We use cookies to understand how you use our site and to improve your experience. This includes personalizing content and advertising. To learn more, click here. By continuing to use our site, you accept our use of cookies, revised Privacy Policy and Terms of Service.
You are being directed to ZacksTrade, a division of LBMZ Securities and licensed broker-dealer. ZacksTrade and Zacks.com are separate companies. The web link between the two companies is not a solicitation or offer to invest in a particular security or type of security. ZacksTrade does not endorse or adopt any particular investment strategy, any analyst opinion/rating/report or any approach to evaluating individual securities.
If you wish to go to ZacksTrade, click OK. If you do not, click Cancel.
The Zacks Analyst Blog Highlights: Alphabet, Microsoft, Amazon and Apple
Read MoreHide Full Article
For Immediate Release
Chicago, IL – Dec 19, 2017 – Zacks.com announces the list of stocks featured in the Analyst Blog. Every day the Zacks Equity Research analysts discuss the latest news and events impacting stocks and the financial markets. Stocks recently featured in the blog include Alphabet (GOOGL - Free Report) , Microsoft (MSFT - Free Report) , Amazon (AMZN - Free Report) and Apple (AAPL - Free Report) .
The digital age has created the possibility of doing the same old things in new ways. But every time we do any of these things, we put a piece of ourselves on the information grid where big companies fight to access it, all for the noble purpose of “serving us better.” Of course, they also try to capture the information for leverage against each other, because that’s what brings in profits, thus kind of defeating the purpose.
But whatever be the current situation, it’s true that the information age is evolving, so the rules designed to protect our interest also need to evolve. The European General Data Protection Regulation (GDPR), which was accepted on May 25, 2016 to go into effect on May 25, 2018 was framed for this purpose. GDPR essentially defines and strengthens the rights that data subjects residing in the European Union have regarding personal data relating to them and attempts to unify data protection laws across Europe, regardless of where that data is processed.
On the face of it, the regulation makes a reality tech companies’ worst fears:
Personal data: The definition of personal data has been expanded to any information relating to an identified or identifiable natural person. So IP addresses, application user IDs, Global Positioning System (GPS) data, cookies, media access control (MAC) addresses, unique mobile device identifiers (UDID) and International Mobile Equipment IDs (IMEI) among other things are now included in the definition.
Sensitive personal data: The current law from 1995 treats health records, religious affiliations, racial/ethnic origin, political opinion, trade union membership, physical/mental health, sexual preferences and offenses/convictions as sensitive personal data. GDPR adds genetic and biometric data to the list. Organizations can only request this kind of data in the framework of legal procedures and only if they safeguard the individual’s vital interests.
Explicit consent: No information can be collected from any individual for whatever purpose without their explicit consent regarding the nature of data being collected and the purpose for which it will be used. The data is also required to be removed on request if it was collected to facilitate the provision of services that are no longer required. Individuals and organizations also have the right to be forgotten, so people can have their information scrubbed from the public domain if they so choose.
Access to data: The earlier rules required companies to furnish the information they held on consumers after payment of fees. Requesting data has now become free. Companies will have to tell their patrons/users what personal data is held on them, also where, for what purpose and how it is being processed.
Privacy by design: Systems should be designed in a way that companies only hold and process data when absolutely necessary, they shouldn’t be storing data incidental to the services they offer for processing later on, so privacy must exist by default. Moreover, their systems should have controls and mechanisms for the protection of data held and/or processed.
Breach notification: Hackers are getting smarter by the day, leading to data breaches at retailers, media and technology companies. Since these businesses have huge data pools, each breach could affect millions of people. At times, companies (like Yahoo) haven’t informed users when their data was compromised, thus increasing the risk of identity theft and making users wary. GDPR mandates that a person has to be informed within 72 hours when his/her data has been breached.
