Technology
With $410M+ in new EU privacy fines, Meta’s New Year begins
More privacy fines and corrective orders are beginning the New Year by affecting Meta’s operations in Europe. The most recent round of action comes in response to several EU General Data Protection Regulation (GDPR) complaints over the legitimacy of the company’s use of behavioral advertising.
The Irish Data Protection Commission (DPC), the principal data protection watchdog in the area for Facebook owner Meta, announced today that it had adopted final decisions on two of these protracted investigations — against Meta-owned social networking site Facebook and social photo sharing service Instagram.
The European Data Protection Board (EDPBbinding )’s decision on these complaints last month that contractual necessity is not an appropriate basis for processing personal data for behavioral ads is confirmed by the DPC’s press release today, which also announces financial penalties of €210 million ($223 million) for Facebook and €180 million ($191 million) for Instagram in relation to these complaints.
These new penalties come on top of a slew of privacy fines handed down to Meta in Europe last year, including a €265M fine for a Facebook data-scraping breach, a €405M fine for an Instagram violation of children’s privacy, a €17M fine for a number of earlier Facebook data breaches, and a €60M fine for violating Facebook cookie consent. All told, these penalties will bring the total amount of (publicly disclosed) EU data protection and privacy
However, Meta has already received fines totaling more than half of the regional total for last year in the first few days of 2023, and additional penalties may be on the way.
Corrective actions are also being taken, in accordance with the DPC’s PR, and Meta has been given three months to make its processing in line with the GDPR.
Therefore, it will have to ask users for their approval rather than relying on the defense of contractual necessity to run behavioral ads. (And users who reject its surveillance advertising cannot be profiled or targeted.)
Max Schrems, the creator of the European privacy rights organization (noyb) that brought the initial GDPR complaints, commented in a statement: “This is a severe blow to Meta’s revenues in the EU. People must now be asked if they agree or disagree with the usage of their data for advertising. They must be given a “yes” or “no” choice and are free to alter their decision at any moment. Additionally, the decision guarantees parity with other advertisers who likewise must obtain opt-in consent.
The internet giant is quite likely to dispute the rulings given how crucial Meta’s tracking and targeting ad strategy still is to its business. If it does, this might cause new delays as legal challenges to the now-ordered enforcement are resolved in the courts. Therefore, it can be years before Meta submits to correction through EU privacy regulation.
Full information on disagreements between data protection authorities as well as other intriguing facts, such how the level of the fines have been established, are still to come. This is because the DPC’s final findings on these inquiries have not yet been released.
However, the DPC offers its own perspective on the regulatory disputes in a press release that announces the two final verdicts, writing:
The CSAs [concerned supervisory authorities] concurred with the DPC’s findings on the issue of whether Meta Ireland had violated its transparency duties, even if they thought the DPC’s suggested sanctions should be enhanced.
Ten out of the 47 CSAs voiced concerns about other parts of the draft rulings (one of which was subsequently withdrawn in the case of the draft decision relating to the Instagram service). The delivery of personalized advertising (as part of the larger suite of personalized services offered as part of the Facebook and Instagram services) could not be said to be necessary to perform the core elements of what was said to be a much more limited form of contract, according to this subset of CSAs, who believed that Meta Ireland should not be allowed to rely on the contract legal basis.
The DPC disagreed, expressing its opinion that the Facebook and Instagram services comprise and, in fact, appear to be built around the provision of a personalized service that includes individualized or behavioral advertising. These are, in fact, personalized services that also include individualized advertising. According to the DPC, this reality is crucial to the agreement reached between users and their preferred service provider and is a component of the contract signed when users agree to the Terms of Service.
The EDPB was instructed to (further) raise the level of sanctions issued because the DPC’s PR also reveals that Meta violated the GDPR fairness principle in addition to the transparency breach that the Board supported.
