BC TECH
Saved by @zmbnski

Recently, the @CNIL issued a decision regarding the GDPR compliance of an unknown French adtech company named "Vectaury". It may seem like small fry, but the decision has potential wide-ranging impacts for Google, the IAB framework, and today's adtech. It's thread time! 👇

 It's all in French, but if you're up for it you can read:
• Their blog post (lacks the most interesting details): https://t.co/PHkDcOT1hy
• Their high-level legal decision: https://t.co/hwpiEvjodt
• The full notification: https://t.co/QQB7rfynha

I've read it so you needn't!
Vectaury was collecting geolocation data in order to create profiles (eg. people who often go to this or that type of shop) so as to power ad targeting. They operate through embedded SDKs and ad bidding, making them invisible to users.
The @CNIL notes that profiling based off of geolocation presents particular risks since it reveals people's movements and habits. As risky, the processing requires consent — this will be the heart of their assessment.
Interesting point: they justify the decision in part because of how many people COULD be targeted in this way (rather than how many have — though they note that too). Because it's on a phone, and many have phones, it is considered large-scale processing no matter what.
Other factor: the technicity and opacity of ad bidding systems is used to justify greater transparency requirements. People cannot expect to consent to what they don't understand (or even know exist), therefore the adtech ecosystem is de facto under *stronger* requirements.
The decision also notes that the @CNIL is openly using this to inform not just the company in question but whole ecosystem, including adtech of course but also app makers who embed ads and marketers who use them. You're all on notice!
Note that there is no fine: if Vectaury remediates by 1) no longer processing geographic data without consent, 2) retroactively wiping the data they have (since consent was invalid), and 3) prove they've done that then they're good to go. Out of business, too, I would guess.
Fun fact: the @CNIL takes privacy seriously, and two years from now the Vectaury decision they have just made will be anonymised so that just the pure legal content remains.
Let's jump into the heart of it. The decision looked at two distinct but related aspects:

1) Consent obtained directly in apps that embed Vectaury as an SDK, using Vectaury's CMP (Consent Management Platform). You can see it in action in this video: https://t.co/LGOjNOD18d
2) Consent collected elsewhere and signalled to Vectaury through use of the @IABEurope Consent Framework.

Both are found to be failing — the second one in very interesting ways. Keep reading!
The CMP fails exactly as you would expect:

1) The consent is not informed;
2) The consent is not specific;
3) The consent is not affirmative.

Given the high-risk nature of the processing and its opacity, this isn't even a very strict interpretation.
Here is the bombshell though: Consent through the @IABEurope framework is inherently invalid. Not because of a technical detail. Not because of an implementation aspect that could be fixed. No.
You cannot pass consent to another controller through a contractual relationship. BOOM
Precisely: a controller has the obligation to demonstrate, for the entirety of the data they are processing under consent, the validity of the consent obtained. Otherwise you're just failing Article 7.

This is huge.
This means that if someone gains consent for you, and you have a contract saying it's their responsibility to do so, you *still* have the obligation to verify that the consent is valid.
This rules the @IABEurope out as an option, but more than that: @Google forced publishers to collect consent on its behalf for advertising profiling. They have said that they will audit that publishers do it right — but will auditing be enough?
The decision very specifically states the need to verify consent for the "entirety" of the data. By definition an auditing approach only does spot checking.

Also, Google has said they won't use a clear definition of valid consent. This shows they will have to.
So, yeah — that happened. It will be interesting to see how this lines up with @johnnyryan and @RaviNa1k's complaint about programmatic in terms of enforcement decision.
The one part that slightly disappoints me is that the decision does not call into question the role of Android and iOS in providing the ad ID and geolocation in the first place, as joint controllers, without proper consent.

That might be a fight for another day 😊🤗

More from Tech

Jessie @ Chicago
Jessie @ Chicago
@jessiedotjs
Why did I leave Google? A thread.

This thread is going to include quotes from Wired's "Three Years of Misery Inside Google, the Happiest Company in Tech" because I'm not a professional writer

When I joined Google, I fell in love with the company immediately. I was excited to come to work, not just for the technical challenges, but because I really felt I was making a difference and working for the good guys.

I spent 20% of my week working on an app that helped people find lost loved ones after natural disasters. I spent more free time speaking to students about technology and diversity. For an entire school year, I taught CS classes twice a week at a local low income high school.

The company was open. We had a weekly meeting called TGIF where anyone in the company could ask questions of, and raise concerns with, the execs. We got real answers.
TECH
s. e. smith
s. e. smith
@sesmith
Oh are we talking about Sheryl Sandberg again? Well, your reminder that disabled feminists, LGBQT feminists, and feminists of color criticised her ‘lean in’ deal from day one. Don’t let anyone retcon that out of existence.

