September 12, 2021
Glassholes Redux | The Cat Herder, Volume 4, Issue 35
| |
| September 12 · Issue #148 · View online |
|
The Facebook spy glasses were announced and Glassholes everywhere (presumably) rejoiced. The assembly line of Very Bad Ideas from Westminster keeps producing. Tattleware.
😼
|
|
|
They called it Sneek. And there’s one called FlexiSpy, and another called Spytech. I suppose there’s something to be said for the bluntness of these lads, not trying to conceal what they’re up to behind any euphemistic names.
|
These software programs give bosses a mix of options for monitoring workers’ online activity and assessing their productivity: from screenshotting employees’ screens to logging their keystrokes and tracking their browsing. But in the fast-growing bossware market, each platform potentially brings something new to the table. There’s FlexiSpy, which offers call-tapping; Spytech, which is known for mobile device access; and NetVizor, which has a remote takeover feature.
|
Bosses turn to ‘tattleware’ to keep tabs on employees working from home | Technology | The Guardian
The pandemic prompted a surge in the use of workplace surveillance programs – and they’re not going away any time soon
|
|
|
So, those Facebook spy glasses.
|
Shot: “Himel told BuzzFeed News that the LED light was a feature they ADDED after consulting with a handful of privacy groups.” |
|
|
Privacy is so paramount that it is considered AFTER the product is developed. Kinda like the Facebook Portal team that actually didn’t know that using Messenger API meant that data was shared... https://t.co/2LuI0gObL3
|
|
|
|
|
|
|
|
|
So what does this mean?
It means that "third-party experts" Facebook consulted, as stated here by VP @, and then put forth by the co to speak with reporters, were not independent.
It also shows the breadth of Facebook's influence over nonprofits that rely on donations. https://t.co/ZPaVEYoXEJ
|
|
|
|
|
|
|
|
|
I've now confirmed all five groups were funded by Facebook.
The LGBT Technology Partnership said in an email to me today: "FB provides corporate support currently and has provided corporate support in the past. In addition, FB sponsors our PowerOn Awards."
|
|
|
|
A few quick thoughts on these spy spectacles.
|
- The general proposition isn’t noticeably different to that offered by Google Glass in 2013/14. People who want to go around filming and photographing other people covertly can now do so.
- The Facebook / Ray-Ban product is much more like a conventional pair of sunglasses in appearance than Google Glass was, the camera is far harder to detect and the notification LED can easily be taped over.
- “The video and photos are stored locally on your phone, not sent into Facebook’s servers or the cloud. Basically, if you don’t choose to post those photos to Facebook, Facebook can’t see them or have anything to do with them, which is probably what you want.” For now. This can change, and it usually does.
- Facebook is aware of just what an unpopular company it is these days and has kept its branding off the glasses.
- Should we be surprised that a creepy, amoral and profoundly dishonest company like Facebook has created a tool to enable creeps to do creepy things? No, not really.
|
|
|
|
|
Quarantine SA uses “several” randomized check-ins verified by facial recognition and device geolocation each day to ensure the user remains at their quarantine address. Users have 15 minutes to respond to a random check. The website notes if a user misses a check-in, they will receive a phone call and be asked to explain themselves. If they miss the phone call, law enforcement will be deployed.
|
South Australia Deploys Facial Recognition Quarantine App - Vision Times
South Australia has deployed the Quarantine SA home quarantine enforcement app, which some have called “Orwellian” because of facial recognition and geolocation
|
|
|
The UK government opened up a new front in its war on encryption by hiring M&C Saatchi to demonise Mark Zuckerberg and Facebook. Rather than Tony ‘New Labour, New Danger’ Blair. Which didn’t work out too well in terms of electoral results. But I digress. |
The government’s long-signalled push to deter Facebook from implementing E2EE comes, inevitably, at a significant cost to taxpayers: London ad agency M&C Saatchi has been hired at an undisclosed cost by the Home Office to tell the public that Facebook (and WhatsApp) harbours criminals. The ad campaign will run online, in newspapers and on radio stations with the aim of turning public opinion against E2EE – and, presumably, driving home the message that encryption itself is something inherently bad.
|
There are two ways of looking at that. One is to say that police and government ought to accept a new reality where they are constrained to operate within specific one-off warrants authorising hacking into a specified device. The last quarter of a century, where legislation controlling police searches of digital devices and cloud storage failed to keep pace with technology, is a blip against a long legal and historical tradition that kept police on a short leash when it came to searches and seizures.
|
UK.gov is launching an anti-Facebook encryption push. Don't think of the children: Think of the nuances and edge cases instead • The Register
You can’t reduce such a vital issue to concern over paedophiles and terrorists
|
Since parliamentarians in Ireland have shown no evidence their appetite for copying Very Bad Ideas emanating from Westminster has diminished in recent years - despite the escalating dangerous daftness of the Very Bad Ideas - we can expect to see this echoed here as the comms campaign over there kicks in.