A third ruling against WhatsApp, which is owned by Meta, is still pending at the DPC but is expected to be delivered in the next week or so. (The regulator informs us that this is due to a brief delay in the DPC receiving the binding judgement from the EDPB on that complaint.)
According to noyb, a fine for WhatsApp under that concurrent process is anticipated to be made public by mid-January.
Update: Meta responded to the rulings in a blog post and asserts that the legal foundation it chose to process people’s data for advertising purposes “respects GDPR.” Additionally, it states that it intends to appeal the rulings on both the merits and the severity of the fines levied.
In a statement that echoes the DPC’s assertion that ad-supported “personalized” services must be “all or nothing,” Meta writes that “Facebook and Instagram are inherently personalised, and we believe that providing each user with their own unique experience – including the ads they see – is a necessary and essential part of that service.
As long as users’ safety and privacy settings allow it, we have relied on a legal theory known as “Contractual Necessity” to offer them behavioral advertisements based on their online actions. It also asserts that it would be highly unusual for a social media service to not be customized to each user, while omitting to mention that, prior to relying on a claim of contractual necessity in 2018, before the GDPR went into effect, it had relied on a claim of user consent for the processing of ads.
Additionally, according to Meta’s blog post, the DPC’s rulings do not forbid personalized advertising on its platform or require the use of consent for ad-based processing.
The claim that personalized advertising can no longer be provided by Meta across Europe without first obtaining consent from each user is false, it says. Similar firms process data using a range of legal basis, and we are considering a number of solutions that will enable us to continue providing our users with a completely personalized service. It is untrue to say that Meta can no longer provide personalized adverts across Europe without first obtaining each user’s consent.
Regulation of coerced consent
The European privacy rights campaign group noyb targeted the tech giant’s use of so-called “forced consent” (i.e., forcing users to accept sign-up terms that state they must “agree” to their data being processed for behavioral ads or they will not be able to use the service) in May 2018, just as the GDPR went into effect throughout the European Union.
In contrast to the EDPB’s binding ruling, the Irish regulator’s draft judgement on the complaints was disclosed back in October 2021, and the DPC did not raise concerns about Meta’s reliance on contractual necessity for running behavioral ads. Despite finding violations of the GDPR’s transparency rules, the report claimed that it was doubtful that consumers knew they were agreeing to a Facebook ad contract when they clicked the site’s “I agree” button.
Therefore, the DPC initially requested a reduced penalty (of about $36M) compared to the financial blow in final decisions that is now emerging, which is more than 10x larger (still with the WhatsApp final decision pending).
Through the GDPR’s cooperation mechanism, which involves other EU data protection authorities (who can, and in this case several did, object to a lead supervisor’s draft decision), and designates the EDPB as the final arbiter when regulators can’t agree among themselves, a much tougher enforcement regime has been reached. Therefore, in this instance (and not for the first time), the DPC has been given instructions to arrive at a different decision than it would have otherwise.
The level of enforcement resulting from a collective regulatory mechanism baked into GDPR is higher (and stricter) than it would have been with Ireland acting alone, as has happened multiple times before.
The EDPB “took a different view on the ‘legal basis’ question,” according to the regulator, who added that the final decisions adopted by the DPC on December 31, 2022, “reflect the EDPB’s binding determinations as set out above.” The DPC frames the outcome somewhat differently—as a difference of legal interpretations. Because of this, the DPC’s decisions include conclusions that Meta Ireland is not permitted to rely on the “contract” legal basis in connection with the delivery of behavioral advertising as part of its Facebook and Instagram services and that its purported processing of user data up to this point in reliance on the “contract” legal basis constitutes a violation of Article 6 of the GDPR.
