Archive | Big Data

The Goovernment

You know the saying that Google will know if you are gay before you do?

Almost the same, but a little different, can be said about the government.

The government knows who you have been talking to on the phone and who your friends are – and who their friends are. The government knows where you have been and who else might have been in the same place at the same time. The government knows when you connected to the internet, who you sent an email and the people that have emailed you. Data is stored about your every text message, and in some countries that go for the content of the messages as well.

In the UK Big Brother will even keep an eye on your web searches, if the government gets it its way.

The government knows who your friends are and what people you are trying to avoid. It can tell who you do business with and what people you sleep with. It can figure out your hobbies and your whereabouts. And it can flag you if a friend of your friend is someone the people in power do not approve of.

With Google – at least, it’s about selling you stuff, to expose you to “relevant” ads and to make a buck. (But World Domination, really?)

But with the Goovernment – it’s all about control. And power. Over you. For real.

Put one on top of the other, and it gets even more scary. (The government doesn’t need Google to cooperate in this. Much of the data is out on the market.)

All of this while government doings are getting more opaque, more secretive and more dubious.

This is not the way to do things in an open, democratic society.

/ HAX

0

The EU-US Privacy Shield: EU presents a pointless proposal

Finally, the European Commission has presented a proposal for the EU-US Privacy Shield conserning data protection, to replace the fallen “Safe Harbour” agreement. Sorry to say, it’s rather pointless.

The background is that the European Court of Justice invalidated the “Safe Harbour” agreement that was supposed to provide adequate data protection when Europeans personal data is being transfered to the US. The reason was that US companies didn’t really care about the agreement — and that US authorities (e.g. the NSA) in many cases had access to the data.

Then followed some confusion as the EU and the US tried to negotiate a new agreement, the EU-US Privacy Shield. Here are some previous blog posts:

• An EU-US Privacy Shield? »
• The EU-US Privacy Shield Illusion »

Now we have a proposal. Some EU links:

• European Commission presents EU-U.S. Privacy Shield »
• Restoring trust in transatlantic data flows through strong safeguards: European Commission presents EU-U.S. Privacy Shield »
• EU-U.S. Privacy Shield: Frequently Asked Questions »

This new proposal is rather similar to the old, fallen agreement. So much so, that it might very well be invalidated by the ECJ once again.

The main news seems to be “adequacy decisions”. In simple terms this means that things will be deemed OK if the European Commission says so. And that is hardly a solid judicial principle.

The Austrian student Max Schrems — who took the old agreement to the ECJ in the first place — says that he is considering taking the new agreement back to court, if adopted.

In a comment the NGO EDRi:s Executive Director Joe McNamee says..

The European Commission has given Europe a lesson on how not to negotiate. This isn’t a good deal, it hardly deserves to be called a ‘deal’ of any kind.

The EDRi press release also states that the documents published “confirm that no meaningful reforms have been made and that none are planned”.

EDRi Press Release: Privacy Shield is the same unsafe harbour »

The European Commission simply does not seems to be very concerned about protecting European personal data being transfered to the US.

/ HAX

0

The EU-US Privacy Shield Illusion

A little more than a week ago, I wrote a blog post on the EU-US Privacy Shield. This is supposed to replace the fallen “Safe Harbour” agreement, protecting European personal data when transferred to the US. (The latter didn’t, that’s why the European Court of Justice invalidated it.)

But, as I wrote, the EU-US Privacy Shield is just a framework agreement, not a deal. No substance. Nothing. Everyone is just stalling for time.

And I’m not the only one to be suspicious. Today the weekly EDRi-gram from Brussels-based NGO European Digital Rights turned up in my mailbox. And they do take a swing against the Privacy Shield illusion:

What’s behind the shield? Unspinning the “privacy shield” spin »

Some quotes…

• If there is a deal, why was nothing published?

It is standard practice from the European Commission. When an agreement is reached, the Commission launches a press release, but not the actual agreement. In this way, the Commission can control the amount of information available to journalists and the general public. It then launches the actual document once the press cycle is over and the details are no longer newsworthy.

I couldn’t agree more. Things like this happen all the time. And the EU Commission seems to get away with it all the time. In this case, let’s keep an eye on the ball for a change.

• Was there a deal?

Actually, there was no deal. The Commission had to announce something on 2 February in order to prevent regulators from starting enforcement action against companies that were (and, today, still are) transferring data illegally to the United States.

Bulls eye, again. What we see is the EU political system trying to dodge the EU judicial system. I won’t quote the entire text, but I must direct your attention to this showstopper…

• Is it strategically wise to announce a deal before discussions have been completed?

For the US, definitely, for the EU, it was strategically disastrous. As the EU has announced a deal, European negotiators have absolutely no leverage in the discussions around the detail of the agreement. Politically, it is impossible for the EU to reject anything that the US now proposes, because it is politically impossible for the Commission to abandon negotiations after it announced the completion of an agreement.

Is this just mind-bending incompetence? Or outright political sabotage?

And so it goes on. You really should read the whole piece.

The European Parliament (that has demanded a suspension of the Safe Harbour agreement for years) ought to be very upset. And the European Court of Justice should treat this as contempt of court, if there is such a thing in its’ regulatory framework.

We really shouldn’t let the European Commission get away with this. European citizens deserve decent data protection.

/ HAX

0