* Posts by Alexander Hanff 1

189 posts • joined 1 Jul 2009

Page:

Huawei Honor 8 Pro: Makes iPhone 7 Plus look a bit crap

Alexander Hanff 1
Thumb Down

And still shovelling Android

It doesn't matter how good the hardware is (and let's forget about Huawei's ties to the Chinese Government for just a few minutes), it is still an Android phone. You couldn't pay me to use an Android device - and I mean that literally - if you offered me 5k Euros a month to use Android, I would say no.

Irrespective of whether or not Apple are keeping up with the hardware, iOS is why I buy Apple, not the hardware.

10
92

EU 'net neutrality' may stop ISPs from blocking child abuse material

Alexander Hanff 1

I haven't changed my tune - the two scenarios are completely different.

In the Phorm situation, citizens' communications were being intercepted, copied, scanned and then the content of those scans used to profile individuals behaviour. It was active surveillance over which the citizen had zero choice or control.

In the adblocking scenario, communications are scanned for specific patterns which only match advertising code. The content of the comms is not copied and used for profiling behaviour and the citizens has to opt in to the service (if they don't their comms bypass the tech).

Another big difference between the two is in the Phorm case, all parties in the communication were likely to object to the interception. However, in the adblocking case, publishers have a vested interest in not consenting to the activity because they benefit from the ads being blocked.

With the privacy and security issues surrounding programmatic ads and privacy being a fundamental right under European Law (Article 8 of the Charter of Fundamental Rights of the European Union) it is absurd to suggest that publishers should have a veto over a citizen's choice to block ads.

Furthermore, I haven't changed my tune - I have not stated that RIPA doesn't apply in the adblocking case - I have been actively lobbying to have EU Law changed to remove the all party consent requirement for situations where ISP customers have explicitly requested a service (opt in) and I still fully support the prohibition of arbitrary blocking imposed by the ISP without the explicit opt in consent of the customer.

I find it amusing that some people think I need reminding of what I wrote - I don't, I wrote it. I also find it strange that certain people think I have no right to have a different opinion in different situations - the Phorm case and the adblocking scenario are opposites in many respects and it is entirely my right to have a different opinion on both scenarios.

0
0

Ad-blocker blocking websites face legal peril at hands of privacy bods

Alexander Hanff 1

Re: confused - - - -

And you clearly are unable to read as well.

The scripts in question are used for the specific purpose of detecting adblockers - they print a lovely message on the screen saying "YOU ARE USING AN ADBLOCKER PLEASE TURN IT OFF" (or words similar depending on the tool) - their ENTIRE purpose is to detect the use of an adblocker, some even look for specific adblockers as opposed to just any adblocker (for example there are some which block AdBlock Plus but do not block other adblockers - they look for behaviour specifically related to the use of adblock plus).

So please do stop talking so much crap about other scripts, scripts which are not for detecting adblockers etc. The issue discussed between myself, regulators, lawyers and legislators has been specifically about scripts which are designed for the sole purpose of detecting/circumventing adblockers.

You have not been party to those discussions, so please stop trying to tell me what was said in those discussions because you don't know. All discussions have taken place with technical experts and legal experts present - the letter is just a formal written version of the response I received verbally 14 months ago after such a meeting.

Now no matter how many times you guys try to turn this into something it isn't, try to talk about other scripts, other tools or other technologies - it will not change what has happened, it will not change what is going to happen. Legal test cases will be filed, publishers will be investigated and judgments will be made. Get over it already.

If the regulators think there is no legal issue then the judgments will support your arguments - if the regulators think there is a legal issue then the judgments will support my arguments.

2
2
Alexander Hanff 1

Re: This FF22 guy/gal

"in so far as this takes place for the sole purpose of carrying out the transmission in the electronic communications network"

Adblock detection scripts are nothing to do with carrying out the transmission in the electronic communications networks - their purpose is to detect adblockers.

"their use should be allowed on condition that users are provided with clear and precise information in accordance with Directive 95/46/EC about the purposes of cookies or similar devices so as to ensure that users are made aware of information being placed on the terminal equipment they are using. Users should have the opportunity to refuse to have a cookie or similar device stored on their terminal equipment."