It will be interesting to see if Meta’s attorneys attempt to capitalize on the DPC’s (now publicly stated) assertion that Facebook and Instagram are “premised on, the provision of a personalised service that includes personalised or behavioral advertising” and its (convenient-for-Meta) conflation of personalised services and personalised advertising through an expressed stance that such a conjoined pairing is “central to the bargain struck between users and their chosen servic
It’s odd that the DPC’s position on this issue (as well as Meta’s!) ignores the presence of additional types of (ads that don’t violate privacy) that Meta might employ to fund its service, including contextual advertisements.
Additionally, its PR makes no mention of the possibility that Meta will be required to destroy all the information it has been unlawfully processing since 2018. However, litigation finance companies are unlikely to pass up the chance to scale privacy class actions.
Additional drama is developing in relation to today’s DPC statement as well: Schrems tweeted his displeasure with the DPC’s statement that noyb wouldn’t receive the final verdict until Meta had an opportunity to redact the paper. In ten years of litigation, I’ve never seen anything like it, he continued. F*cking insane
https://twitter.com/maxschrems/status/1610625661042933761?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1610625661042933761%7Ctwgr%5Eca5f8f0f746bb75df4fc553e6528ba909c016160%7Ctwcon%5Es1_c10&ref_url=https%3A%2F%2Ftechcrunch.com%2F
(Recall that noyb had already filed a case of criminal corruption against the DPC in 2021, alleging the regulator of corruption and “procedural blackmail” in connection with attempts to block the publication of records pertaining to GDPR complaints.)
The DPC’s “quite diabolic public relations game,” according to noyb’s Schrems, is further criticized in a press statement from the company. He writes: “Getting overturned by the EDPB is a big blow for the DPC, but now they seem to at least strive to gain the public impression of this issue. I have been involved in litigation for 10 years and have never witnessed a decision being served to one side but not the other. The DPC engages in very evil public relations tactics. It attempts to co-write the story of the decision with Meta by preventing noyb or the general public from reading it. Despite being overridden by the EDPB, it appears that the cooperation between Meta and the Irish regulator is still going strong.
The DPC has stated it is commencing an annulment action against specific “jurisdictional” components of the EDPB judgement, another unusual move by the Irish regulator that only looks destined to increase criticism of its friction-generating approach to GDPR enforcement.
Instead, it asserts that it disagrees with other aspects of the guidance provided by the Board and accuses the steering board of exceeding its authority in a disagreement under GDPR Article 65.
The Board’s legally binding decision also instructs the DPC to carry out what the Irish regulator describes as “a fresh investigation that would span all of Facebook and Instagram’s data processing operations and would examine special categories of personal data that may or may not be processed in the context of those operations,” which suggests that this action was initiated.
In the EU, where legal experts have been warning for years that the tech giant’s consent-free tracking and profiling of citizens is in violation of the bloc’s legal framework on data protection, such an investigation, should it actually occur, could really drive a stake through the heart of Meta’s privacy-sucking business model.
It’s therefore intriguing that the DPC wants to avoid opening a thorough inquiry into Meta’s data processing at the EDPB’s request.
According to its PR, the decisions it has made today “necessarily do not include reference to additional investigations of all Facebook and Instagram data processing operations that were instructed by the EDPB in its binding decisions.” The regulator explains why it takes issue with this statement:
Regarding national independent authorities, the EDPB does not have a general oversight role comparable to that of national courts, nor is it permitted to order and instruct such authority to conduct an unrestricted and speculative investigation. In light of this, the instruction is problematic from a legal standpoint and does not seem to follow the GDPR’s guidelines for collaboration and consistency. The DPC believes it is appropriate to file an action for annulment before the Court of Justice of the EU in order to request the setting aside of the EDPB’s instructions in the event that the directive may represent an overreach on the part of the EDPB.
What the EU General Court will do with the DPC’s complaint is still up in the air.
However, the court last month decided that WhatsApp’s legal challenge of an earlier EDPB binding decision on a different GDPR inquiry, which similarly significantly increased the level of enforcement it would have faced from an earlier DPC draft ruling, was inadmissible.
