Editor's Note: This article was updated with comments from a White Bridge AI spokesman.
European Digital Privacy NOYB has filed a complaint with Lithuanian data protection authorities regarding illegal activities by large data brokers selling “reputation reports” to individuals based on information cut off from the internet.
Lithuania-based White Bridge AI collects data on people with an online presence, including harvesting information from social media platforms. The company has since touted the product as “a bit scary” in order to ask reporting subjects to pay to access content, WatchDog Group says.
Reports are not necessarily true, Neub argues, and often includes inaccuracies generated by AI.
They are said to include a list of “photos,” “hidden profiles,” “negative coverage,” and background checks that show whether an individual shares religious, adult, or political content on social media.
Under the European General Data Protection Regulation (GDPR), citizens have the right to access data from businesses for free. WhitebridgeAI is said to be broken by trying to sell reports to people who have been profiled.
“Whitebridge AI has a very suspicious business model aimed at scaring people from paying for their own, illegally collected data,” NOYB data protection lawyer Lisa Steinfeld said in a prepared statement.
The company is also breaking the law by selling data from its social media profiles, says Noyb.
The report NOYB purchased for the two petitioners included warnings of “sexual nudity” and “dangerous political content,” despite the fact that the report did not contain such information, Noyb says. When the petitioner tried to correct the error, Whitebridge allegedly told them that a “qualified digital signature” was required to make the request.
GDPR does not require digital signatures for such personal data requests.
A White Bridge AI spokesman said the company “takes data protection and privacy very seriously.”
“All personal data processed by the company is collected only from publicly available sources and for legal and well-defined purposes,” they said.
Whitebridge processes data only when requested at client request and deletes the report after 30 days.
Noyb asks Lithuanian data protection authorities to force Whitebridge to provide individuals with free access to reports, notify the petitioner that they have stopped illegally processed data and corrected false reports. They also ask the authorities to fine the company.
Under the GDPR, complaints are filed directly with regulators of the member states in which the company is based.
Recorded future
Intelligence Cloud.
learn more.
