If You've Nothing To Fear You've Nothing To Fear | The Cat Herder, Volume 5, Issue 02

A Junior Minister speaks! When he really shouldn't have. 😼   January 23 · Issue #164 · View online A Junior Minister speaks! When he really shouldn’t have. 😼 This really is a lot of Subject Access Requests which the Ministry of Justice in the UK now has to deal with before the end of this year. The Ministry of Justice | ICO ico.org.uk – Share The Ministry of Justice has contravened Article 15 of the EU and UK and Section 45 DPA18 in that it has failed to provide, without undue delay, 7,753 data subjects with a copy of their data in accordance with its legal obligations. — Meanwhile in Spain the Supervisory Authority decides that using Grindr doesn’t indicate that someone might be gay ¯\_(ツ)_/¯ gloria gonzález fuster @FusterGloria so the @AEPD_es bought into the argument that using #Grindr is not data concerning sex life or sexual orientation as possibly the user just wants to interact with different people & thus does not require special protection https://t.co/Ie800Pvc8q https://t.co/Im22opbE1U 9:50 AM - 19 Jan 2022 The UK government has started a propaganda campaign against end-to-end encryption, co-opting a number of charities and child protection organisations to take part. 𝗕𝗹𝗼𝗼𝗿 ᶦˢ ˢᵗᶦˡˡ ᵘⁿᶜᵒⁿᵛᶦⁿᶜᵉᵈ ᵇʸ ᵇˡᵒᶜᵏᶜʰᵃᶦⁿ @alexbloor The charity (@barnardos) cheerfully involving itself in a campaign railing against E2EE as well as using Zoom (an E2EE video conferencing service) for its own business ALSO PUBLISHES GUIDELINES ABOUT USING WHATSAPP which is, er, E2EE ! You . Could . Not . Make . It . Up . https://t.co/ccYG65Bhvt 9:47 AM - 21 Jan 2022 The Information Commissioner’s Office takes a rather different view. Stephen Bonner, the ICO’s executive director for innovation and technology, said end-to-end encryption helped keep children safe online by not allowing “criminals and abusers to send them harmful content or access their pictures or location”. “The discussion on end-to-end encryption use is too unbalanced to make a wise and informed choice. There is too much focus on the costs without also weighing up the significant benefits,” he said. Encryption: UK data watchdog criticises government campaign - BBC News www.bbc.com – Share It says delaying the rollout of encrypted message apps leaves everyone at risk, including children. Last week the DPC published its decision after an investigation of Limerick City and County Council’s use of CCTV and other surveillance technologies. This week the Junior Minister for Limerick Public Expenditure and Reform, a member of Fine Gael, the law and order party, decided he didn’t like the law. He told the Limerick Leader so. He’s so upset at the Council having to abide by the law he’s written to the Minister for Justice, also a member of the law and order party, to tell her how sad he is about this. “To think that the local authority could not use the technology in this way is really sad,” said Minister O’Donovan. He’s even going to send her a newspaper article. No mention of whether he’s going to send her the DPC’s damning decision as well as the newspaper article. No mention of whether he’s read the DPC’s decision. “I am also writing to the Minister of Justice about this in light of everything that has happened in the last week.” Rather delightfully, the article leaves the last word to the Junior Minister, who remixes the well-worn surveillance cliché ‘if you’ve nothing to fear you’ve nothing to hide’ into, roughly, ‘if you’ve nothing to fear you’ve nothing to fear’. Minister O’Donovan concluded by saying, “Only those who have something to be afraid of should be afraid of the use of CCTV”. The very first issue of this newsletter, way back in August 2018, featured a story about the councillors of New Ross railing against data protection law: New Ross councillors move to reverse ‘criminal’ GDPR. As the young folk say these days, same energy. The EDPB adopted draft guidelines on the right of access and is taking public submissions on them for the next six weeks. — The CNIL fined mobile operator Free Mobile €300,000 for “failing to respect customers’ right of access and right to object by not responding to their access requests in a timely manner and sending them marketing messages despite having been notified of their objection to such processing.” — “But attacking encryption won’t solve the problem of child abuse — especially not the estimated 90%+ of the time where the abuser is “known to the victim” — and also we suffer a societal challenge with parenting, where parents must walk a line between supervising children versus giving them agency, autonomy, space to grow, and frank awareness of how to spot danger. Parents could benefit from Government help and constructive resources regarding that, but they appear to prefer spending their money on advertising against encryption.” From ‘Why we need #EndToEndEncryption and why it’s essential for our safety, our children’s safety, and for everyone’s future’ by Alec Muffett. “He also said that the legislation may be effective against bidstream data specifically; the flow of sensitive data parties can obtain by participating in the ad bidding process. As Motherboard has shown, surveillance companies have leveraged this data in products they sell to the government. The legislation also seems to have a particular focus on location data, meaning it could be the "death nail for dangerous data brokers like Safegraph, who have built data supply chains across the world, with dozens if not hundreds of advertising vendors providing mobile location for resale to anyone with a credit card.” From ‘Lawmakers Plan Legislation to ‘Ban Surveillance Advertising’’ by Joseph Cox for VICE. “Despite coordination by data regulators, there may be some differences of opinion, says Simon McGarr, director of data compliance for Europe at McGarr Solicitors. “The Austrian position is probably at one end of a spectrum of opinion—and it would probably represent the most radical end,” he says, adding that other data bodies will either endorse, amend, or reject that line of reasoning. Disagreement across the EU’s 27 GDPR enforcers is not uncommon: Last year an Irish Data Protection Authority fine against WhatsApp was increased by €175 million after other regulators disagreed with the decision. McGarr says it’s possible other EU regulators looking at the noyb cases may come to different conclusions based on the facts of each case.” From ‘Europe’s Move Against Google Analytics Is Just the Beginning’ by Matt Burgess for Wired. — Endnotes & Credits The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds. As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”. The image used in the header is by Krystian Tambur on Unsplash. Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running. Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can. Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn. If you know someone who might enjoy this newsletter do please forward it on to them. Did you enjoy this issue? In order to unsubscribe, click here. If you were forwarded this newsletter and you like it, you can subscribe here. Powered by Revue Privacy Kit, Made with 💚 in Dublin, Ireland

