The Hamburg data protection authority had already declared the use of the controversial “Pay or OK” method to be permissible. But the procedure now raises questions and the case ends up in court. The backgrounds.
With the “pay or okay” method, users are given a choice: either they agree to a website tracking their data for advertising purposes or they pay a fee for tracking-free access.
In contrast to the paywall, where users have to pay money for certain content, the freedom of choice with “Pay or Okay” is controversial. Because with this so-called cookie wall, you pay either with money or with your data.
What is Pay or Okay?
The Data Protection Conference (DSK), a body of German federal and state data protection supervisory authorities, approved the procedure in a decision from March 22, 2023 basically green light. However, some points need to be taken into account.
Pay or Okay is only permitted in compliance with the General Data Protection Regulation (GDPR). Authorities or public bodies are not allowed to use the method. The same applies to university service providers and companies with a public (supply) mandate. There should also be no monopoly or quasi-monopoly position.
According to DSK, users who agree to a paid subscription will not be allowed to have any personal data processed for advertising purposes. However, beyond the assessment of the German data protection authorities, there is still no uniform European legal framework when it comes to “pay or okay”.
The Digital Markets Act applies to so-called gatekeeper companies such as Facebook parent company Meta, which has also introduced a Pay or Okay subscription. According to the preliminary results According to an evaluation by the EU Commission, the company is violating competition rules. The final investigation will not be completed until March 2025 at the earliest.
Lawsuit against data protection authority
Already in the summer of 2021, a user had a GDPR complaint against the “Pay or Ok” system on the news magazine’s website Mirror submitted. After an examination that lasted around three years, the Hamburg data protection authority determined that the procedure was generally permissible.
The data protection organization noyb is now accusing the authority of not having adequately dealt with the facts. That comes from one official press release of the club. Accordingly, there is insufficient justification to suggest that the method enables voluntary consent and real freedom of choice. Max Schrems, CEO of noyb, said:
Using ‘Pay or OK’ results in a consent rate of 99.9%. Not even the GDR could bring together such a high level of fake approval. There can be no question of voluntary consent here. It just seems as if the Hamburg authorities don’t want to know anything about such numbers.
However, the allegations go even further: the data protection authority has been in close contact with the Mirror confessed and advised the company in return for an administrative expense. However, the affected and complaining user was not heard once. Schrems on this:
No one should be a lawyer and a judge at the same time. However, the Hamburg data protection authority does not seem to see any problem in advising companies or even actively calling for the introduction of ‘Pay or OK’ instead of objectively determining the facts. It is obvious that the authority will not classify the changes it has initiated as illegal.
Also interesting:
- A lot of ambiguity: AI Act comes into force – and initially doesn’t change anything
- iOS for German authorities: What is Apple Indigo?
- Go with the FlowGPT, or: How far can AI go in art?
- AI as a judge: The advantages and disadvantages of artificial intelligence in the judiciary
The article Dollar or Data: What is Pay or Okay? by Fabian Peters first appeared on BASIC thinking. Follow us too Facebook, Twitter and Instagram.
As a Tech Industry expert, I believe that “Pay or Okay” refers to the concept of determining whether it is acceptable to pay for a service or product with either money or with personal data. In today’s digital age, companies often offer “free” services in exchange for users’ personal information, which can then be used for targeted advertising or sold to third parties.
It is important for individuals to carefully consider the implications of this trade-off. While it may be convenient to access certain services for free, there are potential risks associated with giving away personal data, such as privacy concerns and the potential for data breaches. On the other hand, paying for a service with money may offer more control over how one’s data is used and shared.
Ultimately, the decision of whether to pay with dollars or data should be based on individual preferences and priorities. It is important for users to be informed about the terms and conditions of any service they use and to consider the potential consequences of sharing their personal information. As a Tech Industry expert, I believe that transparency and informed consent are key principles in navigating the complex landscape of data privacy and security.
Credits