Mildly on topic: I recently moved to France from Canada, I’m not an EU citizen, and google isn’t really sure if I’m on vacation or if I’ve moved permanently.
Every single website now asks me about cookie settings. Most have a reject all button, but occasionally I have to manually uncheck some sliders to protect my data. Time well spent.
My parents back in Canada always think it’s some voodoo magic when Facebook shows them ads about stuff they’ve recently been 'talking about (AKA searching on Google.) Duhhh. Thanks EU!
In the EU it is illegal to save unnecessary Cookies without active consent. So the best you can do for your privacy is use Ublock origin with a cookiebanner list!
same thing happened to me. talked about very specific health-related topic, didn’t googled it or anything, the next day instagram came up with ads for the very same specific health subject.
for a start, you can check instagram’s permissions (and facebook of you use it, it’s meta too) and disable access to microphone.
however, that leaves whatsapp which is also meta and mic is more of a neccesity than insta/fb, but in my case, haven’t seen weird ads for subjects i didn’t typed into any devices since i disabled insta mic access.
In a practical sense, I can tell you that in mobile apps, some parts of gdpr are implemented based on phone language settings or in the case of websites, the domain suffix of the page (.fr or .de, etc). I’m guessing this is an interpretation of the section described here:
strong indications that a non-EU business is intentionally offering goods or services to data subjects in the EU and may therefore be subject to the GDPR:
Use of the language of an EU Member State (if the language is different than the language of the business’ home state);4
Use of the currency of an EU Member State (if the currency is different than the currency of the business’ home state);
Use of a top-level domain name of an EU Member State;
Mentions of customers based in an EU Member State; or
Targeted advertising to consumers in an EU Member State.
Most people seem to be leaning toward just applying them to anyone as that’s the way things are headed and once you’ve figure out how to do it technically it’s easier to just do it all the same way. Also, the EU is doing it’s best to set precedent for a broad interpretation.
This is why the EU is sometimes called a regulatory super power. Because the market is so large and important, the rest of the world often adopts EU regulations. Whether it's GDPR or environmental standards, it's cheaper to make one EU compliant version of your product or part than different versions for different markets.
Not any other kind of super power though, we're far too busy squabbling amongst ourselves. Some still haven't learnt the lessons of the last two world wars.
Yup. Maybe even just pure coincidence. People are very susceptible to confirmation bias and, as an extra spicy hot take, people in communities like this one even more so.
A similar experience is what got me into privacy. Time to get off of social media and get rid of apps that have access to your keyboard, mic, files, etc.
Legal advice given to me by an employer treated all citizens as eligible. Their advice tends to err on the side of caution at the best of times, but I have no reason to disagree that it's at the very least legally contentious even if not yet officially contested.
Tl;dr I wouldn't want to rely on it in court, whether everyone else is happy to risk that is whatever.
This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not.
This Regulation applies to the processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union, where the processing activities are related to:
(a) the offering of goods or services, irrespective of whether a payment of the data subject is required, to such data subjects in the Union; or
(b) the monitoring of their behaviour as far as their behaviour takes place within the Union.
This Regulation applies to the processing of personal data by a controller not established in the Union, but in a place where Member State law applies by virtue of public international law.
From what I understand, it doesn’t really matter where or who you are, it’s about whoever collects your data doing business in the EU. BUT ALSO if you are an EU citizen, it also applies to non EU companies (someone correct me if I’m wrong)
GDPR can only extend to their borders, the same that any country’s laws extend to theirs. Why would you expect another country to honor your “home rules”?
It does. When GDPR was about to be placed in effect, the company I worked for in Brazil, send a communication to all our clients saying that they needed to communicate us if they were in Europe for us to process their claims (life insurance) with a third party European partner because the Brazilian office would not be able to comply with European regulations and the company would not even going to answer emails from clients located there. Eventually Brazil made their own data protection laws based on the European one and the company re opened contact with their clients located there.
One possibility: Are you on the same network (i.e. wifi) without a vpn? If yes, then both of you have the same public IP, so it’s trivial to figure out you’re likely in the same household.
It’s basically always this. Your phone in the same room with someone else’s phone. This is stronger around christmas when people are looking for gift ideas, so they push this mind control shit on you even harder.
It’s not actually listening to you–that’s been debunked multiple ways–but what it’s doing instead is arguably worse.
So what are the mechanics of this? OP would also have had to interact with Meta somehow after finding the moccasins but before the girlfriend did, right?
No, you don’t have to interact with Meta. Websites that utilize Facebook ads in some fashion will install a Meta Pixel to their site in order to track users and better target their ads. That information can be correlated to others in the same household extremely easily.
I also hear people make the same claims against Alexa, but I usually start explaining what cookies are and how ad networks collects your data to more effectively target you. It doesn’t make fiscal sense to do mass audio surveillance when you already freely hand over your data.
Lemmy is the only social media I have, but we are connected via Whatsapp. I’m thinking that since we were both connected to the wifi without a VPN, that’s the probable source of information bleed.
It can be the website you are browsing have trackers that share data with facebook, and facebook was able to infer you guys are in the same household via IP information (ISP also sales you info BTW), and push the ad to her. Or facebook might think that you guys could be the same person or have similar interest etc.
The sites to be redirected shouldn’t be already pre-selected by the extension. E.g I am logged in to Twitter on my browser and installing this extension will unintentionally redirect me to some instance.
And also, maybe the sites for redirection should be added by the user instead of the extension making assumptions. With libredirect I can click more options and add the site to Chrome’s handler.
It has a reasonable default of reliable privacy frontends but I may add an onboarding step(already in firefox due to more restrictions in their manifest v3 than chrome) for selecting sites
privacy
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.