Data Privacy and Alternative Data: Apple, Google, GDPR et al.

by Jul 9, 2021Blog

Background

As a leader in the alternative data space, we make it a priority to stay up to date with legal and compliance issues across the alternative data landscape. A recent ‘Spotlight’ paper we published called Data Privacy and Alternative Data focuses on the data privacy movement and how it has developed over the past several years. In this paper we discuss the restriction around data collection and distribution being implemented both at a state and regional level as well as a company level where “Gatekeepers” are proving to be more influential than ever. This blog provides a run-down of several of the most noteworthy pieces of legal and compliance mentions from the paper.

[You can access a redacted version of the data privacy paper here. For access to the full version including vendor responses to Apple’s iOS 14 and Google’s incoming updates and further insights, you can contact inquiries@eaglealpha.com.]

Major Data Privacy Trends Impacting Alternative Data

Trends impacting data privacy and the alternative data space include changing consumer attitudes, data privacy regulations, regulation of Big Tech and Covid-19. Through surveys completed by Edelnam, McKinsey & Company, and the Pew Research Center, we discovered that consumer attitudes have changed when it comes to how they value their personal data. Edelnam found that 69% of people they had surveyed had concerns around how their personal data is collected via mobile apps and also found that only 50% of people were aware of how to disable the collection of their data.

Regional regulations like GDPR, the US Privacy Shield, CCPA and the patchwork of state-level bills across the US, as well as new bills in China and India, have been playing a crucial part in the monitoring and controlling of data. While Big Tech companies such as Facebook, Apple, Google and Amazon have dominated the information technology space and have been branded as “Gatekeepers” to their respective industries. Big data, artificial intelligence and blockchain technology have been a central part of the battle against Covid-19 with companies like TripleBlind and Syntegra working with organisations to improve data security and personal data privacy across the healthcare industry.

Data Sources in the Legal & Regulatory Spotlight

There have been several occasions where data sources have been in the regulatory spotlight in recent times. These data sources include location data, consumer transaction data and consumer credit data. Companies like The Weather Channel App, Yodlee and Envestnet, as well as Experian and other credit rating agencies have been investigated for breaching data privacy regulations while collecting and processing data.

As an example, for breaching data protection laws, the Information Commissioner’s Office ordered Experian to make radical adjustments by July 2021, or face a £20m fine, or 4% of their global annual revenue.

Beyond Regulations

Outside of regulation, Big Tech “gatekeepers” have been controlling their respective industries more and more by implementing new rules and updates on their app stores, web browsers and by changing terms and conditions regarding data collection and usage overnight. Some examples of these changes include:

  • In one case involving Sensor Tower, an analytics platform providing app usage data and ad intelligence to third parties, they were found to be harvesting user data through its apps and feeding it back into its analytics platform. This resulted in Apple banning the firm from their app store for being in breach of their terms.
  • After 530 million Facebook users’ personal data was web scraped from public profiles and made available through unsecured online databases, Facebook devoted resources to combat web scraping happening again. This has led to the creation of an external data misuse team and also implementing usage limitations for users.
  • Jumpshot, a marketing analytics company owned by Avast, was forced to close after it was found to be collecting data on Google searches, lookups of locations and GPS coordinates accessed through Google Maps, users visiting LinkedIn pages and visiting YouTube videos, among other sites and selling them to large corporations.

Tightening Data Privacy at Apple and Google

If we look specifically at the largest gatekeeper for mobile apps, Apple controls approximately 15% of the global share of smartphones, but an increased share in developed countries. When Apple announced its iOS 14 update, a new feature called App Tracking Transparency (ATT) was also announced. This update requires mobile apps to ask for clear consumer consent, or “opt-in”, before tracking their digital movements. This new feature would provide more control to app users over their data, but also negatively impact consumer panels for app developers relying on data collection for both intelligence and revenue.

Before the iOS 14.5 update, Apple introduced new ‘nutrition labels’ that came into effect in December 2020. These labels aim to educate users about the information app developers collect from them and to promote transparency around data collection.

In June 2021, just weeks after the iOS 14.5 update, Google announced it would be strengthening its privacy protections for Android users. This update would prevent the use of alternative IDs used for tracking user’s behaviour.

Conclusion

The long-lasting effect these changes will have on consumer panels and targeted advertising is currently unknown. While working on our Data Privacy and Alternative Data paper, we spoke directly with the data vendors most likely impacted by the recent iOS updates, including mobile app data and geolocation data vendors. From our conversations, it seemed that companies who relied on consumer panels were the most affected throughout this iOS update, but that initial panel losses have been a lot lower than what had been estimated in advance of the iOS update.

Data privacy is an issue that will continue to evolve and be driven both by government regulation and changes to Big Tech. We are moving quickly towards a more data privacy-centric world. It’s time to get on board.

[You can access a redacted version of the data privacy paper here. For access to the full version including vendor responses to Apple’s iOS 14 and Google’s incoming updates and further insights, you can contact inquiries@eaglealpha.com.]