"older people who no longer drive" | The Cat Herder, Volume 2, Issue 9

The local extraction office of Chinese DNA mining firm WuXi NextCODE announces a partnership with Ire   March 10 · Issue #25 · View online The local extraction office of Chinese DNA mining firm WuXi NextCODE announces a partnership with Ireland’s largest university; tumbleweed from the adtech industry; older people who no longer drive demand identity cards; curiously poor reporting continues. And Facebook. Facebook is always up to something. 😼 UK's ICO event on targeted ads opens floor to the adtech industry: Anybody? No? Speak for 10 minutes. Hello? • The Register www.theregister.co.uk – Share The adtech industry was unable to muster even a single speaker to fill a 10-minute slot to discuss the security implications of programmatic advertising at a much-anticipated event yesterday. As we frequently do, we’re leaving it up to you to draw your own conclusions from this no-show. The Irish branch office of WuXi NextCODE added a sheen of academe to the vague sense of medicalness that already accompanies its DNA data acquisition operations by announcing a partnership with University College Dublin. It’s only a short time since GMI announced they’d be sequencing the genomes of 400,000 Irish people so it’s unclear how this partnership with UCD will assist in achieving this goal, or indeed whether GMI are already experiencing difficulties in hitting their interim targets. An as yet unresolved problem remains: how will GMI and their research partners UCD be securing the explicit consent of all 400,000 of these participants for their personal data to be used for purposes which may not have been envisaged at the time the participants gave their consent? UCD and GMI Announce Collaboration to Accelerate Precision Medicine Discoveries – Genomics Medicine Ireland genomicsmed.ie – Share Officials from the Department of Employment Affairs and Social Protection (DEASP; The Sideshow Bob Rake Department) wasted no time in parlaying one of the findings of their research (see The Cat Herder, Volume 2, Issue 8) into a source close to the Minister discovering a previously unnoticed demand for an identity card among “older people who no longer drive” and eagerly yet anonymously sharing this with the media. Public Services Cards 'Could Soon Be Legal ID' extra.ie – Share The Government is considering allowing people to use their Public Services Card as a form of legal ID This piece also states “research commissioned by the Department has found that 96% of those with a Public Services Card (PSC) are either very satisfied or fairly satisfied with them.” The research published on the Department’s website says no such thing. 96% of those surveyed were either very satisfied or fairly satisfied with the SAFE registration process. Mind you, this was an easy mistake for a busy journalist to make since the Department’s press release sported the headline “In-Depth Customer Survey Finds Strong Satisfaction with Public Services Card (PSC)”. This accidental misrepresentation of the findings of the survey was doubtless the result of a last minute editing error or similar. Departmental press offices are probably almost as busy as newsrooms! No doubt the Department will be in touch with the media organisations who subsequently misreported this research to correct them. Barrister Laura Keogh had a look at the compatibility of the Public Services Card with the GDPR for Irish Legal News . This part jumped out “It is interesting that on the PSC website it states that the facial image is not biometric data, when in fact it is in accordance with the definitions under the GDPR. Furthermore, the arithmetic template of your facial image is collected and stored by the Department of Employment Affairs and Social Protection for their facial image matching software. Regardless of the method, if the image is used to uniquely identify the individual, as is the intention with the PSC, it is biometric data. Of course any entity may collect facial images with consent; however, consent is not an appropriate legal basis for the PSC. If the Department is insistent that no biometric data is collected, this would be a question that should be put to the European Data Protection Board.” As the Department has been adamant for quite some time now that it does not process biometric data no doubt clarification of this will be issued in short order. Though we’re old enough around these parts to remember the times when the Department and the then Minister said the exact same systems did process biometric data. So it is probably safe to say that the clarification, when it emerges, will be one for the ages. Since we’re back on the subject of media coverage of data protection and privacy, there was a bit more of the baffling kind from The Irish Times this week, following on from last week’s failure to grasp the difference between a data breach and any of the other multitude of ways in which data controllers could fail to be in compliance with the GDPR. This week the paper of reference put forward the opinion, in a news item about Facebook’s possible lobbying activities around the appointment of the Irish Data Protection Commissioner and the progress of the GDPR through the European legislature, that the GDPR is overly restrictive. While also getting the name of the Regulation wrong. Loughlin O'Nolan @loughlin This is not what the Regulation is called. This reads as if The Irish Times is of the opinion that the Regulation is "overly restrictive". https://t.co/WdqB3NGFQU https://t.co/qkrQrijOVg 1:15 PM - 5 Mar 2019 Curiously, The Irish Times also now appears to be of the opinion that the GDPR is an online privacy law. Daragh O Brien @CBridge_Chief Also: #GDPR is not just about online privacy. (Clue is in the title: “General” Data Protection regulation). Rereading the article I’m a bit concerned that standards in the @irishtimes reporting on #DataProtection are slipping. “Overly restrictive” as an unsupported assertion? 2:37 PM - 5 Mar 2019 — The Dutch Data Protection Authority has said that cookie walls don’t comply with the GDPR. A lot of publishers might want to take a look at the way they’re handling cookies as a matter of urgency. Just a related thought on this … zeynep tufekci @zeynep *whispers* I read news articles from outlets I subscribe to via incognito mode because what the heck? Let me pay and not be tracked! *shouts*. Why can we opt not to be tracked? That data isn’t even worth that much. 😡 1:46 AM - 9 Mar 2019 Rather than reading Mark Zuckerberg’s ostensible Damascene conversion to privacy evangelist (it’s here, if you really must) we’re reading some thoughts on it. ‘Zuckerberg’s new privacy essay shows why Facebook needs to be broken up’ says Konstantin Kakaes in the MIT Technology Review. ‘Facebook’s Privacy Cake’ is Ben Thompson‘s meta take which covers many of the other takes and includes his own take. Got that? “Facebook is happy to protect user data when doing so decreases the company’s civic responsibilities — but not when it threatens advertising revenue” says Zeynep Tufekci in an opinion piece for the New York Times. —- Endnotes & Credits The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds. As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”. The image used in the header is by Krystian Tambur on Unsplash. Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running. Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can. Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn. Barring a disaster this newsletter will be in your inbox again next weekend. See you then. If you know someone who might enjoy this newsletter do please forward it on to them. Did you enjoy this issue? In order to unsubscribe, click here. If you were forwarded this newsletter and you like it, you can subscribe here. Powered by Revue Privacy Kit, Made with 💚 in Dublin, Ireland

