“Zoom is approaching this in terms of ownership of personal data,” he argues. “There’s non personal data and personal data but they’re not distinguishing between those two. Instead they’re distinguishing between content data (“customer content data”) and what they call telemetry data. That is metadata. Therefore they’re approaching this with a framework that isn’t compatible with EU law. And this is what has led them to make assertions in respect of ownership of data — you can’t own personal data. You can only be either the controller or the processor. Because the person continues to have rights as the data subject. “The claim that they can do what they like with metadata runs contrary to Article 4 of the GDPR which defines what is personal data — and specifically runs contrary to the decision in the Digital Rights Ireland case and a whole string of subsequent cases confirming that metadata can be, and frequently is, personal data — and sometimes sensitive personal data, because it can reveal relationships [e.g. trade union membership, legal counsel, a journalist’s sources etc].” It also, therefore, needs consent to be opt in, not opt out. So, basically, no pre-checked boxes that only an admin can uncheck, and with nothing but a vague “notice” sent to other users that essentially forces them to consent after the fact or else quit the app; which is not a free and unbundled choice under EU law.
https://cdn.masto.host/mastodonie/media_attachments/files/110/859/329/454/374/552/original/8b7feef9fddcea00.png
Simon McGarr
All 076萌SNS content and data are available under the 