The reactions provoked by the choice adopted by some online newspapers to condition the use of the previously free contents to consent to the processing of (non-personal) data has provoked protests among users and the announcement of an in-depth analysis by the Guarantor (from which, but this is another story, an answer is still awaited on the question of the possibility for the American authorities to request data on European citizens located in the EU).
Spotify, Netflix and newspaper cookies
by Riccardo Luna
Much ado about nothing, one would comment by citing the Bardo, since for twenty-two years the same Guarantor of personal data and that of competition and the market have substantially recognized the legitimacy, in the abstract, of “data in exchange for services”. Furthermore, “recently” – for judicial times – the sentence number 17278/2018 of the first civil section of the Court of Cassation established the principle of law according to which “the law does not prohibit the exchange of personal data, but nevertheless requires that such exchange is the result of a full and in no way coerced consent. ”
The analysis
In a world without cookies, spending on social networks is growing
by Pier Luca Santoro
In the case of online newspapers, then, there is not even a right of the user to use a content free of charge and the newspapers are therefore perfectly entitled to ask for a fee in currency or – as happens – in cookies which, moreover, as mentioned, do not necessarily allow the processing of personal data.
The late activism and the historical faults of the Guarantors (not only) of personal data
by Andrea Monti
In fact, since 2016 the EU Court of Justice has established that an IP is personal data only when it identifies a natural person. Therefore, it is well understood that when – to stay at home – I connect to Repubblica.it without entering the credentials, at most the analytics platform will be able to generate a fingerprint of the system I am using and associate it with the interaction with the site, but not he will certainly know who is behind a computer that, moreover, goes out on the network with the NAT (ie not with the internal IP assigned to the specific machine). So, regardless of consent, the newspaper would not be processing personal data because, trivially, it has no idea who I am.
Of course, in the Caffeine Media case (which gave rise to the Google Analytics issue) the Guarantor of personal data forced the reading of the GDPR by putting on the same level the fingerprint and the IP of an anonymous user who uses online content without registration or other forms of identification and what, on the other hand, is registered and therefore provides further information about itself. Applying this questionable interpretation conceived by the Italian Guarantor it should be concluded that the use of the cookie wall is subject to the legislation in question. But, then, it should also be recognized, for the reasons already explained, that these are abstractly legitimate activities and therefore not worthy of particular attention or stigma.
I have no doubt that an exercise of Byzantine normative exegesis by the authorities can justify different and draconian readings, but this is the classic problem of law, which is “done” by those who have the power to impose it and not by the rational comparison of different theses, assessed on the basis of the theory of interpretation.
Beyond these aspects, however, the issue of “data in exchange for services” raises a much more serious question: the actual economic sustainability of such a model.
In other words, we should ask ourselves whether it is possible to establish a link between the collection of data, its processing and the generation of revenue for those who have used it to sell a product or service. Or, wanting to be even more explicit, one should wonder if data-driven advertising isn’t a scam, like the barrel of anchovies that was being bought and sold at an increasing price in the New York ghetto until a gentile opened it to find it was rotten and thus breaking the chain of transactions.
Similarly to the bubble of likes used as a measure of the value of an online content, even the data generated by cookies and trackers do not allow you to automatically and systematically know if the subject who has been given a personalized banner and who has clicked it, has actually proceeded to buy.
Therefore, in the value chain linked to digital marketing, while those who work in the intermediate levels (SEO experts, data sellers, etc.) are certainly paid, the only one without security is precisely those who believed that collecting data could be a value in itself, only to discover that all this mass of information produces “certainly certain” costs and certainly possible returns.
And while we are talking about costs and returns, the zealous “priests of privacy” should be asked why, instead of getting angry because they can no longer read news for free, they are not doing their part to help ensure the survival of professional information, paying in hard cash, access to the platforms that carry it.
As Riccardo Luna writes, journalism is not a social enterprise paid for by the state but is rewarded with the revenues it is capable of generating. Two decades of gratuitousness have led us to an ever worse quality of information. It’s time to try to change course. Return to investing in journalism.