Which just verifies exactly what I have stated - users need to give their consent - current methods of detection are happening without consent. Also note the "users should have the opportunity to refuse" so these scripts cannot be used until the user is given the opportunity to refuse such activities.

So thanks for your input but if you think it does anything other than verify -everything- I and the European Commission have stated, you seem to be having some issues with your comprehension.

2
0
Alexander Hanff 1

Re: confused - - - -

Javascript specifically developed to detect the use of an adblocker could never be considered as "for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network" - seriously where do you come up with this rubbish?

These scripts are covered by the Directive (as clarified by the European Commission) and fall into the same category as Spyware.

Let me make this clear to you once more - the European Commission -wrote- the law, trying to claim their interpretation of the law is wrong is beyond ridiculous.

It doesn't matter a damn what you think, what I think or what everyone else thinks - what matters is what the Regulators and the EU Commission thinks and they all agree that this activity is both covered by the Directive and illegal - please get that into your head.

There is a very good reason I spent 14 months traveling Europe talking to regulators and legislators before commencing with any legal actions - to ensure that they would support and act on such actions. So whether you agree with the law or not, whether you agree with my interpretation of the law or not is wholly irrelevant - those responsible for writing and enforcing the law do and we will see what action they choose to take when I file my legal complaints.

And even if these test cases end up in the CJEU - the CJEU -always- relies on recitals for interpretations of laws and the recitals support this viewpoint fully.

Nothing is certain in law (that is why these are "test cases") but there comes a point where you have to admit you are unlikely to win and in this matter the publishers and adtech industry are up against the full weight of regulators and the European Commission - it is not likely they are going to win...

So please do stop posting nonsense - read the law, understand the law and read the opinion of the Commission. I will not respond further to obvious industry trolls repeating the same deliberately incorrect and misleading crap over and over again.

5
0
Alexander Hanff 1

Re: This FF22 guy/gal

Please take the time to read the law and the recitals which explain the law. They very clearly answer your questions and show your thesis to be wrong.

Storage is defined, consent is defined, exemptions exists.

Thanks for your lazy "I cant be arsed to read" input.

1
2
Alexander Hanff 1

Re: @ Alexander Hanff / Ian Thomson

Well that might be the case had I written to the "Your Europe Advice" service but I didn't and the letter has no such disclaimer. I wrote directly to President Juncker who tasked the response directly to Gunther Oettinger.

Still it is nice to know that my stalkers are still wasting their lives obsessing over me.

7
1
Alexander Hanff 1

Re: A blocker to block the anti-blocker

The already exist - but I prefer to take the legal route than keep playing cat and mouse.

4
0
Alexander Hanff 1

Re: They might learn

One day they might actually learn that there is no such thing as "exclusive content" on the Internet - it can -always- be found somewhere else.

3
1
Alexander Hanff 1

Re: For those using HOSTS file blocking...

As I stated below, the ePD is not restricted to personal information, it covers all information.

1
0
Alexander Hanff 1

Re: Bull

The ePrivacy Directive doesn't require access to "personal information" it covers ALL information as highlighted in the European Commission's letter. The main point of the amendments in 2009 (Article 5(3)) were to deal with spyware, malvertising and behvioural tracking/profiling - it is not the Data Protection Directive it is the ePrivacy Directive and exists for completely different purposes to the DPD.

The European Commission regards adblock detection as a form of Spyware it also falls under the category of behavioural profiling (using an adblocker is a "behaviour").

3
0
Alexander Hanff 1

Re: confused - - - -

The javascript is STORED on the device before it is executed - it has to be in order to be executed.

The web page (and how it is rendered) is STORED on the device.

The STORED javascript inspects the DOM of the STORED web page to determine whether or not an Ad has been rendered.

All of this falls under the definition of 5(3).

The javascript is embedded into the html document either inline or linked to as an external script by the developer - it doesn't just magically end up in there all on its own - it is put in there with the sole purpose of accessing information on the client to determine whether or not an adblocker has been used.

Exemptions exist for a service explicitly requested by the user (so javascript which is detecting screen resolution, orientation etc for the purpose of responsive design is completely legal) and I really wish adverpologists would stop deliberately attempting to obfuscate the discussion by making these false claims that all javascript would suddenly become illegal (especially since the exemptions are listed in the Commission letter).

