Abomination | The Cat Herder, Volume 3, Issue 36
|
GMI again. Tony Abbot’s Instagram. Re-identification ain’t hard. Nor is medical confidentiality. This is the hundredth issue of this newsletter. So thank you all for reading.
😼
Site accessed on 10/11/2016… is that November 10 or October 11?
—
Just because the entity responsible for the data breach says “the risk of identification was low” doesn’t mean this is actually the case. In 2002 Latanya Sweeney “found that 87 percent of the U.S. population could be identified by just three data points: zip code, date of birth and gender.” Her paper used data from 1996, almost a quarter of a century ago and before Google even existed. Re-identification has become significantly easier since then.
Full names were not published, but people living in care homes are more at risk of being identified.
—
In Ireland the HSE appears to have overruled the Covid Tracker App which leaves a question mark over the effectiveness of the app.
Teachers at one of the country’s largest second-level schools have expressed concern at what they say are mixed messages they received from the HSE in relation to being deemed a close contact of a person with Covid-19.
Pregnancy charities suggest the guideline could fall foul of data protection regulations
It’s approaching four years since Genomics Medicine Ireland, now known as Genuity Science, first popped up in a typically gushing RTE business segment. Since then we’ve had multiple reports of questionable data gathering practices (Crumlin children’s hospital, January 2019; Temple Street children’s hospital October 2019) and still no clarity on the legality of all this; a PR company approaching the Taoiseach on the company’s behalf and asking for “benediction”; said Taoiseach recording a video testimonial which appears to have been deleted recently; a “widespread compliance and supervision” examination launched by the Data Protection Commission in November 2019 with no visible outcome as yet; two rounds of investment by the Irish state’s venture capital arm, the latter for an eye-watering $70 million; a loss of €37.7 million; shifts in ownership, corporate and management structure and a name change; and in the week just gone an unflattering starring role on Liveline.
Karlin Lillington has been writing about the unusual manner in which Ireland is approaching national genomics for quite some time. (“In a 2018 memo from one such meeting, a Department of Health official wrote: “It is fair to say that [Genomics Medicine Ireland] were not overly concerned with the policy or legal context but with how the regulations impacted on what they are doing.”)
This week in the wake of Monday’s Liveline she yet again laid out the glaring problems with this approach by the state. Exploitable governance structures, failures in transparency and what can only be described as sharp practice in making the minimum possible effort - during a pandemic - to notify affected individuals.
Cianan Brennan had a good piece in the Irish Examiner on the same topic
The calculated grades for the Leaving Certificate have generated plenty of controversy. The Department of Education and Skills did not give students automatic access to their class rank order, but since this is personal data students have a right to access a copy of it under Article 15 of the GDPR.
There’s a guide for any students who would like to do so, including a sample Subject Access Request available on the datasubject.ie website. This is an Article Eight Advocacy project, which I’m involved in.
The Norwegian DPA fined the Norwegian Public Roads Authority 400,000 Kroner (~€37,400) for further processing of personal data in a manner which was incompatible with the original purpose and for failing to erase personal data within seven days.
—
The Belgian DPA fined a politician €5,000 for sending unsolicited political emails to a data subject.
—
As the budget approaches it was interesting to see Senator Malcolm Byrne of Fianna Fáil publicly call for “increased resources” for the DPC. Senator Byrne seemed more concerned about the DPC not having the resources to deal with TikTok rather than the array of intransigent and / or incompetent public sector data controllers in this country. We’ll see what comes of it all.
- “I didn’t think anything I did sounded like a crime, but I knew that sometimes when the other person is rich or famous, things can suddenly become crimes. Like, was there going to be some Monarch Law or something? Was Queen Elizabeth II gonna be mad about this?” Alex Hope AKA mangopdf talks responsible disclosure, non-functioning contact forms and endless bureaucracy in ‘When you browse Instagram and find former Australian Prime Minister Tony Abbott’s passport number’.
- “Why does this matter? Because it feels as though we’re at a point in time where it’s hard for many people to imagine alternatives to the tech systems that we have right now. And here is this opportunity for the government to build out spaces for collaboration with the public in a range of new ways. Governments have been listening to and deferring to management consultants about how to tech for so long that some of the prominent public tech voices sound just like them.” Bianca Wylie on ‘Using Government IT to Teach and Build Public Infrastructure’.
- “To be absolutely clear: we should be concerned about the impacts of social media, we need to work to rein in the power of these tech companies, we need to be willing to have the difficult discussion about what kind of society we want to live in…but we should not believe that the people who got us into this mess—who lacked the foresight to see the possible downsides in what they were building—will get us out of this mess. If these insiders genuinely did not see the possible downsides of what they were building, than they are fools who should not be trusted. And if these insiders did see the possible downsides, continued building these things anyways, and are now pretending that they did not see the downsides, than they are liars who definitely should not be trusted.” A comprehensive critical review of ‘The Social Dilemma’, showing on a Netflix near you, from Z.M.L. on LibrarianShipwreck.
—
Endnotes & Credits
- The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds.
- As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”.
- The image used in the header is by Krystian Tambur on Unsplash.
- Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running.
- Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can.
Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.
If you know someone who might enjoy this newsletter do please forward it on to them.