home.social

#gdmr — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #gdmr, aggregated by home.social.

  1. RE: techhub.social/@Techmeme/11660

    Remember this whenever you hear claims that your data is secure on some system or other that you do not own and control.

    Like all that additional data governments want to gather via the slippery slope of “age verification” in the EU.

    The only data that is actually secure on a third party is data you haven’t shared with the third party.

    Hence: data minimisation.

    Had I mentioned GDMR yet today? Because I feel I might have. But hey, here it is again:

    ar.al/2018/11/29/gdmr-this-one

    #data #security #privacy #GDMR #microsoft #github #hack

  2. When you hear that someone is a “privacy professional”, you know two things about them:

    1. That they work in the field of privacy
    2. That someone pays them to do that

    So ask:

    Who is paying you?

    (Always follow the money.)

    Based on the answer, you’ll know whether their job is to protect your privacy or to find ways of legitimising their employer’s business model that’s predicated on violating your privacy.

    Also, ask yourself: who has the most money?

    Then you’ll know who can afford to hire the largest number of “privacy professionals.” Hint: trillion-dollar corporations are called trillion-dollar corporations for a reason.

    (Wait a minute, am I really saying that most “privacy professionals” are hired to help corporations violate your privacy, not protect it? That’s a yes.)

    Finally, have a little read up on “revolving doors” to understand that for some of these “privacy professionals”, a job is just a job and they will happily flip between the two because, really, it’s all just a game to some people when you have a certain level of privilege.

    I was once censured by the Nordic Privacy Arena – a conference that “aims to be part of the privacy professional’s journey” where I was presenting a keynote – for criticising the keynote by a Facebook employee (a lawyer who was a “privacy professional”). What was that Facebook employee’s previous job, you ask? Oh, he worked at the French data protection office (CNIL). And that, kids, is what we call a revolving door.

    (Last year, Nordic Privacy Arena had four speakers from Google as well as a speaker from Capgemini – whose US subsidiary has a contract to provide surveillance and tracking services to ICE* – and Salesforce**. Not to mention a representative from the Irish Data Protection Commission. You know, the folks who enforce GDPR to the extent that they’re sued by @noybeu to do so. If you don’t know how corrupt Ireland is on this, read the excerpt from the Facebook whistleblower’s book, Careless People, that I quote in this post: ar.al/2025/03/21/careless-peop)

    And none of this is going to change if we continue with the framing of “data protection”. We must make this whole business model illegal.

    We must go beyond GDPR to GDMR: General Data Minimisation Regulation.

    ar.al/2018/11/29/gdmr-this-one

    * surveillancewatch.io/entities/
    ** dpforum.se/nordic-privacy-aren

    #CPDP2026 #CPDP #NordicPrivacyArena #dataProtection #privacyWashing #institutionalCorruption #revolvingDoors #usefulIdiots #privacy #humanRights #GDPR #GDMR

  3. When you hear that someone is a “privacy professional”, you know two things about them:

    1. That they work in the field of privacy
    2. That someone pays them to do that

    So ask:

    Who is paying you?

    (Always follow the money.)

    Based on the answer, you’ll know whether their job is to protect your privacy or to find ways of legitimising their employer’s business model that’s predicated on violating your privacy.

    Also, ask yourself: who has the most money?

    Then you’ll know who can afford to hire the largest number of “privacy professionals.” Hint: trillion-dollar corporations are called trillion-dollar corporations for a reason.

    (Wait a minute, am I really saying that most “privacy professionals” are hired to help corporations violate your privacy, not protect it? That’s a yes.)

    Finally, have a little read up on “revolving doors” to understand that for some of these “privacy professionals”, a job is just a job and they will happily flip between the two because, really, it’s all just a game to some people when you have a certain level of privilege.

    I was once censured by the Nordic Privacy Arena – a conference that “aims to be part of the privacy professional’s journey” where I was presenting a keynote – for criticising the keynote by a Facebook employee (a lawyer who was a “privacy professional”). What was that Facebook employee’s previous job, you ask? Oh, he worked at the French data protection office (CNIL). And that, kids, is what we call a revolving door.

    (Last year, Nordic Privacy Arena had four speakers from Google as well as a speaker from Capgemini – whose US subsidiary has a contract to provide surveillance and tracking services to ICE* – and Salesforce**. Not to mention a representative from the Irish Data Protection Commission. You know, the folks who enforce GDPR to the extent that they’re sued by @noybeu to do so. If you don’t know how corrupt Ireland is on this, read the excerpt from the Facebook whistleblower’s book, Careless People, that I quote in this post: ar.al/2025/03/21/careless-peop)

    And none of this is going to change if we continue with the framing of “data protection”. We must make this whole business model illegal.

