구글이 GDPR을 우회해 몰래 개인 정보를 광고주에게 넘기고 있다며

ment 9/5 '19 posted (9/5 '19 edited) 뉴스 IT

• "대량의 데이터 침해"라며 이 고소장은 Google의 프로그램 방식 플랫폼인 인증 구매자 (Authorized Buyers , 구 DoubleClick Ad Exchange)가 EU의 일반 데이터 보호 규칙 (GDPR)을 위반하여 개인 데이터를 부적절하고 일상적으로 노출한다고 주장했습니다.

• 페이지가 로드될 때 타사와 식별자를 공유하는 Google에서 호스팅하는 '숨겨진 페이지'입니다.

• 이 보고서는 Google 라이벌 중 하나인 Brave (프라이버시 중심 Brave 브라우저)의 최고 정책 책임자인 Johnny Ryan이 EU에 제출한 정보에서 비롯된 것입니다.

• 이 회사는 숨겨진 웹 페이지를 사용하여 이 정보를 광고주에게 전달하여 EU 개인 정보 보호 규정을 우회할 수 있다고 합니다.

• 라이언은 FT에 따르면, Google은 웹 브라우징 정보, 위치 및 기타 데이터를 포함한 추적기를 사용하여 "콘텐츠를 볼 수 없는" 웹 페이지를 통해 광고 회사에 보낸 것을 발견했다고 전했습니다.

• 이에 대해 구글은 수요일 "사용자 동의없이 개인화된 광고를 게재하거나 입찰자에게 입찰 요청을 보내지 않는다"고 밝혔습니다.

• Brave의 증거에 따르면 Google의 푸시 페이지 메커니즘은 Google이 의도한 데이터 보호 조치를 훼손한다는 것을 보여줍니다. "

• Google의 온라인 광고 시스템 (이전 DoubleClick로 알려져 있으며, 현재는 인증 구매자라고합니다)은 840 만 Web 사이트에서 활성화되어 있습니다.

Complaint alleges that Google is circumventing GDPR with RTB personal data sharing [marketingland.com]

Google 'leaked' personal data to other companies, rival claims [thehill.com]

Mental health websites in Europe found sharing user data for ads [techcrunch.com]

Google accused of breaking its own rules to send identifiable data to advertisers [mspoweruser.com]

Google has secret webpages that feed your personal data to advertisers, report says [www.cnet.com]

Brave browser catches Google tracking users with hidden web pages [thenextweb.com]

Google Allegedly Slips User Info To Advertisers [www.pymnts.com]

Google accused of secretly feeding personal data to advertisers [www.telegraph.co.uk]

Brave uncovers Google’s GDPR workaround [brave.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

9/5 '19 answered

These examples anecdotally remind us how little we know about the extraordinary powers of Google and other tech giants that handle massive amounts of data, without oversight, and accountability in case of mishandlings ↘️ https://t.co/8em3IX1aDp
— Marietje Schaake (@MarietjeSchaake) September 4, 2019

We have uncovered a Google GDPR workaround for RTB, and have submitted evidence to @DPCIreland
Thanks @thezedwards and @lukemulks https://t.co/1wrtfjw4La
— Johnny Ryan (@johnnyryan) September 4, 2019

He discovered his Google ID, classified as personal data under GDPR, was being traded between at least ten adtech companies in a single hour, which used it to target him. Goog claims onus is on the publisher, yet it is itself sharing and facilitating the data.
— Madhumita Murgia (@madhumita29) September 4, 2019

Brave’s @johnnyryan uncovers a potential GDPR workaround - undermining Google’s own stated policies - by the company, in evidence submitted to the Irish DPC https://t.co/FZ3vNl6YWt
— Madhumita Murgia (@madhumita29) September 4, 2019

You can find our explanatory note and sequence diagram explaining Google's GDPR workaround at https://t.co/1wrtfjNG9K pic.twitter.com/syzm8sD9VZ
— Johnny Ryan (@johnnyryan) September 4, 2019

