Monthly Archives - April 2018

05Apr

Identifying Recipients of GDPR personal data – Theory and Reality

Under the GDPR, a data subject must be informed of the recipients or the categories of recipient of their personal data. These two choices are genuine alternatives. The controller can choose. But can that choice resist circumstances? Under the old regime, likewise it was necessary only to specify non-particularized categories. Hence the semantically meaningless rubbish filling up the non-statements of processing held in various supervisory authorities' existing "registration" databases. So, under the GDPR, can we still get away with it? After all,...

By Access, Cambridge Analytica, Data recipients, Disclosure, Discovery, Facebook, Notification0 Comments
Read more...
03Apr

GDPR, IP addresses, and classification – theory and practice

IP addresses can determine jurisdiction - as classically exploited by private and public surveillance agencies, BigTech, other data brokers,  and just about any web site owner. This is well known. As is the fact that such tracking information is key to everyone's commercial efforts to destroy net neutrality and undermine the web. But what does this mean for GDPR compliance? Can it be exploited for classifying individuals' jurisdiction? Should it? What are the pros and cons? Theory (law) I note in passing...

By Automated decision-making, DPIA, GDPR, Misuse of private information, Monitoring, Profiling3 Comments
Read more...