May 16, 2021
Christ On A Bike | The Cat Herder, Volume 4, Issue 18
| |
| May 16 · Issue #131 · View online |
|
|
It was a very good week for crackpot proposals from Irish politicians. Not such a good week for Facebook in Ireland, Germany and the United States. 😼
|
|
|
|
|
|
|
Women: Save stalkers the hassle of having to follow you all day to find out where you live. Simply park your bike where they can see it and let Eircode do the rest. https://t.co/KC4AV6Vgpm
|
|
|
|
|
|
No other major social network or service has contact-based friend lists that are publicly accessible by default to anyone — and that cannot be made private. People use Venmo to get paid, often using their real names. They often also import their phone contact lists or Facebook friend lists — which the app highly encourages when you sign up — creating networks where people automatically “friend” dozens if not hundreds of other Venmo users to allow them to find people they want to pay more easily.
|
We Found Joe Biden’s Secret Venmo. Here’s Why That’s A Privacy Nightmare For Everyone.
The peer-to-peer payments app leaves everyone from ordinary people to the most powerful person in the world exposed.
|
|
|
A political party floundering in government and in the polls is likely to latch on to any sort of bad idea which is popular among Liveline callers and that it suspects might revive its fortunes. That this idea should be intertwined with the other equally bad idea of a beefed up BAI being responsible for regulating all the content on the internet is just the cherry on top.
|
Fianna Fáil calls for social media companies to request ID to fight online abuse - Independent.ie
Fianna Fáil backbenchers have called for social media companies to request ID when users create accounts as part of a ban on anonymous social media accounts.
|
|
|
A “checkered past” is putting it mildly.
|
Attorneys general from 44 states and territories urged Facebook to abandon its plans to create an Instagram service for kids under the age of 13, citing detrimental health effects of social media on children and Facebook’s reportedly checkered past of protecting children on its platform.
|
More than 40 attorneys general ask Facebook to abandon plans to build Instagram for kids
Monday’s letter follows questioning from federal lawmakers who have also expressed concern over social media’s impact on children.
|
|
|
While all eyes were on the High Court and the Facebook / DPC judicial review decision, the DPC quietly published a decision from March on its website. It is the result of an inquiry into a data breach at the Irish Credit Bureau. The DPC imposed a fine of €90,000 and issued a reprimand for failing to implement data protection by design and default and an inability to demonstrate compliance as required by Articles 5(2) and 24(1). |
|
|
“The Dutch data protection authority (‘AP’) announced, on 12 May 2021, its decision to impose a fine of €525,000 against Locatefamily.com. In particular, the AP outlined that Locatefamily.com had failed to comply with the obligation to designate, in writing, a representative in the EU, in violation of Article 27 of the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’). In addition, the AP noted that it had received 19 complaints in relation to the company’s failure to comply with data erasure requests and the absence of an establishment or representative of Locatefamily.com within the EU. Further to this, the AP also noted that similar complaints were lodged in other EU Member States by data subjects from the relevant countries regarding Locatefamily.com.” |
|
|
The Hamburg DPA writes that the update to WhatsApp’s terms grant the messaging platform “far-reaching powers to share data with Facebook” for the company’s own purposes (including for advertising and marketing) — such as by passing WhatApp users’ location data to Facebook and allowing for the communication data of WhatsApp users to be transferred to third-parties if businesses make use of Facebook’s hosting services. Its assessment is that Facebook cannot rely on legitimate interests as a legal base for the expanded data sharing under EU law. And if the tech giant is intending to rely on user consent it’s not meeting the bar either because the changes are not clearly explained nor are users offered a free choice to consent or not (which is the required standard under GDPR).
|
|
|
|
|
-
“Kirsten Ostherr, director of the Medical Futures Lab at Rice University, said there are both practical and moral problems with advertising around such medical conditions. If a work colleague walks by your computer screen and sees a targeted ad for a lung cancer drug, for example, he or she could deduce you have the condition. “Even if the advertiser doesn’t know exactly who you are,” Ostherr said, “if these ads are popping up on your screens everywhere, that potentially exposes information about you.” Beyond that, targeting products by surveilling the sick inherently exploits vulnerable users’ privacy, Ostherr said.” From ‘How Big Pharma Finds Sick Users on Facebook’ by Colin Lecher for The Markup
- If you’d like to find out just how easy it is to single you out based on readily available data points try out The Observatory of Anonymity from the Computational Privacy Group at Imperial College London.
-
“These labels lack context. You can’t compare apps easily, so it’s difficult to know what’s normal activity for an app in any category, and what might be overreaching. And after spending far more time than I anticipated digging into this, I’m not confident that this information on app tracking is helpful. I’m glad that the Apple privacy labels exist, but only as a first step for the public to understand how the whole data-collection economy is fundamentally broken.” Shira Ovide interviewed Thorin Klosowski about his research into the privacy disclosures of 250 iPhone apps, research which left Klosowski “both confused and concerned”.
