RESEARCH USING artificial intelligence (AI) has found that most of the big tech firms still aren’t complying with GDPR regulations, over a month after they were introduced.
A team of researchers from Italy used their artificially-intelligence computer system, ‘Claudette’, to look at a number of big-name tech firms and, more specifically, their privacy policies.
The companies analyses include Google, Facebook, Instagram, Amazon, Apple, Microsoft, WhatsApp, Twitter, Uber, Airbnb, Booking.com, Skyscanner and Netflix.
Unsurprisingly, the results are not good. Claudette, which was built by the law department of European University Institute, specifically for this project, found that every last one failed. All of ’em.
The report explains: “Our study indicates that none of the analysed privacy policies meets the requirements of the GDPR
“The evaluated corpus, comprising 3658 sentences (80.398 words) contains 401 sentences (11.0 per cent) which we marked as containing unclear language, and 1240 sentences (33.9 per cent) that we marked as potentially unlawful clause, i.e. either a ‘problematic processing’ clause, or an ‘insufficient information’ clause (under articles 13 and 14 of the GDPR).”
A third of the privacy policies contain “unlawful” language, mostly manipulation of the reader in an attempt to sway their decision to share data. The Norwegians have been all up in it recently and here it is in action, in the wild.
The report concludes: “Our study suggests that the current privacy policies of online platforms and services still have a significant margin for improvement.
“None of the 14 analysed privacy policies gets close to meeting the standards put forward by the GDPR. Unsatisfactory treatment of the information requirements; large amounts of sentences employing vague langue; and an alarming number of ‘problematic’ clauses cannot be deemed satisfactory.”
Obviously, there’s more to it than that but it’s 60 pages. The important takeaway is that they’ve all borked it.
Google and Facebook were already known not to be in compliance, on day one of GDPR rollout. μ
Source : Inquirer