June 26, 2022
Appletartman | The Cat Herder, Volume 5, Issue 24
| |
| June 26 · Issue #186 · View online |
|
|
Safeguards against unlawful access to personal data can be of little use when the law changes. But it would be nice if the Irish state at least included them in the first place, as it is obliged to do. 😼
|
|
|
|
|
|
|
A wave of tech companies set up reimbursement programs for workers seeking out-of-state abortions after the draft decision overruling Roe v. Wade leaked, indicating a level of care for employee well-being and retention. But what speaks even louder is their silence about users’ data. That’s a tacit acknowledgment that data is so valuable, tech companies would rather keep on collecting it, even if people are thrown in jail, fined or killed.
|
Your data is worth more than your life to tech companies
Tech companies have created employee reimbursement programs, but they have been silent on whether they’ll protect users’ data that could put them at risk of prosecution.
|
|
|
|
The geofence warrants to Google for abortion clinics are only days away:
"Hey Google, show me all phones belonging to residents of state X who visited any of these clinics in state Y, here is a court order, thanks"
The ONLY way to stop this is if Google stopped recording this!
|
|
|
|
|
|
There are six lawful bases for processing personal data. A government belief and “in keeping with best practice” are not among these six.
|
Controversy after Revenue asked Social Protection for data on 1,616 PUP recipients
Finance Minister Paschal Donohoe defended the sharing of information between government departments but data protection experts say the move was unlawful
|
|
|
The applicant claims the garda obtained personal data about him after a Garda Data Request Form was delivered to Distilled SCH Ltd trading as Adverts.ie on August 25, 2021, last, five days before he received the phone call and the WhatsApp message from the seller, and two days after the initial exchange on the forum. His counsel, David O'Brien Bl, told the High Court that Mr Blazejewicz does not know the identity of the garda who made the data request to Adverts.ie. No criminal investigation took place, and his client believes the data was obtained fraudulently. He believes the garda who sought the data is either the seller on the Adverts.ie platform known as ‘Appletartman’ or is somebody known to the seller.
|
Kerry businessman claims garda fraudulently obtained his private data from online sales platform
Case centres around an online exchange that occurred on the ‘Advert.ie’ platform involving the complainant and the seller of an electric drone
|
|
|
Connecting the dots with several of the stories above …
|
|
|
The Irish government finally publishes proposals to change the law on data retention; unfortunately it still lacks safeguards, aims to continue indiscriminate retention, and allows access to retained data for simple crime (not national security). @ has more on his T/L. https://t.co/Ao2dqlCqYN
|
|
|
|
|
|
In handing down its judgment, the Court ruled that there are insufficient safeguards within the Act when it comes to the security services obtaining people’s private data. The judgment means that the security services will no longer have the power, when carrying out criminal investigations, to get detailed information on us from telecom providers without having first obtained independent approval that this is necessary and proportionate.
|
Liberty wins landmark Snoopers' Charter case - Liberty
Human rights organisation Liberty has achieved a landmark victory in a legal challenge against powers used by Government bodies to spy on the UK population.
|
… while in the United States, as of last Friday -
|
For example, from January to June 2020 alone, Apple, Google, Meta, and Microsoft received over 112,000 legal requests to access data from federal, state, and local law enforcement agencies, and fulfilled approximately 85 percent of those requests. In recent years, several federal law enforcement agencies including the U.S. Customs and Border Protection (CBP) and Immigration and Customs Enforcement (ICE) also purchased smartphone app geolocation data from data brokers like Venntel and Babel Street, without a warrant or court order, which they used to track unlawful activity leading to arrests or deportations. If abortion is outlawed in some states, law enforcement officers can use these same tools to track pregnant people and abortion facilities. A 2019 Kaiser Family Foundation survey found that nearly a third of female-identifying respondents used a smartphone app to track their menstrual cycles, some of which collect and share highly sensitive information about period cycles, sexual activity, and medical conditions. In addition, data aggregators can compile and sell precise geolocation information related to people who visit reproductive health clinics; for example, SafeGraph recently offered location information of individuals who visit Planned Parenthood and other family planning facilities for approximately $160, including the frequency and length of their visits and other movement activity.
|
What Privacy in the United States Could Look Like without Roe v. Wade | Center for Strategic and International Studies
According to a leaked draft opinion of Dobbs v. Jackson Women’s Health Organization, the Supreme Court could soon uphold the constitutionality of Mississippi’s Gestational Age Act, a state law which generally bans abortions after 15 weeks of conception. In doing so, it would overturn an almost 50-year precedent set by the Supreme Court’s decisions in Roe v. Wade (1973) and
|
|
|
|
|
|
|
-
‘“Precisely because children’s data is at stake and the response in the disclosure process was little (6 out of 42 vendors (±14%) responded to our disclosure), we hope our work will draw attention to this sensitive issue. Daycare center managers, daycare providers, and parents cannot analyze such apps themselves, but they have to help decide which app to introduce.“ In fact, the researchers made vulnerability disclosures to many of the same applications we were researching in November 2021. Despite the knowledge that children’s data was at stake, security controls still hadn’t been pushed to the top of the agenda in this industry. Privacy issues remained as well. For example, The Tadpoles Android app (v12.1.5) sends event-based app activity to Facebook’s Graph API. As well as very extensive device information to Branch.io’. From ‘Daycare Apps Are Dangerously Insecure’ by Alexis Hancock for the Electronic Frontier Foundation.
