View profile

"significant deficits in terms of logic and consistency" | The Cat Herder, Volume 3, Issue 1

January 12 · Issue #65 · View online
The Cat Herder
Happy New Year one and all. Reviewing last year’s newsletters showed a few broad themes which ran through the year. Locally, the Irish state’s ill-conceived and illegally implemented biometric database and the peculiar decision of the state’s investment arm to throw a lot of money at a privately owned DNA harvesting company. Internationally, alarm over the deployment of facial recognition and other surveillance technologies by the Chinese state in Xinjiang and in the latter half of the year in Hong Kong was accompanied by the silent and rapid creep of such technologies into consumer devices in the West, spearheaded by Amazon’s Ring. A slow realisation dawned about internet-connected devices with embedded speakers and cameras: they record. Those recordings can be accessed by the staff of the device manufacturers. Data protection authorities across Europe sanctioned data controllers large and small, with a notable exception. Visible enforcement action by the Data Protection Commission of Ireland was, with the exception of an enforcement notice issued in early December regarding the Public Services Card, seemingly absent, to the growing frustration of counterparts in the rest of the EU.
Guess what? Nothing’s changed.

No real need for any commentary on this one as the headline says it all. Seriously.
Why is a 22GB database containing 56 million US folks' personal details sitting on the open internet using a Chinese IP address? Seriously, why?
The same goes for this one. Profiling on a vast scale
Airbnb Claims Its AI Can Predict Whether Guests Are Psychopaths
It never ends
It never ends
The Department of Employment Affairs and Social Protection filed an appeal in the Circuit Court against the Data Protection Commission’s enforcement notice regarding the Public Services Card.
As Karlin Lillington points out, the appeal is not against any of the findings of the Data Protection Commission’s report into the lawful basis for and transparency around the card and its underlying database.
If the courts ultimately side with the department purely on the basis of a legal loophole, rather than the concrete finding of facts, we can all look on the crass cynicism of the Government ministers who made this determination – contravening and ignoring the actual rights and protections that its own citizens are now afforded under EU law – and despair.
Cianan Brennan in the Examiner tried to “make sense of the long and winding PSC saga”. A thankless task, as sense has long since left the building.
The Minister for Employment Affairs and Social Protection made some media appearances recently. The card came up for discussion, naturally. On The Tonight Show on Virgin Media last week several of the same exhausted talking points which bear no relation to reality were repeated. Elizabeth Farries of the ICCL sets those straight in this thread on Twitter:
Elizabeth Farries
Thread. @ICCLtweet joined #TonightVMTV yesterday to discuss the #PublicServicesCard.

The Minister also appeared and said it's "difficult to have a conversation with people when they don’t even know the facts.”

Respectfully, we know the facts.
Hopping from DEASP to the Department of Children and Youth Affairs, the only body apart from DEASP itself which appears to be still using the card, in contravention of the Commission’s instructions, we find that:
  • The Department of Children and Youth Affairs was given expert advice not to use the PSC as the registration mechanism for the National Childcare Scheme.
  • This advice was not taken and the scheme went ahead with the PSC option the only one available to parents, accompanied with a promise that a paper-based registration alternative would be provided this month.
  • The Department of Children and Youth Affairs still does not know when the paper-based registration alternative for the National Childcare Scheme will be available.
Cianan Brennan
The pain of dealing with Government departments, an occasional series. #1,457,932 Asked Dept Children when postal option for childcare scheme is going live, as it's supposed to be this month. Straightforward I thought. Well no, it isn't as it turns out
They definitely did.
They definitely did.
The recordings, both deliberate and accidentally invoked activations of the voice assistant, as well as some Skype phone calls, were simply accessed by Microsoft workers through a web app running in Google’s Chrome browser, on their personal laptops, over the Chinese internet, according to the contractor.
Skype audio graded by workers in China with 'no security measures' | Technology | The Guardian
If a data slurping beast spots an opportunity to profile you in order to shovel possibly relevant ads in your direction then it will take that opportunity.
Spotify will use everything it knows about you to target podcast ads - The Verge
When we left off at the end of last year the listening devices were still listening. Now they’re listening to you singing in the shower.
Kohler puts an Alexa-enabled smart speaker in a showerhead - The Verge
It could, it really could.
It could, it really could.
New Year Honours: Government apologises after addresses published - BBC News
Those big headline-grabbing fines the ICO announced last July - £183 million for British Airways and £99 million for Marriott - may be melting away. As a lot of folks pointed out at the time, these weren’t fines, they were notices of intent to fine. They haven’t crystallised into actual fines in the statutory six months and in both cases an extension has been agreed.
The ICO did fine DSG Retail Limited (that’s Currys PC World, Dixons, Carphone Warehouse and others to you and me) £500,000 for security failing which left the personal data of 14 million people exposed.
The French government can go ahead with plans to trawl social media to detect tax avoidance, the constitutional court has ruled. The new rules, part of a broader law on tax changes passed by the lower house of parliament, greatly increases the state’s online surveillance powers by letting it collect masses of public data, as part of a three-year online monitoring experiment.
French government to scan social media for evidence of tax evasion
Chinese companies have made every submission to the UN for international standards on surveillance technology in the past three years, according to documents reviewed by the Financial Times.
  • “Now, after the California legislature instituted a three-year ban on police use of mobile facial recognition technology, one of the nation’s most overhyped and least well-understood policing tools has been switched off.” DJ Pangburn on ‘San Diego’s massive, 7-year experiment with facial recognition’ for Fast Company.
  • Coverage of the annual Consumer Electronics Show in Las Vegas shows that a certain number of vendors are doing their damnedest to cram facial recognition into every possible device and gadget. “facial recognition’s spread marches on. Over the last decade, anything you can think of – toothbrushes, televisions, cars, refrigerators and even beds – has been connected to the internet. Within the next 10 years, facial recognition companies hope to do the same with their technology” says Alfred Ng in C|net.
  • “regulators in other countries are speaking out about their doubts. Hamburg’s data protection authority says that the current “one-stop-shop” system, in which many major investigations are carried out by authorities in Dublin or Luxembourg, creates serious bottlenecks and an "unsatisfactory” situation for millions of web users.“ Nicholas Vinocur covers the pace of enforcement for Politico.
Endnotes & Credits
Find us on the web at and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.
If you know someone who might enjoy this newsletter do please forward it on to them.
Did you enjoy this issue?
If you don't want these updates anymore, please unsubscribe here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue
Privacy Kit, Made with 💚 in Dublin, Ireland