|
|
|
The UK government also published its draft plan to overhaul its data protection regime. This came a few days after the outgoing Information Commissioner had a pop at cookie consent notices. Not the cookies, or the tracking made possible by the cookies, but the notices. But if one’s term is coming to an end next month and one might be interested in similar jobs which are usually government appointments then saying the same dumb stuff a minister said the week before last won’t do your job prospects any harm.
|
Privacy expert Pat Walshe said: “It increasingly seems to me that the ICO is captured by government.” “So called ‘cookie pop ups’… are a manifestation of an underlying business model based on the intrusion and erosion of privacy online. That underlying privacy eroding model and technology should be the focus.” “The ICO conducted a study on ad-tech - it’s not made one bit of difference and has not enhanced privacy online at all,” he said.
|
Cookie banners: G7 urged to consider solution to pop-up notices - BBC News
Information commissioner Elizabeth Denham believes the issue needs to be solved collectively.
|
|
|
Having a system of rights wrapping people’s data that gives them a say over (and a stake in) how it can be used appears to be being reframed in the government’s messaging as irresponsible or even non-patriotic — with DCMS pushing the notion that such rights stand in the way of more important economic or highly generalized “social” goals. The government is taking its customary “cake and eat it” approach to spinning its reform plan — claiming it will both “protect” people’s data while also trumpeting the importance of making it really easy for citizens’ information to be handed off to anyone who wants it, so long as they can claim they’re doing some kind of “innovation”, while also larding its PR with canned quotes dubbing the plan “bold” and “ambitious”.
|
UK dials up the spin on data reform, claiming ‘simplified’ rules will drive ‘responsible’ data sharing – TechCrunch
The U.K. government has announced a consultation on plans to shake up the national data protection regime, as it looks at how to diverge from European Union rules following Brexit. It’s also a year since the U.K. published a national data strategy in which said it wanted pandemic levels of data sharing to become Britain’s […]
|
|
|
|
|
|
|
The Garante fined the city of Rome €800,000 for a boot full of breaches of the GDPR relating to a car parking payment system. Storage limitation, integrity and confidentiality, transparency, accountability, failure to properly document controller-processor relationships, failure to implement data protection by design and default Decision (in Italian) | Machine translation
|
|
|
-
“How will Facebook respond to a subpoena requesting the IP address of an abortion rights group administrator who’s been fundraising on the platform? What will Google do if they receive a demand for information on the name and email address of an advertiser targeting Texas women with information on how to obtain an abortion? Tech platforms such as Facebook or Google have legal protection under Section 230 for content they host. But that doesn’t mean they won’t face excruciating decisions about whether to comply with subpoenas for user data — the sort of orders they comply with in lots of other legal cases today.” From ‘The Texas abortion ban could force tech to snitch on users’ by Issie Lapowsky for The Protocol
- Another company involved in DNA testing claiming DNA isn’t personal data? Surely not? “The data privacy regulator in Slovenia, where one of BGI’s regional partners is based, said it was concerned by the exporting of data from the BGI tests and would examine data protection issues. Reuters found no evidence BGI violated privacy agreements or regulations; the company said it obtains signed consent and destroys overseas samples and data after five years. “At no stage throughout the testing or research process does BGI have access to any identifiable personal data,” the company said. Consent forms signed by women outside China seek permission for their blood samples and genetic data to be sent abroad to BGI and used for research. The privacy policy on the test’s website also says data can be shared for national security purposes in China – though BGI says it has never been asked to do so.” from ‘Prenatal gene test Nifty under international scrutiny amid links to Chinese military’ in The Guardian, from Reuters.
-
“For autumn 2021, European Commission announced that it will propose a follow-up legislation that will make the use of chatcontrol mandatory for all e-mail and messenger providers. This legislation might then also affect securely end-to-end encrypted communications. However, a public consultation by the Commission on this project showed that the majority of respondents, both citizens and stakeholders, oppose an obligation to use chat control. Over 80% of respondents oppose its application to end-to-end encrypted communications. As a result, the Commission postponed the draft legislation originally announced for July to September 2021.” From ‘Messaging and Chat Control’ by German MEP Patrick Breyer.
|
|
|
|
|
If you know someone who might enjoy this newsletter do please forward it on to them.
|
|
Did you enjoy this issue?
|
|
|
|
In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
|
|
|
|
Privacy Kit, Made with 💚 in Dublin, Ireland
|
|
|
The Facebook spy glasses were announced and Glassholes everywhere (presumably) rejoiced. The assembly line of Very Bad Ideas from Westminster keeps producing. Tattleware.
😼
They called it Sneek. And there’s one called FlexiSpy, and another called Spytech. I suppose there’s something to be said for the bluntness of these lads, not trying to conceal what they’re up to behind any euphemistic names.
The pandemic prompted a surge in the use of workplace surveillance programs – and they’re not going away any time soon
—
So, those Facebook spy glasses.