Another shocking data story on front page of @FT. Google reported to Irish regulator for secretly tracking users. Massive breach of GDPR if proven. Congrats to Johnny Ryan & @RaviNa1k for bringing case. A lot of work...https://t.co/bnDxmmJONj
— Carole Cadwalladr (@carolecadwalla) September 4, 2019

He also discovered a second unique tracker that allowed adtech companies to combine info on him, of which there is no mention in Google’s documentation or policies.
— Madhumita Murgia (@madhumita29) September 4, 2019

Researchers found lots of adtech firms taking advantage of this to share with even more companies, whom even Google may be unaware of. https://t.co/UsjUtqHXUS
— Madhumita Murgia (@madhumita29) September 4, 2019

Privacy-centric browser @Brave ⁦@johnnyryan⁩ claims ⁦@Google used opaque system to⁩ 'leak' personal data to other companies for advertising purposes ‼️‼️‼️

Via ⁦@birnbaum_e⁩ ⁦@thehill⁩ https://t.co/VBPihASc1i
— Lourdes M. Turrecha (@LourdesTurrecha) September 4, 2019

And the hits just keep coming. Which only means more hats for their employees.https://t.co/l0RoFPjJNx
— ????? ????™️?GOLD-PILL (@RealTrumpLady) September 4, 2019

Google 'leaked' personal data to other companies, rival claims https://t.co/1IICL6hibx
— ? ??? ???? ??????™️ (@ARedPillReport) September 4, 2019

Google has secret webpages that feed your personal data to advertisers, report says https://t.co/SpZ0E7dWqp (via @OGreporter)
— DailyTekk (@DailyTekk) September 4, 2019

Google has secret webpages that feed your personal data to advertisers, report says: If the allegation is true, this would break the company's own rules. ? CNET https://t.co/Mn7tQy9yZB
— ReconSecureComputing (@SecRecon) September 4, 2019

This is a pretty big accusation, however if it is true it is really significant.https://t.co/K7dITMThau
— Sean Wright (@SeanWrightSec) September 4, 2019

Brave browser catches Google tracking users with hidden web pages https://t.co/sjcllA9AYO #techplayers #privacy
— mike d. kail (@mdkail) September 4, 2019

SMH. Good catch @brave!https://t.co/aS8ddvHrAj
— Dan Trevino ⚡ (@dantrevino) September 4, 2019

Brave browser catches Google tracking users with hidden web pages https://t.co/fZVGTtSwBH
— Josh Olszewicz (@CarpeNoctom) September 4, 2019

Brave browser catches Google tracking users with hidden web pages https://t.co/b7f1JmCIpW
— TNW (@thenextweb) September 4, 2019

Epic piece by @brave shows Google leaks private info about the users to 3rd parties, with a unique id that allows them to then cross-reference their data.

A good reminder that it should be our collective effort to rebuild the web without oligopolies.https://t.co/u2XjTsIZ4h
— Alex Skidanov (@AlexSkidanov) September 4, 2019

“The evidence we have submitted to the Irish Data Protection Commission proves that Google leaked my protected data to an unknown number of companies. One cannot know what these companies then did with it, because Google loses control... once it was sent.” https://t.co/tAfdwni29t
— BrendanEich (@BrendanEich) September 4, 2019

The folks at @brave discovered a cookie-syncing Iframe and they make it look like the Pentagon Papers: https://t.co/1nNt2rIHwb
— Ari Paparo (@aripap) September 4, 2019

More from @brave here https://t.co/d7T3KlcZac
— Rasmus Kleis Nielsen (@rasmus_kleis) September 4, 2019

permanent link

Open Wiki - Feel free to edit it. -

9/5 '19 answered

구글이 GDPR을 우회해 몰래 개인 정보를 광고주에게 넘기고 있다며 https://t.co/4i7vqOL7rG
• 라이언은 FT에 따르면, Google은 웹 브라우징 정보, 위치 및 기타 데이터를 포함한 추적기를 사용하여 "콘텐츠를 볼 수 없는" 웹 페이지를 통해 광고 회사에 보낸 것을 발견했다고 전했습니다.
— editoy (@editoy) September 5, 2019

Just a reminder that all those slick-looking mental health apps and self-help websites are not without cost (though probably without benefit). https://t.co/ndeuRjI07W
— Amy Barnhorst, MD (@amybarnhorst) September 5, 2019

