TeleSign accused of violating GDPR by reputation-scoring EU citizens
US-based fraud prevention company, TeleSign, finds itself in a pickle over accusations that it collected data from millions of EU citizens and processed it using automated tools without their consent. Allegedly, the data was utilized within an automated system to create “reputation scores” sold to customers like TikTok, Salesforce, Microsoft, and AWS. This violation of the GDPR’s provisions has been called out by Austrian privacy advocacy group noyb.
The drama doesn’t end there for TeleSign. When acquired by BICS in 2017, they came under partial control of Proximus, Belgian telecom giant and parent company of BICS. Proximus holds a stake in BICS and is now the sole owner following the buyout of other shareholders in 2021. Consequently, noyb also alleges that Proximus violated GDPR rules about affirmative consent required to process EU citizen’s data.
In response to these allegations, TeleSign denies any wrongdoings asserting it has a robust data privacy program compliant with global laws and regulations including the GDPR and CCPA. Despite this assurance, noyb demands secession of all data transfers from BICS to TeleSign while seeking deletion of all unlawfully transmitted data. Furthermore, noyb urges Belgian authorities to fine Proximus up to €236 million ($257 million).
As we stay tuned for more updates on this intriguing saga involving big tech companies and privacy laws – one thing remains clear: The spotlight on user privacy continues to grow brighter each day raising serious questions about how companies manage their users’ data.
Source: US vendor accused of violating GDPR by reputation-scoring EU citizens