Data protection officers: Data processing companies with over 250 employees are required to appoint a data protection officer (DPO), who will be responsible for the management and protection of data within the company and the systems processing it. The DPO will be somebody conversant with data protection law, will be the point of contact for regulatory enquiry or data requests and will report to the highest level of management. So both data controllers (entities that decide the purpose and manner in which personal data is used, or will be used) and processors (persons or groups that process data on behalf of the controller, including the functions of obtaining, recording, adapting or holding of personal data) may need to employ a DPO.
Data portability: Companies are required to move personal data pertaining to any individual to another company/controller/online platform if so directed by the individual concerned. For this purpose, they may receive a copy of their personal data in a commonly used machine-readable format for transfer from one controller to another or have the data transferred directly to another controller.
Huge fines: With the GDPR implementation, companies will be liable to pay huge fines for noncompliance with any of the above. For smaller offenses, a company may be fined up to €10 million or 2% of its global turnover, whichever is greater. More serious or continuing noncompliance can lead to fines of up to €20 million or 4% of global turnover, again whichever is greater.
Effect on Technology Companies
The GDPR might seem like a bad deal for big technology companies, but in fact, having well-defined rules that are up to speed with new technological trends like cloud-based delivery of services, IoT, machine learning and social networks actually helps them to frame company policies and build adequate systems around them. Since they don’t have the monetary constraints that smaller companies do, they are better equipped to be in compliance when the GDPR becomes enforceable. Alphabet’s Google, Microsoft and Amazon have already said that their Cloud, Azure and AWS services, respectively are on track to be in compliance when the rules go into effect.
But the GDPR gets trickier when individuals are involved, with advertising technology companies impacted the most. Not all of them are directly connected with the user, so obtaining permissions can be difficult. Also, targeted advertising involves several processes such as collecting user data, holding, matching, analyzing and on the basis of these operations, offering some products and services to users. So profiling is important for targeted advertising in a way that data mining for machine learning purposes may not be.
Advertisers generally use unique mobile device identifiers (much like cookies) to determine if they have already served an ad to a specific user, to retarget them and also to determine the frequency at which they should be targeted. The identifier tracks the user’s behavior across apps and the web, becoming central to the profiling process. The problem arises when an app obtains permission to use data that is linked to the device ID because it may also be linked to a database that contains other information on the same device ID. Thus a simple online purchase can result in sensitive information becoming identifiable with a person’s name, address or phone number.
Companies like Google and Facebook, that collect user data for targeted advertising, are required to obtain explicit permissions. Since they have direct connections with users, they are in a position to ask for them. If the permissions can be linked to benefits, users may be more willing to share.
The GDPR says, “A purpose that is vague or general, such as for instance ‘improving users’ experience,’ ‘marketing purposes’ or ‘future research’ will – without further detail – usually not meet the criteria of being ‘specific.’” So the companies can no longer ask for broad and sweeping permissions covering all their services. They have to offer either an opt-in for the tracking, or give users the details related to their data along with a chance to opt out. This is a blessing because at least some users some of the time, don’t read through permissions or may not be inclined to act to opt out of something.
Technology companies building apps that are widely in use or those operating an app ecosystem like Apple, Amazon or Google, may be required to check data flows to ensure that no permission passes inadvertently. Particularly because apps generally don’t have any restrictions on sharing information between each other, a flaw that can be exploited by malicious apps to steal information or break into a device.
Conclusion
There are two aspects to privacy that the GDPR attempts to address. The first is with respect to ownership of personal data that remains with data subjects (whether individuals or organizations), so anybody wishing to use this data is required to obtain necessary permissions. The second is with respect to responsible use of the data by implementing adequate security measures to prevent data or identity theft after explicit permission has been obtained.
While adhering to the new rules will be both difficult and expensive, it appears that the larger technology companies will play an even greater role in the data flow process, necessarily remaining as gate keepers to the web. That’s because they possess the kind of resources that will be required for the most sophisticated security systems and are also in direct contact with the end customer.
