toad.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mastodon server operated by David Troy, a tech pioneer and investigative journalist addressing threats to democracy. Thoughtful participation and discussion welcome.

Administered by:

Server stats:

218
active users

#CPRA

0 posts0 participants0 posts today
Chula Vista Live Data<p>Drone Footage Drama: Public Demand Ignored?! You Won't Believe This! Uncover the drone footage debate! We address public concerns over CPRA requests, shedding light on transparency and accountability. Explore the complexities of drone footage release and its impact on privacy and public interest. Join our discussion! <a href="https://mastodon.social/tags/DroneFootage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DroneFootage</span></a> <a href="https://mastodon.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> <a href="https://mastodon.social/tags/Transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Transparency</span></a> <a href="https://mastodon.social/tags/Accountability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Accountability</span></a> <a href="https://mastodon.social/tags/PublicInterest" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PublicInterest</span></a> <a href="https://mastodon.social/tags/PrivacyConcerns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PrivacyConcerns</span></a> <a href="https://mastodon.social/tags/GovernmentOversight" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GovernmentOversight</span></a> <a href="https://mastodon.social/tags/OpenData" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenData</span></a> <a href="https://mastodon.social/tags/CivilRights" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CivilRights</span></a> <a href="https://mastodon.social/tags/Surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Surveillance</span></a>https://<a href="https://ift.tt/lBjOUmy" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">ift.tt/lBjOUmy</span><span class="invisible"></span></a></p>
Michael Veale<p>California privacy enforcement now getting interesting with firms being ordered to take responsibility for their dodgy third party privacy tools, and not to require malicious verification for opt outs <a href="https://www.mondaq.com/unitedstates/privacy-protection/1621972/california-privacy-protection-agency-enters-stipulated-final-order-regarding-dsar-process" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mondaq.com/unitedstates/privac</span><span class="invisible">y-protection/1621972/california-privacy-protection-agency-enters-stipulated-final-order-regarding-dsar-process</span></a> <a href="https://someone.elses.computer/tags/ccpa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ccpa</span></a> <a href="https://someone.elses.computer/tags/cpra" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cpra</span></a></p>
Eric Goldman<p>ICYMI: the CA Privacy Protection Agency proposed regulations that will cost the California economy billions of dollars and tens of thousands of jobs, but it's OK because entrepreneurs eventually will create billions of dollars and hundreds of thousands of jobs helping companies comply with those regulations 🤷‍♂️ <a href="https://techpolicy.social/tags/CCPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCPA</span></a> <a href="https://techpolicy.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> <a href="https://cppa.ca.gov/regulations/pdf/ccpa_updates_cyber_risk_admt_ins_notice.pdf" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cppa.ca.gov/regulations/pdf/cc</span><span class="invisible">pa_updates_cyber_risk_admt_ins_notice.pdf</span></a></p>
Don Marti<p>The <a href="https://federate.social/tags/California" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>California</span></a> <a href="https://federate.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> Protection Agency is <a href="https://federate.social/tags/hiring" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hiring</span></a> a "Research Technologist - Enforcement Division" to, among other things, "research privacy-related business practices to support investigations and enforcement actions"</p><p>(please, one of my followers on here go get this job. So many <a href="https://federate.social/tags/CCPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCPA</span></a> and <a href="https://federate.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> violations out there, this will be a much more rewarding use of your skills than <a href="https://federate.social/tags/growthHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>growthHacking</span></a> and <a href="https://federate.social/tags/darkPatterns" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>darkPatterns</span></a>)</p><p><a href="https://calcareers.ca.gov/CalHrPublic/Jobs/JobPosting.aspx?JobControlId=457993" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">calcareers.ca.gov/CalHrPublic/</span><span class="invisible">Jobs/JobPosting.aspx?JobControlId=457993</span></a></p>
