WELCOME to Connected Rights, your pop in the stock of digital rights news and analysis.

Enjoy this newsletter? Forward it to a friend or get them to sign up. I’m David Meyer, aka @superglaze on Twitter and @davidmeyerwrites on Facebook. Don’t forget to check out the Connected Rights website and download a copy of my book, Control Shift: How Technology Affects You and Your Rights. ǁKhoreǁhare!

STOP BEING SO DARN ILLEGAL, the UK Information Commissioner’s Office has (more or less) told the advertising technology industry in a stern report about the real-time bidding that takes place based on people’s sensitive information about sexuality, religion and so on. As complainants have noted, this information gets shared around to a scary and audit-unfriendly degree.

As information commissioner Elizabeth Denham wrote in her introduction to the report, the watchdog wanted to see if the adtech industry was respecting the GDPR (stop sniggering) and e-privacy rules. “What we found was an industry that understood it needed to make improvements to comply with the law,” she masterfully understated.

Denham continued: “We set out our concerns about sensitive data – known as ‘special category data’ in the GDPR – being shared and used without people’s consent. We list our concerns – that the creation and sharing of personal data profiles about people, to the scale we’ve seen, feels disproportionate, intrusive and unfair, particularly when people are often unaware it is happening. We outline that one visit to a website, prompting one auction among advertisers, can result in a person’s personal data being seen by hundreds of organisations, in ways that suggest data protection rules have not been sufficiently considered.”

Another review will follow in six months’ time. Will the adtech industry clean up its act in the meantime? I’m not minded to hold my breath, though the ICO will have to follow through after setting out these clear infractions, so perhaps change is coming after all.

PRIVACY ADVOCATES HAVE WARNED a British parliamentary committee that surveillance capitalism causes self-censorship and discrimination.

From Liberty’s submission to the human rights committee: “That private companies exploit our data for commercial purposes is now a normalised part of our everyday existence. The data collected can reveal and manipulate our deepest and most sensitive thoughts and feelings – including our political views. The normalisation of these processes also threatens our freedom of expression and association by making it clear that we are being watched. Studies have shown that we are likely to censor what we post on social media or what we look up online when we are aware they are being surveilled.”

THE PRIVACY SHIELD DATA-SHARING DEAL between the US and EU now has a permanent ombudsperson on the American side: Keith Krach, a former DocuSign CEO, who alongside his data-protection role has also just been confirmed as Under Secretary of State for Economic Growth, Energy, and Environment. I’m sure he will have lots of time to devote to his ombudsrole.

SOUTH KOREA WILL FROM NEXT YEAR have new laws protecting the data of children. The big change involves the methods for collecting parental consent for data processing, which are now more clearly prescribed.

As ZDNet reports: “The new laws require companies collecting personal data, such as location, to ask children whether their parents agree to provide consent. Parental consent can be either via text, payment information, or authentication through smartphones. The companies must then send the written agreement by the parents or legal guardians back to them via email, call, mail, or fax. Companies who do not get parental consent before collecting data from children will receive fines of up to 3% of their revenue and administrative punishments.”

MORE THAN A LITTLE BIT HILARIOUSLY, the wheels have fallen off the UK government’s attempt to force porn companies to verify the ages of their sites’ visitors. So what happened? Did the government realise how serious the privacy and security implications are? Nope – the government forgot to notify the legislation to the European Commission, which governments have to do when implementing laws that have an effect on online services.

It’s almost like the British government isn’t paying attention to how EU rules work! Anyhow, the scheme now won’t come into effect next month, but rather six months later at least. By which time, judging by how things are going, the UK could have an entirely new government anyway.

MEDIA COMPANIES ARE LIABLE FOR COMMENTS made on their public Facebook pages, the supreme court of New South Wales has ruled in a case involving Dylan Voller, a youth who had been mistreated while in detention.

According to Voller, people had left comments on articles from outlets including the Sydney Morning Herald and Sky News Australia, falsely alleging that he had partially blinded a detention officer. He launched defamation proceedings and has now won a preliminary ruling.

News Corp: “It defies belief that media organisations are held responsible for comments made by other people on social media pages. It is ridiculous that the media company is held responsible while Facebook, which gives us no ability to turn off comments on its platform, bears no responsibility at all.”

MEANWHILE, A DANISH COURT HAS FOR THE FIRST TIME ordered ISPs to block a news site. I would feel more sympathetic toward “The World News” but a) it simply rips content off actual news sites, without providing clickable links back to them, b) it describes itself as “the world’s first and largest decentralized news aggregator, built on blockchain technology using neural networks”, and c) its promo video begins by railing against the Rothschilds <cough cough>.

So, slippery slope worrisome precedent etc etc, but also meh.