So it is you who are misunderstanding the law, not me misunderstanding the technology.

5
1
Alexander Hanff 1

Re: confused - - - -

It is nothing to do with personal data - the ePrivacy Directive forbids access to -any- information on the terminal equipment of the user and also forbids web sites from storing any information on that same terminal equipment without clear consent which is informed and freely given.

AdBlock detectors are embedded as javascripts into the html files the publisher puts on their web server (either embedded directly inline or linked to) - the user is not aware of this until the web page is downloaded and viewed in their browser - the script then analyses the information stored on your terminal equipment (the web page) to see if the ads have been removed, without the consent of the user.

So the detectors are in breach of both parts of the law:

1. When they are stored on the computer/device

2. When they execute and access information stored on the computer/device.

It is really straight forward.

4
1
Alexander Hanff 1

Re: One way online advertising might change?

It takes no effort to not read his drivel or respond to it. Every time one of you does answer him, it gives him a rise, feeds his narcissistic need for attention. Best thing to do is completely ignore him.

2
2
Alexander Hanff 1

Re: Server jurisdiction and legality

Under current rules (95/46/EC, 2002/58/EC) any company which is based in the EU or processes data in the EU is required to follow our laws. There is a very long list of case law supporting this not least the Right to be Forgotten case in the CJEU last year but also (for closer to home) the Vidal-Hall vs Google case in the UK, Belgian DPA vs Facebook, French DPA vs Google, French DPA vs Facebook etc etc etc.

So in short all EU companies are obliged to follow EU law and it is important to note that even if they are exporting the data outside of the EU they can only lawfully do so if the country it is being sent to has laws which are at the least equivalent to EU privacy and data protection laws.

And as stated above for any company which is not based in the EU but is processing data in the EU they also have to follow our laws.

In 2018 when the General Data Protection Regulation comes in any company (whether or not they are based in the EU or process data in the EU) which target EU citizens will be required to follow our laws in relation to EU citizens (some Judges & legislators already believe this to be the case under our existing laws but there is some ambiguity which will be removed by the new Regulation).

5
0
Alexander Hanff 1

Re: Lots of people hate adverts...

I am not even remotely concerned about advertising - I fully support ad supported content. What I don't support is the illegal non-consensual tracking and profiling by adtech companies. Contextual Ads still generate over 90% of all display ad revenues and privacy respecting, contextual advertising is not a problem for me.

My work for the last decade has been focused on the illegal behavioural profiling and tracking.

12
0
Alexander Hanff 1

Re: Click here to view this title.

Not sure when I will be in the North again - I am hosting a privacy event in London on 29th but I am totally booked up travelwise for the next 2-3 months speaking at events and having meetings on adblocking.

1
0
Alexander Hanff 1

None of the cookie banner solutions currently being used are compliant with EU Law - so no they can't be used to cover adblock detectors to make it legal.

The way current cookie banners work is they simply display a message - they literally do nothing else (in most cases - there are some very limited exceptions). The cookies are placed on your machine before the cookie notice is even displayed to the user - this is illegal.

Furthermore, the cookie banners do not have a "I don't agree" option, only an "I agree" option (which is also illegal).

So yeah ICO tried to throw this idea at me when I had my meeting with them and in the end agreed that this wouldn't work and that yes currently these banners are non-compliant. ICO also agree that the detectors are illegal as well and have agreed to accept my formal complaint against UK publishers and adblock detection developers - they even expressed an interest in a joint investigation with other DPA's as they did with the Google case back in 2012.

So yes, even the usually toothless ICO are in agreement that this is ILLEGAL.

In my discussions with the EU Commission they also agreed with me that because using an adblocker is a clear facilitation of a users rights under Recital 66 and is an explicit and deliberate action - it could not be over written by any implied consent (cookie banners rely on implied consent) - the use of an adblocker is a direct denial of consent from these users.

10
0
Alexander Hanff 1

Average ad revenues per year per user for publisher is less than £0.50 according to industry reports. Wired are currently charging > 8x that per month for their subscription.

This is one of the problems with subscription models - for some reason publishers think it is sensible to charge literally hundreds of times the amount they would get per user per year for their subscription fees. £50 per year is not a sustainable model for subscription to online content (per site) it will fail and is down to sheer greed.

