Officially Adequate | The Cat Herder, Volume 4, Issue 25

Facebook pages, facial recognition, the adequacy fudge. 😼   July 4 · Issue #138 · View online Facebook pages, facial recognition, the adequacy fudge. 😼 The DPC is not an arm of the State, it is an independent supervisory authority. Restaurants say move is unworkable, discriminatory and not legal under equality Acts www.irishtimes.com – Share Young unvaccinated restaurant workers could be in the ‘bizarre situation’ of working in a place where they cannot socialise As in the story above, the Irish government is still in the process of coming up with a plan about a plan to allow only people with immunity to Covide dine indoors. How this will be done when the owners of pubs and restaurants are (quite correctly) opposed to having to process the health data of their patrons on entry remains a mystery. The UK is now officially adequate. Full Commission Implementing Decision [direct link to PDF] Meanwhile … For a glimpse of the security and privacy dystopia the UK government has in store for its highly regulated ‘British Internet’, look no further than guidance put out by the Department of Digital, Media, Culture and Sport (DCMS) yesterday — aimed at social media platforms and private messaging services — which includes the suggestion that the latter should “prevent’ the use of end-to-end encryption on “child accounts”. UK tells messaging apps not to use e2e encryption for kids’ accounts – TechCrunch techcrunch.com – Share — benlovejoy @benlovejoy Pro tip: If someone is able to scrape [hundreds of] millions of records from your service without being detected, that is indeed a data breach ... https://t.co/64L4cobkyp 6:34 PM - 29 Jun 2021 LinkedIn breach reportedly exposes data of 92% of users, including inferred salaries [U] 9to5mac.com – Share A second massive LinkedIn breach reportedly exposes the data of 700M users, which is more than 92% of the total 756M users. The database … Germany’s federal information commissioner has run out of patience with Facebook. Last month, Ulrich Kelber wrote to government agencies “strongly recommend[ing]” they to close down their official Facebook Pages because of ongoing data protection compliance problems and the tech giant’s failure to fix the issue. In the letter, Kelber warns the government bodies that he intends to start taking enforcement action from January 2022 — essentially giving them a deadline of next year to pull their pages from Facebook. German government bodies urged to remove their Facebook Pages before next year – TechCrunch techcrunch.com – Share The ICO issued a statement in response to the EU Commission’s formal adequacy decision. “The very threat of litigation may compel governments and corporations to make concessions. For example, public outcry about the UK police’s digital strip search technology and the looming battle in court led the government to scrap the program. Similarly, even cases that end in failure may have an impact. For example, Chile’s first public interest digital privacy case ended in failure when the Supreme Court permitted the use of surveillance balloons, but it brought mainstream attention to the issue and raised the profile of the organisations involved as champions of digital rights. The constitutional challenge against Aadhaar may have failed in India, but a provocative dissent reverberated at the other end of the world — in Jamaica — where the high court used it to strike down the island nation’s Digital ID program.“ From ‘Strategic Litigation | Not Always Rosy’ by Subhashish Bhadra. "The pixels can collect a lot of data about you. “It could reveal your device type and even your IP address,” says Laurie Graham, director of cyber intelligence at tech consultancy 6point6. Other information collected can include whether you read the message, your web browser version and your time zone. “These can be combined to form a unique fingerprint,” Graham says. Of the huge amounts of information that can be gathered from tracking pixels, perhaps the most concerning is your location, says Andy Yen, founder and CEO of encrypted email service ProtonMail. “The data gathered can be used to analyse your daily habits and figure out where you live and work. But the most invasive part is, it’s happening without your knowledge or consent.” From ‘How to stop your emails from tracking you’ by Kate O'Flaherty for Wired. "A government inquiry into federal agencies’ deployment of facial recognition may have overlooked some organizations’ use of popular biometric identification software Clearview AI, calling into question whether authorities can understand the extent to which the emerging technology has been used by taxpayer-funded entities. In a 92-page report published by the Government Accountability Office on Tuesday, five agencies — the US Capitol Police, the US Probation Office, the Pentagon Force Protection Agency, Transportation Security Administration, and the Criminal Investigation Division at the Internal Revenue Service — said they didn’t use Clearview AI between April 2018 and March 2020. This, however, contradicts internal Clearview data previously reviewed by BuzzFeed News.” From ‘A Government Watchdog May Have Missed Clearview AI Use By Five Federal Agencies In A New Report’ by Caroline Haskins and Ryan Mac for Buzzfeed News. Endnotes & Credits The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds. As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”. The image used in the header is by Krystian Tambur on Unsplash. Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running. Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can. Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn. If you know someone who might enjoy this newsletter do please forward it on to them. Did you enjoy this issue? In order to unsubscribe, click here. If you were forwarded this newsletter and you like it, you can subscribe here. Powered by Revue Privacy Kit, Made with 💚 in Dublin, Ireland