Like, a pretty narrow slice of feminists actually endorse and support corporate feminism, they’re just white, nondisabled, straight, cis, and noisy so their voices have a bigger reach.

So if your impression is that ‘feminism’ gave her a ‘free pass’ maybe you should question your overall impression of feminism rather than continuing to centre a handful of people as ‘thought leaders’ or whatever.

Critics within feminism have been doing this work for a long time and have been getting shat on it for about as long and I'm tired of seeing them erased. But what do I know — I am, after all, not a feminist.

But I WILL say, from my not-a-feminist perspective, that people who aren’t feminists who are criticising feminism should maybe understand the movement more deeply beyond a handful of high profile celebrity feminists.
TECH , SOCIETY
Advertisement
James Felton
James Felton
@JimMFelton
Butt plugs were originally sold as a miracle cure for headaches, acne, and insanity

Thread, article here and h/t: @qikipedia :
https://t.co/Ts84xnmWKJ


For a long time, medicine was pre-occupied with the question "can this be solved by putting something in the butt?"

Take, for example, tobacco smoke enemas, in which 18th Century physicians saw drowning victims and attempted to de-deadify them by blowing tobacco smoke up their rectums with a pipe.


Despite having no medical benefit whatsoever, the practice was popular, and enema kits lined the Thames like lifebelts, ready to be used as one final humiliation for somebody who was crap at swimming.

This practice ended sometime after 1800 when it became apparent that it didn't really work, given how the anus famously isn't really connected to the lungs, but doctors weren't quite finished with having a poke around in the old anus to see what happens just yet.
TECH
Danny Weinbaum
Danny Weinbaum
@eastshade
A thread about Eastshade's bike mechanic!

When I originally thought of putting a bicycling in Eastshade, I was pretty sure it wasn't going to work, for the simple fact that if it was easy, we'd see a lot more rideable bikes in games. Well, I was wrong. It took a mere week.


Its essentially a first person controller with extra momentum, resulting in the the movement direction lagging behind your look direction. Then I used the angle between the look and the movement to dictate camera "bank" and handle bar rotation, and voila! Game changing feature!


The look of the bike was harder than the movement. Bicycles are fairly modern, so it was tricky to fit it to the setting. I took some artistic liberties and settled on a penny farthing (but wooden), ignoring how impossible that would be to ride on the rugged terrain in Eastshade.

Surprisingly, the hardest part was sound. It didn't feel like riding a bike until I found the right sounds and how to trigger them. For a while I was stuck thinking too realistically. A penny farthing is fixed gear, pedaling sounds nothing like a regular modern bike.

Finally I abandoned realism and went with sounds normal people would associate with biking. We're all so used to modern bikes that we strongly associate the distinct ticking of a freewheel mechanism (think of the sound when you stop pedaling and coast on a modern bike).
TECH
Trond Bjor\xf8y
Trond Bjorøy
@trondbjoroy
1/12 @HathorNetwork offers a unique set of features for both builders and users. Some well known ones, others not so much. Let’s look at why you might want to consider Hathor as the layer 1 solution for your project. $HTR @HTRFDT #BuildOnHathor

2/12 Easy tokenization is the obvious one. You create your own token in less than a minute, no coding required.

3/12 As opposed to ERC tokens, your custom Hathor token is a layer 1 token. It inherits the same features and security as the native token, $HTR, effectively giving your token the same level of security as the #Bitcoin $BTC blockchain.

4/12 Hathor Network also passed their security audit by @SlowMist_Team so you can feel safe knowing that your L1 token fulfills the same security requirements as $HTR.

5/12 By configuring built-in nano contracts you will be able to add logic to your token. No coding required. Native nano contracts also mitigate the risk of bugs and security issues that comes with custom smart contracts development on other platforms. $HTR
TECH

You May Also Like

WORLD OF SANATAN DHARMA
WORLD OF SANATAN DHARM...
@world_sanatan
MINUTE DETAILS ABOUT THE ATTACK ON SHAISTA KHAN AT LAL MAHAL

Remarkable Commando op

A long 🧵 but worth your time

Aurangzeb sent his maternal uncle Shaista Khan with powerful army over 1,50,000 on the request of Badibegum Sahiba, Adilshahi sultanate

1/


Shaista Khan entered Deccan to kill Chhatrapati Shivaji Maharaj & to destroy his empire. Shahista Khan captured a lot of province and fort of Chakan near Pune.

2/


Till 3 years he gave lot of troubles to the subjects of Chhatrapati Shivaji Maharaj and he personally made Lal Mahal his destination to live at , which was the property of Chhatrapati Shivaji Maharaj . Lal Mahal, where Chhatrapati Shivaji Maharaj spent his childhood.