    We must go beyond GDPR to GDMR: General Data Minimisation Regulation.

    ar.al/2018/11/29/gdmr-this-one

    * surveillancewatch.io/entities/
    ** dpforum.se/nordic-privacy-aren

    #CPDP2026 #CPDP #NordicPrivacyArena #dataProtection #privacyWashing #institutionalCorruption #revolvingDoors #usefulIdiots #privacy #humanRights #GDPR #GDMR

  4. When you hear that someone is a “privacy professional”, you know two things about them:

    1. That they work in the field of privacy
    2. That someone pays them to do that

    So ask:

    Who is paying you?

    (Always follow the money.)

    Based on the answer, you’ll know whether their job is to protect your privacy or to find ways of legitimising their employer’s business model that’s predicated on violating your privacy.

    Also, ask yourself: who has the most money?

    Then you’ll know who can afford to hire the largest number of “privacy professionals.” Hint: trillion-dollar corporations are called trillion-dollar corporations for a reason.

    (Wait a minute, am I really saying that most “privacy professionals” are hired to help corporations violate your privacy, not protect it? That’s a yes.)

    Finally, have a little read up on “revolving doors” to understand that for some of these “privacy professionals”, a job is just a job and they will happily flip between the two because, really, it’s all just a game to some people when you have a certain level of privilege.

    I was once censured by the Nordic Privacy Arena – a conference that “aims to be part of the privacy professional’s journey” where I was presenting a keynote – for criticising the keynote by a Facebook employee (a lawyer who was a “privacy professional”). What was that Facebook employee’s previous job, you ask? Oh, he worked at the French data protection office (CNIL). And that, kids, is what we call a revolving door.

    (Last year, Nordic Privacy Arena had four speakers from Google as well as a speaker from Capgemini – whose US subsidiary has a contract to provide surveillance and tracking services to ICE* – and Salesforce**. Not to mention a representative from the Irish Data Protection Commission. You know, the folks who enforce GDPR to the extent that they’re sued by @noybeu to do so. If you don’t know how corrupt Ireland is on this, read the excerpt from the Facebook whistleblower’s book, Careless People, that I quote in this post: ar.al/2025/03/21/careless-peop)

    And none of this is going to change if we continue with the framing of “data protection”. We must make this whole business model illegal.

    We must go beyond GDPR to GDMR: General Data Minimisation Regulation.

    ar.al/2018/11/29/gdmr-this-one

    * surveillancewatch.io/entities/
    ** dpforum.se/nordic-privacy-aren

    #CPDP2026 #CPDP #NordicPrivacyArena #dataProtection #privacyWashing #institutionalCorruption #revolvingDoors #usefulIdiots #privacy #humanRights #GDPR #GDMR

  5. When you hear that someone is a “privacy professional”, you know two things about them:

    1. That they work in the field of privacy
    2. That someone pays them to do that

    So ask:

    Who is paying you?

    (Always follow the money.)

    Based on the answer, you’ll know whether their job is to protect your privacy or to find ways of legitimising their employer’s business model that’s predicated on violating your privacy.

    Also, ask yourself: who has the most money?

    Then you’ll know who can afford to hire the largest number of “privacy professionals.” Hint: trillion-dollar corporations are called trillion-dollar corporations for a reason.

    (Wait a minute, am I really saying that most “privacy professionals” are hired to help corporations violate your privacy, not protect it? That’s a yes.)

    Finally, have a little read up on “revolving doors” to understand that for some of these “privacy professionals”, a job is just a job and they will happily flip between the two because, really, it’s all just a game to some people when you have a certain level of privilege.

    I was once censured by the Nordic Privacy Arena – a conference that “aims to be part of the privacy professional’s journey” where I was presenting a keynote – for criticising the keynote by a Facebook employee (a lawyer who was a “privacy professional”). What was that Facebook employee’s previous job, you ask? Oh, he worked at the French data protection office (CNIL). And that, kids, is what we call a revolving door.

    (Last year, Nordic Privacy Arena had four speakers from Google as well as a speaker from Capgemini – whose US subsidiary has a contract to provide surveillance and tracking services to ICE* – and Salesforce**. Not to mention a representative from the Irish Data Protection Commission. You know, the folks who enforce GDPR to the extent that they’re sued by @noybeu to do so. If you don’t know how corrupt Ireland is on this, read the excerpt from the Facebook whistleblower’s book, Careless People, that I quote in this post: ar.al/2025/03/21/careless-peop)

    And none of this is going to change if we continue with the framing of “data protection”. We must make this whole business model illegal.

    We must go beyond GDPR to GDMR: General Data Minimisation Regulation.

    ar.al/2018/11/29/gdmr-this-one

    * surveillancewatch.io/entities/
    ** dpforum.se/nordic-privacy-aren

    #CPDP2026 #CPDP #NordicPrivacyArena #dataProtection #privacyWashing #institutionalCorruption #revolvingDoors #usefulIdiots #privacy #humanRights #GDPR #GDMR

  6. When you hear that someone is a “privacy professional”, you know two things about them:

    1. That they work in the field of privacy
    2. That someone pays them to do that

    So ask:

    Who is paying you?

    (Always follow the money.)

    Based on the answer, you’ll know whether their job is to protect your privacy or to find ways of legitimising their employer’s business model that’s predicated on violating your privacy.

