[Plura-list] Suing all of ad-tech; Interop Sci-Fi

Cory Doctorow doctorow at craphound.com
Wed Jun 16 12:36:53 EDT 2021

Today's links

* Suing all of ad-tech: Will an EU country finally enforce the GDPR?

* Interop Sci-Fi: Inside the Clock Tower, my interoperability sf for
Consumer Reports.

* This day in history: 2011, 2016, 2020

* Colophon: Recent publications, upcoming/recent appearances, current
writing projects, current reading


⛹🏽 Suing all of ad-tech

The EU's General Data Protection Regulation (GDPR) has been a mixed bag,
but at its core is an exemplary and indisputable principle: you can't
give informed consent for activities you don't understand.

Since the dawn of online commercial surveillance, ad-tech sector
maintained the obvious fiction that we agreed to allow it to
nonconsensually suck in our private information, either by clicking "I
Agree" on a garbage novella of unreadable legalese, or just by using a

GDPR exposes this "consent theater" for a sham. It says, "Look, if you
think users are cool with all this surveillance and data-processing,
you've got to *ask them*. Lay out each use of data you want to make, one
at a time, and get consent for it."


That means that if you're Google and you're thinking of using the data
you ingest in 800 different ways, you've got to show your users 800
yes/no questions, defaulting to "no," to see if they consent to it, and
you have to give them a "no to all" box to opt out of everything.

It won't shock you to learn that virtually no one consents to this. It's
a lesson we learned again when Apple updated Ios to let users install
apps but opt out of their data-collection - and to opt out of being
asked whether they want *any* app to collect their data.

That said, there are some problems with the GDPR; some are structural
(the "right to be forgotten" is a poorly thought-through dumpster fire
that lets rich sociopaths erase the records of their crimes from the
internet) and some are technical.

The principle technical problem with the GDPR is that EU prosecutors
just haven't enforced it vigorously enough. In particular, they lack the
resources to take on the biggest names in ad-tech, Facebook and Google,
who have them substantially outgunned.

However, the GDPR has a saving grace in this regard: it includes a
"private right of action," that allows everyday Europeans to seek
enforcement of the law, even if prosecutors are too timid to take up the

Private rights of action are key, but political conservatives hate them
because they don't want businesses to be held accountable by the public.
The omission of a private right of action from the US ACCESS Act is its
most significant flaw,


GDPR's private right of action has allowed dedicated individuals to use
the law to wage asymmetrical warfare against giant, seemingly
all-powerful corporations. The pioneer here is Max Schrems, who made
history with his private case against Facebook:


After Schrems brought cases against Google and Facebook over GDPR
violations, the EU's highest court ordered the companies to stop moving
Europeans' data to their US servers:


Facebook has (laughably) threatened to leave Europe over this. It was a
hollow and idiotic threat and they never made good on it and I will bet
you a testicle* that they never will.


*Not one of mine

Schrems isn't the only individual who hopes to enforce the GDPR against
Big Tech. Johnny Ryan and the Irish Council for Civil Liberties have
lodged a case in a German court against the IAB, the ad-tech industry
association that maintains its "audience taxonomy" codes.


When you land on a webpage, your identity is boiled down to a set of
these codes, such as 383 (interested in hair-loss treatments) and 60
(household income of <$10k/year), and these are passed to dozens or
hundreds of ad-tech bidders to see if they'll pay to show you an ad.

Ryan and the ICCL say that no one ever consented to this, and thus the
entire ad-tech industry is in violation of the GDPR. By targeting the
IAB and its taxonomy, they might be able to yank the foundation out from
beneath the targeted advertising industry.

Ryan has filed similar complaints in many EU nations, including Ireland,
the tax-haven where many tech giants have planted their flags of
convenience. The Irish case has languished for three years now.

There are 27 EU nations, and the ad-tech industry violates the GDPR in
every single one of them. Ryan is betting that he will eventually find a
jurisdiction where the courts will actually enforce the law.

It's a neat illustration of the power and peril of a private right of
action: on the one hand, it lets individuals take up cases that
prosecutors ignore; on the other hand, these cases are subject to the
whims of judges who might delay them indefinitely.

But with 27 courts to choose from, the odds of enforcement tilt towards
the public interest.


⛹🏽 Interop Sci-Fi

The most anti-science-fiction political leader of all time was Margaret
Thatcher. Her motto - "There is no alternative" - was a demand
masquerading as an observation, and what she really meant was "Stop
trying to imagine an alternative."

This idea - that our world is inevitable, not the result of human
choices, and it cannot be altered through human action - is well-put in
the quote attributed to Frederic Jameson “it is easier to imagine the
end of the world than to imagine the end of capitalism."

