WELCOME to Connected Rights, your drizzle on the bank holiday of digital rights news and analysis.
Enjoy this newsletter? Forward it to a friend or get them to sign up. I’m David Meyer, aka @superglaze on Twitter and @davidmeyerwrites on Facebook. Don’t forget to check out the Connected Rights website and download a copy of my book, Control Shift: How Technology Affects You and Your Rights. Degemer mat!
THERE’S A RIFT IN THE GERMAN GOVERNMENT OVER the issue of smart-device data and whether it should be admissible as evidence in court. Federal and state-level interior ministers are keen on letting investigators tap into such data, but the justice ministry – which deals with consumer protection and constitutionality issues – is not on board.
Interior ministry: “Our view is that digital traces have become increasingly important. We are talking about traces that come from connected devices such as smart fridges but also voice-controlled devices such as smart speakers.”
Justice ministry: “Law enforcement must be up-to-date, but there are limits set by the protection of the most personal spaces, and the freedom of accused people not to incriminate themselves. These limits must not be circumvented by any technology.”
Let’s see how far this gets. The last time interior ministers wanted to muck around with connected stuff – they wanted connected car and smart home firms to suspend door-opening notifications to aid bugging – the SPD (now Merkel’s junior coalition partner; then a prospective partner) pushed back. The coalition is already close to collapse, so pushing this would not be a bright political idea.
IN THE LATEST INSTALMENT OF “WHY THE HELL WOULD ANYONE DO THAT?”, grocery behemoth Walmart will start letting customers take home deliveries while they’re not at home, from a delivery employee who’s wandering around their abode wearing an internet-connected bodycam.
The camera is to let the customer monitor the delivery from afar, but… just… no.
MEANWHILE, AMAZON HAS BEEN CREATING A SURVEILLANCE NETWORK for cops. From CNET’s story on the development: “Police departments across the country, from major cities like Houston to towns with fewer than 30,000 people, have offered free or discounted Ring doorbells to citizens, sometimes using taxpayer funds to pay for Amazon’s products. While Ring owners are supposed to have a choice on providing police footage, in some giveaways, police require recipients to turn over footage when requested.”
Amazon is appalled naturally, and said it will stop the cops from adding such strings to the giveaway. Thanks goodness the company respects… oh wait. Amazon’s also running Facebook ads for Ring doorbells, using surveillance footage of people that Ring users claim are up to no good. What could go wrong?
THE PROBLEM WITH COMPILING A BIG OL’ DATABASE of personal information is that it can get compromised. The latest snafu to prove that point comes courtesy of a U.S. Customs and Border Protection subcontractor, whose security messup has apparently exposed the photos of thousands of people who were entering and exiting the U.S. via an unnamed land border port over the period of a month and a half.
The pictures were being used to train a facial recognition system, naturally. The photos are reportedly out there on the dark web now. The subcontractor appears to be a company called Perceptics, though this is unconfirmed. As the Atlantic‘s headline put it: “This is exactly what privacy experts said would happen.” Indeed.
FACEBOOK HAS FAILED IN ITS BID to stop the Austrian courts hearing a GDPR case against it. Facebook had claimed that only Ireland has jurisdiction over it in this case – a Max Schrems production, naturally – but the Austrian Supreme Court disagreed. Schrems: “If we win even part of the case, Facebook would have to adapt its business model considerably. We are now every confident that we will succeed on the substance too. Of course, they wanted to prevent such a case by all means and blocked it for five years.”
SPEAKING OF FACEBOOK, the company has launched yet another app for spying on everything a user does on their phone, in exchange for cash. The app is called Study, though may I suggest “Faust” as a more suitable name. It is of course only being launched on Android, since Apple takes a more than dim view of such things.
REST IN PEACE, YVES BOT. The European Court of Justice advocate general’s death was announced yesterday; he reportedly died Sunday. Bot delivered some groundbreaking legal opinions in the digital rights field, most notably his recommendation that the Safe Harbour data-sharing deal with the US should be scrapped. He also advised in the Oracle/UsedSoft case that software licenses should be resellable, with conditions. The court sided with him on both occasions.
THE FRENCH PRIVACY WATCHDOG, CNIL, HAS FINED a real-estate company called SERGIC €400,000 under the GDPR for applying insufficient security to the personal data of its online users. The firm knew documents such as identity cards, divorce judgements and tax notices were being exposed through its systems, and did nothing to fix the problem for months. Which is why CNIL decided to make the penalty public. Name and shame.
THE RUSSIAN VPN CRACKDOWN IS SLOWLY trundling toward fruition. Having earlier this year threatened VPN providers with blockage if they don’t stop letting people view banned information, the media regulator Roskomnadzor has now warned that the block is coming maybe within the next month.
Of the 10 providers at which Roskomnadzor waved its ban-hammer, only one fell into line: Kaspersky, which also happened to be the only Russian provider on the list. The others stuck up their middle fingers, so here comes the result.
Watchdog chief Alexander Zharov: “The law says unequivocally if the company refuses to comply with the law, it should be blocked. So, we will do it.” However, somewhat hilariously, he added that the blocks would not be a “tragedy” because there are plenty of other providers out there. Now there’s a man who knows he’s engaged in something meaningful.