Monday, December 3, 2018

Privacy and data protection

Privacy and data protection

#privacy #liberty #freedom

In the digital age, data plays a huge role in our everyday lives.

It's present in lots of obvious ways. When we are shopping online for example and

have to type in our name and address.

But data collection can also be less visible.

Take data brokers, for example. You've probably never heard of them, but these businesses specialise in

creating in depth profiles of individuals for advertisers.

A single profile may draw on up to 1,500 data points.

This can include a person's sexuality, browsing history, political affiliation, and even medical records.

One US based data broker, Acxiom, claims to have files on 10% of the world's population.

It's not just businesses of course. In
2013, Edward Snowden uncovered a vast regime of

mass government surveillance programmes, opening a global conversation which is still unfolding today.

In this video, we'll take a closer look at this debate, focusing on the related but distinct concepts of privacy and data protection.

By the end you should have a clear idea of:

how these issues differ and overlap;

how both are affected by the digital age; and

how you can engage with companies and governments to protect and strengthen these rights.

So what are we talking about when we say
privacy and data protection?

Let's take privacy first.

Article 12 of the Universal Declaration
of Human Rights treats privacy as a

distinct human right. It says that:

"No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence...

Everyone has the right to the protection
of the law against such interference or attacks"

This is simple enough. Agreeing on what
privacy actually means here has proved harder.

Depending on the context, it can mean the right to freedom of thought in conscience,

the right to be left alone,

the right to control one's own body

the right to protect your reputation,

the right to a family life,

or the right to a sexuality of your own definition.

There are other ambiguities. In legal
terms, privacy isn't an absolute right.

This means it can be restricted for
certain reasons - for example, to protect

national security or Public Safety.

Or if it conflicts with other rights,
like the right to free expression.

An example could be a public figure invoking privacy to avoid disclosing their financial records.

And what about data protection?

Contrary to popular belief it is not the same thing as privacy.

Privacy is a broad concept, referring to
the conditions which enable a basic

foundation of human dignity and autonomy.

Data protection is more specific.

It's concerned with the ways third parties

handle the information they hold about us - how it is collected, processed, shared, stored, and used.

In other words, privacy is the big picture - and data protection is one corner of it.

Like privacy, data protection is also
subject to limits - for example, when a

warrant is obtained allowing law enforcement to access the phone records of a suspect.

And while data protection is in some
ways more clearly defined than privacy,

how it is applied legally can still vary greatly depending on which country you're in.

The digital age has created new ways to
collect, access, analyse and use data,

often across multiple borders and jurisdictions.

Unsurprisingly, this poses challenges for human rights.

One challenge relates to the
way companies use our data.

The internet's business model depends on
people sharing their personal data in

exchange for access to content, services
and social media platforms.

While you might not pay anything upfront to go on Facebook,

they still make money from you by
selling your personal information to advertisers.

By clicking "agree" to terms of service, users technically consent to this model.

But in practice, virtually no
one actually reads them.

This is a problem because no one knows
what they're really signing up to,

which creates opportunities for misuse.

Another challenge relates to the
collection of personal data by governments.

Technological developments now enable
governments to monitor our conversations,

transactions, and the locations we visit.

In some countries - including Russia, Brazil, Australia and South Korea - companies are legally required to

store this data locally for long periods of
time, making it easier for governments to

get information on their citizens.

These measures are often introduced in
the name of fighting cybercrime and terrorism.

But without adequate protections, this
data can easily be abused to target

dissidents and activists - undermining freedom of expression and the rights to association and assembly.

And these are just the technologies we have now.

Emerging technologies - like the Internet of Things, wearables, and artificial intelligence - are likely to

pose new challenges to human rights.

As human rights defenders we need to be prepared for these.

There are many bodies and forums where privacy and data protection issues are discussed and defined:

National and regional courts have a crucial role here.

The European Court of Human Rights, for
example, has imposed limits on 'stop and search'

practices by the police, and on the amount of time data can be legally retained.

At the national level, it's common to find a specific public body responsible for privacy and data protection.

This can be a specialist post or an ombudsman.

But the extent to which privacy is defined and protected varies greatly between different jurisdictions.

For example, there is no clear right to privacy

in the African Charter on Human and People's Rights (ACHPR).

However, there are mechanisms at the
international level.

Following a UN resolution on the right
privacy in the digital age,

the Human Rights Council has established
a new Special Rapporteur for Privacy.

And various internet policy forums, like the
Internet Governance Forum (IGF),

the Council of Europe, the Organisation for Economic
Cooperation and Development, and

conferences, like HOPE and CyFy, also contribute to shaping the scope of privacy in the digital age.

And finally, we have companies.

The decisions of companies can also have a huge impact on data protection and privacy rights.

For example, by building end-to-end encryption into their software, as WhatsApp did in early 2016.

Let's look at two examples of privacy
and data protection in the real world.

First, let's look at the Apple vs. FBI case.

After the 2016 terrorist attacks in the US city of San Bernardino, the FBI asked apple for the information

stored on the iPhone of one of the suspects.

