oh shit tumblr live has come to the uk oh fuck oh shit oh bloody fucking shit

If you're following KOSA, you should also be following state legislation, which is much more rapidly adopting tech regulation related to child safety than Congress. For reference, in 2023, 13 states adopted 23 laws related to child safety online.

Even if your locality hasn't adopted similar tech regulation, online platforms, apps, and websites are rarely operating in only some states. When regulations become patchwork, it's often easier for companies to adopt policies reflective of the most stringent regulations relevant to their service for all users, rather than try to implement different policies for users based on each user's location.

I know this because that's what happened when patchwork data privacy regulations began swelling — which is why many webites have privacy policies reflective of the GDPR that apply even to users outside of Europe. I also know this because I'm a tech lawyer — I'm the wet cat drafting policies for and advising tech and video game companies on how to navigate messy, convoluted, and patchwork US regulatory obligations.

So, when I say this is how companies are thinking about this, I mean this is how my coworkers and I have to think about this. And because the US is such a large market, this could impact users outside the US, too.

Perhaps this is the bipartisan issue we have been looking for? People of all backgrounds giving the finger to AI fetishists and tech bros?

The researchers' scraper was used to determine whether a consent form met GDPR and eDirective requirements. The rules say consent must be explicit. So, for example, users must click a button rather than just hop straight through to the website; all aspects of consent must be equally easy to reject as to accept; and pre-ticked boxes are not allowed. 

Of the 10,000 websites scraped that used a CMP form, the researchers found that implicit consent is present on a third of websites. 

The researchers also found that CMPs make rejecting all tracking – which includes cookies and other techniques like browser and device fingerprinting that Firefox-maker Mozilla is trying to block by default – "substantially more difficult than accepting it". 

Microsoft and Apple are also trying to tackle third-party tracking in their respective Edge and Safari browsers. 

Just over half of websites in the survey don't even offer a 'reject all' button and only 12.6% of sites have a 'reject all' button that is just as easy to access as the 'accept all' button, for example, by placing both options on the same page.  

"Furthermore, when users went to amend specific consent settings rather than accept everything, they are often faced with pre-ticked boxes of the type specifically forbidden by the GDPR," the researchers wrote. 

On top of all this, the researchers – and users too – have no idea whether toggling on or off a specific category of tracking actually produces the intended result for the user. The median number of third-party trackers that data is shared with on sites is a whopping 315 vendors.   

The end result of hiding the 'reject all' option is that people overwhelmingly choose to 'accept all'. 

"The results of our empirical survey of CMPs today illustrates the extent to which illegal practices prevail, with vendors of CMPs turning a blind eye to – or worse, incentivizing – clearly illegal configurations of their systems," the researchers conclude.

  —  Cookie consent: Most websites break law by making it hard to 'reject all' tracking

A lot of stuff hits differentlycnow - it's like crazy science fiction

for anyone too young to know this: watching The Truman Show is a vastly different experience now, compared to how it was before youtube and social media influencers became normal

before it was like, "what a horrifying thing to do to a human being! to take away their autonomy and privacy, all for the sake of profits! to create fake scenarios for them to react to, just to retain viewership! to ruin their happiness just so some corporate entity could harvest money from their very humanity! how could anyone do something so evil?"

and now it's like, "ah, yeah. this is still deeply fucked up, but it's pretty much what every influencer has been doing to their kids for a decade now. probably bad that we've normalized this experience"

GDPR: Entendendo o Regulamento Geral de Proteção de Dados

O GDPR (General Data Protection Regulation, ou Regulamento Geral de Proteção de Dados, em português) é uma legislação da União Europeia que visa proteger a privacidade e os dados pessoais dos cidadãos. Implementado em 25 de maio de 2018, o GDPR estabeleceu um novo padrão para a coleta, armazenamento e tratamento de informações pessoais. Este artigo aborda os principais aspectos do GDPR, suas…

I've seen a number of people worried and concerned about this language on Ao3s current "agree to these terms of service" page. The short version is:

Don't worry. This isn't anything bad. Checking that box just means you forgive them for being US American.

