A moment of silence on the Reg to honor the death of Cambridge-Analytica...
Meanwhile at the new HQ of Emerdata / Firecrest / Auspex:
Administrators dealing with the group of firms affiliated with Cambridge Analytica were offered a pound for the now infamous brand – but didn't accept. Cambridge Analytica was one of five firms placed into administration amid the fallout from the Facebook data harvesting scandal. The firms – Cambridge Analytica, SCL Elections …
Surpriosethere was silence where you are - coyuldnt hear for the champaig corks bing remved round here. I'm sure forensic accountants (and probably the SFO) will have a field day with their relationships which undoubtedly will work to deptive legitimate investors of their dough while retaining the pocketbooks of the high and mighty.
What are you celebrating exactly dude? Low tier staff were shit-canned. Meanwhile 'The Elite' @ CA, brushed the dust off, and phoenix'd into a bunch of smaller CA's... They will now go underground and be even less accountable esp in the 3d world:
"Auspex will work in the Middle East and Africa initially"
Accountability in Middle East and Africa? First thing that comes to my mind: BAE bribes in UAE (if I remember correctly). UK investigation killed off because, lol, "not in the public interest", plain English: do as I say, don't do as I do. They might as well have said: look, bribes and public hangings are a part of their culture, ok? We must be sensitive, particularly if YOUR job is on the line...
In short: we're all hypocrites.
So let's get this straight. The administrator of a company that has been placed in administration thinks that it is not now the Data Controller of the data assets of the company. Surely in that case they are unable to dispose of those assets?
If they are not the data controller, who is?
In this instance the ICO is a 'third party' and neither Data Controller nor Data Processor. This is similar to 'recipient', which is the usual category for, for example, IT support for an application that stores Personal Data where the other organisation can access the data but doesn't do any "real" processing of the data. The difference is that 'third party' has a specific legal meaning.
You are confusing the Administrator who is in charge of getting as much cash for the rotting corporate corpse of Cambridge Analytica and the ICO who are concerned with breaches of data protection law.
I suspect there is a gap in data protection law where a company is in liquidation or being wound up as the Administrator is merely an agent, and therefore may not be a data controller.
Some guidance here
Basically my reading of that is that the CA administrator could be on very dodgy ground bouncing back those Subject Access requests, depending on the terms of their insolvency contract.
I thought that the whole idea of these companies is that they were like a shell to a mollusk -- once the shell was compromised the creature inside just slunk off and grew a new one. The trick is to find suitable names for the shells, names that don't convey any information and so are easily forgettable.
Now, the real question is what's inside that shell -- mollusk or Dalek?
with absolutely no relation to each other, and created absolutely not to maximise opportunities offered by "fiscal obligations optimisation process" as keenly presented by the always impeccable (I'm only following orders) legal eagles.
The position is explained well here:
A link helps when posting URLs.
More interestingly the reporting of judgement implies that they are responsible for responding to data access requests:
"First, that the company should retain sufficient data to enable it to respond to any data subject access requests which had been made before the disposal of the data and, second, that the liquidators should retain sufficient data to enable them to deal with any claims that may be made in the liquidation."
So the liquidating company don't become the data controllers, they are merely the agents of the company they are liquidating. However as the agents they've got to comply with the rules and that includes ensuring the data controller within the company responds to subject access requests - and presumably appointing a new agent to act as the data controller if they have gone and made the original one redundant.
When this story first broke, a little bit of research, starting at Companies House in the UK, revealed that many of the directors of these businesses have strong ties to Private Military Contractors, like Nick Prince of Blackwater fame, who are still busy providing services, to places like Africa, through yet other innocuously named (and throw-away), and illusorily altruistic organisations.
It is interesting that the focus was on Cambridge Analytica's connections and misdeeds with Facebook, yet the connections of many of their directors (who are linked to PMC's and other shadowy organisations) goes by with hardly a feather ruffled.
I'd buy the Cambridge Analytica's name for a £1, just to ensure that the name always remains linked to these people and their continuing projects to undermine nations around the world, under the false pretexts of providing help.
It is no surprise to me that businesses like Facebook and others had/have such relationships with dodgy businesses, but it does annoy me that businesses like C.A. (and derivatives) get away with nation-meddling, yet it is Russia who gets all the blame for such antics....it is really hypocritical, and highly damaging to Democracy.
Biting the hand that feeds IT © 1998–2019