<< find an exec and buy their details for pennies and call them up on their cellphone. (this is usually successful, but can backfire badly -- CashApp terminated my account for this shenanigans)
Honestly, kudos. The rules should apply to the ones foisting this system upon us as well. This is probably the only way to make anyone in power reconsider current setup.
<< As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.
And people laughed at Red Reddington when he said he had no email.
There was a post from someone a long time ago who has an email address and name similar to Make Cuban but not quite. He got quite a few cold call emails meant for Cuban. A lot of them were quite sad (people asking for money for medical procedures and such).
As we all know some of the "consent" pop-ups have a first page of general settings, and then a "vendors" page to further deselect all the "legitimate interests".
I recently noticed that a fraction of the "vendors" allow deselecting the "legitimate interest" but have the "consent" tick box marked and unmodifiable.
The following vendors have un-deselectable "consent" tickboxes:
Skimbit Ltd
Confiant Inc.
Lumen Research Limited
Visarity Technologies GmbH
DoubleVerify Inc.
Revcontent, LLC
Adssets AB
Integral Ad Science (incorporating ADmantX)
Mirando GmbH & Co KG
Polar Mobile Group Inc.
Rockabox Media Ltd
Telecoming S.A.
Seenthis AB
HUMAN
Papirfly AS
NEXD
One Tech Group GmbH
illuma technology limited
CHEQ AI TECHNOLOGIES
Adjust Digital A/S
VRTCAL Markets Inc
Cavai AS
Kiosked Ltd
Protected Media LTD
Oracle Data Cloud - Moat
Bannernow, Inc.
Jetpack Digital LLC
GeoEdge
Ensighten
IVO Media Ltd
Online Media Solutions LTD
Mobkoi Ltd
Redbranch, Inc dba Fraudlogix
Alphalyr SAS
Silverbullet Data Services Group
Stream Eye OOD
adbalancer Werbeagentur GmbH
Somplo Ltd
Velocity Made Good LLC
Vyde Ltd.
Adelaide Metrics Inc
Sqreem Technologies Private Limited
TMT Digital Inc
dpa-infocom GmbH
Brandhouse/Subsero A/S
streaMonkey GmbH
Alkimi
Zeit Agency ApS
Sitewit, Corp
AccountInsight Ltd
Aderize, Inc.
fraud0 GmbH
Channel99, Inc.
Videobot Ltd
Appstock LTD.
Dando online LTD
EMBRACE Systems GmbH
Hiili SL
YIELDBIRD SP. Z O.O.
Volentio JSD Limited
BEAPUP SOLUTIONS LTD
Public Good Software Inc.
Kidoz Inc.
DataDome SA
Sarigato Sp. z o.o.
Gesher Software LTD dba bridgeupp
Playdigo Inc
Sipo Inc
EliteAppgrade
SpinX Pte Ltd
Creatopy INC
Codevelop Technologies GmbH
Adgrid Media, LLC
ProgrammaticX LTD
Nitrouppi LTD
9 Dots Media Ltd
Vudoo Pty Ltd
Mobavenue Media Pvt Ltd
Carbonatix LTD
1) What is up with these?
2) Are these even legal under GDPR rules?
3) Does this not nullify arguments by certain 3 letter agencies that users "consent" to their tracking?
4) Who is behind these companies? Any idea on how to approach this from an investigative journalism angle? Can we figure out the headquarters, employee counts, CEO's of these companies?
5) If "undeselectable consent tickboxes" qualify as legally valid consent, doesn't this set a precedent to foist off miryads of types of lack of consent as "consent"? Will this enable legalizing rape? Where does this Pandora's box end? How is this any different from:
6) As far as I understand, an illegal contract is void. If the forms submitted by users contained undeselectable "consent tickboxes"; then the forms no longer constitute legal contracts. Observe that this is regardless of the preferences of all the other tickboxes: even if users were to lazy to deselect all the deselectable tickboxes, the mere presence of deselectable tickboxes voids these forms as contracts. This means that all the other vendors didn't receive any consent, since their specific submitted form-as-a-contract is void, even if the majority of the vendors had consent tickboxes that could be deselected. It would seem prudent for such companies to insist that the forms don't contain undeselectable tickboxes for any companies since it would nullify the consent they hope to receive.
As a European resident, I have put in a complaint to the company for you. Should it be dismissed out-of-hand, I will forward a complaint to my national Information Commissioner's office. I will post any results.
out of curiosity: which company did you put in a complaint to?
about posting any results: I assume you are aware that after some time it is no longer possible to add comments to a HN discussion, I assume you will post any progress as a HN submission?
> The rules should apply to the ones foisting this system upon us as well. This is probably the only way to make anyone in power reconsider current setup.
Unless your problem is with the company doing the privacy violations, this doesn’t make any sense.
Where I live, which is not in the USA, I'm confident my doctor's office doesn't sell their contact list - or at least, not without statistical anonymisation and aggregation for research purposes.
They probably outsource processing the data and storing it to other entities, but that will be under contracts which govern how the data may be used and handled. I assume that's not what "sell the data" means in this conversation.
It would be such an egregious violation of local data protection law to sell patient personal details for unrestricted commercial use, including their contact info, and it would make the political news where I live if they were found out.
Also "not in the USA" i actually work on a medical ish application these days (not the in production version, mind but a fork with new features that's entirely separate at the moment).
I have access to ... zero patient data. Our entire test database is synthetic records.
HIPAA is pretty much the only halfway effective privacy regulation the US has. It imposes strong regulatory, licensure, and even criminal censure for violations.
It's formulated so that they can give those contacts away rather than sell them, but only to the rest of the medical goods & services supplychain that are involved in your care, who are also bound by HIPAA.
The worst dark pattern this has generated so far seems to be pharmaceutical company drug reps bribing your doctor to change what they would prescribe you.
The worst that's likely to happen without regulation, as far as I can tell, involves an associated provider just leaking UnitedHealthcare's full database of every patient and every condition.
Exactly this was tried by the likes of James Oliver and journalists/comedians of that caliber running ads and gathering data from politicians in Washington.
Honestly, kudos. The rules should apply to the ones foisting this system upon us as well. This is probably the only way to make anyone in power reconsider current setup.
<< As soon as your cousin clicks "Yes, I would like to share the entire contents of my contacts with you" when they launch TikTok your name, phone number, email etc are all in the crowd.
And people laughed at Red Reddington when he said he had no email.