Disqus Facing $3M Fine in Norway for Tracking Users Without Consent
upstart writes in with an IRC submission for c0lo:
Disqus facing $3M fine in Norway for tracking users without consent - TechCrunch:
Disqus, a commenting plug-in that's used by a number of news websites and which can share user data for ad targeting purposes, is in hot water in Norway for tracking users without their consent.
The local data protection agency said today it has notified the U.S.-based company of an intent to fine it 2.5 million (~$3 million) for failures to comply with requirements in Europe's General Data Protection Regulation (GDPR) on accountability, lawfulness and transparency.
Disqus' parent, Zeta Global, has been contacted for comment.
Datatilsynet said it acted following a 2019 investigation in Norway's national press - which found that default settings buried in the Disqus' plug-in opted sites into sharing user data on millions of users in markets, including the U.S.
[...] And while in most of Europe the company was found to have applied an opt-in to gather consent from users to be tracked - likely in order to avoid trouble with the GDPR - it appears to have been unaware that the regulation applies in Norway.
Norway is not a member of the European Union but is in the European Economic Area - which adopted the GDPR in July 2018, slightly after it came into force elsewhere in the EU. (Norway transposed the regulation into national law also in July 2018.)
Oops.
Read more of this story at SoylentNews.