In that light, science fiction can be a radical literature indeed.
Depicting a future where our bedrock assumptions of our interpersonal,
political and commercial relations are different implicitly denies that
our present is inevitable or immutable.

(By the same token, sf can be a ghastly and reactionary literature: the
mere act of asserting that the future will be just like today, save for
some cosmetic technological "innovations," implicitly says that we have
arrived at the end of history itself)

This week in Consumer Reports Digital Labs, I've published "Inside the
Clock Tower: An Interoperability Story," a science fiction story about
women comics creators who use interop to create their own
anti-harassment policies.


The story illustrates how there *is* an alternative: we don't have to
figure out how to make giant services perfect their role as bosses of
hundreds of millions (or billions) of peoples' social lives - we can let
users control their own moderation policies.

Likewise, there is an alternative for marginalized and harassed groups
of people to disappearing from the large social media platforms and
giving up on the visibility, community, work opportunities and other
benefits that keep us all here.

The story's release was timed to coincide with the publication of the
ACCESS Act, the most significant interoperability bill in US history.


I discussed the story and the bill with Kaveh Waddell for an interview
on the Digital Labs' site, delving into its technical, legal and social
dimensions, and how ACCESS can be a bridge to even more significant
reductions in Big Tech's dominance.


The story itself is licensed Creative Commons Attribution-Share Alike,
meaning you can reprint it, and even sell it (provided you do so on the
same terms) - anything that helps remind people that there is always an


⛹🏽 This day in history

#10yrsago Networks are necessary, but not sufficient, for social

#5yrsago Canadian trade policy expert calls TPP a “threat to democracy”

#5yrsago The winners in today’s economy work worse hours than
yesterday’s losers

#1yrago The technology of Uyghur oppression


⛹🏽 Colophon

Today's top sources: Sean Bohan (https://twitter.com/seanbohan).

Currently writing:

* Spill, a Little Brother short story about pipeline protests.
Yesterday's progress: 268 words (6002 words total).

* A Little Brother short story about remote invigilation.  PLANNING

* A nonfiction book about excessive buyer-power in the arts, co-written
with Rebecca Giblin, "The Shakedown."  FINAL EDITS

* A post-GND utopian novel, "The Lost Cause."  FINISHED

* A cyberpunk noir thriller novel, "Red Team Blues."  FINISHED

Currently reading: Analogia by George Dyson.

Latest podcast: How To Destroy Surveillance Capitalism (Part 06)

Upcoming appearances:

Recent appearances:

* The ACCESS Act, Consumer Reports:

* Raging Chicken podcast:

* Darts and Lasers podcast:

Latest book:

* "Attack Surface": The third Little Brother novel, a standalone
technothriller for adults. The *Washington Post* called it "a political
cyberthriller, vigorous, bold and savvy about the limits of revolution
and resistance." Order signed, personalized copies from Dark Delicacies

* "How to Destroy Surveillance Capitalism": an anti-monopoly pamphlet
analyzing the true harms of surveillance capitalism and proposing a
(print edition:
(signed copies:

* "Little Brother/Homeland": A reissue omnibus edition with a new
introduction by Edward Snowden:
https://us.macmillan.com/books/9781250774583; personalized/signed copies

* "Poesy the Monster Slayer" a picture book about monsters, bedtime,
gender, and kicking ass. Order here:
https://us.macmillan.com/books/9781626723627. Get a personalized, signed
copy here:

Upcoming books:

* The Shakedown, with Rebecca Giblin, nonfiction/business/politics,
Beacon Press 2022

This work licensed under a Creative Commons Attribution 4.0 license.
That means you can use it any way you like, including commercially,
provided that you attribute it to me, Cory Doctorow, and include a link
to pluralistic.net.


Quotations and images are not included in this license; they are
included either under a limitation or exception to copyright, or on the
basis of a separate license. Please exercise caution.


⛹🏽 How to get Pluralistic:

Blog (no ads, tracking, or data-collection):


Newsletter (no ads, tracking, or data-collection):


Mastodon (no ads, tracking, or data-collection):


Medium (no ads, paywalled):


(Latest Medium column: "Illegitimate Greatness," on what we can learn
from Ida M Tarbell's century-old critique of John D Rockefeller

Twitter (mass-scale, unrestricted, third-party surveillance and


Tumblr (mass-scale, unrestricted, third-party surveillance and advertising):


"*When life gives you SARS, you make sarsaparilla*" -Joey "Accordion
Guy" DeVilla

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://mail.flarn.com/pipermail/plura-list/attachments/20210616/e90e36f0/attachment.sig>

More information about the Plura-list mailing list