Snowball | The Cat Herder, Volume 2, Issue 30
|
The GMI snowball trundles onward, catching up a government minister and a former senator as it goes. There was a data breach at Instagram which sounds very similar to the one that happened at Instagram’s parent Facebook. People are listening to the recordings made by the recording devices.
😼
This week the Sunday Business Post reports that former senator Lorraine Higgins secured the attendance of Minister Finian McGrath at “a publicity event for Chinese-backed genetic data harvesting firm Genomics Medicine Ireland (GMI).” Higgins now works for GMI’s PR company, MKC Communications, the very same folks who were seeking “benediction” for GMI from the Taoiseach.
In an unusual twist, the Business Post article closes with the line “MKC did not respond to requests for comment ahead of publication.” Normally one would expect the company at the centre of a controversy to steer queries to their retained public relations firm. In this case the public relations firm no longer seems willing to answer questions. Could we possibly see a situation emerge where a public relations firm refers questions about its behaviour to yet another public relations firm?
Finian McGrath’s appearance at the Genomics event stemmed from a request by former Labour senator Lorraine Higgins, now a PR operative
Earlier in the week GMI’s CEO had a carefully-worded opinion piece published in the Irish Times. The intended reassuring effect of this was blunted somewhat by the same newspaper reporting the following day that GMI and Beaumont Hospital had a research project rejected by the Health Research Consent Declaration Committee over “concerns about patient consent and the potential sharing of project data with “unknown international third parties”.
More
🐦 Simon McGarr wrote a thread on Twitter about the latest developments. The first tweet is here, an unrolled version of the thread viewable on one page is here.
🐦 I also wrote down a few things on Twitter, mostly relating to Anne Jones’ piece in The Irish Times. The first tweet is here, an unrolled version of the thread viewable on one page is here.
—
No doubt you all remember the watershed moment that was the Facebook - Cambridge Analytica scandal. What ultimately led to all of that was Facebook’s lax (or almost complete lack of) controls over what personal data app developers could access and extract from its platform.
So surely nobody could have seen this coming.
More than a year after the Cambridge Analytica scandal, Facebook is still struggling to protect user data.
In other Facebook news: “Facebook has lost a federal appeal in a lawsuit over facial recognition data, setting the company up to face a massive damages payment over its privacy practices.”
—
It still remains true that internet-connected devices with cameras and microphones which are capable of recording are, in fact, recording.
Documents, screenshots, and audio obtained by Motherboard show that humans listen to Skype calls made using the app’s translation function.remains
Twitter announced a data breach, couched in a lot of vague wording and a promise not to do it again. “The data that Twitter said it might have used include a person’s country code, their engagement details with a particular ad and inferences made about the devices they use.”
The Data Protection Commission of Ireland confirmed to the Sunday Times that a breach notification had been received from Twitter.
In its blog post announcing the breach Twitter does not mention that it has notified the DPC. It would surely be of interest to data subjects for Twitter to do so while simultaneously being of benefit to Twitter in meeting its accountability requirement to demonstrate compliance with the GDPR, in this case in the areas of transparency and fairness.
—
In the adtech legality wars the Interactive Advertising Bureau has refused to answer questions posed by the DPC about the lawfulness of a cookie wall on its own website.
—
Those home installed surveillance devices are keeping everybody busy. “Regulators in the US and Europe are examining whether Google, Apple, and Amazon are violating privacy by employing human reviewers to listen to voice commands recorded by digital assistants.”
- “While preventing, detecting and prosecuting crime are all legitimate aims, can the breach of privacy and other rights that body cameras threaten be justified?” In the Dublin Inquirer Doireann Ansbro has a look at the pros and cons of body-worn cameras for police officers.
- “These first court decisions on Art. 15 of the GDPR confirm that the right of access is becoming a powerful tool in litigation. Germany’s code of civil procedure does not provide for a general right to discovery. ” In a short blog post Ulrike Elteste and Kristof Van Quathem point out the evolving nature of German courts’ interpretation of the scope of the right of access.
- The International Organisation for Standardization (ISO) announced ISO/IEC 27701 - Extension to ISO/IEC 27001 and ISO/IEC 27002 for privacy information management — Requirements and guidelines.
——
Endnotes & Credits
- The elegant Latin bon mot “Futuendi Gratia” is courtesy of Effin’ Birds.
- As always, a huge thank you to Regina Doherty for giving the world the phrase “mandatory but not compulsory”.
- The image used in the header is by Krystian Tambur on Unsplash.
- Any quotes from the Oireachtas we use are sourced from KildareStreet.com. They’re good people providing a great service. If you can afford to then donate to keep the site running.
- Digital Rights Ireland have a storied history of successfully fighting for individuals’ data privacy rights. You should support them if you can.
Find us on the web at myprivacykit.com and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.
Barring a disaster we’ll be in your inbox again next weekend.
If you know someone who might enjoy this newsletter do please forward it on to them.