Privacy campaigner Max Schrems takes on streaming services over GDPR ‘violations’
Austrian privacy campaigner Max Schrems has lodged complaints against eight online streaming services in relation to alleged “structural violations” of the EU’s General Data Protection Regulation (GDPR).
Non-profit organisation NOYB (None Of Your Business), said it filed a complaint with Austria’s Data Protection Authority against services including YouTube, Amazon Prime, Spotify and Netflix.
NOYB claims that the services are in violation of GDPR by failing to grant users access to data on them held by companies or information on how it is used.
Mr Schrems, one of NOYB’s’ founders, said the issue of accessing such data was one of the commonest reasons people contacted the organisation.
He told AFP: “You can figure out a lot about someone’s personal behaviour and even political leanings from the data they have — what you’re watching, the times of day you’re watching, who you’re watching it with.”
NOYB said that following a request for streaming data, two services failed to respond and that the rest did not provide the information in an intelligible format or the complete data users are entitled to.
Mr Schrems said: “The ‘front ends’ of these websites look nice, welcoming and compliant but really the data is stored in the ‘back ends’ – we want to bring more transparency to these data ‘black boxes’.”
The privacy campaigner brought down the EU’s Safe Harbour data sharing arrangement after suing Facebook in 2015 in Ireland over the transfer of personal information between Europe and the US.