Publishers need to either start forming group subscription models where users gain access to many publications giving those publishers revenues which are inline with ad revenues if they want to replace ads with subscriptions - or - they need to reduce their subscription costs to micropayment levels inline with ad revenues.

But they do the opposite - they try to charge ridiculous subscription fees far far higher than the revenues they make per user from advertising and then guess what - they still throw advertising in as well - and wonder why subscription numbers are so low?

Then the go down another illegal route and start pushing "branded content" (aka native content or "advertorials"). I was at a publishing event in Paris just a week ago and they were talking about adblocking - their solution? Disguise advertising as content - again this is also illegal.

It beggars belief.

9
2
Alexander Hanff 1

Re: Ok, just RTFC

I don't want to seem like I am making light of everything you typed with a short reply but it is really simple - it is illegal. There has been extensive discussion on this at regulatory levels and device fingerprinting is illegal under 5(3) without consent if it doesn't fall under specific exemptions (which I can't think of any situation where it might).

I read a long research paper on Canvas Fingerprinting a number of years ago and brought it to the attention of the EU Commission - there was zero doubt in their mind it is illegal.

8
1
Alexander Hanff 1

Re: What about..

Canvas Fingerprinting is also illegal under 5(3) of 2002/58/EC and has been covered by an Article 29 Working Party Agreement from 2014. So if you detect that sites are using this method you should first complain to the site and if they do not change their behaviour, fire off a complaint to your regulator.

If you regulator refuses to enforce, get in touch with the EU Commission and file a complaint against your country for failing to uphold your fundamental rights, request the EC initiate infringement proceedings.

And however unlikely you might think this is to succeed - it worked against Phorm and forced the UK to change RIPA. The Commission have advised me to do the same thing with Member States who do not enforce our rights regarding adblock detectors.

9
0
Alexander Hanff 1

Re: Grey Areas

I spent the last 6 months speaking at industry events (both advertising and publishing) warning them they are breaking the law and suggesting they find a better way. 500 million (roughly 25% of Internet users globally) blocking ads because of privacy and other concerns is quite possibly the world's biggest ever protest. The current model is unsustainable and instead of trying to find a way which is acceptable to Internet users they choose instead to go to war with them using illegal tools to infringe on the fundamental rights of the people.

So don't tell me I haven't given them a chance to fix the situation, I have - repeatedly.

Now the time for action has arrived.

26
1
Alexander Hanff 1

Re: Bull

No they don't.

15
2
Alexander Hanff 1

Re: Grey Areas

Then they should lobby to have the law changed to allow this - because whether you agree with the law or not does not mean you are free to disobey it.

20
1
Alexander Hanff 1

Why are you guys even bothering to respond to FF22 (I no longer will) he is quite obviously an industry troll. Here are the facts:

Adblock detection tools store and execute scripts on the client to detect behaviour of that client (are they using an adblocker).

The EU Commission state (very clearly in their letter to me) that this is illegal - the EU Commission wrote the law.

The Regulators have stated (in my discussions with them) that this is illegal - the Regulators enforce the law.

So again, why are we responding to some random industry troll who neither wrote the law (and therefore knows what it is meant to do) nor enforces the law?

Don't feed the troll.

28
0
Alexander Hanff 1

Re: Bull

The people who write the laws, the people who enforce the laws all disagree with you - so good luck arguing your incredibly poor interpretation in the courts - you will fail.

31
3
Alexander Hanff 1

Re: Bull

The javascript file itself is stored and is illegal. Period.

29
4
Alexander Hanff 1

Re: @Alexander Hanff 1

No you are missing the exemptions as I explained below. Also if you actually read the letter from the EU Commission you will notice they mention the exemptions as well.

Please do read the information provided, it saves me repeatedly typing the same information over and over and over again.

33
3
Alexander Hanff 1

Re: Click here to view this title.

I live in Poland so £5 will buy a barrel lol :) (of Vodka)

34
0
Alexander Hanff 1

Re: Publishers could simply

I am fighting for (and have been doing so for the last 10 years) the removal of non-consensual tracking and behavioural profiling (which actually only makes up around 7.5% of display ad revenues according to the industry's own research). My campaign is about privacy not about ads. Also, as I have stated a number of times there are legitimate and legal ways to detect adblockers - the issue here is non of the tools being used currently do this in a legal way.