Artificial Intelligence
Google DeepMind Shows Off A Robot That Plays Table Tennis At A Fun “Solidly Amateur” Level
Have you ever wanted to play table tennis but didn’t have anyone to play with? We have a big scientific discovery for you! Google DeepMind just showed off a robot that could give you a run for your money in a game. But don’t think you’d be beaten badly—the engineers say their robot plays at a “solidly amateur” level.
From scary faces to robo-snails that work together to Atlas, who is now retired and happy, it seems like we’re always just one step away from another amazing robotics achievement. But people can still do a lot of things that robots haven’t come close to.
In terms of speed and performance in physical tasks, engineers are still trying to make machines that can be like humans. With the creation of their table-tennis-playing robot, a team at DeepMind has taken a step toward that goal.
What the team says in their new preprint, which hasn’t been published yet in a peer-reviewed journal, is that competitive matches are often incredibly dynamic, with complicated movements, quick eye-hand coordination, and high-level strategies that change based on the opponent’s strengths and weaknesses. Pure strategy games like chess, which robots are already good at (though with… mixed results), don’t have these features. Games like table tennis do.
People who play games spend years practicing to get better. The DeepMind team wanted to make a robot that could really compete with a human opponent and make the game fun for both of them. They say that their robot is the first to reach these goals.
They came up with a library of “low-level skills” and a “high-level controller” that picks the best skill for each situation. As the team explained in their announcement of their new idea, the skill library has a number of different table tennis techniques, such as forehand and backhand serves. The controller uses descriptions of these skills along with information about how the game is going and its opponent’s skill level to choose the best skill that it can physically do.
The robot began with some information about people. It was then taught through simulations that helped it learn new skills through reinforcement learning. It continued to learn and change by playing against people. Watch the video below to see for yourself what happened.
“It’s really cool to see the robot play against players of all skill levels and styles.” Our goal was for the robot to be at an intermediate level when we started. “It really did that, all of our hard work paid off,” said Barney J. Reed, a professional table tennis coach who helped with the project. “I think the robot was even better than I thought it would be.”
The team held competitions where the robot competed against 29 people whose skills ranged from beginner to advanced+. The matches were played according to normal rules, with one important exception: the robot could not physically serve the ball.
The robot won every game it played against beginners, but it lost every game it played against advanced and advanced+ players. It won 55% of the time against opponents at an intermediate level, which led the team to believe it had reached an intermediate level of human skill.
The important thing is that all of the opponents, no matter how good they were, thought the matches were “fun” and “engaging.” They even had fun taking advantage of the robot’s flaws. The more skilled players thought that this kind of system could be better than a ball thrower as a way to train.
There probably won’t be a robot team in the Olympics any time soon, but it could be used as a training tool. Who knows what will happen in the future?
The preprint has been put on arXiv.
Astronomy
Witness the rare celestial event of Mars and Jupiter reaching their closest proximity in the sky this week, a phenomenon that will not occur again until 2033.
Mars and Jupiter will be only 0.3 degrees apart in the sky on August 14. From our point of view, this passage is very close. If you miss it, you won’t be able to see another one until 2033.
When two objects pass each other in the sky from our point of view, this is called a conjunction. Every time two planets came together, the closer one would block out the other because they would all be moving in a perfectly flat plane. The orbits of the planets are slightly different from those of the other planets, though, so they move slightly to the north and south of each other. Every time, that gap is a different size.
When two things happen close together, the results are especially stunning. Jupiter and Saturn were close enough to each other in 2020 that they could be seen in the same field of view through a telescope. This is a treat for people who like to observe the sky.
Being 0.5 degrees wide, the full moon will fit in any view that can hold the whole moon. This pair will also look good before and after the full moon.
But even with the naked eye, a close conjunction can make the sky look even more amazing. The contrast between the red of Mars and the white of Jupiter will be especially striking. However, Mars’ brightness changes a lot. When it’s at its brightest, it’s about the same brightness as Jupiter. Right now, it’s 16 times less bright. They are so bright that, unless there are clouds, you should be able to see them from all but the dirtiest cities.