Wall Street’s Next Amazon
Zacks EVP Kevin Matras believes this familiar stock has only just begun its climb to become one of the greatest investments of all time. It’s a once-in-a-generation opportunity to invest in pure genius.
Zacks Equity Research provides the best of quantitative and qualitative analysis to help investors know what stocks to buy and which to sell for the long-term.
Continuous coverage is provided for a universe of 1,150 publicly traded stocks. Our analysts are organized by industry which gives them keen insights to developments that affect company profits and stock performance. Recommendations and target prices are six-month time horizons.
Strong Stocks that Should Be in the News
Many are little publicized and fly under the Wall Street radar. They're virtually unknown to the general public. Yet today's 220 Zacks Rank #1 "Strong Buys" were generated by the stock-picking system that has nearly tripled the market from 1988 through 2015. Its average gain has been a stellar +26% per year.See these high-potential stocks free >>.
Zacks Investment Research is under common control with affiliated entities (including a broker-dealer and an investment adviser), which may engage in transactions involving the foregoing securities for the clients of such affiliates.
Past performance is no guarantee of future results. Inherent in any investment is the potential for loss. This material is being provided for informational purposes only and nothing herein constitutes investment, legal, accounting or tax advice, or a recommendation to buy, sell or hold a security. No recommendation or advice is being given as to whether any investment is suitable for a particular investor. It should not be assumed that any investments in securities, companies, sectors or markets identified and described were or will be profitable. All information is current as of the date of herein and is subject to change without notice. Any views or opinions expressed may not reflect those of the firm as a whole. Zacks Investment Research does not engage in investment banking, market making or asset management activities of any securities. These returns are from hypothetical portfolios consisting of stocks with Zacks Rank = 1 that were rebalanced monthly with zero transaction costs. These are not the returns of actual portfolios of stocks. The S&P 500 is an unmanaged index. Visit https://www.zacks.com/performance for information about the performance numbers displayed in this press release.
See More Zacks Research for These Tickers
Normally $25 each - click below to receive one report FREE:
Image: Bigstock
The Zacks Analyst Blog Highlights: Alphabet, Microsoft, Amazon and Apple
For Immediate Release
Chicago, IL – Dec 19, 2017 – Zacks.com announces the list of stocks featured in the Analyst Blog. Every day the Zacks Equity Research analysts discuss the latest news and events impacting stocks and the financial markets. Stocks recently featured in the blog include Alphabet (GOOGL - Free Report) , Microsoft (MSFT - Free Report) , Amazon (AMZN - Free Report) and Apple (AAPL - Free Report) .
Today, Zacks is promoting its ''Buy'' stock recommendations. Get #1Stock of the Day pick for free.
Here are highlights from Monday’s Analyst Blog:
How the EU’s New Privacy Law Will Impact Big Tech
The digital age has created the possibility of doing the same old things in new ways. But every time we do any of these things, we put a piece of ourselves on the information grid where big companies fight to access it, all for the noble purpose of “serving us better.” Of course, they also try to capture the information for leverage against each other, because that’s what brings in profits, thus kind of defeating the purpose.
But whatever be the current situation, it’s true that the information age is evolving, so the rules designed to protect our interest also need to evolve. The European General Data Protection Regulation (GDPR), which was accepted on May 25, 2016 to go into effect on May 25, 2018 was framed for this purpose. GDPR essentially defines and strengthens the rights that data subjects residing in the European Union have regarding personal data relating to them and attempts to unify data protection laws across Europe, regardless of where that data is processed.
On the face of it, the regulation makes a reality tech companies’ worst fears:
Personal data: The definition of personal data has been expanded to any information relating to an identified or identifiable natural person. So IP addresses, application user IDs, Global Positioning System (GPS) data, cookies, media access control (MAC) addresses, unique mobile device identifiers (UDID) and International Mobile Equipment IDs (IMEI) among other things are now included in the definition.