    Also, ask yourself: who has the most money?

    Then you’ll know who can afford to hire the largest number of “privacy professionals.” Hint: trillion-dollar corporations are called trillion-dollar corporations for a reason.

    (Wait a minute, am I really saying that most “privacy professionals” are hired to help corporations violate your privacy, not protect it? That’s a yes.)

    Finally, have a little read up on “revolving doors” to understand that for some of these “privacy professionals”, a job is just a job and they will happily flip between the two because, really, it’s all just a game to some people when you have a certain level of privilege.

    I was once censured by the Nordic Privacy Arena – a conference that “aims to be part of the privacy professional’s journey” where I was presenting a keynote – for criticising the keynote by a Facebook employee (a lawyer who was a “privacy professional”). What was that Facebook employee’s previous job, you ask? Oh, he worked at the French data protection office (CNIL). And that, kids, is what we call a revolving door.

    (Last year, Nordic Privacy Arena had four speakers from Google as well as a speaker from Capgemini – whose US subsidiary has a contract to provide surveillance and tracking services to ICE* – and Salesforce**. Not to mention a representative from the Irish Data Protection Commission. You know, the folks who enforce GDPR to the extent that they’re sued by @noybeu to do so. If you don’t know how corrupt Ireland is on this, read the excerpt from the Facebook whistleblower’s book, Careless People, that I quote in this post: ar.al/2025/03/21/careless-peop)

    And none of this is going to change if we continue with the framing of “data protection”. We must make this whole business model illegal.

    We must go beyond GDPR to GDMR: General Data Minimisation Regulation.

    ar.al/2018/11/29/gdmr-this-one

    * surveillancewatch.io/entities/
    ** dpforum.se/nordic-privacy-aren

    #CPDP2026 #CPDP #NordicPrivacyArena #dataProtection #privacyWashing #institutionalCorruption #revolvingDoors #usefulIdiots #privacy #humanRights #GDPR #GDMR

  7. Ah, algorithmic transparency, what I told the European Parliament was the next step they should take after GDPR. Better six years late than never. Hey, maybe in another decade they’ll even consider implementing a General Data Minimisation Regulation (GDMR).

    ar.al/2019/11/29/the-future-of

    ar.al/2018/11/29/gdmr-this-one

    #regulation #EU #GDPR #GDMR #algorithmicTransparency #dataMinimisation mamot.fr/@davduf/1138450603260

  8. Ah, algorithmic transparency, what I told the European Parliament was the next step they should take after GDPR. Better six years late than never. Hey, maybe in another decade they’ll even consider implementing a General Data Minimisation Regulation (GDMR).

    ar.al/2019/11/29/the-future-of

    ar.al/2018/11/29/gdmr-this-one

    #regulation #EU #GDPR #GDMR #algorithmicTransparency #dataMinimisation mamot.fr/@davduf/1138450603260

  9. Ah, algorithmic transparency, what I told the European Parliament was the next step they should take after GDPR. Better six years late than never. Hey, maybe in another decade they’ll even consider implementing a General Data Minimisation Regulation (GDMR).

    ar.al/2019/11/29/the-future-of

    ar.al/2018/11/29/gdmr-this-one

    #regulation #EU #GDPR #GDMR #algorithmicTransparency #dataMinimisation mamot.fr/@davduf/1138450603260

  10. Ah, algorithmic transparency, what I told the European Parliament was the next step they should take after GDPR. Better six years late than never. Hey, maybe in another decade they’ll even consider implementing a General Data Minimisation Regulation (GDMR).

    ar.al/2019/11/29/the-future-of

    ar.al/2018/11/29/gdmr-this-one

    #regulation #EU #GDPR #GDMR #algorithmicTransparency #dataMinimisation mamot.fr/@davduf/1138450603260

  11. Ah, algorithmic transparency, what I told the European Parliament was the next step they should take after GDPR. Better six years late than never. Hey, maybe in another decade they’ll even consider implementing a General Data Minimisation Regulation (GDMR).

    ar.al/2019/11/29/the-future-of

    ar.al/2018/11/29/gdmr-this-one

    #regulation #EU #GDPR #GDMR #algorithmicTransparency #dataMinimisation mamot.fr/@davduf/1138450603260

  12. @baldur “I have become increasingly convinced the best legal solution is one which creates a framework limiting the scope of data collection, restricting it to only that which is necessary to perform user-selected tasks, and preventing mass retention of bulk data.”

    Almost like we need a General Data Minimisation Regulation or something… 🤔

    ar.al/2018/11/29/gdmr-this-one

    As presented at the EU parliament:

    ar.al/2019/11/29/the-future-of

    #GDMR

  13. “Data protection” is a joke and you’re the punchline.

    “Data protection” assumes that data is collected to begin with and that that’s just “how things are.” It makes no attempt to change that.

    What you’re looking for is data minimisation.

    ar.al/2018/11/29/gdmr-this-one

    #dataMinimisation #gdmr