In today's ExchangeWire news digest: the IAB's Transparency and Consent Framework has been deemed GDPR non-compliant by the DPA; Meta's market price plummets by $20bn as its daily active users drop; and mental health helpline, Crisis Text Line, ends its data-sharing relationship with AI customer support.
IAB’S Transparency and Consent Framework GDPR Non-Compliant - DPA
The Belgian data protection authority, the DPA, has found that the Transparency and Consent Framework (TCF) developed by IAB Europe does not comply with GDPR.
TCF is behind the ‘preferences’ pop-ups that appear on 80% of European websites, including those run by Amazon, Google, and Microsoft. IAB Europe has maintained that these pop-ups enable users to make informed choices about what happens to their data. The DPA, however, disagreed, finding multiple breaches of GDPR, including failing to implement "data protection by design and by default"; and failing to establish a legal basis for processing and sharing data.
The DPA’s report concluded that the TCF’s system is not transparent enough to allow users to make informed decisions on the use of their data. The DPA also concluded that IAB Europe’s activities qualify it as a data controller, making the body responsible for safeguarding personal data and accountable for GDPR violations.
In response to these GDPR violations, the DPA fined IAB Europe EU €250,000 (£208,355), in addition to ordering that the TCF be amended to meet GDPR requirements within two months. This decision was made in agreement with 27 other EU data protection authorities, and is effective immediately across the EU. IAB Europe has the opportunity to appeal this decision.
A statement released by IAB Europe reads, “Notwithstanding our grave reservations on the substance of the decision, we look forward to working with the APD [the Belgian DPA] on an action plan to be executed within the prescribed six months that will ensure the TCF’s continuing utility in the market. As previously communicated, it has always been our intention to submit the Framework for approval as a GDPR transnational Code of Conduct. Today’s decision would appear to clear the way for work on that to begin.”
Meta Takes a $20bn Hit While Facebook Daily Active Users Fall
Social media platform Facebook saw its daily active users fall from 1.930bn to 1.929bn in Q4 2021, marking the first drop of this kind in it’s 18-year history.
The drop in daily active users came at the same time parent company, Meta, saw a major drop in its share value. Owner of the second biggest digital advertising platform in the world after Google, Meta’s shares plummeted by over 20% in after-trading hours on Wall Street, resulting in the company’s stock market value dropping by around USD $200bn (£1.4bn).
Meta attributed slowing revenue growth to competition from rival platforms, such as TikTok and YouTube, and a reduction in spend from advertisers.
The firm also advised that privacy changes to Apple’s operating system have also impacted Facebook’s growth. The changes have made it more difficult for brands to implement targeted advertising and measure its impact on Facebook and Instagram
According to Meta’s chief financial officer, Dave Wehner, the impact of these privacy changes could translate to USD $10bn (£7bn) in revenue this year.
While Meta’s total revenue rose to USD $33.67bn (£24bn) in Q4 2021, it has forecast revenues of up to $29bn (£21bn) in the opening quarter of 2022, lower than market predictions.
US Mental Health Helpline Ends Data-Sharing with AI Customer Support
Crisis Text Line (CTL), a mental health helpline, has ended its relationship with AI customer support, Loris.ai. Based in the US, CTL shared anonymised data from almost 200 million messages with Loris.ai, which utilised AI technology to help customer service agents understand tone in text messages.
This data-sharing relationship gained widespread attention following a report by Politico, published in January 2022. The report raised concerns over the ethics of a mental health helpline sharing data from vulnerable people, questioning service users’ ability to consent during a mental health crisis.
CTL has since announced the end of the data-sharing relationship, explaining in a statement on its website that the decision had resulted from them "listen[ing] closely to our community's concerns".
While CTL has insisted that all data shared with Loris.ai during this relationship was fully anonymised, board member Danah Boyd has expressed regret over the relationship. Taking to Twitter, Boyd commented, "I was wrong when I agreed to this relationship," detailing her thoughts in her personal blog.
Speaking to the BBC, CTL advised that its data-sharing relationship with Loris came to an end on 31st January 2022, and they had requested that its data be deleted. Vice president, Shawn Rodriguez, commented, "Loris has not accessed any data since the beginning of 2020."