/
Joined November 2008

Tweets

  • © 2018 Twitter
  • About
  • Help Center
  • Terms
  • Privacy policy
  • Cookies
  • Ads info
Dismiss
Previous
Next

Go to a person's profile

Saved searches

  • Remove
  • In this conversation
    Verified accountProtected Tweets @
Suggested users
  • Verified accountProtected Tweets @
  • Verified accountProtected Tweets @

Promote this Tweet

Block

  • Tweet with a location

    You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more

    Your lists

    Create a new list


    Under 100 characters, optional

    Privacy

    Copy link to Tweet

    Embed this Tweet

    Embed this Video

    Add this Tweet to your website by copying the code below. Learn more

    Add this video to your website by copying the code below. Learn more

    Hmm, there was a problem reaching the server.

    By embedding Twitter content in your website or app, you are agreeing to the Twitter Developer Agreement and Developer Policy.

    Preview

    Why you're seeing this ad

    Log in to Twitter

    · Forgot password?
    Don't have an account? Sign up »

    Sign up for Twitter

    Not on Twitter? Sign up, tune into the things you care about, and get updates as they happen.

    Sign up
    Have an account? Log in »

    Two-way (sending and receiving) short codes:

    Country Code For customers of
    United States 40404 (any)
    Canada 21212 (any)
    United Kingdom 86444 Vodafone, Orange, 3, O2
    Brazil 40404 Nextel, TIM
    Haiti 40404 Digicel, Voila
    Ireland 51210 Vodafone, O2
    India 53000 Bharti Airtel, Videocon, Reliance
    Indonesia 89887 AXIS, 3, Telkomsel, Indosat, XL Axiata
    Italy 4880804 Wind
    3424486444 Vodafone
    » See SMS short codes for other countries

    Confirmation

     

    Welcome home!

    This timeline is where you’ll spend most of your time, getting instant updates about what matters to you.

    Tweets not working for you?

    Hover over the profile pic and click the Following button to unfollow any account.

    Say a lot with a little

    When you see a Tweet you love, tap the heart — it lets the person who wrote it know you shared the love.

    Spread the word

    The fastest way to share someone else’s Tweet with your followers is with a Retweet. Tap the icon to send it instantly.

    Join the conversation

    Add your thoughts about any Tweet with a Reply. Find a topic you’re passionate about, and jump right in.

    Learn the latest

    Get instant insight into what people are talking about now.

    Get more of what you love

    Follow more accounts to get instant updates about topics you care about.

    Find what's happening

    See the latest conversations about any topic instantly.

    Never miss a Moment

    Catch up instantly on the best stories happening as they unfold.

    Johnny Ryan‏ @johnnyryan May 8

    Facebook is confronting EU users a new “terms of service” dialogue that denies access until a user opt-ins to tracking for ad targeting, and various other data processing purposes...pic.twitter.com/MiYpfjZLLo

    5:20 AM - 8 May 2018
    • 492 Retweets
    • 500 Likes
    • funrun Anant Malaviya Jeremy Stucki é. All Bricks All The Time P. David E. B. Oisín Murphy-Lawless ArtVirtualDecor Damir Veapi
    EDPS
    32 replies 492 retweets 500 likes
      1. New conversation
      2. Johnny Ryan‏ @johnnyryan May 8

        These Terms refer to the “data policy” that says “we use the information we have about you – including information about your interests, actions and connections – to select and personalise ads, offers and other sponsored content that we show you.”

        1 reply 9 retweets 27 likes
        Show this thread
      3. Johnny Ryan‏ @johnnyryan May 8

        The data policy also says “We use the information [including] the websites you visit and ads you see … to help advertisers and other partners measure the effectiveness and distribution of their ads and services, and…” See https://www.facebook.com/about/privacy/update …

        3 replies 6 retweets 19 likes
        Show this thread
      4. Johnny Ryan‏ @johnnyryan May 8

        This appears to breach several important principles of the #GDPR, including the principle of purpose limitation, freely given, non-conditional consent, and of transparency. In other words, if Facebook attempts to collect consent in this manner, that consent will be unlawful.

        2 replies 71 retweets 136 likes
        Show this thread
      5. Johnny Ryan‏ @johnnyryan May 8

        European Regulators have been very clear on this point. See for example Article 29 WP guidance on conflation of multiple purposes https://iapp.org/media/pdf/resource_center/20180416_Article29WPGuidelinesonConsent_publishpdf.pdf …pic.twitter.com/pqZr5stVNd

        EDPS
        1 reply 20 retweets 63 likes
        Show this thread
      6. Johnny Ryan‏ @johnnyryan May 8

        Then, a mere 24 days before the application of the #GDPR, $FB's head of privacy announces plans to build “Clear History”, with which users can opt-out of Facebook collecting data about their visits to other websites and apps. But the GDPR demands not an opt-out, but an opt-in.