A Junior Minister speaks! When he really shouldn’t have.

😼

This really is a lot of Subject Access Requests which the Ministry of Justice in the UK now has to deal with before the end of this year.

The Ministry of Justice has contravened Article 15 of the EU and UK and Section 45 DPA18 in that it has failed to provide, without undue delay, 7,753 data subjects with a copy of their data in accordance with its legal obligations.

—

Meanwhile in Spain the Supervisory Authority decides that using Grindr doesn’t indicate that someone might be gay ¯\_(ツ)_/¯

The UK government has started a propaganda campaign against end-to-end encryption, co-opting a number of charities and child protection organisations to take part.

The Information Commissioner’s Office takes a rather different view.

It says delaying the rollout of encrypted message apps leaves everyone at risk, including children.

Last week the DPC published its decision after an investigation of Limerick City and County Council’s use of CCTV and other surveillance technologies.

This week the Junior Minister for Limerick Public Expenditure and Reform, a member of Fine Gael, the law and order party, decided he didn’t like the law. He told the Limerick Leader so. He’s so upset at the Council having to abide by the law he’s written to the Minister for Justice, also a member of the law and order party, to tell her how sad he is about this.

He’s even going to send her a newspaper article. No mention of whether he’s going to send her the DPC’s damning decision as well as the newspaper article. No mention of whether he’s read the DPC’s decision.

Rather delightfully, the article leaves the last word to the Junior Minister, who remixes the well-worn surveillance cliché ‘if you’ve nothing to fear you’ve nothing to hide’ into, roughly, ‘if you’ve nothing to fear you’ve nothing to fear’.

The very first issue of this newsletter, way back in August 2018, featured a story about the councillors of New Ross railing against data protection law: New Ross councillors move to reverse ‘criminal’ GDPR.

As the young folk say these days, same energy.

The EDPB adopted draft guidelines on the right of access and is taking public submissions on them for the next six weeks.

—

The CNIL fined mobile operator Free Mobile €300,000 for “failing to respect customers’ right of access and right to object by not responding to their access requests in a timely manner and sending them marketing messages despite having been notified of their objection to such processing.”

—

• “But attacking encryption won’t solve the problem of child abuse — especially not the estimated 90%+ of the time where the abuser is “known to the victim” — and also we suffer a societal challenge with parenting, where parents must walk a line between supervising children versus giving them agency, autonomy, space to grow, and frank awareness of how to spot danger. Parents could benefit from Government help and constructive resources regarding that, but they appear to prefer spending their money on advertising against encryption.” From ‘Why we need #EndToEndEncryption and why it’s essential for our safety, our children’s safety, and for everyone’s future’ by Alec Muffett.
• “He also said that the legislation may be effective against bidstream data specifically; the flow of sensitive data parties can obtain by participating in the ad bidding process. As Motherboard has shown, surveillance companies have leveraged this data in products they sell to the government. The legislation also seems to have a particular focus on location data, meaning it could be the "death nail for dangerous data brokers like Safegraph, who have built data supply chains across the world, with dozens if not hundreds of advertising vendors providing mobile location for resale to anyone with a credit card.” From ‘Lawmakers Plan Legislation to ‘Ban Surveillance Advertising’’ by Joseph Cox for VICE.
• “Despite coordination by data regulators, there may be some differences of opinion, says Simon McGarr, director of data compliance for Europe at McGarr Solicitors. “The Austrian position is probably at one end of a spectrum of opinion—and it would probably represent the most radical end,” he says, adding that other data bodies will either endorse, amend, or reject that line of reasoning. Disagreement across the EU’s 27 GDPR enforcers is not uncommon: Last year an Irish Data Protection Authority fine against WhatsApp was increased by €175 million after other regulators disagreed with the decision. McGarr says it’s possible other EU regulators looking at the noyb cases may come to different conclusions based on the facts of each case.” From ‘Europe’s Move Against Google Analytics Is Just the Beginning’ by Matt Burgess for Wired.

—

Endnotes & Credits

• The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds.
• As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”.
• The image used in the header is by Krystian Tambur on Unsplash.
• Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running.
• Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can.

Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.

If you know someone who might enjoy this newsletter do please forward it on to them.