The local extraction office of Chinese DNA mining firm WuXi NextCODE announces a partnership with Ireland’s largest university; tumbleweed from the adtech industry; older people who no longer drive demand identity cards; curiously poor reporting continues. And Facebook. Facebook is always up to something.

😼

As we frequently do, we’re leaving it up to you to draw your own conclusions from this no-show.

The Irish branch office of WuXi NextCODE added a sheen of academe to the vague sense of medicalness that already accompanies its DNA data acquisition operations by announcing a partnership with University College Dublin. It’s only a short time since GMI announced they’d be sequencing the genomes of 400,000 Irish people so it’s unclear how this partnership with UCD will assist in achieving this goal, or indeed whether GMI are already experiencing difficulties in hitting their interim targets.

An as yet unresolved problem remains: how will GMI and their research partners UCD be securing the explicit consent of all 400,000 of these participants for their personal data to be used for purposes which may not have been envisaged at the time the participants gave their consent?

Officials from the Department of Employment Affairs and Social Protection (DEASP; The Sideshow Bob Rake Department) wasted no time in parlaying one of the findings of their research (see The Cat Herder, Volume 2, Issue 8) into a source close to the Minister discovering a previously unnoticed demand for an identity card among “older people who no longer drive” and eagerly yet anonymously sharing this with the media.

The Government is considering allowing people to use their Public Services Card as a form of legal ID

This piece also states “research commissioned by the Department has found that 96% of those with a Public Services Card (PSC) are either very satisfied or fairly satisfied with them.” The research published on the Department’s website says no such thing. 96% of those surveyed were either very satisfied or fairly satisfied with the SAFE registration process.

Mind you, this was an easy mistake for a busy journalist to make since the Department’s press release sported the headline “In-Depth Customer Survey Finds Strong Satisfaction with Public Services Card (PSC)”. This accidental misrepresentation of the findings of the survey was doubtless the result of a last minute editing error or similar. Departmental press offices are probably almost as busy as newsrooms! No doubt the Department will be in touch with the media organisations who subsequently misreported this research to correct them.

Barrister Laura Keogh had a look at the compatibility of the Public Services Card with the GDPR for Irish Legal News . This part jumped out

As the Department has been adamant for quite some time now that it does not process biometric data no doubt clarification of this will be issued in short order.

Though we’re old enough around these parts to remember the times when the Department and the then Minister said the exact same systems did process biometric data.

So it is probably safe to say that the clarification, when it emerges, will be one for the ages.

Since we’re back on the subject of media coverage of data protection and privacy, there was a bit more of the baffling kind from The Irish Times this week, following on from last week’s failure to grasp the difference between a data breach and any of the other multitude of ways in which data controllers could fail to be in compliance with the GDPR.

This week the paper of reference put forward the opinion, in a news item about Facebook’s possible lobbying activities around the appointment of the Irish Data Protection Commissioner and the progress of the GDPR through the European legislature, that the GDPR is overly restrictive. While also getting the name of the Regulation wrong.

Curiously, The Irish Times also now appears to be of the opinion that the GDPR is an online privacy law.

—

The Dutch Data Protection Authority has said that cookie walls don’t comply with the GDPR. A lot of publishers might want to take a look at the way they’re handling cookies as a matter of urgency.

Just a related thought on this …

Rather than reading Mark Zuckerberg’s ostensible Damascene conversion to privacy evangelist (it’s here, if you really must) we’re reading some thoughts on it.

• ‘Zuckerberg’s new privacy essay shows why Facebook needs to be broken up’ says Konstantin Kakaes in the MIT Technology Review.
• ‘Facebook’s Privacy Cake’ is Ben Thompson‘s meta take which covers many of the other takes and includes his own take. Got that?
• “Facebook is happy to protect user data when doing so decreases the company’s civic responsibilities — but not when it threatens advertising revenue” says Zeynep Tufekci in an opinion piece for the New York Times.

—-

Endnotes & Credits

• The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds.
• As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”.
• The image used in the header is by Krystian Tambur on Unsplash.
• Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running.
• Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can.

Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.

Barring a disaster this newsletter will be in your inbox again next weekend. See you then.

If you know someone who might enjoy this newsletter do please forward it on to them.