I also think it is ok for publishers to block content to people who refuse to view their ads - but they must do it legally - currently they are doing it illegally.

But this campaign is also about publishers who are not just illegally detecting adblockers but circumventing them (which is also illegal) and no publisher has any right whatsoever to circumvent the choice of a consumer and display the ads despite knowing the user has refused consent.

36
1
Alexander Hanff 1

Re: Grey Areas

No the law is actually quite sensible and gives some exemptions for purposes strictly necessary to provide a service the user has requested. Detecting browser resolution in order to render the page properly would fall under such an exemption.

Even detecting device via the user-agent to see what the pixel density is (retina or not) would fall under the same exemption.

But it is also about the purpose that data is used for - if the user-agent, browser resolution, font list etc are then re-used to create a device fingerprint for identification purposes - that is when it becomes illegal (this was covered by an Article 29 Working Party opinion from 2014).

It should be noted as well that making changes to existing cookie banners would not make this legal either for a number of reasons:

1. Cookie banner solutions are currently not compliant with the law (they place the cookies before the page is even rendered and the user has seen the banner)

2. Recital 66 of the ePrivacy Directive allows the use of "browser settings or other applications" to indicate whether or not you consent to the storage or access to stored information. In my discussions with regulators and the Commission, such an action by the user (installing an adblocker) would be seen as an explicit denial of consent as it is based on a specific and deliberate action of the user, which cannot be nullified by an implied consent from a "cookie banner" (these banners rely on consent being implied). Explicit trumps implied every time.

29
1
Alexander Hanff 1

Re: Bull?

I suspect it is one of my stalkers - the language of his comment matches that of a stalker I have had for the past 8 years, I just ignore them.

24
2
Alexander Hanff 1

Re: Bull

You are wrong - I have researched a large number of the adblock detection solutions and they all work by storing a javascript on the computer of the user which then checks how the page is rendered - whether specific elements exist or have been removed form the DOM.

Furthermore as pointed out by the EU Commission - the law is relevant for ANY information stored or accessed and is not limited to personal data. In fact the EU Commission rightfully categorise adblock detection tools as spyware as per Recital 24 and Recital 65.

I note you also spammed my Twitter feed with your nonsense - I suggest you actually go and learn something about the law before reporting back to your adblock detection company.

I have been working on these issues for 10 years and know the law very well - I have been researching adblock detection for the last 14 months and have spoken to 10 different regulators in Europe as well as the EDPS and EU Commission - all of them (yes even ICO in the UK) agree with my analysis.

I should add though that the letter from the EU Commission is not my reason for taking legal action - it was always my intention to do so which is why I started the work 14 months ago. Back in February last year I had a face to face meeting with DG Justice at the EU Commission in Brussels and they confirmed my concerns verbally. As I was approaching the point where I will begin filing legal complaints, I decided that having that opinion in writing would be useful so earlier this year I wrote to President of the EU Commission asking for them to formalise our original discussion in writing.

97
4

Pro-privacy titan Caspar Bowden dies after short cancer battle

Alexander Hanff 1

He will be missed

Caspar was a rare man - his integrity, morals and conviction were paramount to everything he did. I will miss him.

6
0

Cops turn Download Festival into an ORWELLIAN SPY PARADISE

Alexander Hanff 1

Re: So Download Festival are trying to go bankrupt?

@John Lilburne And oh how wrong you are on that one - nice try though.

1
0
Alexander Hanff 1

So Download Festival are trying to go bankrupt?

WTF would anyone even consider attending this festival with this level of surveillance?

71
0

You've come a long way, Inkscape: Open-source Illustrator sneaks up

Alexander Hanff 1

Been using Inkscape longer than I can remember - love it just installed 0.91 last week and it really is an improvement even though I loved the previous version.