Sensitive personal data: The current law from 1995 treats health records, religious affiliations, racial/ethnic origin, political opinion, trade union membership, physical/mental health, sexual preferences and offenses/convictions as sensitive personal data. GDPR adds genetic and biometric data to the list. Organizations can only request this kind of data in the framework of legal procedures and only if they safeguard the individual’s vital interests.
Explicit consent: No information can be collected from any individual for whatever purpose without their explicit consent regarding the nature of data being collected and the purpose for which it will be used. The data is also required to be removed on request if it was collected to facilitate the provision of services that are no longer required. Individuals and organizations also have the right to be forgotten, so people can have their information scrubbed from the public domain if they so choose.
Access to data: The earlier rules required companies to furnish the information they held on consumers after payment of fees. Requesting data has now become free. Companies will have to tell their patrons/users what personal data is held on them, also where, for what purpose and how it is being processed.
Privacy by design: Systems should be designed in a way that companies only hold and process data when absolutely necessary, they shouldn’t be storing data incidental to the services they offer for processing later on, so privacy must exist by default. Moreover, their systems should have controls and mechanisms for the protection of data held and/or processed.
Breach notification: Hackers are getting smarter by the day, leading to data breaches at retailers, media and technology companies. Since these businesses have huge data pools, each breach could affect millions of people. At times, companies (like Yahoo) haven’t informed users when their data was compromised, thus increasing the risk of identity theft and making users wary. GDPR mandates that a person has to be informed within 72 hours when his/her data has been breached.
Data protection officers: Data processing companies with over 250 employees are required to appoint a data protection officer (DPO), who will be responsible for the management and protection of data within the company and the systems processing it. The DPO will be somebody conversant with data protection law, will be the point of contact for regulatory enquiry or data requests and will report to the highest level of management. So both data controllers (entities that decide the purpose and manner in which personal data is used, or will be used) and processors (persons or groups that process data on behalf of the controller, including the functions of obtaining, recording, adapting or holding of personal data) may need to employ a DPO.
Data portability: Companies are required to move personal data pertaining to any individual to another company/controller/online platform if so directed by the individual concerned. For this purpose, they may receive a copy of their personal data in a commonly used machine-readable format for transfer from one controller to another or have the data transferred directly to another controller.
Huge fines: With the GDPR implementation, companies will be liable to pay huge fines for noncompliance with any of the above. For smaller offenses, a company may be fined up to €10 million or 2% of its global turnover, whichever is greater. More serious or continuing noncompliance can lead to fines of up to €20 million or 4% of global turnover, again whichever is greater.
Effect on Technology Companies
The GDPR might seem like a bad deal for big technology companies, but in fact, having well-defined rules that are up to speed with new technological trends like cloud-based delivery of services, IoT, machine learning and social networks actually helps them to frame company policies and build adequate systems around them. Since they don’t have the monetary constraints that smaller companies do, they are better equipped to be in compliance when the GDPR becomes enforceable. Alphabet’s Google, Microsoft and Amazon have already said that their Cloud, Azure and AWS services, respectively are on track to be in compliance when the rules go into effect.
But the GDPR gets trickier when individuals are involved, with advertising technology companies impacted the most. Not all of them are directly connected with the user, so obtaining permissions can be difficult. Also, targeted advertising involves several processes such as collecting user data, holding, matching, analyzing and on the basis of these operations, offering some products and services to users. So profiling is important for targeted advertising in a way that data mining for machine learning purposes may not be.
Advertisers generally use unique mobile device identifiers (much like cookies) to determine if they have already served an ad to a specific user, to retarget them and also to determine the frequency at which they should be targeted. The identifier tracks the user’s behavior across apps and the web, becoming central to the profiling process. The problem arises when an app obtains permission to use data that is linked to the device ID because it may also be linked to a database that contains other information on the same device ID. Thus a simple online purchase can result in sensitive information becoming identifiable with a person’s name, address or phone number.
