Even government departments trying their very best to anonymise data tend to mess it up, what makes you think an advertising company has any interest in doing the same?
Their entire existence is built upon deanonymising and monetising that data.
Nothing makes me think this. But since officially everything is pseudonymous, how would it be possible to have a website dedicated to showing the data someone has about me?
Privacy International did a piece on this kind of ad-tech data survaillance and they were saying "Here is the shocking details what an ad-company knew about me when I asked them to share everything with me in line with GDPR"
Then I emailed Privacy International, asking: How did they even knew your real name?
To which they replied "Oh, yes, we forgot to add that to the article, I actually gave them my name and my cookies, so they could tie all their cookie IDs to my name"
They also promised to write an article about the implications of pseudonymous data and the possible link to real identities, which they also never did.
I helped implement the GDPR data request flow at a company with segment data.
Some of the big challenges of the system was a) convincing requesters that we couldn’t look them up by name and b) teaching them how to find the things we could look them up by (cookie Id or apple/android advertiser Id).
It was one of the ugly ironies of the system that we had to build a name collection capability when we didn’t want it.