0
0

Cheers Ireland! That sorts our Safe Harbour issues out – Dropbox

Alexander Hanff 1

Re: Frank

Absolutely correct, in the Microsoft case the DoJ is using the Stored Communications Act because it really is that easy for the US gov to demand data from US companies. Of course s215 of the PATRIOT Act could have been used as well and will probably be the instrument used in these situations where US companies are setting up subsidiaries in Europe (Twitter, Dropbox etc.) as it comes with a gag order.

I wrote about the situation here:

http://itsecurity.co.uk/2015/03/eu-data-centers-are-not-safe-from-us-surveillance/

The problem is there is a huge amount of mis-reporting on the issues in the general press and I am still trying to figure out if that is down to a lack of fact gathering or a vested interest to support the deceptions.

1
0
Alexander Hanff 1

Re: H4rm0ny

This is utter tosh - seriously. If the US gov approach Dropbox with a s215 order (which always comes with a gag attached) are you seriously going to tell me that the executives from Dropbox are going to refuse and go to jail instead? Don't be ridiculous.

This is a PR stunt and nothing more, it makes absolutely zero difference to the US surveillance machine being able to access that data. Furthermore, the Irish DPA can't do jack about it - they don't even have the power to issue fines/penalties.

Please go and educate yourself on the matter, it might save you the 5 minutes it took you to write that nonsense you wrote above.

1
0
Alexander Hanff 1

Makes ZERO difference to Surveillance

Dropbox irish company is a wholly owned subsidiary of Dropbox in the US as far as I can tell and as such PATRIOT and FISA still apply - US gov can force Dropbox to hand over data/give access to systems with the same secret court orders and gag orders as they could if the data was held in the US.

This is nothing but sleight of hand intended to mislead customers into thinking that their data will no longer be subject to US surveillance laws - it is wholly unethical and intentionally misleading. Personally I trust any company which uses such tactics even less than I trusted them before.

I recently wrote about the situation here:

http://itsecurity.co.uk/2015/04/is-twitter-misleading-its-users-on-data-protection/

I really wish the press would start to make this point clear in their articles - by failing to mention it they are basically complicit in the deception. It is poor reporting at the very least.

1
0

New EU security strategy: Sod cyber terrorism, BAN ENCRYPTION

Alexander Hanff 1

Evil Twin Router

everyone knows you need to be on the deep web via an evil twin router to buy a Kalashnikov!

0
0

Look out: That data protection watchdog can bite

Alexander Hanff 1

ICO's past behaviour may not be indicative of the future

One also needs to understand that under the new Regulation, it is highly likely the EU Commission will have the powers to intervene in situations where a DPA has not taken sufficient action in a case. This means that ICO are likely to take more action against the private sector than they have in the past, especially as they are probably the most complained about DPA in Europe.

In my experience of the EC, at least one situation involving the ICO became the second largest public complaint issue the Commission had ever handled and it is certainly likely based on my ongoing work in this arena, that the situation has not improved.

That said, even if ICO do not significantly increase their actions against the private sector, the Commission will soon be in a position to do something about it, directly. Therefore, it is advisable that the private sector start to take privacy and security matters more seriously - ICO may not be an ally they can hide behind for much longer.

3
0

LulzSec's Sabu hacked foreign gov sites while under FBI control – NYT

Alexander Hanff 1

I witnessed Sabu "persuading" people carry out criminal attacks on 3rd parties. I have given several statements to the press since his role as an FBI informer was made public. He was an agent provocateur pure and simple.

5
1

Whoever you vote for, Google gets in

Alexander Hanff 1

Re: So, the EFF gets donations from Google.

This is also a very valid point - I have sat in many a closed session where "civil society" representatives have not stood against industry when I felt they should. Inaction or staying quiet can be as harmful as actively supporting - in fact I would argue it can be even more harmful because if those calling the meeting don't even hear opposing views - how can they make balanced and objective decisions.

I have seen this so many times it makes my blood boil.

1
0
Alexander Hanff 1

Re: So, the EFF gets donations from Google.

You are asking the wrong question.

What you should be asking is how many consultations, roundtables, workshops, seminars and conferences have EFF attended as civil society and presented arguments which could be seen as favourable to Google.

For example, on Do Not Track, Behavioural Advertising etc. there have been a large number of closed session events with governments and regulators in Europe and the US where often these civil society NGOs offer a less than "privacy focused" opinion (I have personally witnessed this) and offer a more "compromising" position (such as supporting pseudonymous tracking etc.)

