The UK’s data protection watchdog says its crackdown on sites that don’t ask visitors to consent to having their browsing activity tracked and profiled for ad targeting is bearing fruit. However, it admits that some of the changes prompted by the crackdown have seen sites adopt a controversial type of paywall that requires users to pay a fee to access content or opt in to being tracked and profiled for ad targeting (also often known as “pay or consent”).

The ICO didn’t disclose which websites had switched to a pay-or-agree model because it began asking questions on their tracking cookies. But it did name and shame several corporations for failing to comply with other cookie rules.

On Tuesday local time, the Information Commissioner’s Office (ICO) announced it had reprimanded Bonne Terre, the corporate behind Sky Betting and Gaming, for unlawfully processing personal data without consent.

Research has shown that data tracking can do loads of harm to individuals with addiction problems, which can explain why the general public rebuke of the ICO focused on an organization within the gambling sector.

“From 10 January to 3 March 2023, Sky Betting and Gaming processed users’ personal data and shared it with advertising technology companies as soon as they accessed the SkyBet website – before they had the opportunity to accept or reject advertising cookies,” the ICO wrote in a press release. “This meant that their personal data could be used to target them with personalised adverts without their prior consent or knowledge.”

The regulator told TechCrunch that it selected to issue a warning moderately than a sanction on this case since it believes it’s a proportionate use of its powers — “based on what will achieve the best outcome, and based on our priorities and limited resources.”

“In this case, we took into account Bonne Terre’s positive engagement with the ICO and the steps it has taken to improve compliance and considered that a reprimand was the most proportionate action,” ICO spokesman James Huyton added.

The reprimand is an element of a wider crackdown by the ICO on the use of cookies without consent, with the regulator highlighting a review of the UK’s “top 100 sites” last yr that identified “problems” with the way in which greater than half of sites used promoting cookies. then he wrote to 53 involved sites, warning they face enforcement motion in the event that they don’t change the way in which they deploy promoting cookies to comply with data protection law. The ICO suggests the outreach has helped remove some non-compliant cookie banners.

The regulator declined to verify the identity of any of the opposite sites contacted as part of its cookie compliance check. However, reporting the outcomes of its flurry of letters, the ICO said 52 of the sites it approached had made changes to the way in which they collected consent to tracking. The ICO said it had observed a number of changes, including some sites moving to a so-called “pay or consent” model – where visitors are blocked from accessing site content unless they consent to tracking or pay a fee.

Pay or consent is a controversial approach that’s currently being challenged legally and regulatory-wise within the European Union, including by privacy and consumer protection groups. Meta’s implementation of pay or consent can also be suspected of violating the bloc’s fair market principles. (The ICO declined to say whether Meta was one of the positioning owners it contacted about cookie consent.)

In a press release accompanying the report on the outcomes of the cookie banner crackdown, Stephen Bonner, deputy commissioner on the ICO, said the intervention had led to 99 of the highest 100 UK web sites “either already offering meaningful choice in advertising cookies or making changes to get people’s consent”. Which is sort of an either/or.

Bonner’s statement doesn’t provide any data to quantify the actual impact of the ICO on consent selections for UK web users. He says only that “some” of the changes observed included the introduction of a reject all button on sites that previously didn’t have one; others involved sites making their accept all and reject all buttons equally visible; and other sites introduced alternatives corresponding to “agree or pay” – a business model the ICO is “currently reviewing” for legality.

The gold standard for compliance with the UK’s General Data Protection Regulation, which is predicated on the EU framework of the identical name, could be to present website visitors with: easy yes/no selection accept or decline tracking. Sites that fail to accomplish that—for example, by only allowing users to simply accept but not decline tracking, or by making it easy to click a tracking acceptance button but hiding the decline option from multiple menus in confusingly worded settings—needs to be penalized for failing to comply. But too often, they get away with using manipulative, hidden patterns to steal consent.

The ICO must take some of the blame for years of ignoring warnings from privacy activists in regards to the ad tech industry’s unchecked data collection. It also didn’t act decisively by itself concerns in regards to the sector’s data collection practices, as set out in a 2019 report – for example, closing a grievance without issuing a choice in 2020 since it opted for soft industry engagement moderately than vigorous enforcement.

Last yr’s cookie harvesting campaign looks like an attempt by the ICO to finally see itself do something after years of exempting adtech players from compliance. However, its actions may raise questions provided that enforcement has apparently fuelled a rise within the use of controversial ‘pay or agree’ tactics. It’s also interesting to think about the sites it chooses to call and shame in comparison with others that also don’t offer users a transparent yes/no selection, but whose names we have now to infer.

As well as publicly reprimanding Sky Betting, the ICO has decided to call and shame gossip website Tattle Life – which it says was the just one of 53 web sites contacted that didn’t become involved – and said it might now launch an investigation into its use of cookies and its “apparent failure” to register with the ICO.

What about sites which have switched to implementing “agree or pay” cookie banners, meaning they don’t offer web users a free selection to opt out of tracking?

