The Department Declined | The Cat Herder, Volume 3, Issue 45

The news highlights the opaque location data industry and the fact that the U.S. military, which has infamously used other location data to target drone strikes, is purchasing access to sensitive data. Many of the users of apps involved in the data supply chain are Muslim, which is notable considering that the United States has waged a decades-long war on predominantly Muslim terror groups in the Middle East, and has killed hundreds of thousands of civilians during its military operations in Pakistan, Afghanistan, and Iraq. Motherboard does not know of any specific operations in which this type of app-based location data has been used by the U.S. military.

This can include offline phone numbers, email and home addresses, alongside browsing activity. “We can provide a bridge to the digital world for offline names,” he said, adding that Zeotap works with some 112 providers to pool data into a single, unified customer view.

Civil rights and privacy experts warn that the spread of such wearable continuous-monitoring devices could lead to new forms of surveillance that outlast the pandemic — ushering into the real world the same kind of extensive tracking that companies like Facebook and Google have instituted online. They also caution that some wearable sensors could enable employers, colleges or law enforcement agencies to reconstruct people’s locations or social networks, chilling their ability to meet and speak freely. And they say these data-mining risks could disproportionately affect certain workers or students, like undocumented immigrants or political activists.

The true problem is the State’s refusal to implement this decision, and comply with the DRI ruling, in the subsequent six years. By failing to do so, it has not only jeopardised a conviction in this one case, but potentially, also in every single other case since in which mobile records have been used.

He described the State’s failure to implement the DRI case, and ensure its data retention laws were compliant, as “a crisis”, not just because it was a continuing violation of Irish citizen rights, but “also because there will be … risk that prosecutions that would otherwise be successful could face challenge”. This warning is also implied in Murray’s 187-page report.

“It is very difficult for the Garda or the police service in each individual member state to access information if the information is never being retained to begin with. It’s a conundrum.”

They added a decision against the Irish State in the matter could have implications for the integration of the European Justice system on a par with Brexit and may cause some member states to question the competency of the ECJ to rule on such matters.

GDPR stems from European Union law and trumps other regulations.

The Italian data protection supervisory authority (Garante per la protezione dei dati personali) ordered Vodafone to pay a fine in excess of Euro 12,250,000 on account of having unlawfully processed the personal data of millions of users for telemarketing purposes. As well as having to pay the fine, the company is required to implement several measures set out by the Garante in order to comply with national and EU data protection legislation.

Messenger services enable consumers to send text messages, photos and videos or make telephone calls via the internet. Surveys and media reports have repeatedly pointed out possible violations of consumer protection law in this sector: In some cases the way in which established messenger services manage the personal data of their users could be in violation of applicable data protection rules.