Facebook pages, facial recognition, the adequacy fudge.

😼

The DPC is not an arm of the State, it is an independent supervisory authority.

Young unvaccinated restaurant workers could be in the ‘bizarre situation’ of working in a place where they cannot socialise

As in the story above, the Irish government is still in the process of coming up with a plan about a plan to allow only people with immunity to Covide dine indoors. How this will be done when the owners of pubs and restaurants are (quite correctly) opposed to having to process the health data of their patrons on entry remains a mystery.

The UK is now officially adequate.

Full Commission Implementing Decision [direct link to PDF]

Meanwhile …

—

A second massive LinkedIn breach reportedly exposes the data of 700M users, which is more than 92% of the total 756M users. The database …

The ICO issued a statement in response to the EU Commission’s formal adequacy decision.

• “The very threat of litigation may compel governments and corporations to make concessions. For example, public outcry about the UK police’s digital strip search technology and the looming battle in court led the government to scrap the program. Similarly, even cases that end in failure may have an impact. For example, Chile’s first public interest digital privacy case ended in failure when the Supreme Court permitted the use of surveillance balloons, but it brought mainstream attention to the issue and raised the profile of the organisations involved as champions of digital rights. The constitutional challenge against Aadhaar may have failed in India, but a provocative dissent reverberated at the other end of the world — in Jamaica — where the high court used it to strike down the island nation’s Digital ID program.“ From ‘Strategic Litigation | Not Always Rosy’ by Subhashish Bhadra.
• "The pixels can collect a lot of data about you. “It could reveal your device type and even your IP address,” says Laurie Graham, director of cyber intelligence at tech consultancy 6point6. Other information collected can include whether you read the message, your web browser version and your time zone. “These can be combined to form a unique fingerprint,” Graham says. Of the huge amounts of information that can be gathered from tracking pixels, perhaps the most concerning is your location, says Andy Yen, founder and CEO of encrypted email service ProtonMail. “The data gathered can be used to analyse your daily habits and figure out where you live and work. But the most invasive part is, it’s happening without your knowledge or consent.” From ‘How to stop your emails from tracking you’ by Kate O'Flaherty for Wired.
• "A government inquiry into federal agencies’ deployment of facial recognition may have overlooked some organizations’ use of popular biometric identification software Clearview AI, calling into question whether authorities can understand the extent to which the emerging technology has been used by taxpayer-funded entities. In a 92-page report published by the Government Accountability Office on Tuesday, five agencies — the US Capitol Police, the US Probation Office, the Pentagon Force Protection Agency, Transportation Security Administration, and the Criminal Investigation Division at the Internal Revenue Service — said they didn’t use Clearview AI between April 2018 and March 2020. This, however, contradicts internal Clearview data previously reviewed by BuzzFeed News.” From ‘A Government Watchdog May Have Missed Clearview AI Use By Five Federal Agencies In A New Report’ by Caroline Haskins and Ryan Mac for Buzzfeed News.

Endnotes & Credits

• The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds.
• As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”.
• The image used in the header is by Krystian Tambur on Unsplash.
• Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running.
• Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can.

Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.

If you know someone who might enjoy this newsletter do please forward it on to them.