Long version: This text makes perfect sense if you're familiar with the issues around GDPR and in particular the uncertainty about Privacy Shield and SCCs after Schrems II. But I suspect most people aren't, so let's get into it, with the caveat that this is a Eurocentric (and in particular EU centric) view of this.

The basic outline is that Europeans in the EU have a right to privacy under the EU's General Data Protection Regulation (GDPR), an EU directive (let's simplify things and call it an EU law) that regulates how various entities, including companies and the government, may acquire, store and process data about you.

The list of what counts as data about you is enormous. It includes things like your name and birthday, but also your email address, your computers IP address, user names, whatever. If an advertiser could want it, it's on the list.

The general rule is that they can't, unless you give explicit permission, or it's for one of a number of enumerated reasons (not all of which are as clear as would be desirable, but that's another topic). You have a right to request a copy of the data, you have a right to force them to delete their data and so on. It's not quite on the level of constitutional rights, but it is a pretty big deal.

In contrast, the US, home of most of the world's internet companies, has no such right at a federal level. If someone has your data, it is fundamentally theirs. American police, FBI, CIA and so on also have far more rights to request your data than the ones in Europe.

So how can an American website provide services to persons in the EU? Well… Honestly, there's an argument to be made that they can't.

US websites can promise in their terms and conditions that they will keep your data as safe as a European site would. In fact, they have to, unless they start specifically excluding Europeans. The EU even provides Standard Contract Clauses (SCCs) that they can use for this.

However, e.g. Facebook's T&Cs can't bind the US government. Facebook can't promise that it'll keep your data as secure as it is in the EU even if they wanted to (which they absolutely don't), because the US government can get to it easily, and EU citizens can't even sue the US government over it.

Despite the importance that US companies have in Europe, this is not a theoretical concern at all. There have been two successive international agreements between the US and the EU about this, and both were struck down by the EU court as being in violation of EU law, in the Schrems I and Schrems II decisions (named after Max Schrems, an Austrian privacy activist who sued in both cases).

A third international agreement is currently being prepared, and in the meantime the previous agreement (known as "Privacy Shield") remains tentatively in place. The problem is that the US government does not want to offer EU citizens equivalent protection as they have under EU law; they don't even want to offer US citizens these protections. They just love spying on foreigners too much. The previous agreements tried to hide that under flowery language, but couldn't actually solve it. It's unclear and in my opinion unlikely that they'll manage to get a version that survives judicial review this time. Max Schrems is waiting.

So what is a site like Ao3 to do? They're arguably not part of the problem, Max Schrems keeps suing Meta, not the OTW, but they are subject to the rules because they process stuff like your email address.

Their solution is this checkbox. You agree that they can process your data even though they're in the US, and they can't guarantee you that the US government won't spy on you in ways that would be illegal for the government of e.g. Belgium. Is that legal under EU law? …probably as legal as fan fiction in general, I suppose, which is to say let's hope nobody sues to try and find out.

But what's important is that nothing changed, just the language. Ao3 has always stored your user name and email address on servers in the US, subject to whatever the FBI, CIA, NSA and FRA may want to do it. They're just making it more clear now.

Understanding Data Protection and Cybersecurity Compliance in India

Get a detailed analysis of India's cybersecurity laws on AgileDock. From understanding data protection laws to compliance with cybercrime regulations, this resource offers invaluable insights for staying abreast of legal frameworks in tech.

average United States contains 1000s of pet tigers in backyards" factoid actualy [sic] just statistical error. average person has 0 tigers on property. Activist Georg, who lives the U.S. Capitol & makes up over 10,000 each day, has purposefully been spreading disinformation adn [sic] should not have been counted

I have a big mad today, folks. It's a really frustrating one, because years worth of work has been validated... but the reason for that fucking sucks.

