Have you managed to verify this or you're just assuming it ? I'm just assuming it, that's why I'm asking. Like have you made a request for your data from Facebook / data brokers and it looks straight ? I trust Mozilla to the fullest and have made no effort to investigate.
I don't trust that this is all they have about me. Wasn't there reports that they were generating dark profiles about people not even on Facebook (by mining contact information from others)?
That skepticism is definitely healthy, but by the GDPR, this is required to be every single thing they have on you, under penalty of significant fines.
That doesn't mean it is everything... but it at least makes that a little more likely? Some light optimism for you, I guess.
Edit: seems even this isn't necessarily true.. damn.
They have to tell you everything they know about you, by law... but that doesn’t mean this webpage contains every information they collected. And getting everything is rather complicated: https://ruben.verborgh.org/facebook/
Facebook collected this data for years but only recently started disclosing it. There's no reason to trust that they're disclosing all the data they're collecting.
Interesting...I've been using the Facebook container for well over a year and have been very careful to only access facebook from it....but they still list very recent (like yesterday) data in my off_facebook_activity. This is very frustrating.
Facebook managed to get some off-Facebook activity from me even using this. The site in question was also loaded in a Private Browsing window and Facebook claimed it was from pixel tracking. I'm guessing they've inferred it based on IP, especially as I live by myself.
How this is legal under GDPR, given I'm a UK citizen, I'm really not sure.
I guess it depends on the country. In Poland my experience is that every time EU passes some regulation Polish parliament passes the corresponding bill implementing it. So even if we left EU tomorrow those bills will still be in effect.
Also, I'm not sure about this "immediately enforceable" part - I recall some cases where member states delayed implementing EU laws for years, sometimes ending up being sued to European Court of Justice.
Yes, the UK has the DPA-2018 legislation which basically implements GDPR in the UK. [1] Its application is supervised by the ICO. Subject Access Request can be issued to pretty much any public institution / company [2]
"You have the right to find out if an organisation is using or storing your personal data. This is called the right of access. You exercise this right by asking for a copy of the data, which is commonly known as making a 'subject access request"
GDPR directly doesn't apply to the UK anymore (except for organisations that handle data of EU citizen, of course) but the UK chose to enact the GDPR into UK law via the Data Protection Law of 2018, which is aptly dubbed "UK GDPR".
I do this, but to every webpage - so there should be much less cross-site talk. Not that the advertising machine doesn't have a million other ways of getting though.