Google has secret webpages that feed your personal data to advertisers, report says https://t.co/FSQ2N86uAZ
— ????-????é ????????? (@4ngl3rf1sh) September 4, 2019

Google has secret webpages that feed your personal data to advertisers, report says#cyberprivacy https://t.co/Z0BHTHtCly
— Tracy (@tracygarza) September 4, 2019

Google has secret webpages that feed your personal data to advertisers, report says https://t.co/6EyRMdodV9
— Mark Thiele (@mthiele10) September 4, 2019

"Colour me surprised."

Google has secret webpages that feed your personal data to advertisers, report says https://t.co/rbWbtOCoFB
— ★The★Fissure★King★ (@KingTherapy) September 4, 2019

Google has secret webpages that feed your personal data to advertisers, report says - CNET https://t.co/k7Z0xPD1oD
— QBaby (@weareqteam17) September 4, 2019

Brave browser catches Google tracking users with hidden web pages https://t.co/WyNI90wneT
— TNW (@thenextweb) September 5, 2019

Three cheers for the @Brave browser! ???
??️‍♂️ Brave browser catches Google tracking users with hidden web pages. That doesn't sound GDPR-compliant ... https://t.co/FtlJUicnaa #google #DoubleClick
— Vintuitive⚡️? (@Vintuitive) September 5, 2019

Brave browser catches Google tracking users with hidden web pages https://t.co/UjkVKlQM4n
— TNW (@thenextweb) September 4, 2019

Google accused of secretly feeding UK personal data to advertisers. https://t.co/vsLZdP7bbd
— D.K.R. Boyd (@ReflectingMan) September 5, 2019

Catch-up: #Google has been accused of secretly feeding personal data to advertisers, in breach of Europe's data protection laws, a competing search engine has claimed https://t.co/qxbtK2zLQS
— Telegraph Technology Intelligence (@TelegraphTech) September 5, 2019

Google accused of secretly feeding personal data to advertisershttps://t.co/xr0XSGRHLQ
— Privacy Bytes (@PrivacyBytes) September 5, 2019

Google accused of secretly feeding personal data to advertisers https://t.co/QVCJpKpHwC
— Andrew Campling (@Andrew_Campling) September 5, 2019

“Google allowed advertisers to combine information about him through hidden "push" pages, which are not visible to web users and could lead to them more easily identifying people online.”

Google accused of secretly feeding personal data to advertisers https://t.co/Xj7P5hdKV9
— Takuji Hashizume (@takujihashizume) September 4, 2019

Google is apparently still sending tracking IDs to third parties, in violation of GDPR, despite saying it stopped doing this https://t.co/cv0AmKaU4S
— Matthew Martin (@hyperplanes) September 5, 2019

"This appears to be by far the largest leakage of personal data ever recorded," says the great Dr Johnny Ryan about Google's sleazy GDPR "workaround." https://t.co/xS2KFKDLfK
— adcontrarian (@AdContrarian) September 5, 2019

Brave uncovers Google’s GDPR workaround https://t.co/f8i8dGNfEw
— Jim Nitterauer (@JNitterauer) September 5, 2019

The new evidence reveals a surreptitious mechanism that raises additional data protection concerns about Google’s “DoubleClick/Authorized Buyers” advertising system. This system is active on 8.4 million websites https://t.co/rqDOOSfDRv
— Niκoς Smyrnaios (@smykos) September 5, 2019

This sounds an awful lot like the Facebook / Cambridge Analytica story, only it's about Google and its DoubleClick customers. https://t.co/27CXVNBESJ
— Daniel Tunkelang (@dtunkelang) September 4, 2019

Brave uncovers Google’s #GDPR workaround https://t.co/p8kDhvrCEe #Cybersecurity #cybercrime #cyberattacks #hacker #hack #breach #phishing #dos #ransomware #malware #virus #apt #pii #nist #fcc #finra #hipaa #pci pic.twitter.com/7jT1eSLviN
— Rich Tehrani (@rtehrani) September 5, 2019

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.

Related

Featured