this post was submitted on 25 Apr 2024

372 points (98.2% liked)

Privacy

31921 readers

1084 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

372

Legitimate interest? (lemmy.world)

submitted 6 months ago* (last edited 6 months ago) by [email protected] to c/[email protected]

84 comments fedilink hide all child comments

I never consent to give my data away or being tracked, but how do you deal with so called legitimate interest? I tried several times to untick them but it is a long list (in fact at the bottom there is a "vendors" link with even longer, much longer list. It took me 10 minutes to get to the bottom of it once).

My questions:

-how can we trust these so called legitimate interests when they are self defined by companies whose business model relies on your data?

-how can we find out what these legitimate interests are and what data it collects?

-are such companies controlled in any way?

-is this kind of consent form compliant with EU gdpr? (normally opt out is to be as easy as opt in, and there is no "refuse all" for these so called legitimate interests).

-what are your strategies against such sites tracking you? Or am I just being paranoid?

The sheer amount vendors is daunting, the Internet really turned into crap

Edit: when clicking Preferences at the bottom the content of the legitimate interested is spelled out for each vendor, so this replies one of my questions.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 28 points 6 months ago* (last edited 6 months ago) (2 children)

Depends on the threat model but usually you don't trust them. It's as simple as that
I think the legitimate interest has something to do with giving the data to the government when legally required but it can have other meanings too. Good luck with finding out. Some of them won't tell the truth even if officially asked (unless you work for the government)
Everything is somewhat controlled but in terms of data collection and sharing it is absolutely not (e. g. the users' HIV status data on Tumblr or whatever the thing is called)
Idk about that
Regular protection like Tor, VPN, anti-fingerprinting etc
I wouldn't say you are being too paranoid
Yes the internet has turned into a horrible place

[–] [email protected] 15 points 6 months ago (2 children)

Legitimate interest is just an out to get around tracking users.

I wouldn't be surprised is many data trackers don't pay attention to any of the permissions and agreements. It's hard to validate they aren't in compliance and it's hard for most people to even challenge these businesses.

Even if these businesses where legally challenged they can just close the business. Then take the same software and start a new business doing the same thing. If you look at the amount of companies you information is shared with under legitimate interests it can be in the order of hundreds.

[–] [email protected] 8 points 6 months ago (1 children)

Not hundreds but thousands. I saw one app that claimed to share the data with like 815 partners

[–] [email protected] 10 points 6 months ago (1 children)

This is the worst one I've been subjected to so far. Was on some gaming-related site, don't remember which one

[–] [email protected] 6 points 6 months ago (1 children)

New high score. Nice

[–] [email protected] 3 points 6 months ago (1 children)

[–] [email protected] 2 points 6 months ago (1 children)

What?

[–] [email protected] 2 points 6 months ago* (last edited 6 months ago) (1 children)

So the gaming site/high score connection wasn't intended? Oh well 🤷

[–] [email protected] 3 points 6 months ago (1 children)

Idk what's a dite. The reason of why I said it like that wasn't to make connection with gaming. Unfortunately I can't tell the reason

[–] [email protected] 1 points 6 months ago

Idk what's a dite.

It's a site, except with a typo lol

[–] [email protected] 6 points 6 months ago

I wouldn't be surprised is many data trackers don't pay attention to any of the permissions and agreements. It's hard to validate they aren't in compliance and it's hard for most people to even challenge these businesses.

organizations like la quadrature validate and challenge those businesses. Europe is relatively strict on this subject.

[–] [email protected] 5 points 6 months ago

It's not gdpr compliant in the way shown here or IAB TCF uses it.

Legitimate interest is a sort failsafe which can be used to cover certain exceptions.

the datacontrollor must have an exceptional situation, so not on a regular basis.
the balance between personal and business interest must be considered carefully under case by case basis.
the dataprocessor isn't the one doing the consideration

Automating all this is kind off against all the above.