I got a lot of helpful intel at the SMWVBO conference yesterday, but the lunch-session talk from Mr. Lyn Watts was just sad. Watts, the "Senior Program Privacy Manager" for Microsoft, was hand-wringing about the October 6th death of the "U.S.-EU Safe Harbor Framework."
I remembered the date because I had been surprised to hear the Cort of Justice of the European Union (CJEU, aka Minitru) had taken a position that appeared to support the privacy rights of its huddled denizens by protecting them from the U.S's rogue NaTional ZecurIty Agency. I also remember hoping Safe Harbor would stay dead because a few years ago, my betters had requested I analyze it and provide them with an "executive summary and recommendation." I worked with a "Guy from Legal" for about two days to establish the policy and governance, as well as what the company would have to do in order to "Self-Certify" compliance.
That's right. "Self-Certify"
Since the "Guy from Legal" had roughly the same dark sense of gallows humor, we started printing up mock self-certificates for all sort's of absurdities until He had one proving he was the Pope, and I had one to self-certify myself as a "Benevolent Singularity" that would never harm anyone providing my demands were met promptly and cheerfully, or they were the Pope.
Basically, a loophole that let US companies stick a straw into profitible EU marketing data, all that this nonsense addition to the existing nonsense pseudo-legislation about European Import/Export law required of us was a pinky-promise stating that our company would protect the personal data related to European people in a way that conforms to European standards, a brief survey of which revealed our current policy to be much more likely to actually prevent any sort of inappropriate use, loss, or leak. We could keep sluping up EU data as we saw fit, and as a bonus, the same pinky-promise would cover the Swiss as well! Yay!
However, on 6 October last, Minitru decided that they would no longer accept pinky-promises, and that, in light recent events demonstrating the reprehensible behavior of the NSA in stealing private information from everybody in the whole world, along with the incompetence and/or criminal negligence that are the hallmarks of NSA's ability to keep confidence, Eurosoc would no longer allow sharing the invariably sordid details of the European citizens' private lives with Amerisoc. Big heads exploded at big data strip-mining concerns like Google, Amazon, and Microsoft which were all atwitter, and lit up the blunderwebs with dark forebodings too.
In a mind twisting paradox, I actually agree with Big Brothers finding on this one. A few days prior to 6 October, I had been shredding all of the mail in my lofty "maybe someday" stack (upon which any correspondence arriving marked "Urgent! Open immediately" is automatically placed,) but one such marked packet turned out to be a notice from Uncle S. informing me that he had suffered a cock-up on the privacy front, and as a result, my fingerprints, identification numbers, all financial account numbers along with balances and passwords, political affiliations, recent purchases, reading habits, shoe size, etc.--- well, all of that stuff was now public information, and so... you know, apology, sorry, regret, etc.
But what prompted all this reminiscence was when Mr. Watts (Remember Mr. Watts? He was the Microsoft guy at the SMWVBO conference.)---when he said, "...to understand the issue, you have to understand that the European attitude and culture regarding privacy is much different than ours. Personal privacy is actually written into their constitution!"
At first I didn't believe him because I couldn't find anything about personal privacy in any of the sixty sections of article one of the referenced constitution, but then, only sixty six sections into article two, I found not one, but three whole privacy related articles!
Curious, I decided to skim the U.S. Constitution before writing my congressman to propose an amendment when I found this in one of the existing amendments:
A little stuffy-16th-century-powder-wiggy, but from a legal standpoint, I think it's essentially the same, apart of course from the insanely vague nonsense about specification, legitimate basis, and rectification found in Article II-68.2 of the European Constitution.
In addition to questions I now have regarding Mr. Watts' basic literacy, I wonder if it might be advisable to remind our U.S. of A. Federal Overlords that the biggest part of their job is to secure these rights to the citizenry, and perhaps they might like to take this opportunity to somehow remind data whores like Zuckerberg and Bezos that the consequence of selling stuff that does not belong to you is not limited to fines and fees, but often includes having your slick ass thrown in jail as a deterrent to those who might wish to emulate your, erm---"Business Model?"
Then again, it was the aforementioned Overlords that set this whole goat rodeo in motion, so trying to remind them of anything might be on the pointless side.
On a totally unrelated topic, here is my brief review of the new Microsoft Windows 10 operating system:
OOOH! SHINY!
I remembered the date because I had been surprised to hear the Cort of Justice of the European Union (CJEU, aka Minitru) had taken a position that appeared to support the privacy rights of its huddled denizens by protecting them from the U.S's rogue NaTional ZecurIty Agency. I also remember hoping Safe Harbor would stay dead because a few years ago, my betters had requested I analyze it and provide them with an "executive summary and recommendation." I worked with a "Guy from Legal" for about two days to establish the policy and governance, as well as what the company would have to do in order to "Self-Certify" compliance.
That's right. "Self-Certify"
Since the "Guy from Legal" had roughly the same dark sense of gallows humor, we started printing up mock self-certificates for all sort's of absurdities until He had one proving he was the Pope, and I had one to self-certify myself as a "Benevolent Singularity" that would never harm anyone providing my demands were met promptly and cheerfully, or they were the Pope.
However, on 6 October last, Minitru decided that they would no longer accept pinky-promises, and that, in light recent events demonstrating the reprehensible behavior of the NSA in stealing private information from everybody in the whole world, along with the incompetence and/or criminal negligence that are the hallmarks of NSA's ability to keep confidence, Eurosoc would no longer allow sharing the invariably sordid details of the European citizens' private lives with Amerisoc. Big heads exploded at big data strip-mining concerns like Google, Amazon, and Microsoft which were all atwitter, and lit up the blunderwebs with dark forebodings too.
But what prompted all this reminiscence was when Mr. Watts (Remember Mr. Watts? He was the Microsoft guy at the SMWVBO conference.)---when he said, "...to understand the issue, you have to understand that the European attitude and culture regarding privacy is much different than ours. Personal privacy is actually written into their constitution!"
At first I didn't believe him because I couldn't find anything about personal privacy in any of the sixty sections of article one of the referenced constitution, but then, only sixty six sections into article two, I found not one, but three whole privacy related articles!
ARTICLE II-66
Right to liberty and security
Everyone has the right to liberty and security of person.
ARTICLE II-67
Respect for private and family life
Everyone has the right to respect for his or her private and family life, home and communications.
ARTICLE II-68
Protection of personal data
1. Everyone has the right to the protection of personal data concerning him or her.
2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
3. Compliance with these rules shall be subject to control by an independent authority.
Curious, I decided to skim the U.S. Constitution before writing my congressman to propose an amendment when I found this in one of the existing amendments:
AMENDMENT IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
A little stuffy-16th-century-powder-wiggy, but from a legal standpoint, I think it's essentially the same, apart of course from the insanely vague nonsense about specification, legitimate basis, and rectification found in Article II-68.2 of the European Constitution.
In addition to questions I now have regarding Mr. Watts' basic literacy, I wonder if it might be advisable to remind our U.S. of A. Federal Overlords that the biggest part of their job is to secure these rights to the citizenry, and perhaps they might like to take this opportunity to somehow remind data whores like Zuckerberg and Bezos that the consequence of selling stuff that does not belong to you is not limited to fines and fees, but often includes having your slick ass thrown in jail as a deterrent to those who might wish to emulate your, erm---"Business Model?"
Then again, it was the aforementioned Overlords that set this whole goat rodeo in motion, so trying to remind them of anything might be on the pointless side.
On a totally unrelated topic, here is my brief review of the new Microsoft Windows 10 operating system:
OOOH! SHINY!