        2 replies 20 retweets 53 likes
        Show this thread
      7. Johnny Ryan‏ @johnnyryan May 8

        Nor is Clear History available to non-Facebook users. A further sign of Facebook’s brinksmanship: it said “it will take a few months to build Clear History”, which means that the feature will not be available to users until long after the GDPR has been applied later this month.

        1 reply 16 retweets 34 likes
        Show this thread
      8. Johnny Ryan‏ @johnnyryan May 8

        Facebook is playing a dangerous game of “chicken” with the regulators. Reading through a recent court ruling from the Brussels Court of First Instance shows how dangerous this is for the company.

        2 replies 19 retweets 46 likes
        Show this thread
      9. Johnny Ryan‏ @johnnyryan May 8

        Here are some quotes: "The court has come to the decision that in all the cases described, Facebook does not obtain any legally valid consent in the sense of Article 5 (a) Privacy Act [Data Protection Directive] and Article 129 ECA [ePrivacy] for the disputed data processing."

        2 replies 15 retweets 33 likes
        Show this thread
      10. Johnny Ryan‏ @johnnyryan May 8

        See the ruling text https://pagefair.com/wp-content/uploads/2018/04/Belgian-Court-judgement.pdf …

        1 reply 6 retweets 15 likes
        Show this thread
      11. Johnny Ryan‏ @johnnyryan May 8

        The Court also made clear that consent requests must be specific: "Specific means that the expression of will must related to a specific instance or category of data processing and can thus not be obtained on the basis of a general authorization for an open series of processing."

        1 reply 11 retweets 35 likes
        Show this thread
      12. Johnny Ryan‏ @johnnyryan May 8

        This part of the ruling was based on Article 1, section 8, of the Belgian Privacy Act, which uses the same formula of words as Article 4, paragraph 11, of the GDPR (“freely given, specific, informed…”).

        1 reply 6 retweets 17 likes
        Show this thread
      13. Johnny Ryan‏ @johnnyryan May 8

        In other words, the Court is upholding a standard that is virtually identical to the standard that will apply under the GDPR. Facebook’s new GDPR consent dialogue faces the same problem, and is unlawful for the same reason.

        2 replies 8 retweets 24 likes
        Show this thread
      14. Johnny Ryan‏ @johnnyryan May 8

        The Court also found that Facebook users are not clearly told what “purposes” Facebook processes the personal data for. Nor does it clearly explain its use of sensitive data including any personal data that could reveal religious belief, sexual orientation, etc.

        1 reply 10 retweets 25 likes
        Show this thread
      15. Johnny Ryan‏ @johnnyryan May 8

        Facebook has recently gone some way to inform users about the use of personal data concerning their political interests, but this is only a partial solution to a far broader risk for the company. Its handling of sensitive categories of personal data will be a major challenge.pic.twitter.com/KDzWi3oh4q

        APD-GBA
        1 reply 6 retweets 16 likes
        Show this thread
      16. Johnny Ryan‏ @johnnyryan May 8

        Unsurprisingly in the aftermath of the Cambridge Analytica scandal, the Court found that Facebook did not properly disclose who it was sharing the data with.

        1 reply 9 retweets 21 likes
        Show this thread
      17. Johnny Ryan‏ @johnnyryan May 8

        The ruling that Facebook was not even complying with its own self-regulatory system. Whatever one’s view of the “adchoices” self-regulatory system, it is quite remarkable that Facebook continued to track people even if they had already used it to opt out.pic.twitter.com/DlQmfmmMWn

        1 reply 10 retweets 28 likes
        Show this thread
      18. Johnny Ryan‏ @johnnyryan May 8

        The Brussels Court ordered Facebook to pay €250,000 per day, up to a maximum of €100 million, until it stopped its unlawful behavior. This was a strong statement.

        3 replies 12 retweets 32 likes
        Show this thread
      19. Johnny Ryan‏ @johnnyryan May 8

        To put this fine in to perspective, consider that Belgium has a population of 11.35 million people, which is only 2% of the population of the EU. At the same value per person, the EU equivalent would be €12.5 million per day, up to a maximum of €5 billion.

