Now this is a really interesting legal case. Facebook has a marketing and advertising business established as a separate legal entity in Germany. In December 2012, the Schleswig DPA issued orders against Facebook Inc. in the U.S. and Facebook Ltd. in Ireland, in which the DPA demanded that Facebook allow its German users to use pseudonyms.

So which law applies? Germany, Ireland, or US? In the end Germany lost. It was decided that the Irish DPU laws applied. The ruling stated that it was not considered a sufficient presence to warrant the application of German data protection law.

Really interesting post on rules concerning the use of personal information in China.

If you make it to the end of the article 😉 I am very much of the same opinion as the author, in that okay to have rules but what about enforcement. Also is the actual intentions of the Chinese authorities? Are they really after protecting the human rights of the Chinese citizen, or is this another ploy to enforce registration of identity, hence make anonymous access to online resources impossible. This restricts freedom of speech… as if it is not already enough given existing controls…

Cyber Intelligence Sharing and Protection Act (CISA) is not aligned with civil and privacy rights of the individual according to privacy advocates such as Electronic Frontier Foundation and Avaaz.org.

Neither Microsoft or Facebook support this bill. Imagine that everything you post on FB to be available for government authorities? Fine if you trust them I suppose, but I don’t.

Why is not crowdsourcing used more in the fight against terrorism? Transparency and the power of the people, of whom most want a safe society could provide an all encompassing safetynet. Crowdsourcing for example is starting to be used to locate missing persons and children, it is very powerful. There are so many people out there that can make a positive difference to this broken world we live in.

One of the biggest dilemmas with cloud services is that in theory it shouldn’t matter where your data is stored in the public cloud, just that it is secured appropriately, and only you get appropriate access and nobody else gets inappropriate access 😉

But it’s much more complicated. Every country has its own laws about the transparency of data stored and accessibility from nosing government authorities. The real problems occur when there is a conflict of privacy laws between different countries. So you have personal data stored in a Google public cloud, your data could be stored physically anywhere in the world. And the fact that Google is a US company means requirement to comply with US law (e.g. USA Patriot Act) for the organisation worldwide, not forgetting the regional laws where the data is physically stored. This conflicts with EU privacy law whereby the rights of the data subject are preserved.

Google have been quoted as follows “As a law abiding company, we comply with valid legal process, and that – as for any US based company – means the data stored outside of the U.S. may be subject to lawful access by the U.S. government.” Taken from Softpedia.

This could be an interesting time for organisations to set-up clouds but only in a single country in an organisation that is registered in the hosting country. Otherwise, can you really trust the data-holding authority to protect your rights as an EU citizen for example? I know I can’t!

The (quiet) introduction of a National Police Reference System in Australia has raised concerns on the impact on privacy.  The database (run by CRIMTRAC has millions of records – including DNA and fingerprints) and is able to be accessed by all Australian law enforcement officers.  There are up to 80,000 accesses to the data per day.

For more detail, please see http://www.smh.com.au/national/privacy-fears-growing-as-police-tighten-national-grip-20100117-mecr.html.

There is some good insights at archrights blog into the Marper judgement in the U.K., i.e. the decision to remove DNA of innocents from law enforcement databases. Check it out. Is your DNA stored somewhere, have you tried to have it removed?

Thanks to a post from ARCH blog that give pointers onto how to reclaim your DNA. Are you one of the 800,000 innocent people who have been arrested in England, Wales or Northern Ireland that are thought to have their DNA and computer records retained? Find more information on how to reclaim your DNA at this website.