WELCOME to Connected Rights, your arm in the sleeve of digital rights news and analysis.

Enjoy this newsletter? Forward it to a friend or get them to sign up. I’m David Meyer, aka @superglaze on Twitter and @davidmeyerwrites on Facebook. Don’t forget to check out the Connected Rights website and download a copy of my book, Control Shift: How Technology Affects You and Your Rights. Sannu da zuwa!

ONE OF FACEBOOK CORE FUNCTIONS is often used illegally, according to the Bavarian data protection authority. It’s the Custom Audience tool, where marketers upload their own customer lists to the platform, which then matches the information to its users.

“In none of the cases we investigated, had companies informed their users, subscribers or customers that their contact information will be shared with Facebook,” the DPA’s Kristin Benedikt told Netzpolitik. “At the very least, custom audience data shows Facebook that a user is also a customer of a particular company or online store. This may seem harmless in many cases, but we have observed insurance companies that have uploaded email addresses, also online shops for very specific products.”

“When an online pharmacy or an online sex shop shares their customer list with Facebook, we cannot rule out that this reveals sensitive data. The same applies when someone visits the online shop of a political party or subscribes one of their newsletters. In all of these instances custom audiences reveal granular insights. Facebook adds this information to existing profiles and continues to use it, without notifying users or giving them a chance to object.”

Benedikt also said other European DPAs were taking an interest in the Bavarian ruling, so stay tuned – Facebook’s appeal to advertisers in the EU might soon be mightily diminished.

MARK ZUCKERBERG DELIBERATELY USED USER DATA as a bargaining chip in Facebook’s power consolidation, according to an NBC News scoop based on leaked company documents.

From the piece: “The documents, which include emails, webchats, presentations, spreadsheets and meeting summaries, show how Zuckerberg, along with his board and management team, found ways to tap Facebook’s trove of user data — including information about friends, relationships and photos — as leverage over companies it partnered with. In some cases, Facebook would reward favoured companies by giving them access to the data of its users.

“In other cases, it would deny user-data access to rival companies or apps… Facebook ultimately decided not to sell the data directly but rather to dole it out to app developers who were considered personal ‘friends’ of Zuckerberg or who spent money on Facebook and shared their own valuable data, the documents show.”

Amazon apparently got favoured status by spending lots of money on Facebook ads and partnering with Facebook on a phone launch.

WIRED HAS A BIG PIECE ON FACEBOOK that shows how the company struggled to deal with the Cambridge Analytica scandal, and other issues, over the last 15 months.

An interesting take in that piece: “The story was the first of many to illuminate one of the central ironies of Facebook’s struggles. The company’s algorithms helped sustain a news ecosystem that prioritizes outrage, and that news ecosystem was learning to direct outrage at Facebook. As the story spread, the company started melting down…”

AND HERE’S THE GUARDIAN‘S CAROLE CADWALLADR explaining in a TED talk how Facebook tried to stop publication of the Cambridge Analytica story. Duncan Campbell, the investigative journalist, tweeted that Facebook also tried to block the TED talk video on the basis that it contained “inaccuracies”.

FACEBOOK’S EFFORTS TO FIGHT ELECTION INTERFERENCE have caused an interesting problem in Europe, where it’s refusing to allow pan-European election campaigns because they’re cross-border, and Facebook now only allows campaigns set up by someone in the relevant country. That’s an issue because the election in question, for the European Parliament, is obviously cross-border in nature. Is Facebook being deliberately perverse as a way of needling EU lawmakers who have been pressuring it over the election interference issue? Because if it is, the move seems certain to infuriate those lawmakers, and that’s maybe not the best lobbying tactic.

THE “UPLOAD FILTERS” THAT MANY FEAR will become widespread as a result of the new EU Copyright Directive, which received its final approval by member states on Monday, can only be “prevented as far as possible,” according to the German government – which voted for the directive on Monday.

The Germans said the spread of filters was “likely” even though they have “raised serious concerns and broad critique among the German public”.

WANT TO A SEE A TECH FIRM DEMONSTRATE REAL AI ETHICS? Cast your gaze over to Microsoft, then, because the firm has turned down a request from a Californian law enforcement agency to install its facial recognition tech to police cars and body cameras. Why? Because Microsoft knows that its AI was mostly trained on white, male faces, and it therefore fears its use in the policing context would lead to a disproportionate number of women and minorities being subject to mistaken identity and wrongly held for questioning.

Per Reuters: “Speaking at a Stanford University conference on ‘human-centered artificial intelligence,’ [Microsoft president Brad] Smith said Microsoft had also declined a deal to install facial recognition on cameras blanketing the capital city of an unnamed country that the nonprofit Freedom House had deemed not free. Smith said it would have suppressed freedom of assembly there.”

A NET NEUTRALITY BILL PASSED THE HOUSE of Representatives in the US last week, but it’s quite likely to stall at this point. The House is of course Democrat-controlled, and the Senate is not. President Trump has also been advised by his aides to veto the legislation should it pass the Senate.

From the Washington Post‘s report: “The bill faces long odds in the GOP-controlled Senate, after Republican Leader Mitch McConnell (Ky.) told reporters Tuesday that the measure is ‘dead on arrival.’ Aides to the president also issued an official notice Monday that they would recommend a veto of the bill, arguing it would ‘return to the heavy-handed regulatory approach of the previous administration.'”

In short, little is likely to change until there are new people at the FCC.

TWO OUT OF THREE HOTEL WEBSITES leak people’s personal data and booking details to advertisers and analytics firms, security software firm Symantec has warned.

Here’s a quote in Reuters’ piece on the study, from researcher Candid Wueest: “While it’s no secret that advertisers are tracking users’ browsing habits, in this case, the information shared could allow these third-party services to log into a reservation, view personal details and even cancel the booking altogether.”