I am not saying EFF have been responsible for this type of behaviour but then I can't claim to have been to every closed event they have attended - I have however seen this from MANY civil society groups over the last 6 years and it infuriates me as an advocate.

Don't assume that an NGO or civil group posts everything they say on their web site - because they don't. There is a huge amount of dialog going on behind the scenes every single day that the public are not privy to. What you see published is usually just the tip of the iceberg - the real news is the backroom deals, compromises and incredibly subtle opinions which whilst coming from a civil society group are actually pro-industry.

5
1

UK.gov! frets! over! Yahoo! exodus! to! RIPA-free! Dublin!

Alexander Hanff 1

Erm no it doesn't...

"Ireland does not have a version of RIPA, but it is subject to the EU Data Retention Directive which requires all telcos and internet service providers to retain metadata on users phone calls, location (for mobile phones), and emails,"

No it doesn't - the Data Retention Directive requires Communications Service Providers to retain meta data of emails (which is different to ISPs) and is a loophole used by online services (web mail for example) to avoid metadata retention (the Netherlands is one very good example of where the law does not classify a CSP as an ISP).

1
0

British Pregnancy Advice Service fined £200k for Anon hack, data protection breaches

Alexander Hanff 1

Not condoning the breach but I do find David Smith's "Ignorance is no excuse" comment laughable. When Google were caught sniffing up everyone's wifi traffic with Streetview ICO's entire reason for NOT taking action was that Google claimed they were ignorant and that it was the work of a lone, rogue engineer.

So Mr Smith, perhaps you can tell us why a charity with limited funds to purchase a secure system and skilled IT administrators cannot use ignorance as an excuse but Google, a multi-billion dollar megacorp with some of the "best technical minds in the world" working for them are perfectly entitled to use ignorance as an excuse when they are caught intentionally capturing massive amounts of communications data?

Charity fined £200 000 for a stupid mistake which actually resulted in no harm and could end up shutting down a charity that helps pregnant women (a pretty important charity in my mind).

Google fined £0.00 for intentionally grabbing emails, web traffic, passwords, instant messages etc. etc. etc. so they can monetise that data through behavioural analytics. A company where even the maximum fine would have had absolutely zero impact on Google's operational abilities.

But then, I daresay ICO don't get kickbacks from BPAS like they do from Google and I doubt very much their senior executives are offered highly paid roles at BPAS unlike certain ICO staff who went on to work for Google.

2
1

Apple to grieving sons: NO, you cannot have access to your dead mum's iPad

Alexander Hanff 1

It is pretty obvious that the real reason Apple don't want to do this is because they are currently involved in a massive legal debate regarding inheritance of virtual goods purchased on iTunes. Apple don't want to be forced to allow those goods to be passed on because they stand to make more money if they aren't - they are arguing (along with other players in the industry) that only a license is purchased, not the item and therefore this cannot be legally passed on upon death.

A recent study I read (which I can't find at the moment but pretty sure I read about it here first) illustrated that even in the present day consumers digital media collections are growing in value to many thousands of dollars, which is expected to increase in the future. Apple and the entertainment industry in general, would much prefer that you can't include these virtual items in your estate when you die - for obvious reasons.

So, what we are seeing here isn't Apple being anal over security, it is Apple trying to block inheritance without making it look like that is what they are doing because to do so is likely to cause a shit storm and lead to changes in law to force them to allow it (under current laws they are not required to under the terms of the EULAs).

Feel free to disagree with me, but it seems pretty obvious to me.

2
0

The TRUTH about LEAKY, STALKING, SPYING smartphone applications

Alexander Hanff 1

Re: As a windows phone owner

You can turn it off but that doesn't stop 95% of apps asking for permission to use it even if it is turned off and if you say no, you cannot install the app. My understanding is that even if you have it turned off if you allow it for an app it is enabled for the app. I would be very happy to be proved wrong.

0
0
Alexander Hanff 1

Windows Phone

You should include stats for Windows Phone apps too if you can find them - in my experience every single app I wanted to install on Windows Phone required access to location and after researching this it turns out this is down to the advertising platforms that app developers are forced to use.

3
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017