Shot:
“Himel told BuzzFeed News that the LED light was a feature they ADDED after consulting with a handful of privacy groups.”
And another shot:
And yet another shot:
A few quick thoughts on these spy spectacles.
- The general proposition isn’t noticeably different to that offered by Google Glass in 2013/14. People who want to go around filming and photographing other people covertly can now do so.
- The Facebook / Ray-Ban product is much more like a conventional pair of sunglasses in appearance than Google Glass was, the camera is far harder to detect and the notification LED can easily be taped over.
- “The video and photos are stored locally on your phone, not sent into Facebook’s servers or the cloud. Basically, if you don’t choose to post those photos to Facebook, Facebook can’t see them or have anything to do with them, which is probably what you want.” For now. This can change, and it usually does.
- Facebook is aware of just what an unpopular company it is these days and has kept its branding off the glasses.
- Should we be surprised that a creepy, amoral and profoundly dishonest company like Facebook has created a tool to enable creeps to do creepy things? No, not really.
South Australia has deployed the Quarantine SA home quarantine enforcement app, which some have called “Orwellian” because of facial recognition and geolocation
The UK government opened up a new front in its war on encryption by hiring M&C Saatchi to demonise Mark Zuckerberg and Facebook. Rather than Tony ‘New Labour, New Danger’ Blair. Which didn’t work out too well in terms of electoral results. But I digress.
You can’t reduce such a vital issue to concern over paedophiles and terrorists
Since parliamentarians in Ireland have shown no evidence their appetite for copying Very Bad Ideas emanating from Westminster has diminished in recent years - despite the escalating dangerous daftness of the Very Bad Ideas - we can expect to see this echoed here as the comms campaign over there kicks in.
—
The UK government also published its draft plan to overhaul its data protection regime. This came a few days after the outgoing Information Commissioner had a pop at cookie consent notices. Not the cookies, or the tracking made possible by the cookies, but the notices. But if one’s term is coming to an end next month and one might be interested in similar jobs which are usually government appointments then saying the same dumb stuff a minister said the week before last won’t do your job prospects any harm.
Information commissioner Elizabeth Denham believes the issue needs to be solved collectively.
Anyway, back to the consultation document which was published on Thursday evening.
The U.K. government has announced a consultation on plans to shake up the national data protection regime, as it looks at how to diverge from European Union rules following Brexit. It’s also a year since the U.K. published a national data strategy in which said it wanted pandemic levels of data sharing to become Britain’s […]
The CNIL fined insurance firm AG2R La Mondiale a cool €1.75 million for retention of personal data for an excessive period of time and “not complying with its information obligations in the context of telephone canvassing campaigns”
—
The Garante fined the city of Rome €800,000 for a boot full of breaches of the GDPR relating to a car parking payment system. Storage limitation, integrity and confidentiality, transparency, accountability, failure to properly document controller-processor relationships, failure to implement data protection by design and default Decision (in Italian) | Machine translation
-
“How will Facebook respond to a subpoena requesting the IP address of an abortion rights group administrator who’s been fundraising on the platform? What will Google do if they receive a demand for information on the name and email address of an advertiser targeting Texas women with information on how to obtain an abortion? Tech platforms such as Facebook or Google have legal protection under Section 230 for content they host. But that doesn’t mean they won’t face excruciating decisions about whether to comply with subpoenas for user data — the sort of orders they comply with in lots of other legal cases today.” From ‘The Texas abortion ban could force tech to snitch on users’ by Issie Lapowsky for The Protocol
- Another company involved in DNA testing claiming DNA isn’t personal data? Surely not? “The data privacy regulator in Slovenia, where one of BGI’s regional partners is based, said it was concerned by the exporting of data from the BGI tests and would examine data protection issues. Reuters found no evidence BGI violated privacy agreements or regulations; the company said it obtains signed consent and destroys overseas samples and data after five years. “At no stage throughout the testing or research process does BGI have access to any identifiable personal data,” the company said. Consent forms signed by women outside China seek permission for their blood samples and genetic data to be sent abroad to BGI and used for research. The privacy policy on the test’s website also says data can be shared for national security purposes in China – though BGI says it has never been asked to do so.” from ‘Prenatal gene test Nifty under international scrutiny amid links to Chinese military’ in The Guardian, from Reuters.
-
“For autumn 2021, European Commission announced that it will propose a follow-up legislation that will make the use of chatcontrol mandatory for all e-mail and messenger providers. This legislation might then also affect securely end-to-end encrypted communications. However, a public consultation by the Commission on this project showed that the majority of respondents, both citizens and stakeholders, oppose an obligation to use chat control. Over 80% of respondents oppose its application to end-to-end encrypted communications. As a result, the Commission postponed the draft legislation originally announced for July to September 2021.” From ‘Messaging and Chat Control’ by German MEP Patrick Breyer.
Endnotes & Credits
Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.
If you know someone who might enjoy this newsletter do please forward it on to them.
