This may be naive but how is this different to any other big western tech company’s data collection, metrics and sharing with the US and other host governments?
Not naive, this is not much different. Not to mention that in the west we’re making it a lot easier to be tracked (and controlled) with the coming digital identities and CBDCs. And most people will happily along with it.
Perhaps what’s different about Yandex is that it was a leak the revealed their data abuses. The code does not match their claims:
“Remember that Yandex reportedly said that the data it collects is “non-personalised and very limited”? That does not seem to be the case.”
There are other mentions of blatant deanonymization of identities in that article. Whereas Google is relatively transparent about what they do by comparison.
Here’s an interesting point as well:
“In theory you should be able to take your data back if you live in a jurisdiction that requires companies to respect data deletion requests, but the insights derived from that data might be considered that company’s work product and not included in that deletion.”
i also wonder- what if you don’t live in Europe… doesn’t the parent ownership being in Netherlands mean that Yandex is GDPR-obligated to everyone worldwide as if it were an EU company?
I think it’s somewhat well known that Yandex is a surveillance capitalist, but I’ve heard Yandex-using westerners comment that they have no ties to Russia. Russian business does not appear to be tightly integrated with western businesses. So I think the attitude has been that if they use Yandex whatever data gets collected is less likely to get intermingled or aggregated with western data leeches data sets.
Consider that when you enter the US, customs & immigration sometimes wants probe into your Twitter and Facebook profiles. In one notable story, a student from the middle east managed to get enrolled into an ivy league university like Harvard or something. Customs looked at his FB acct, saw who his friends were, then saw some anti-American messages by his friends (not him). He was blocked from entry and sent back; did not get to attend the school. I wonder if he were using some Russian social media service instead whether it would been a different outcome.
So this news changes the dynamic a bit. If a Dutch company has backroom access to Yandex’s data collection, Europeans do not get that cross-border sense of privacy they thought they had.
OTOH, Russia seems to have no privacy safeguards. IIRC facial rec DBs are shared to everyone so anyone can snap a pic of someone, ID them with the app, and find out where they live. Netherlands has the GDPR, fwiw. So I guess the question is to what extent Yandex is subject to GDPR rules.
deleted by creator