For almost a decade, I've been trying to fact-check the claim that there "are 10,000 to 20,000 pet tigers/big cats in backyards in the United States." I talked to zoo, sanctuary, and private cat people; I looked at legislation, regulation, attack/death/escape incident rates; I read everything I could get my hands on. None of it made sense. None of it lined up. I couldn't find data supporting anything like the population of pet cats being alleged to exist. Some of you might remember the series I published on those findings from 2018 or so under the hashtag #CrouchingTigerHiddenData. I've continued to work on it in the six years since, including publishing a peer reviewed study that counted all the non-pet big cats in the US (because even though they're regulated, apparently nobody bothered to keep track of those either).

I spent years of my life obsessing over that statistic because it was being used to push for new federal legislation that, while well intentioned, contained language that would, and has, created real problems for ethical facilities that have big cats. I wrote a comprehensive - 35 page! - analysis of the issues with the then-current version of the Big Cat Public Safety Act in 2020. When the bill was first introduced to Congress in 2013, a lot of groups promoted it by fear mongering: there's so many pet tigers! they could be hidden around every corner! they could escape and attack you! they could come out of nowhere and eat your children!! Tiger King exposed the masses to the idea of "thousands of abused backyard big cats": as a result the messaging around the bill shifted to being welfare-focused, and the law passed in 2022.

The Big Cat Public Safety Act created a registry, and anyone who owned a private cat and wanted to keep it had to join. If they did, they could keep the animal until it passed, as long as they followed certain strictures (no getting more, no public contact, etc). Don’t register and get caught? Cat is seized and major punishment for you. Registering is therefore highly incentivized. That registry closed in June of 2023, and you can now get that registration data via a Freedom of Information Act request.

Guess how many pet big cats were registered in the whole country?

97.

Not tens of thousands. Not thousands. Not even triple digits. 97.

And that isn't even the right number! Ten USDA licensed facilities registered erroneously. That accounts for 55 of 97 animals. Which leaves us with 42 pet big cats, of all species, in the entire country.

Now, I know that not everyone may have registered. There's probably someone living deep in the woods somewhere with their illegal pet cougar, and there's been at least one random person in Texas arrested for trying to sell a cub since the law passed. But - and here's the big thing - even if there are ten times as many hidden cats than people who registered them - that's nowhere near ten thousand animals. Obviously, I had some questions.

Guess what? Turns out, this is because it was never real. That huge number never had data behind it, wasn't likely to be accurate, and the advocacy groups using that statistic to fearmonger and drive their agenda knew it... and didn't see a problem with that.

Allow me to introduce you to an article published last week.

This article is good. (Full disclose, I'm quoted in it). It's comprehensive and fairly written, and they did their due diligence reporting and fact-checking the piece. They talked to a lot of people on all sides of the story.

But thing that really gets me?

Multiple representatives from major advocacy organizations who worked on the Big Cat Publix Safety Act told the reporter that they knew the statistics they were quoting weren't real. And that they don't care. The end justifies the means, the good guys won over the bad guys, that's just how lobbying works after all. They're so blase about it, it makes my stomach hurt. Let me pull some excerpts from the quotes.

"Whatever the true number, nearly everyone in the debate acknowledges a disparity between the actual census and the figures cited by lawmakers. “The 20,000 number is not real,” said Bill Nimmo, founder of Tigers in America. (...) For his part, Nimmo at Tigers in America sees the exaggerated figure as part of the political process. Prior to the passage of the bill, he said, businesses that exhibited and bred big cats juiced the numbers, too. (...) “I’m not justifying the hyperbolic 20,000,” Nimmo said. “In the world of comparing hyperbole, the good guys won this one.”

"Michelle Sinnott, director and counsel for captive animal law enforcement at the PETA Foundation, emphasized that the law accomplished what it was set out to do. (...) Specific numbers are not what really matter, she said: “Whether there’s one big cat in a private home or whether there’s 10,000 big cats in a private home, the underlying problem of industry is still there.”"