-
"A second example is that gatekeepers will no longer be allowed to combine the data they have about end users from their core services, including search engines and social networks, with other services they are developing, unless being given explicit consent. This is a measure that helps both SMEs and end users, because currently if gatekeepers wish to move into a new area or provide a new service, they can often do that using the data they already have about their billions of existing customers. This ability translates to unfair competition towards SMEs trying to develop similar services that, however, do not have all the data about Google, Apple, or Facebook’s European customers.” From an interview with Ian Brown by Ludovica Formicola for Netwerk Democratie.
-
“Despite what my concerns might lead some to believe, I am not a technophobe. Like many others who study privacy and technology, I’m often an early adopter of tech, and get enthusiastic for its many potential uses. But I’m also a sociologist studying authoritarianism, and our digital infrastructure has become the infrastructure of authoritarianism. When I started saying this awhile back, many people would tell me that I was conflating the situation in China with that of Western countries where such surveillance is usually undertaken for commercial purposes and we have limits to what governments would want to do. I always thought: If you build it, they will come for it. Criminalization of abortion may well be the first wide-scale test of this, but even if that doesn’t come to pass, we’re just biding our time.” From ‘We Need to Take Back Our Privacy’ by Zeynep Tufekci in the New York Times. |
→ text only version
—
|
|
|
|
|
If you know someone who might enjoy this newsletter do please forward it on to them.
|
|
Did you enjoy this issue?
|
|
|
|
In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
|
|
|
|
Privacy Kit, Made with 💚 in Dublin, Ireland
|
|
|
Safeguards against unlawful access to personal data can be of little use when the law changes. But it would be nice if the Irish state at least included them in the first place, as it is obliged to do.
😼
—
Tech companies have created employee reimbursement programs, but they have been silent on whether they’ll protect users’ data that could put them at risk of prosecution.
https://twitter.com/ncweaver/status/1540338660909805568
There are six lawful bases for processing personal data. A government belief and “in keeping with best practice” are not among these six.
Finance Minister Paschal Donohoe defended the sharing of information between government departments but data protection experts say the move was unlawful
—
Case centres around an online exchange that occurred on the ‘Advert.ie’ platform involving the complainant and the seller of an electric drone
Connecting the dots with several of the stories above …
… and in the UK -
Human rights organisation Liberty has achieved a landmark victory in a legal challenge against powers used by Government bodies to spy on the UK population.
… while in the United States, as of last Friday -
According to a leaked draft opinion of Dobbs v. Jackson Women’s Health Organization, the Supreme Court could soon uphold the constitutionality of Mississippi’s Gestational Age Act, a state law which generally bans abortions after 15 weeks of conception. In doing so, it would overturn an almost 50-year precedent set by the Supreme Court’s decisions in Roe v. Wade (1973) and
“Italy’s data protection authority, the Garante, joined DPAs in Austria and France in ruling against data transfers to the U.S. using Google Analytics.”
-
‘“Precisely because children’s data is at stake and the response in the disclosure process was little (6 out of 42 vendors (±14%) responded to our disclosure), we hope our work will draw attention to this sensitive issue. Daycare center managers, daycare providers, and parents cannot analyze such apps themselves, but they have to help decide which app to introduce.“ In fact, the researchers made vulnerability disclosures to many of the same applications we were researching in November 2021. Despite the knowledge that children’s data was at stake, security controls still hadn’t been pushed to the top of the agenda in this industry. Privacy issues remained as well. For example, The Tadpoles Android app (v12.1.5) sends event-based app activity to Facebook’s Graph API. As well as very extensive device information to Branch.io’. From ‘Daycare Apps Are Dangerously Insecure’ by Alexis Hancock for the Electronic Frontier Foundation.
-
"A second example is that gatekeepers will no longer be allowed to combine the data they have about end users from their core services, including search engines and social networks, with other services they are developing, unless being given explicit consent. This is a measure that helps both SMEs and end users, because currently if gatekeepers wish to move into a new area or provide a new service, they can often do that using the data they already have about their billions of existing customers. This ability translates to unfair competition towards SMEs trying to develop similar services that, however, do not have all the data about Google, Apple, or Facebook’s European customers.” From an interview with Ian Brown by Ludovica Formicola for Netwerk Democratie.
-
“Despite what my concerns might lead some to believe, I am not a technophobe. Like many others who study privacy and technology, I’m often an early adopter of tech, and get enthusiastic for its many potential uses. But I’m also a sociologist studying authoritarianism, and our digital infrastructure has become the infrastructure of authoritarianism. When I started saying this awhile back, many people would tell me that I was conflating the situation in China with that of Western countries where such surveillance is usually undertaken for commercial purposes and we have limits to what governments would want to do. I always thought: If you build it, they will come for it. Criminalization of abortion may well be the first wide-scale test of this, but even if that doesn’t come to pass, we’re just biding our time.” From ‘We Need to Take Back Our Privacy’ by Zeynep Tufekci in the New York Times. |
→ text only version
—
Endnotes & Credits
Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.
If you know someone who might enjoy this newsletter do please forward it on to them.