-
“The current vaccine passport debate is complex, encompassing a range of different proposed design choices, uses and contexts, as well as posing high-level and generalised trade-offs, which are impossible to quantify given the current evidence base, or false choices that obstruct understanding (e.g. ‘saving lives vs privacy’). Meanwhile, policymakers supporting these strategies, and companies developing and marketing these technological solutions, make a compelling and simplistic pitch that these tools can help societies open up safer and sooner.” From the Ada Lovelace Institute’s ‘Checkpoints for vaccine passports’ by Imogen Parker and Elliot Jones.
|
|
|
|
|
If you know someone who might enjoy this newsletter do please forward it on to them.
|
|
Did you enjoy this issue?
|
|
|
|
In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
|
|
|
|
Privacy Kit, Made with 💚 in Dublin, Ireland
|
|
|
It was a very good week for crackpot proposals from Irish politicians. Not such a good week for Facebook in Ireland, Germany and the United States.
😼
—
The peer-to-peer payments app leaves everyone from ordinary people to the most powerful person in the world exposed.
A political party floundering in government and in the polls is likely to latch on to any sort of bad idea which is popular among Liveline callers and that it suspects might revive its fortunes. That this idea should be intertwined with the other equally bad idea of a beefed up BAI being responsible for regulating all the content on the internet is just the cherry on top.
Fianna Fáil backbenchers have called for social media companies to request ID when users create accounts as part of a ban on anonymous social media accounts.
—
A “checkered past” is putting it mildly.
Monday’s letter follows questioning from federal lawmakers who have also expressed concern over social media’s impact on children.
While all eyes were on the High Court and the Facebook / DPC judicial review decision, the DPC quietly published a decision from March on its website. It is the result of an inquiry into a data breach at the Irish Credit Bureau. The DPC imposed a fine of €90,000 and issued a reprimand for failing to implement data protection by design and default and an inability to demonstrate compliance as required by Articles 5(2) and 24(1).
Link to summary [PDF]
Link to full decision [PDF]
—
“The Dutch data protection authority (‘AP’) announced, on 12 May 2021, its decision to impose a fine of €525,000 against Locatefamily.com. In particular, the AP outlined that Locatefamily.com had failed to comply with the obligation to designate, in writing, a representative in the EU, in violation of Article 27 of the General Data Protection Regulation (Regulation (EU) 2016/679) (‘GDPR’). In addition, the AP noted that it had received 19 complaints in relation to the company’s failure to comply with data erasure requests and the absence of an establishment or representative of Locatefamily.com within the EU. Further to this, the AP also noted that similar complaints were lodged in other EU Member States by data subjects from the relevant countries regarding Locatefamily.com.”
—
The Hamburg DPA ordered Facebook not to apply the new WhatsApp terms in Germany using the Article 66 urgency mechanism.
-
“Kirsten Ostherr, director of the Medical Futures Lab at Rice University, said there are both practical and moral problems with advertising around such medical conditions. If a work colleague walks by your computer screen and sees a targeted ad for a lung cancer drug, for example, he or she could deduce you have the condition. “Even if the advertiser doesn’t know exactly who you are,” Ostherr said, “if these ads are popping up on your screens everywhere, that potentially exposes information about you.” Beyond that, targeting products by surveilling the sick inherently exploits vulnerable users’ privacy, Ostherr said.” From ‘How Big Pharma Finds Sick Users on Facebook’ by Colin Lecher for The Markup
- If you’d like to find out just how easy it is to single you out based on readily available data points try out The Observatory of Anonymity from the Computational Privacy Group at Imperial College London.
-
“These labels lack context. You can’t compare apps easily, so it’s difficult to know what’s normal activity for an app in any category, and what might be overreaching. And after spending far more time than I anticipated digging into this, I’m not confident that this information on app tracking is helpful. I’m glad that the Apple privacy labels exist, but only as a first step for the public to understand how the whole data-collection economy is fundamentally broken.” Shira Ovide interviewed Thorin Klosowski about his research into the privacy disclosures of 250 iPhone apps, research which left Klosowski “both confused and concerned”.
-
“The current vaccine passport debate is complex, encompassing a range of different proposed design choices, uses and contexts, as well as posing high-level and generalised trade-offs, which are impossible to quantify given the current evidence base, or false choices that obstruct understanding (e.g. ‘saving lives vs privacy’). Meanwhile, policymakers supporting these strategies, and companies developing and marketing these technological solutions, make a compelling and simplistic pitch that these tools can help societies open up safer and sooner.” From the Ada Lovelace Institute’s ‘Checkpoints for vaccine passports’ by Imogen Parker and Elliot Jones.
Endnotes & Credits
Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.
If you know someone who might enjoy this newsletter do please forward it on to them.