Tech giant Meta entered the sport last yr, deciding to force ad-tracking consent from Facebook and Instagram users by imposing a “pay us or let us track you” paywall on its formerly free social networks. Since then, a growing number of British news sites have imitated the tactic, with “pay or let us” paywalls popping up in all places previously free, ad-supported journalism was available.

We asked the ICO for its views on the creep and growth of “pay or agree”, including Meta’s adoption of the tactic, and a spokesperson referred to Bonner’s previous comments, writing: “Following engagement with Meta, we are investigating how UK data protection law would apply to any potential ad-free subscription service. We expect Meta to consider any data protection concerns we raise before rolling out a subscription service to UK users.”

At the start of this yr, ICO conducted consultations on “pay or consent” business models saying it hopes to supply an initial view of the approach but has not yet adopted a transparent public position. And on this regulatory gray area, loads of “consent or pay(wall)” is happening.

“When it comes to opt-in or pay models, we have told companies that they are not transparent with the public and that they must offer people meaningful choice about how their data is used and shared on their websites,” the spokesperson added. “Some companies have introduced alternative methods of obtaining consent, such as ‘opt-in or pay’, which we are currently considering as a business model following our consultation in early 2024. We will provide our position later in the year. In the meantime, we will continue to monitor developments in new approaches.”

During last week’s GlowTime event, Apple announced that iOS 18 will include a feature that may allow users with mild to moderate hearing loss to make use of AirPods as hearing aids.

But Apple was still waiting for FDA approval—approval that was announced just days later. The FDA described it as the primary “over-the-counter hearing aid software,” and certainly one of its leaders suggested it could possibly be “another step that increases the availability, affordability, and acceptability of hearing support for adults with perceived mild to moderate hearing loss.”

TechCrunch’s Brian Heater tried out a partial version of the feature last week. It won’t be available to those with standard AirPods, just like the ones I’m wearing now; you will need the corporate’s latest premium headphones, the AirPods Pro 2, since the feature leverages the Pro’s passive noise cancellation and H2 chip.

In today’s TechCrunch Minute, we discuss how Apple’s hearing test works and the way it’s changing the hearing aid market.

AWS announced today that it’s moving to a new edition Open searchits open source fork of the popular Elasticsearch search and evaluation engine to the Linux Foundation with the launch of the OpenSearch Foundation.

AWS first launched the OpenSearch project in 2021, after Elastic modified the license for its Elasticsearch and Kibana projects to its own proprietary license, the Elastic License. At the time, several open source vendors made similar changes, largely to stop large cloud providers—especially AWS—from offering hosted services based on their software.

Ironically, the move comes just weeks after Elastic announced it might be re-offering Elasticsearch and Kibana under an open source license, AGPL-ewhich requires users to publish the entire source code in the event that they make any changes. Interestingly, Elastic decided to make this selection available alongside its own, more restrictive license because, as the company said, “we have people who really like ELv2.”

When AWS created OpenSearch, there was loads of skepticism surrounding the project. After all, AWS had never managed a project of this size before. Mukul KarnikAWS general manager for search services, admitted as much.

“When we started OpenSearch at the time, Amazon and AWS were new to taking an open source project and developing it,” he told me in an interview before today’s announcement. “Our goal from the very beginning was to be community-driven and see how we could get more community members to participate and contribute to the project.”

Karnik noted that AWS has step by step opened up the project, encouraging each input and broader governance. “It’s become more organic, in a sense, where we’re taking these organic steps to figure out how to get more people to participate in the project.”

With today’s launch, many other major corporations have joined the Foundation, including SAP and Uber, who’ve change into premium members, while Aiven, Aryn, Atlassian, Canonical, Digital Ocean, Eliatra, Graylog, NetApp Instaclustr, and Portal26 have change into general members.

Karnik noted that AWS expects its contribution to OpenSearch to extend.

In 2021, the foundation wasn’t on the roadmap yet, but now moving the project into its own foundation looks like a natural next step, Karnik said. He also noted that the OpenSearch ecosystem has added quite just a few innovations of its own to the project, including moving it from a cluster-based system to a more cloud-native architecture. He also noted that the project has recently introduced updates like separating compute and storage, in addition to segment replication. With the advent of artificial intelligence, interest in OpenSearch as a vector database has also increased, Karnik said.

The recent Foundation will operate under the standard Linux Foundation governance model, with an oversight board and a technical steering committee.

“The Linux Foundation is excited to provide a neutral home for open and collaborative development around open source search and analytics,” said Jim Zemlin, executive director of the Linux Foundation. “Search is something we rely on every day, for both business and consumer use, and we look forward to supporting the OpenSearch community and helping them deliver powerful search and analytics tools to organizations and individuals around the world.”

Like many similar foundations, one of the reasons AWS has decided to contribute to the project now could be to achieve access to the Linux Foundation’s services and expertise in managing and developing open source projects. Additionally, the move helps OpenSearch shed its perception of being primarily an AWS-driven project, a key step for continued growth and broader adoption.