Ich liebe dich | The Cat Herder, Volume 2, Issue 2

Despite our editorial determination to mostly ignore Facebook's data misdeeds they simply keep on com   January 20 · Issue #18 · View online Despite our editorial determination to mostly ignore Facebook’s data misdeeds they simply keep on coming. Though this week it’s mostly the consequences of older pieces of skullduggery catching up with them. Maybe next week might be free of Facebook news. While we’re on the topic, we’re thinking of referring to Facebook, Google et al as social surveillance companies rather than technology companies from now on. It seems to reflect their activities more accurately. 😼 “Bad passwords were one of the reasons he had it so easy,” Minister of the Interior Horst Seehofer told reporters on Tuesday, the Guardian reported. “I was shocked at how simple most passwords were: ‘ILoveYou’, ‘1,2,3.’ A whole array of really simple things.” Why Are We So Stupid About Passwords? German Edition www.databreachtoday.com – Share German officials say the suspect behind the mega-leak of politicians’ and celebrities’ personal details exploited their weak passwords to access email, social media and cloud service accounts. What can the security industry do to help address the password problem? Yes it will. Beijing plans to be able to identify anyone, anytime, anywhere in China within three seconds. It’s good to have clear goals, isn’t it? The Chinese technology helping New York police keep a closer eye on the United States’ biggest city | South China Morning Post www.scmp.com – Share China is exporting its cutting-edge facial recognition across the Pacific On Tuesday The Irish Times reported that The Department of Social Protection has refused to release information regarding the Data Protection Commission’s investigation into the public services card, in part because it would be “contrary to the public interest”. We’ll leave it up to you, dear readers, to decide on the answers to the following two questions which spring to mind Is this the behaviour of an entity you would be happy to entrust your personal data to, bearing in mind that transparency and accountability are two of the key principles of data protection, now firmly enshrined in law? If the Data Protection Commission’s investigation had given the Public Services Card project a clean bill of health, would the Sideshow Bob Rake Department have been unwilling to release any of the findings? Mysteriously missing in action: as is mentioned in the Irish Times piece and covered in this newsletter last week, the Data Sharing and Governance Bill was scheduled to be debated in the Dail last Tuesday. This didn’t happen. Does anyone know where the Data Sharing and Governance Bill has gone? A lot. An awful lot could go wrong. Landlords are seeking extensive amounts of personal information, including PPS numbers, photo ID, and access to would-be renters’ social media accounts before they can view a potential rental property. This piece appeared in The Irish Examiner last weekend. It continues While the practice is not illegal, Threshold has warned it is on the increase nationally despite the Data Protection Commission explicitly stating last November that landlords should not ask for an individual’s picture or PPS number during the initial phase of the letting process. It most definitely is illegal. There is also a mention of agencies using unspecified third-party websites “to collate and store information and to vet potential applicants” which sounds a bit like profiling and automated decision making to us. This is also definitely illegal unless there’s full transparency (that word again) about it and the data subject’s explicit consent has been given. As above, we’ll leave it up to you to guess whether this is likely to be the case in this situation. You can also form your own opinions about whether landlords and letting agents across the country are likely to be meeting the accountability principle of the GDPR which stipulates they must be able to show to everyone and anyone, not just the regulator, that they’re compliant with data protection law. Yes they did. Merely opening an app on your phone can be enough to trigger a transfer of your personal data to Facebook. Privacy International published a detailed report on this last month. What we found: Facebook routinely tracks users, non-users, and logged-out users outside its platform Max Schrems’ noyb filed complaints with the Austrian Data Protection Authority on behalf of ten individuals relating to streaming media companies’ responses (or lack of responses) to subject access requests. The ominously-named Federal Cartel Office in Germany has Facebook in its sights and may ban the social surveillance company from collecting user data from third parties. This will include Instagram and WhatsApp. Across the Atlantic the Washington Post reports that the Federal Trade Commission is considering the possibility of fining Facebook. It appears that Zuckhole may be in for yet another annus miserabilis after seeing close to a quarter of the company’s stock value wiped out last year. ‘The Mistrials of Algorithmic Sentencing’ by Angèle Christin in Logic Magazine. John Naughton in the Observer asks “Why do people believe so much nonsense about AI?”. Because journalists believe the spin from the social surveillance companies and repeat it without questioning it, that’s why. In ‘No-deal Brexit - the data dilemma’ Rory Cellan-Jones has a look at what will happen to data transfers in and out of the UK in the event of a no-deal Brexit. This has been severely under-reported up until now. —- Endnotes & Credits The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds. As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”. The image used in the header is by Krystian Tambur on Unsplash. Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running. Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can. Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn. Barring a disaster this newsletter will be in your inbox again next weekend. See you then. If you know someone who might enjoy this newsletter do please forward it on to them. Did you enjoy this issue? In order to unsubscribe, click here. If you were forwarded this newsletter and you like it, you can subscribe here. Powered by Revue Privacy Kit, Made with 💚 in Dublin, Ireland