However, Apple's operating system is
encrypted and only accessible through a pin code.

The FBI asked Apple to modify the system
to let them in.

Apple refused - opening alively debate on the right to privacy versus security needs.

The case was almost taken to court - but in the end the FBI found a vulnerability to crack the phone.

In privacy terms, this was a legal setback.

If the case had gone to court, it could
have helped popularise the risks of

weakening encryption for society, and

establish what constitutes a legitimate limitation on privacy by the state.

Next, let's look at surveillance in Kenya.

In Kenya, a combination of invasive
surveillance measures and a lack of

adequate data protection facilitated a
crackdown on civil society in 2013,

which was documented by Peace Brigades International.

Many human rights defenders had their offices raided,

computers hacked and phones tapped by the government.

One of the ways human rights defenders
have been fighting back is by pushing

for the ratification of Kenya's first data protection law, long-stalled in Parliament.

If implemented properly, this could limit
the worst excesses of state surveillance.

Kenya is by no means the only country to bring in surveillance legislation justified by security concerns.

But this example is a good demonstration of how

seemingly abstract restrictions on online privacy can have physical consequences in the offline world.

So what can human rights defenders do to
protect and strengthen privacy and data protection?

An easy first step is taking digital
security measures yourself.

This can be as simple as using encryption and anonymity tools,

and encouraging your friends to do the same.

Human rights defenders can also advocate

for alternative digital business models, which aren't based on the extraction and sale of data.

Economic pressure on the
existing model is already growing.

For example, over the last few years, the number of users using adblock software globally has exploded.

There is evidence that this is already pushing companies to less invasive advertising practices.

Engagement in debates at the national
and regional level is, of course, crucial.

Where privacy protections are weak, human rights defenders need to actively advocate for stronger ones.

And even where they are stronger,

we need to make sure legislation is
keeping up with new technological developments

-  like the Internet of Things.

Ultimately, if we want things to change,
human rights defenders need to make

these issues accessible and relatable by being more creative about the way we talk about them.

When people see how data protection and
privacy affects them on a day-to-day basis,

they may be more inclined to engage with
these concepts.

In the next video we'll be taking a closer look at freedom of expression, association and peaceful assembly.

Thursday, August 2, 2018

Open space office suck most of the times and for long periods sucks even more

(meanwhile the managers that decided sit in individual offices)

And please at least have some rules

"The open-plan office is a terrible, horrible, no good, very bad idea"

"very different needs for quiet or concentration or use of phones or open conversation"
"number one argument for the open office, increased collaboration, is bullshit."

"It was a tyranny of interruption, distraction, and stress. The quality of my work suffered immensely, and so did my mental wellbeing."

"Open office spaces don’t actually promote interaction. Instead, they cause employees to seek privacy wherever they can find it.

These open spaces might spell bad news for collective company intelligence or, in other words, an overstimulating office space creates a decrease in organizational productivity.

Not all channels of interaction will be effected equally in an open layout change. While the number of emails sent in the study did increase, the study found that the richness of this interaction was not equal to that lost in face-to-face interactions."

#OfficePolitics #WorkplaceProblems ##HumansNotRobots

Wednesday, January 17, 2018

"People will come into your life for Four Add, Subtract, Multiply or Divide...choose wisely!" Jalen Rose (also a nice podcast Jalen & Jacoby)

Saturday, October 28, 2017

How To Identify A Toxic Culture Before Accepting A Job Offer

 Great article!
"The problem is IT leaders and professionals -- even in the age of cloud and serverless computing -- still think too much in terms of servers and machines, and not enough in terms of meeting the challenges of meeting business competition at a high level"

Saturday, July 29, 2017

Living Danishly: inspiring ideas from the world's happiest country

"goods and services cost a little bit more because everybody gets a living wage"

"by now i don't mind paying a little more if i now the women serving it to me doesn't secretly hate me and wants to spit in it because she as a decent standard of living"

Maslow's hierarchy of needs
Law of Jante


Saturday, May 13, 2017

#WannaCrypt quickfix summary before a new wave of #ransomware appears (2017-05-13)

1.disable SMBv1 (PowerShell 2.0 or a later version)
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 0 -Force

Restart server

-----  ( EMC storage and others alert ---- see comments in Stop using SMB1 bellow)

2. install at least ms security essentials on server

3. install Microsoft Security Bulletin MS16-114

4. updates for older operating systems ( Windows XP, Windows 8, and Windows Server 2003)


Stop using SMB1

How to enable and disable SMBv1,-smbv2,-and-smbv3-in-windows-vista,-windows-server-2008,-windows-7,-windows-server-2008-r2,-windows-8,-and-windows-server-2012

Microsoft Security Essentials

Customer Guidance for WannaCrypt attacks

Microsoft Security Bulletin MS16-114 - Important

'Accidental hero' finds kill switch to stop spread of ransomware cyber-attack

Privacy and data protection

Privacy and data protection #privacy #liberty #freedom In the digital age, data plays ...