View profile

Every week is Surveillance Week | The Cat Herder, Volume 3, Issue 44

It seems to be Surveillance Week this week. Which it is every week in fairness. Possibly also Undermi
November 15 · Issue #108 · View online
The Cat Herder
It seems to be Surveillance Week this week. Which it is every week in fairness. Possibly also Undermining The Regulator week, which is a long term project the Irish civil service may or may not be engaged in. Who’s to know? The euphemism of the week is “onomastic” standing in for highly dubious, dodgy and inaccurate political profiling.

When purchasing controversial and unnecessary surveillance equipment one should always ensure there is an easy way to turn it off.
San Diego’s spying streetlights stuck switched “on,” despite directive | Ars Technica
One should also be aware of this inevitability.
If there’s anything we’ve learned from Amazon Ring, it’s that law enforcement tends to view networks of connected cameras as too rich a target to ignore. So, too, in San Diego: local police used footage from the citywide surveillance network at least 400 times since 2018.
With the news that the Minister for Justice and the Irish Prison Service are appealing a finding of the Data Protection Commission in the High Court rather than taking a far less expensive trip to one of the lower courts nobody can say for sure that the civil service is trying to undermine a regulator it doesn’t like but at the same time nobody can say for sure that the civil service isn’t trying to undermine a regulator it doesn’t like.
That the DPC is currently attached to the Department of Justice, and that the Department of Justice is aping a legal strategy first deployed against the DPC by Facebook makes this situation curiouser and curiouser.
As has long been the case, the top tiers of the civil service have difficulty understanding the concept of a supervisory authority which is independent of government and responsible for overseeing the processing of personal data in the public sector as well as the private sector. Or they do grasp the concept and sure as hell don’t like it.
Let’s just have a quick trip down memory lane to September of last year when it was reported that the (entirely unelected) Civil Service Management Board was busy forging ahead with the very things it had been told it shouldn’t do.
However, according to documents released to and its investigative platform under the Freedom of Information Act, the government was actively looking at expanding the current uses of the PSC in 2019 despite already being told it didn’t have a lawful basis to do.
In June of this year, a meeting of the most senior civil servants in the country decided to explore the possibility of replacing the Medical Card with the Public Services Card in the future.

We have seen with the ongoing and still unresolved controversy over the archive of the Mother and Baby Homes Commission of Investigation that the Irish state will happily adopt policy positions which do not respect the legal data protection rights of individuals and attempt to give these policy positions an air of lawfulness through misinterpretations of (secret, unpublished) advice from the Attorney General’s office.
Perhaps the problem is broader than just a dislike of the powers and remit of the supervisory authority and extends to a more general dislike of fundamental rights. Who’s to know?
Maybe it might. Who knows.
Maybe it might. Who knows.
Other reasons for dispensing of Ring doorbells revolve more around your personal comfort level with contributing to encroaching police surveillance in America.
Your Cop-Friendly Spy Device Could Burst Into Flames
Ring has lived up to the terrifying potential of wifi-enabled home video peepholes. Aside from enabling police to amass video from willing residents, with zero assurance that they won’t share the footage or keep it indefinitely for use unrelated to an immediate crime, they’ve also been used to surveil users. The Electronic Frontier Foundation found in January that the Android app was full of trackers that haunt your device and feed your personal information to Facebook, even if you didn’t have a Facebook account.
Plenty of folks spotted the Man In Black angle to this story.
Dermot Casey
I went down down down
And the flames went higher.
And it burns burns burns
The ring of fire
The ring of fire.
Steve Reilly
Johnny Cash spent decades trying to warn us about this.
Ah no, we definitely saw this coming.
Ah no, we definitely saw this coming.
With more than 105,000 cameras, Moscow boasts one of the world’s most comprehensive surveillance systems. It became fully operational this year and authorities say it has cut crime and helped the city enforce coronavirus lockdown restrictions.
But rights activists say cameras have been used to monitor political rallies and a lack of clear rules allows for abuse.

Face for sale: Leaks and lawsuits blight Russia facial recognition
Brit Conservative Party used 10 million people's names to derive their country of origin, ethnicity and religion according to ICO report • The Register
During its 41st plenary session the European Data Protection Board adopted its first Article 65 decision, the dispute resolution mechanism, by a two-thirds majority.
The decision will be communicated to the DPC, which will in turn communicate it to Twitter, the cause of the dispute, within one month.
The recommendations aim to assist controllers and processors acting as data exporters with their duty to identify and implement appropriate supplementary measures where they are needed to ensure an essentially equivalent level of protection to the data they transfer to third countries. In doing so, the EDPB seeks a consistent application of the GDPR and the Court’s ruling across the EEA.

Omer Tene of the IAPP had some thoughts - “Bottom line: it’s hard to see a clear path for data transfers to the US (or other "non adequate” countries) based on SCC or other transfer mechanisms.“
This was followed very shortly by the European Commission publishing its draft updated Standard Contractual Clauses for feedback.
The ICO fined Ticketmaster £1.25 million for a large data breach which happened in 2018.
A court in Bonn has reduced a €9.55 million fine issued to 1+1 Telecom in December 2019 by the German Federal Data Protection Authority to €900,000 on appeal. Another steep discount similar to those secured by British Airways and Marriott.
  • “Robotic lie detector tests at European airports, eye scans for refugees and voice-imprinting software for use in asylum applications are among new technologies flagged as “troubling” in a UN report. The UN’s special rapporteur on racism, racial discrimination, xenophobia and related intolerance, Prof Tendayi Achiume, said digital technologies can be unfair and regularly breach human rights. In her new report, she has called for a moratorium on the use of certain surveillance technologies.” UN warns of impact of smart borders on refugees: ‘Data collection isn’t apolitical’ by Katy Fallon in The Guardian
  • “The audits found some considerable areas for improvement in both transparency and lawfulness and we recommended several specific actions to bring the parties’ processing in compliance with data protection laws. In addition, we recommended that the parties implemented several appropriate technical and organisational measures to meet the requirements of accountability. Overall there was a limited level of assurance that processes and procedures were in place and were delivering data protection compliance.” From the ICO’s ‘Audits of data protection compliance by UK political parties’ [direct link to PDF]
  • ‘Despite flagging risks to democratic trust and engagement the regulator has chosen not to take enforcement action“We recommended the following actions must be taken by the parties”, is the ICO’s preferred oxymoronic construction as it seeks to avoid putting any political noses out of joint.’ Natasha Lomas takes a critical look at the ICO’s audit and vague threats of further action if everyone doesn’t do better.

Endnotes & Credits
Find us on the web at and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.
If you know someone who might enjoy this newsletter do please forward it on to them.
Did you enjoy this issue?
If you don't want these updates anymore, please unsubscribe here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue
Privacy Kit, Made with 💚 in Dublin, Ireland