Konrad Kollnig

A recently published pre-print titled ‘GDPR and the Lost Generation of Innovative Apps’ observes that a third of apps on the Google Play Store disappeared from this app store around the introduction of the GDPR in May 2018. The authors deduce ‘that GDPR is the cause’. The effects of the GDPR on the app economy are an important field to study. Unfortunately, the paper currently lacks a control condition and a key variable. As a result, the effects on app exits reported in the paper are likely overestimated, as we will discuss. We believe there are other factors which may better explain these changes in the Play Store aside from the GDPR.

Today, the European Parliament has adopted its position on the planned Digital Services Act (DSA).

This planned EU law aims to regulate key aspects of digital technologies, particularly the dominance of certain gatekeeper companies.

One key last-minute change to the Parliament’s position was the inclusion of several amendments restricting tracking-based ads. Specifically, the Parliament seeks to ban targeted advertising for minors, and limit the extent to which sensitive personal data – among which data revealing one’s religious and political beliefs – can be used in ad targeting.

These amendments on ad targeting were put forward by the Tracking-Free Ads Coalition, of which my TrackerControl app is a supporter.

The European Commission, Council and Parliament will now enter the trilogue stage of negotiations to reach a compromise between their positions. A compromise could already be reached by early spring.

It is with great honour that I’ve been informed that my paper ‘A Fait Accompli? An Empirical Study into the Absence of Consent to Third-Party Tracking in Android Apps’ was awarded this year’s Student Paper Award of the FPF Privacy Papers for Policymakers.

With this award, the Future of Privacy Forum (FPF) recognises leading privacy research and analytical work that is relevant to policymakers in the United States Congress, at US federal agencies, and data protection authorities internationally.

Back in September 2021, the UK government launched a public consultation on the planned reform of its data protection law. My research group at the University of Oxford has formulated a response to this consultation – a heroic team effort.

UK data protection law is currently modelled on EU requirements, particularly the GDPR from 2016 and the 2009 ePrivacy Directive. Following the UK’s withdrawal from the bloc, the government sees a wealth of new opportunities in the reform of the current legal requirements around the protection of personal data.

It seems like algorithms increasingly rule the world. Only this summer, the debacle around the A level results in the UK demonstrated what far-reaching consequences the use of algorithms can have. How did algorithms become what they are? Might algorithms soon replace human decision-making altogether?