nyob (an abbreviation for none of your business) identified several streaming services that violate article 15 of the GDPR – including Amazon, Apple, DAZN, Spotify, and Netflix.
Article 15 of the GDPG basically gives you the right to get a copy of all raw data that a given company holds about you. On top of that you are also allowed to find out who has access to the data and for which purpose it is processed as well as in which countries the data is stored for how long. In theory this sounds pretty good and gives users a lot of insight.
Now nyob, a European non-profit organization for privacy enforcement, has filed eight formal complaints with data protection authorities because some providers do not comply with said article.
You might have heard of some of the companies that are put on the spot: Amazon, Apple, DAZN, Netflix, Spotify, and YouTube are probably the most prominent names. They are now sued for an overall sum of 18.8 billion Euros.
The reason is not only one complaint, but several. According to nyob, in the cases were the companies were sending users their raw data (which sadly were not all of them) it was “lacking background information, such as the sources and recipients of data or on how long data is actually stored (“retention period”). In many cases, the raw data was provided in cryptic formats that made it extremely hard or even impossible for an average user to understand the information. In many cases certain types of raw data were also missing.”
Since the GDPR has been in effect there have already been several complaints, investigations, and studies. It is unlikely that things will change in the near future but organizations like nyob keep fighting for it, all hope is not lost.