View profile

Unpause | The Cat Herder, Volume 4, Issue 3

The Irish state puts something down in writing which it has long resisted doing, more surveillance sp
January 24 · Issue #116 · View online
The Cat Herder
The Irish state puts something down in writing which it has long resisted doing, more surveillance spending, an own-volition data breach by the Sideshow Bob Rake Department and if your security system includes cameras which are remotely accessible …

In court records, one defendant claims Aviles was found to have accessed the home security cameras of her parent’s home at least 73 times between 2017 and 2020, including her bedroom while she was still a teenager.
A Home Security Tech Hacked Into Cameras To Watch People Undressing And Having Sex, Prosecutors Say
You can probably expect to see Fine Gael TDs talking about this Very Bad Idea soon.
Lukasz Olejnik
Largest group in the European Parliamen (EPP) advocates for a system that would identify all users on the internet. They want a blockchain-based thing. Is this what decentralised identifiers (dids) are create for? Oh, this is for real. #DigitalServicesAct
The top story this week in the ‘attempting to make a paper thin connection to Covid in order to justify spending on surveillance gear we’ve had our eye on for a while’ category is …
An Garda Síochána spent €1,984,300 last year on technology designed to check vehicle license plates, according to documents released under the Freedom of Information Act.
That spend on automatic number plate recognition (ANPR) systems was up 600 percent from 2019, when the figure was around €280,400.
Increased spending is due to years of underinvestment and the need to upgrade out-of-date equipment, said An Garda Síochána in the FOI response.
“When Covid restrictions were introduced, major investment in additional equipment commenced to aid Gardaí at Covid checkpoints,” it said.
Gardaí Spend on Tech to Check Licence Plates Up 600 | Dublin Inquirer
In this case, probably not
In this case, probably not
The Boston Globe is experimenting with its own version of the right to be forgotten. As with the right to be forgotten which exists in European law, the impetus is the effect on individuals of the existence of an easily searchable permanent archive of news stories which have little to no contemporary relevance and can actively harm people by following them around for decades.
“It was never our intent to have a short and relatively inconsequential Globe story affect the futures of the ordinary people who might be the subjects,” said Brian McGrory, editor of The Boston Globe. “Our sense, given the criminal justice system, is that this has had a disproportionate impact on people of color. The idea behind the program is to start addressing it.”
Boston Globe launches ‘Fresh Start’ initiative: People can apply to have past coverage about them reviewed - The Boston Globe
As more details about the opaque and apparently frequently undocumented methodologies and procedures of the Mother and Baby Homes Commission of Investigation trickle out it was far from reassuring to see that the level of understanding of the basics of data protection in some other state bodies remains stubbornly below sea level.
Claire McGettrick
Adopted people are sending personal emails to TDs & Senators with their birth certs attached:

Instead of reading the emails properly Minister @HHumphreysFG has been unnecessarily forwarding people's emails & personal info to the General Registrar's Office
This is a painfully stupid notifiable data breach delivered by the government department which insists it is a trustworthy custodian of a single unlawfully assembled database which contains the biometric data of every individual in the country.
On a related note, there’s a still-developing story in Brazil which seems to feature a leak of almost the entire population’s personal data. Which was stored in a single database. More in this Twitter thread. These are called databases of ruin for a reason.
During the week Thomas Pringle TD received a letter from the Minister for Children, Equality, Disability, Integration and Youth which put down in writing something which the Irish state has been reluctant to formally acknowledge.
“the GDPR is directly applicable … in case of conflict, EU law would prevail over any inconsistent domestic law in accordance with the principle of primacy of EU law.”
This acknowledgement is important not just for the current situation regarding the Commission’s treatment of the personal data in its possession before it is transferred to the minister but also the department’s treatment of that data after the transfer, the behaviour of other government departments and state bodies, and even future advice offered by the Attorney General’s office which politicians and government departments are fond of hiding behind.
Politico reports that WhatsApp could be fined as much as €50 million by the Data Protection Commission.
The multi-million euro draft WhatsApp fine is an initial proposal from Dublin, and has been opened up to other European data protection agencies for their feedback. A final decision on how big the fine should be — and what other remedies WhatsApp should agree to — is not expected until later in the year.
Waterford City and County Council has been officially reprimanded for its use of CCTV to monitor public activity by the Data Protection Commissioner.
The admonishment by the commissioner, which was handed down in October of last year and was carried out using its corrective powers under the General Data Protection Regulation (GDPR), concerns the local authority’s use of such surveillance technology to monitor illegal littering and dumping, and for the prevention of crime.
The ICO announced it is unpausing its adtech investigation. Only a cynic would suggest this could be in any way connected to Elizabeth Denham’s upcoming appearance before the Digital, Culture, Media and Sport Sub-committee on Online Harms and Disinformation, scheduled for this coming Tuesday.
Millions of Facebook users in Illinois will be receiving about $340 each as Facebook settles a case alleging it broke state law when it collected facial recognition data on users without their consent. The judge hearing the case in federal court in California approved the final settlement on Thursday, six years after legal proceedings began.
  • “As the city’s authorities worked to change the capital’s image, the C5 was supposed to fulfill a world-class promise. In exchange for near-constant surveillance, residents would see their home become cleaner, safer, more data-driven, a destination for both tourists and capital. But that hasn’t happened. Mexico City’s district attorney estimated last year that 94% of crimes in her jurisdiction go unreported.” Madeleine Wattenbarger on Mexico City’s surveillance theatre for Rest of World.
  • “The Fundamentals emphasise that transparent information should be provided throughout the user experience. In particular, children should receive just-in-time notifications about any potential risks associated with sharing personal data. The DPC advocates an approach whereby children are given the opportunity to ask organisations questions directly regarding the processing of their data. For example, through an instant chat, dedicated email address or privacy dashboard.” Colin Rooney and Aoife Coll of Arthur Cox run through the DPC’s draft guidance “Children Front and Centre: Fundamentals for a Child-Oriented Approach to Data Processing”.
  • DLA Piper’s annual General Data Protection Regulation (GDPR) fines and data breach report.
Endnotes & Credits
Find us on the web at and on Twitter at @PrivacyKit. Of course we’re not on Facebook or LinkedIn.
If you know someone who might enjoy this newsletter do please forward it on to them.
Did you enjoy this issue?
If you don't want these updates anymore, please unsubscribe here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue
Privacy Kit, Made with 💚 in Dublin, Ireland