Despite our editorial determination to mostly ignore Facebook’s data misdeeds they simply keep on coming. Though this week it’s mostly the consequences of older pieces of skullduggery catching up with them. Maybe next week might be free of Facebook news.

While we’re on the topic, we’re thinking of referring to Facebook, Google et al as social surveillance companies rather than technology companies from now on. It seems to reflect their activities more accurately.

😼

German officials say the suspect behind the mega-leak of politicians’ and celebrities’ personal details exploited their weak passwords to access email, social media and cloud service accounts. What can the security industry do to help address the password problem?

It’s good to have clear goals, isn’t it?

China is exporting its cutting-edge facial recognition across the Pacific

On Tuesday The Irish Times reported that

We’ll leave it up to you, dear readers, to decide on the answers to the following two questions which spring to mind

1. Is this the behaviour of an entity you would be happy to entrust your personal data to, bearing in mind that transparency and accountability are two of the key principles of data protection, now firmly enshrined in law?
2. If the Data Protection Commission’s investigation had given the Public Services Card project a clean bill of health, would the Sideshow Bob Rake Department have been unwilling to release any of the findings?

Mysteriously missing in action: as is mentioned in the Irish Times piece and covered in this newsletter last week, the Data Sharing and Governance Bill was scheduled to be debated in the Dail last Tuesday. This didn’t happen. Does anyone know where the Data Sharing and Governance Bill has gone?

This piece appeared in The Irish Examiner last weekend. It continues

It most definitely is illegal. There is also a mention of agencies using unspecified third-party websites “to collate and store information and to vet potential applicants” which sounds a bit like profiling and automated decision making to us. This is also definitely illegal unless there’s full transparency (that word again) about it and the data subject’s explicit consent has been given.

As above, we’ll leave it up to you to guess whether this is likely to be the case in this situation. You can also form your own opinions about whether landlords and letting agents across the country are likely to be meeting the accountability principle of the GDPR which stipulates they must be able to show to everyone and anyone, not just the regulator, that they’re compliant with data protection law.

Merely opening an app on your phone can be enough to trigger a transfer of your personal data to Facebook. Privacy International published a detailed report on this last month.

Max Schrems’ noyb filed complaints with the Austrian Data Protection Authority on behalf of ten individuals relating to streaming media companies’ responses (or lack of responses) to subject access requests.

The ominously-named Federal Cartel Office in Germany has Facebook in its sights and may ban the social surveillance company from collecting user data from third parties. This will include Instagram and WhatsApp.

Across the Atlantic the Washington Post reports that the Federal Trade Commission is considering the possibility of fining Facebook. It appears that Zuckhole may be in for yet another annus miserabilis after seeing close to a quarter of the company’s stock value wiped out last year.

‘The Mistrials of Algorithmic Sentencing’ by Angèle Christin in Logic Magazine.

John Naughton in the Observer asks “Why do people believe so much nonsense about AI?”. Because journalists believe the spin from the social surveillance companies and repeat it without questioning it, that’s why.

In ‘No-deal Brexit - the data dilemma’ Rory Cellan-Jones has a look at what will happen to data transfers in and out of the UK in the event of a no-deal Brexit. This has been severely under-reported up until now.

—-

Endnotes & Credits

• The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds.
• As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”.
• The image used in the header is by Krystian Tambur on Unsplash.
• Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running.
• Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can.

Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.

Barring a disaster this newsletter will be in your inbox again next weekend. See you then.

If you know someone who might enjoy this newsletter do please forward it on to them.