Posts by Doctor Syntax

Re: Such Hypocrisy

Whoosh?

Maybe. Who can tell?

Re: What the..

"a retrospective assessment of the EU Referendum is not necessary" [under breath] "because it would call our entire political position into question."

Re: Yabbut...

Attempted Inference

Re: Spelling

Correct in the case of Macallan. Across the pond - and I mean the local one - there's also whiskey.

Re: "Of course it's all just guesswork"

AIUI it's still faster than counting radioactive disintegrations the way we used to do it.

Re: It is capitalism

"For the record, I don't see a fix."

The fix would also be long term - to turn boardroom thinking round so that it looks at the long term. That would require changes in financial and taxation regulations. Ban bonuses that don't reflect long term performance or make them more highly taxed. Likewise, hit short term trading in stocks and shares.

Re: Flagging falsehoods

"your major shareholders aren't calling for the Board to be removed"

Their major shareholder isn't likely to do that.

What might have an effect is the advertising dollars walking away if they don't take action.

Re: why aren't postal votes considered a fraud risk in the US?

" I honestly hope the US manages to get it's shit together, but I doubt it."

A lot of us hope that. We also doubt it based on long observation.

Re: why aren't postal votes considered a fraud risk in the US?

Thank you for your long explanation. For the benefit of us folks in the UK could you please explain what a hanging chad is and why it matters.

Not licensed here syndrome?

Apache 2 license rather than GPL might have something to do with it.

Re: A few things

If you're aware of it being evidence of something illegal you might have an obligation to preserve it.

I never got the impression that "the dog ate my homework" would have gone down well with a judge.

I agree public confidence is critical but an honest impact assessment of the actual situation would ham that. Putting together an honest and acceptable impact assessment would have required changes to policies (such as "we're going to keep this data for decades and not limit processing to what's required by track and trace"). That would have been high level, taken ages of infighting and the reason it hasn't happened is that the required policy changes wouldn't be forthcoming anyway.

Re: But of course

"Obviously the numbers aren't going to be perfect due to reporting issues"

One interesting fact that emerged from HMGs preferred measure is that any death from any cause is counted as a COVID-19 death if the deceased had had a +ve test at some time. Eventually that will reach 100% of confirmed cases.

Re: There is already evidence of data breaches

How astonishing. You'd think they worked for a business that didn't know to send out bulk emails with BCC.

Re: History Repeats Itself...

"He, of all people, ought to have known better"

Only if he had a capacity to learn from his mistakes - or recognise that he made any.

Re: But of course

"the N.I. Assembly"

Or any of its predecessors.

Re: There we go again

"I would hope that it would be seen taking away money away from the PHE budget."

It would be seen as that. And political suicide for the ICO.

Perhaps a compromise would be for the ICO to appoint a consultant of their own choice to do the impact statement for them and fine them the cost of that. It wouldn't be effectively taking away the budget if it was used to do what should have been done out of the budget in the first place.

In an ideal world failure to fulfil such an obligation by a public servant would be dealt with as a disciplinary matter. It doesn't seem likely that somebody low down would have been told to produce an impact statement and failed to do so; more likely that somebody higher up failed - inadvertently or otherwise - to instruct anybody to do so. It's a very long time since anyone in that position was disciplined.

On the whole, however, I'd prefer them to take a punish the official approach. It would send a message to both public and private sectors, especially to the latter that if you fold the company we'll just come after you.

Re: There we go again

The ICO is in a difficult position here. It can exact a monetary penalty but how do you do that when the offender is a public body?

For a private offender a fine results in a loss of profits. A public body only has money in the form of a budget given to it to do its job. What would be the consequences for the ICO being seen to be taking away from PHE the budget given to them to deal with a national public health crisis?

About the only option it has would be to use its powers against an officer of the body responsible. Perhaps it ought to do that. AFAIK it's not been done against an individual in the private sector so it would be by way of being a test case and probably lead to the ICO still being pilloried for distracting management attention at such a critical time etc etc.

Re: SCCs

As I read it SCCs per se are legal but when applied to the US they're worthless because US legislation prevents them being honoured. If you have SCCs with a company in a country that doesn't enable its govt to override them they're OK. I've no idea if such countries exist but I suppose the countries that do override them will have to be excluded one at a time. UK next up?

Re: No Shit Sherlock

I've suggested previously that the way round this for a US service is to offer a franchise to a an EU business, set up under EU law with EU citizens as owners, officers and staff. The franchise pays for IP - branding and copies of S/W - from the US business. EU data is handled purely within the EU. If data, mail in the example in the article, is to be sent to a non EU, no US destination then it's not routed through the US.

There's another option for EU businesses to use email of course - use an EU owned and based MSP. That's assuming the MSP doesn't simply resell a US-based service (Is BT still reselling Yahoo! ? Not that that matters now anyway.).