Most people in the world will miss this sight, though, because they can’t see the pair of planets in the evening from anywhere on Earth. The exact time they rise depends on where you live, but it’s usually between midnight and 3 am. To see this, you will mostly need to get up before astronomical twilight starts so that you have time to get through the thickest part of the atmosphere.
For people in Europe, Africa, west Asia, and the Americas, the closest time will be 14:53 UTC, which is during the day. The mornings before and after, though, will look almost as close.
Mars and Jupiter meet about every two and a half years, but the most recent one was almost twice as far away and could only be seen in the morning. In 2029, the gaps will be just under two degrees. The next one will be even wider, at more than a degree.
When planets are close to each other, that doesn’t always mean that their distance from each other is very small. Mars has been around the Sun for 687 days, but it is now less than 100 days past its perihelion, which means it is closer than usual. Even though Jupiter is a little closer than usual, it’s not really that close. To be as close as possible to each other, Mars has to be at its farthest point, and Jupiter has to be at its closest point. So this one is not unusual.
But if you want to see something beautiful, you will have to wait more than nine years to see it again.
Engineering
New concrete that doesn’t need cement could cut carbon emissions in the construction industry
Even though concrete is a very common building material, it is not at all the most environmentally friendly choice. Because of this, scientists and engineers have been looking for alternatives that are better for the environment. They may have found one: concrete that doesn’t need cement.
Cement production, which is a crucial ingredient in concrete, ranks as the third most significant contributor to human-caused carbon emissions globally. Nevertheless, in recent years, a multitude of alternative techniques for producing more environmentally friendly concrete have surfaced. One proposed method involves utilizing industrial waste and steel slag as CO2-reducing additives in the concrete mixture. Another suggestion is to utilize spent coffee grounds to enhance the strength of the concrete while reducing the amount of sand required.
However, a certain company has devised a technique to produce cement-free concrete suitable for commercial enterprises.
The concrete has the potential to have a net reduction in carbon dioxide and has the ability to prevent approximately 1 metric ton of carbon emissions for every metric ton used. If this statement is accurate, the cement-free binder will serve as a noteworthy substitute for Portland cement. According to BGR, the new concrete also complies with all the industry standards of traditional cement concrete, ensuring that there is no compromise in terms of strength and durability.
While it is still in the early stages, the situation seems encouraging. C-Crete Technologies, a company specializing in materials science and holding the patents for a novel form of concrete, has utilized approximately 140 tons of this new cast-in-place (pourable) concrete in recent construction endeavors.
In September 2023, the company was granted an initial sum of almost $1 million, promptly succeeded by an additional $2 million, by the US Department of Energy to advance the progress of its technology. In addition, it has garnered numerous accolades that are facilitating its growth in operations.
The widespread adoption of cement-free concrete in future construction projects has the potential to significantly alter the environmental impact of the industry. Although C-Crete seems to be one of the few companies currently exploring these new alternatives on a large scale, it is likely that others will also start embracing them in the near future.
- Gadgets10 years ago
Why the Nexus 7 is still a good tablet in 2015
- Mobile Devices10 years ago
Samsung Galaxy Note 4 vs Galaxy Note 5: is there room for improvement?
- Editorials10 years ago
Samsung Galaxy Note 4 – How bad updates prevent people from enjoying their phones
- Mobile Devices9 years ago
Nexus 5 2015 and Android M born to be together
- Gaming10 years ago
New Teaser For Five Nights At Freddy’s 4
- Mobile Devices9 years ago
Google not releasing Android M to Nexus 7
- Gadgets10 years ago
Moto G Android 5.0.2 Lollipop still has a memory leak bug
- Mobile Devices9 years ago
Nexus 7 2015: Huawei and Google changing the game