        2 replies 5 retweets 15 likes
        Show this thread
      20. Johnny Ryan‏ @johnnyryan May 8

        In addition, Facebook was ordered to submit to an independent expert supervising its deletion of all illegal data that it had amassed about every user on Belgian soil.

        1 reply 7 retweets 17 likes
        Show this thread
      21. Johnny Ryan‏ @johnnyryan May 8

        It also had to make sure that third parties to whom it provided illegal data do the same. The Cambridge Analytica scandal shows that this last point about insuring that third parties delete their copies of Facebook’s illegally accumulated data will be impossible for Facebook.

        1 reply 8 retweets 13 likes
        Show this thread
      22. Johnny Ryan‏ @johnnyryan May 8

        Recall that Mark Zuckerberg told US lawmakers: When developers told us they weren’t going to sell data, we thought that was a good representation. But one of the big lessons we’ve learned is that clearly, we cannot just take developer’s word for it.

        1 reply 4 retweets 24 likes
        Show this thread
      23. Johnny Ryan‏ @johnnyryan May 8

        Video this remarkable statement is at https://www.c-span.org/video/?443490-1/facebook-ceo-mark-zuckerberg-testifies-data-protection&live&start=4929# …. In other words, Facebook was sharing personal data without any control whatsoever.

        1 reply 4 retweets 12 likes
        Show this thread
      24. Johnny Ryan‏ @johnnyryan May 8

        Johnny Ryan Retweeted Johnny Ryan

        As I argue in this thread https://twitter.com/johnnyryan/status/976812663991914496?lang=en … this is no different from what every major website currently does when it sends visitors’ personal data in RTB bid requests.

        Johnny Ryan added,

        Johnny Ryan @johnnyryan
        Re Facebook-alytica-omni-shambles-gate... Facebook left its API wide open, and had no control over personal data once those data left Facebook. But there is a wider story coming: (thread...)
        Show this thread
        1 reply 5 retweets 14 likes
        Show this thread
      25. Johnny Ryan‏ @johnnyryan May 8

        Even if the original collection of the data had been lawful, this uncontrolled distribution would certainly is not. Again, the parallel with RTB bid requests should give publishers and adtech vendors pause.

        1 reply 3 retweets 10 likes
        Show this thread
      26. Johnny Ryan‏ @johnnyryan May 8

        Important lesson from the Belgian case: what the Article 29 Working Party says matters. #Adtech vendors continue to ignore it at their peril.

        1 reply 2 retweets 15 likes
        Show this thread
      27. Johnny Ryan‏ @johnnyryan May 8

        Although the Court is the arbiter, it relied on the Working Party’s authoritative opinions throughout its ruling. The ruling cited WP opinions on consent (15/2011), online behavioral advertising (2/2010), purpose limitation (2/2013), and data controllers and processors (1/2010).

        1 reply 2 retweets 12 likes
        Show this thread
      28. Johnny Ryan‏ @johnnyryan May 8

        The requirements of European data protection law have been well illuminated by the public guidance of the Article 29 Working Party for over two decades, and provide an invaluable guide to businesses scrambling to comply with a body of law largely neglected hitherto.

        1 reply 3 retweets 9 likes
        Show this thread
      29. Johnny Ryan‏ @johnnyryan May 8

        The Court also ruled that Facebook cannot reject users who refuse to agree to tracking – unless the tracking in question is necessary for the service that a user explicitly requests from Facebook.pic.twitter.com/wvUvPAKT2K

        1 reply 9 retweets 21 likes
        Show this thread
      30. Johnny Ryan‏ @johnnyryan May 8

        This ruling is one of several defeats Facebook has suffered in European courts in recent months. In January, the Berlin Regional Court ruled that Facebook’s approach to consent and terms are unlawful. (See ruling here (in German) https://pagefair.com/wp-content/uploads/2018/04/Berlin-Court-judgement-German.pdf …)

        1 reply 6 retweets 16 likes
        Show this thread
      31. Johnny Ryan‏ @johnnyryan May 8

        In April, the Irish High Court referred important aspects of Facebook’s trans-Atlantic transfers of personal data to the European Court of Justice, once again, for scrutiny. It is likely that worse is to come, unless it significantly changes its approach to data protection.

        1 reply 4 retweets 11 likes
        Show this thread
      32. 6 more replies

    Loading seems to be taking a while.

    Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

      Promoted Tweet

      false

      • © 2018 Twitter
      • About
      • Help Center
      • Terms
      • Privacy policy
      • Cookies
      • Ads info