⚣
They even store the brand of headphone I use. How do you even get that data, digging deep in CoreBluetooth?pic.twitter.com/LnuDKxtW6v
Show this thread
Tried the GDPR data export from Spotify. By default, you get like 6 JSON files with almost nothing. After many emails and complaining and a month of waiting, I got a 250MB archive with basically EVERY INTERACTION I ever did with any Spotify client, all my searches. Everything.pic.twitter.com/ALVw6Auief
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
good work fella
-
not over yet. Sent a few follow-up questions around the encoding.
-
LOL - I can just see the dba's face - 'FINE! FINE! JUST SEND HIM EVERYTHING FINE!'... just a question about encod-pic.twitter.com/XTgsgj02vw
-
They told me I should use a pretty printer for JSON. I’ll stay persistent.
-
Might be an idea to say anonymize the data, put the schema up on github?
-
That takes more time than I can spare, my company would suffer.
-
Plus we'd know who it is now too. You'd have to take all the guilty-pleasure listens out ;)
- End of conversation
New conversation -
-
-
My biggest question is: Is anyone actually looking at or checking on this data? Is it simply a product stakeholder’s “just grab everything we’ll sift through it later” instruction gone awry? I have to image some serious tech would need to be built to “make sense” of all that.
-
Pretty sure it’s some “let’s collect all and aee what we can use” paradigm.
-
Isn't that exactly what GDPR is meant to prevent?
-
Law is written in a way where it’s wide open for interpretation - what is “legitimate interest”?
-
If they can justify it by precising the purpose in the use of the service. IP address, e.g., could be justified as "offering personalised content depending on location", which actually is "censoring content depending on the laws of the country the IP address is originating from".
- 1 more reply
New conversation -
-
-
Can you find out what they store in private mode and offline mode (could sync later)?
-
I could probably, but I’d love for someone else to take over a more in-depth research. Need to run a company and that eats up most of my time.
-
Hey, I am starting a nonprofit to do exactly that: https://www.personaldata.io/companies/c9f1811b00cd4ad4b69e68adf9c8ae85 …
-
I’m a backer of the Vienna-based
@NOYBeu as well.
End of conversation
New conversation -
-
-
2 questions: 1. What is bartfeedbackcards/shelf? 2. Is there any location data?
-
IP is kinda location data, isn’t it
-
So theoretically you could put together a map of your movement while using the app? Or know your location in real-time?
-
Pretty much, but needs IP resolving, easy in the US
-
IP address is considered personal data, yes. And yes, it would allow tracking.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.