3/

1. In the April 1663 Chhatrapati Shivaji Maharaj personally made a surprise attack on Shahista Khan in the Lal Mahal Pune.

2. Chhatrapati Shivaji Maharaj attacked with 300 soldiers at the midnight while Lal Mahal had strong security of 1.5 lac soldiers for Shahista Khan.

4/

3. He entered in Pune, he made a drama of wedding ceremony to enter in Pune near Lal Mahal.

4. During the night they made big hole at the wall of Lal Mahal and entered into the palace.

5/
ALL
Jig's Patel
Jig's Patel
@jigspatel1988
How to trade on Expiry day with Nifty straddle?
(System trading on Expiry)

Triple straddle is one of the best and accurate methods for expiry day

If nifty trading at 15720 then will sell three straddles above 50 points from ATM, below 50 points and ATM.

Ex.
Sell straddle 15700(ATM), 15650(ATM-50), 15750 (ATM+50)

Stoploss of 80% on every leg and run your trade till 3 PM

Once SL hit in any Leg just keep holding other leg till expiry with SL (Never or less chance to hit both SL on expiry day)

Trading timing at 9:20 the Morning
ALL , STRADDLE BACKTEST , STRADDLE
Advertisement
ArmaniTalks \U0001f399\U0001f525
ArmaniTalks 🎙🔥...
@ArmaniTalks
Your Most PRECIOUS Currencies:

-Energy

-Time

-Attention

-Trust

-Love

-Loyalty

-Respect

Only give these currencies to high value people. Never spend these currencies on low value shitheads eg: trolls, weasels, snakes, naysayers etc.

'Wait, I thought money was the most important currency?'

Nah.

Once you adopt abundance mentality, you realize their is no shortage of money.

Making the dollars your most important currency will have you leading an empty life.

Time to flip your perspective.

👇

▪Energy

When you strip yourself to the core, you are an emotional creature.

Emotions are your internal worlds energy.

Harnessing that energy is crucial for leveraging yourself to obtain whatever you want.

You have a finite amount everyday, so spend it wisely.

▪Time

A second that is lost will never be returned.

You start valuing the hell out of this currency the more you mature.

As the years start adding up, you realize time is precious.

You must always have a scarcity mindset towards time.

Once you do so, you will not be lazy.

▪Attention

You can be here, but not present.

Attention is completely mental.

Giving someone your attention means you are clearing up mental bandwidth to make room for them.

Only give your attention to people who help you grow.

For the negative ones?

Ignore their existence
LIFE
Patrick McKenzie
Patrick McKenzie
@patio11
My friends @robwalling and @einarvollset just launched TinySeed, an accelerator for software companies where a successful outcome is a healthy, sustainable business rather than attempting to ride the rocketship trajectory. https://t.co/LSHqZNcVid

I have some thoughts:

As somebody who bootstrapped ~4 companies, I feel like I had to make some clearly suboptimal decisions early in them for lack of what is, in hindsight, not all that much money. But there's a huge gap in the product space for investment options.

It's weird: you can get $25k from Amex trivially, and angels are very willing to write a check for that much, but you have to make representations about your goals/ambitions/market/etc which don't really apply to everyone.

And so you see the traditional angel/VC ecosystem fund companies where honestly the returns are probably not there, and this is knowable pretty early, but the chase of them will wreck what could have been a perfectly happy business.

(To make the math work for traditional VCs the company has to at least have a market-appropriate shot of $100 million a year. There are a lot more $10 million a year companies than $100 million a year companies. That is *not* a bad terminal outcome for founders/employees.)
ALL
Doga Queen //: Beyond Your Boundary
Doga Queen //: Beyond ...
@QueenDoga
We have to talk Crunchyroll yet the fuck again, but this time over a issue with Translation in the Zombie Idol recent episode but first i need to apologize to .@BigBootyWitches because i got it wrong between trans and futa but it turns out we all got played by Crunchy...

first off. One Poster i retweeted turned out to say that Lily, is more of a Ototo No Ko. She later confirms from those that watch the show in Japan that the audio doesnt match the translation and the translation itself was a self insert.

This is the major problem I have. Look, i get it. The west still has no handle on these issues. Other countries dont raise a huge fit about it and in Asia certain countries societies dont really accept it and some reluctantly accept it.

But this continuation of the bullshit from Crunchy since High Guardian Spice is beyond the pale. They lied about helping the Japanese animators. They lied about their new projects and their dubs, Funimation took most of their projects away from Crunchy...

And now, so desperate for relevance and kicks and outrage, they do this self insert, just to get some of their more conservative folk on edge, ranting about how they left one "pozzed" medium with the western animation industry to see the "pozz" get into the only thing left...
SOCIETY