Companies like Google and Facebook, that collect user data for targeted advertising, are required to obtain explicit permissions. Since they have direct connections with users, they are in a position to ask for them. If the permissions can be linked to benefits, users may be more willing to share.
The GDPR says, “A purpose that is vague or general, such as for instance ‘improving users’ experience,’ ‘marketing purposes’ or ‘future research’ will – without further detail – usually not meet the criteria of being ‘specific.’” So the companies can no longer ask for broad and sweeping permissions covering all their services. They have to offer either an opt-in for the tracking, or give users the details related to their data along with a chance to opt out. This is a blessing because at least some users some of the time, don’t read through permissions or may not be inclined to act to opt out of something.
Technology companies building apps that are widely in use or those operating an app ecosystem like Apple, Amazon or Google, may be required to check data flows to ensure that no permission passes inadvertently. Particularly because apps generally don’t have any restrictions on sharing information between each other, a flaw that can be exploited by malicious apps to steal information or break into a device.
Conclusion
There are two aspects to privacy that the GDPR attempts to address. The first is with respect to ownership of personal data that remains with data subjects (whether individuals or organizations), so anybody wishing to use this data is required to obtain necessary permissions. The second is with respect to responsible use of the data by implementing adequate security measures to prevent data or identity theft after explicit permission has been obtained.
While adhering to the new rules will be both difficult and expensive, it appears that the larger technology companies will play an even greater role in the data flow process, necessarily remaining as gate keepers to the web. That’s because they possess the kind of resources that will be required for the most sophisticated security systems and are also in direct contact with the end customer.
Wall Street’s Next Amazon
Zacks EVP Kevin Matras believes this familiar stock has only just begun its climb to become one of the greatest investments of all time. It’s a once-in-a-generation opportunity to invest in pure genius.
Click for details >>
Today, Zacks is promoting its ''Buy'' stock recommendations. Get #1 Stock of the Day pick for free.
About Zacks Equity Research
Zacks Equity Research provides the best of quantitative and qualitative analysis to help investors know what stocks to buy and which to sell for the long-term.
Continuous coverage is provided for a universe of 1,150 publicly traded stocks. Our analysts are organized by industry which gives them keen insights to developments that affect company profits and stock performance. Recommendations and target prices are six-month time horizons.
Strong Stocks that Should Be in the News
Many are little publicized and fly under the Wall Street radar. They're virtually unknown to the general public. Yet today's 220 Zacks Rank #1 "Strong Buys" were generated by the stock-picking system that has nearly tripled the market from 1988 through 2015. Its average gain has been a stellar +26% per year.See these high-potential stocks free >>.
Follow us on Twitter: https://twitter.com/zacksresearch
Join us on Facebook: https://www.facebook.com/home.php#/pages/Zacks-Investment-Research/57553657748?ref=ts
Zacks Investment Research is under common control with affiliated entities (including a broker-dealer and an investment adviser), which may engage in transactions involving the foregoing securities for the clients of such affiliates.
Media Contact
Zacks Investment Research
800-767-3771 ext. 9339
support@zacks.com
https://www.zacks.com/
Past performance is no guarantee of future results. Inherent in any investment is the potential for loss. This material is being provided for informational purposes only and nothing herein constitutes investment, legal, accounting or tax advice, or a recommendation to buy, sell or hold a security. No recommendation or advice is being given as to whether any investment is suitable for a particular investor. It should not be assumed that any investments in securities, companies, sectors or markets identified and described were or will be profitable. All information is current as of the date of herein and is subject to change without notice. Any views or opinions expressed may not reflect those of the firm as a whole. Zacks Investment Research does not engage in investment banking, market making or asset management activities of any securities. These returns are from hypothetical portfolios consisting of stocks with Zacks Rank = 1 that were rebalanced monthly with zero transaction costs. These are not the returns of actual portfolios of stocks. The S&P 500 is an unmanaged index. Visit https://www.zacks.com/performance for information about the performance numbers displayed in this press release.