November 22, 2022
Issue 11: Schrems is like, 'Yeah I'm gonna bring it down'
Oh hey! Welcome to The Privacy Beat Newsletter!
Here’s the gist: Come here for insights on the hottest topics in privacy according to our peers’ tweets so you can walk into any happy hour or team meeting and sound like the absolute baller you are. No current topic gets by you. Did you post a hot take you want included? Tag it #PrivacyBeatNews and see if it makes it into the next edition!
“We’re having a sad drink at Dennison’s.” That text, from a close privacy pal, landed on my screen just moments ago. It’s not so much that the drink was sad, but the circumstances certainly are. It’s been a painful week for many in our nerdy circle of privacy professionals. The cuts at Twitter and Meta left many of our friends with four weeks to figure out how to get a paycheck.
It’s a strange feeling. Within the last couple of years, big tech companies were started offering downright seductive salaries to privacy advocates, attorneys, and policy wonks. We all joked about the Great Migration for a bit. Did I tell a couple of friends they were selling out? Sure. Guilty. I questioned the impact that even the smartest and most dedicated among us could have from the inside. But it felt nice, too. Leading companies finally saw privacy’s value; they wanted to hire big and pay bigger. And those kinds of salaries can change lives; maybe you can finally afford that condo downpayment, or that engagement ring, or that family vacation after all.
But this week, we watched as that changed; texted friends working at various companies whether they got the good email or the bad email.
As TIME reported: “So far in November, there have been more tech layoffs than in any other month this year, with over 21,000 employees losing their jobs across 46 different tech companies, according to Roger Lee, founder of Layoffs.fyi, a website that tracks tech layoffs.”
In the latest blow, Meta responded to a quarterly earnings deficit by cutting 11,000 jobs. But Twitter, Stripe, Salesforce, Lyft and others have made similar moves. Among other devastation, BuzzFeed reported, and at least one of my pals confirmed, that the lay-offs have panicked those working on U.S. visas.
The reason for the fallout seems is changes to advertising revenues, reportedly. That is, they're less good now. Although not the only factor, Apple’s 2021 changes to its App Tracking Transparency framework, which requires apps to gain permission to track users, impacted advertising revenues as well.
I’m certainly not an economist, and I don’t profess to understand market trends, but here’s what TIME said about the broader economics at play:
“We’ve seen a surge in layoffs in recent weeks because it’s becoming obvious that the [Federal Reserve] will need to keep increasing interest rates for longer than originally expected,” Lee tells TIME. “That means there’s no end in sight to the current downturn in the markets and economy, so tech companies are adjusting their staffing accordingly.”
Anyway, here's the other news I think you should know about this week.
Schrems says he’s down for Round 3 – and of course he is
Activist Max Schrems said he’s analyzing President Joe Biden’s executive order to implement Privacy Shield 2.0. Its real name is boring, but if you need it: “The Executive Order to Implement the European Union-U.S. Data Privacy Framework.”
Anyway, Schrems won his court cases challenging Safe Harbor and then Privacy Shield 1.0, it seems like we should ask him if he’s gonna cancel the new framework as well. Just so we can brace ourselves. In short, the answer is yes. He's at least prepping for it.
On the Tech Brief Podcast, Schrems said his team’s analyzing Biden’s order now, “and it seems so far that we’re in for a third round.”
There are two reasons, Schrems said: One, the doc’s verbiage that U.S. surveillance will be “proportionate” is no bueno, because the EU’s understanding of “proportionality” is not the same as in the U.S., and the U.S. plans to use the American definition. Two, he said the EO’s provision that a court will review EU complaints is lies, because in reality the court (as planned) is an executive body, and that won’t fly with the European Court of Justice’s rules on independent reviews.
Later in the podcast, he says, “The reality is you get away with almost anything in the privacy world, with some exceptions. There’s the PR fine that’s pumped out once or twice a year so you can see there’s something done, but if you look at tens of thousands of complaints where people say my data was misused in my specific situation and there’s no remedy, then we have a really serious situation, and the data transfers are one of the obvious situations here.”
Planned Parenthood asks FTC for regs on location data
As longtime privacy journalist Wendy Davis tweeted, Planned Parenthood has asked the FTC to create “tailored regulations” to protect sensitive data in a post-Roe v. Wade era. In its public comments on the FTC’s commercial surveillance rulemaking project, Planned Parenthood said that “all data related to accessing health care must be kept confidential,” including internet searches, location data, and phone calls, texts, or emails to a provider’s office.
You’ll recall that after the Dobbs decision, President Joe Biden also asked the FTC to step up its protections of health data, as well. BTW, I checked so you don’t have to, and it looks like 734 organizations/individuals have submitted comments so far.
LinkedIn's "stop taking our stuff" argument scrapes by 9th Circuit
If you feel like your have kids gone from grade schoolers to drivers in the time the LinkedIn data-scraping case has been litigated, you’re right. In 2017, LinkedIn tried to stop hiQ from scraping publicly accessible user data for its own app.
As SocialMediaToday reports, hiQ Labs “uses LinkedIn profile information to build data profiles that it says can predict when an employee is more likely to leave a company.”
LinkedIn said the practice violates its user agreement, and on Nov. 4, a 9th Circuit court agreed with it, meaning LinkedIn can now proceed with its clai that hiQ violated the Computer Fraud and Abuse Act when it scraped the data, the report states.
Hey, not for nothing: Keep raising those kids. You’re doing a great job.
See you soon! xo, Angelique
Twitter hot take of the week goes to:
Did you miss the latest Privacy Beat Podcast drops?
How to do TIAs so they're not a P in your A
In this episode, Julian Flamant, an attorney at Hogan Lovells and longtime pal of Angelique’s, talks about Chicago-based mobsters, that looming CPRA deadline, and how to keep transfer impact assessments, TIAs, from becoming a P in your A.
Your PSR recap, for those with FOMO
In this episode, host Angelique Carson brings you live interviews from the show floor at the IAPP’s P.S.R. 22, including what everyone was buzzing about, what happened at the big Rodeo party, and how to avoid serial killers.
He basically took down Cambridge Analytica
Prof. David Carroll, featured in the Netflix Documentary, “The Great Hack,” swung by The Privacy Beat Podcast to discuss his crusade for data protection rights in the U.S. and suing Cambridge Analytica in the wake of the 2016 presidential election.