Eagle Alpha Legal Wrap - July 2022

Eagle Alpha rounds up some of the most relevant legal and compliance articles surrounding the alternative data space over the past month.

US

A group of Democratic lawmakers wants the Federal Trade Commission to investigate Apple and Google, saying the two tech giants secretly allow the collection and sale of user information. The legislators said in a letter to the FTC that Google and Apple allowed these practices by “building advertising specific tracking IDs into their mobile operating systems.” The letter was signed by Sen. Cory Booker of New Jersey, Sen. Elizabeth Warren of Massachusetts, Sen. Ron Wyden of Oregon and Rep. Sara Jacobs of California. You can access the article here.

Peter Green of Schulte Roth & Zabel's perspective on the potential investigation:

This is a critical matter for consumers of alternative data. On the heels of the SEC’s investigation into App Annie, this is worth watching closely. For tracking, the key question remains whether the user being tracked has provided informed consent.

Meta has launched two new legal actions against data scraping sites, which have extracted user data from both Instagram and Facebook for unauthorized use. The first action is against Octopus, a US subsidiary of a Chinese national high-tech enterprise, whose system is claimed to be able to extract data about people’s Facebook friends such as email address, phone number, gender, and date of birth. The second action is against Ekrem Ateş who used automated Instagram accounts to scrape data from the profiles of over 350K users. You can access the article here.

Peter Green of Schulte Roth & Zabel's perspective on Meta's legal actions:

And, on the heels of HiQ v. LinkedIn, this also is worth watching closely. For scraping, the key question remains whether the information being scraped is public; is the scraper inputting a user name and password?

Brendan Carr, one of the FCC’s commissioners, urged Apple and Google to remove TikTok from their app stores. He warned that it is “not just another video app” and needs careful monitoring. He claimed the app has sensitive data that, and according to reports, this data is being accessed in Beijing. Carr highlighted: “It is clear that TikTok poses an unacceptable national security risk due to its extensive data harvesting being combined with Beijing’s apparently unchecked access to that sensitive data.” You can access the article here.

UK

The UK government released its response to the consultation on the reform of the UK data protection regime. As part of the UK’s post-Brexit national data strategy, the consultation gathered responses on proposals aimed at reforming the UK’s data protection regime to boost the UK economy. In its response, the UK government has signalled which of the proposals it will be proceeding with and are likely to appear in an upcoming Data Reform Bill. These reforms are largely business-focused, with an overall aim of reducing compliance burdens faced by businesses of all sizes and facilitating the use (and re-use) of data for research. You can access the article here.

Europe

The Network for Greening the Financial System (NGFS) published its report on bridging data gaps. Reliable and comparable climate-related data are crucial in order for financial sector stakeholders to assess financial stability risks, properly price and manage climate related risks, and take advantage of the opportunities arising from the transition to a low-carbon economy. The report provides business cases and metrics together with relevant data sources. You can access the article here.

China

Hackers claim to have obtained nearly 24 terabytes of data from a Shanghai police database, claiming it contained information on one billion people and “several billion case records”. Experts said the breach, if confirmed, would be the biggest in history. The data details, according to the account, include names, addresses, birthplace, national ID number, mobile number and crime and case details. You can access the article here.

In the aftermath of the leak, a State Council meeting led by Premier Li Keqiang mentioned the need “to improve security management provisions, raise protection abilities, protect personal information, privacy and commercial confidentiality in accordance with the law”. You can access the article here.

Other

Non-personal data to be dropped from India’s data protection bill which is currently being finalized by the Union Ministry of Electronics and Information Technology. An official commentary specified that “the government has been very clear that the data protection law must not create roadblocks or breaks in development of the Indian economy”. You can access the article here.

Industrial Commentary

Dr. Rami Hashish, Founder of pareIT, on data privacy concerns in AI & Machine Learning: “There is increasing concern regarding data privacy with AI and machine learning, and frankly, the concern is valid. Regardless of where you stand on the topic, one thing is certain: unethical collection and processing of data can have damaging societal consequences.” You can access the full commentary here.