I have no problem with a law ending the private ownership of big cats, and with ending cub petting practices. What I do have a problem with is that these organizations purposefully spread disinformation for years in order to push for it. By their own admission, they repeatedly and intentionally promoted false statistics within Congress. For a decade.

No wonder it never made sense. No wonder no matter where I looked, I couldn't figure out how any of these groups got those numbers, why there was never any data to back any of the claims up, why everything I learned seemed to actively contradict it. It was never real. These people decided the truth didn't matter. They knew they had no proof, couldn't verify their shocking numbers... and they decided that was fine, if it achieved the end they wanted.

So members of the public - probably like you, reading this - and legislators who care about big cats and want to see legislation exist to protect them? They got played, got fed false information through a TV show designed to tug at heartstrings, and it got a law through Congress that's causing real problems for ethical captive big cat management. The 20,000 pet cat number was too sexy - too much of a crisis - for anyone to want to look past it and check that the language of the law wouldn't mess things up up for good zoos and sanctuaries. Whoops! At least the "bad guys" lost, right? (The problems are covered somewhat in the article linked, and I'll go into more details in a future post. You can also read my analysis from 2020, linked up top.)

Now, I know. Something something something facts don't matter this much in our post-truth era, stop caring so much, that's just how politics work, etc. I’m sorry, but no. Absolutely not.

Laws that will impact the welfare of living animals must be crafted carefully, thoughtfully, and precisely in order to ensure they achieve their goals without accidental negative impacts. We have a duty of care to ensure that. And in this case, the law also impacts reservoir populations for critically endangered species! We can't get those back if we mess them up. So maybe, just maybe, if legislators hadn't been so focused on all those alleged pet cats, the bill could have been written narrowly and precisely.

But the minutiae of regulatory impacts aren't sexy, and tiger abuse and TV shows about terrible people are. We all got misled, and now we're here, and the animals in good facilities are already paying for it.

I don't have a conclusion. I'm just mad. The public deserves to know the truth about animal legislation they're voting for, and I hope we all call on our legislators in the future to be far more critical of the data they get fed.

Mastering Mobile App Localization: The Ultimate Guide

“Reject All” cookie consent update

On 9 August 2023, the UK Information Commissioner’s Office (ICO) and the UK Competition & Markets Authority (CMA) jointly published a position paper on harmful design practices in digital markets, particularly focusing on cookie consent banners. The paper clarifies the ICO’s stance on the “Reject All” button in these banners. Key points from the paper include: Equal Ease for Consent Choices:…

View On WordPress

Ultimate Guide: Legal Compliance for E-commerce in India [2024]

To start and run an e-commerce store in India, you need to comply with various rules, laws, and regulations. Here’s a categorized overview of the major ones: Business Registration and Licensing: Obtain a valid business registration (e.g., Sole Proprietorship, Partnership, Private Limited Company, or One-Person Company) Apply for relevant trade licenses from the concerned state/local…

View On WordPress

New cars are now 'the worst' products when it comes to protecting consumer data

Nico De Pasquale Photography | Moment | Getty Images So-called connected cars, vehicles equipped with internet access, are becoming the norm, and their proliferation is sounding the alarm for consumer data privacy advocates. By 2030, more than 95% of the passenger cars sold are likely to have embedded connectivity, according to Counterpoint Technology Market Research. This allows car…

View On WordPress

Neuralink's Human Trials: Regulatory Hurdles of Neurotechnology

Neuralink's Human Trials: Regulatory Hurdles of Neurotechnology @neosciencehub #neosciencehub #science #neuralink #humantrails #neurotechnology #elonmusk #FDA #healthcare #medicalscience #ClinicalResearch #health #AITech #BrainComputer #DataPrivacy #NSH

The journey of Neuralink, Elon Musk’s ambitious neurotechnology venture, to its first human trials represents a significant achievement in the field of biomedical innovation. However, this path was not without its challenges. Neo Science Hub’s Scientific Advisory Team examines the intricate regulatory landscape that companies like Neuralink must navigate, highlighting the complex interplay of…

View On WordPress