Skip Lacaze<p><span class="h-card" translate="no"><a href="https://mastodon.social/@mattsheffield" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mattsheffield</span></a></span> It’s unlikely that emails of this nature would be subject to state or federal public records laws unless they involve failure to obey the <a href="https://sfba.social/tags/HatchAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HatchAct</span></a> or the use of government-owned equipment or email accounts. They should just instruct their followers to obey the law and the regulations of their departments. If they are involved in illegal acts, such as insurrection, they have to worry about search warrants and such, of course. <a href="https://sfba.social/tags/FOIA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOIA</span></a> <a href="https://sfba.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a></p>
Global News Canada<p>Fort Macleod marks 150th anniversary with return of pro rodeo<br>After a 43-year hiatus, the Midnight Days Pro Rodeo made its return to the Midnight Stadium in Fort Macleod, just in time for the town's 150th anniversary celebration.<br><a href="https://mastodon.hongkongers.net/tags/globalnews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>globalnews</span></a> <a href="https://mastodon.hongkongers.net/tags/Canada" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Canada</span></a> <a href="https://mastodon.hongkongers.net/tags/Entertainment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Entertainment</span></a> <a href="https://mastodon.hongkongers.net/tags/Agriculture" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Agriculture</span></a> <a href="https://mastodon.hongkongers.net/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> <br><a href="https://globalnews.ca/news/10590505/fort-macleod-marks-150th-anniversary-with-return-of-pro-rodeo/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">globalnews.ca/news/10590505/fo</span><span class="invisible">rt-macleod-marks-150th-anniversary-with-return-of-pro-rodeo/</span></a></p>
Patrick Townsend<p>GDPR and the Right To Be Forgotten (RTBF) and other Rights<br>&nbsp;<br>A bit of a longer read.<br>&nbsp;<br>I recently had the opportunity to engage a bit here on Mastodon on the question of data privacy and the EU General Data Protection Regulation (GDPR). I’ve had a chance to think about this a bit more and am providing the following thoughts. This is not a complete analysis of data privacy under GDPR, but I hope it will be helpful for organizations or agencies who fall under this regulation. I appreciate those who commented previously (references below).<br>&nbsp;<br>First, some disclaimers:<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I am not a lawyer. I recommend you talk to one if you are developing software that handles private information or are simply storing or sharing private information.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I have read the entire GDPR and recitals, but I am not current on recent legal refinements.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I have also read other data compliance regulations such as CCPA and at one point I read all of the data privacy regulations of all 50 US states.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Why did I do this? My company was subject to GDPR and a number of other privacy regulations and we were selling a data security solution. Our customers had a reasonable expectation that we would help them meet compliance regulations.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; We developed internal policies and procedures to comply with GDPR.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; We honored all GDPR requests related to RTBF.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; We consciously designed systems that supported and enabled GDPR compliance.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; We invested in and partnered with a blockchain start up and designed and developed for IPFS.<br>&nbsp;<br>Some definitions might be helpful. GDPR refers to individuals (individual people like you and me) as Data Subjects. The rights granted are granted to individual users and consumers. Organizations that collect private information about Data Subjects are Data Controllers. When we stored information in our CRM we were a Data Controller as defined by GDPR. It takes a bit of reading to get used to these definitions, but they are fairly straightforward.<br>&nbsp;<br>Context is important when understanding a regulation like GDPR.<br>&nbsp;<br>I benefited from my time living in and starting a business in Europe (West Germany, in the 1980s). This part of the world had experienced unspeakable horrors during WWII and were living very close to the repression that existed just across the border in eastern Europe. Repressive regimes abuse confidential information and weaponize secrecy in order to exert control over others. My colleagues from Germany, Italy, France, the UK and Poland understood this in a fundamental, human way. I see GDPR as a natural expression of their desire to protect their nations, their communities, their families and themselves. This is why I deeply respect the EU’s right to promulgate these privacy regulations.<br>&nbsp;<br>Under GDPR the individual becomes the ultimate owner of their private information. There is no implied ability of a Data Controller to override that right (with some exceptions, see below), or to assume that any rights granted to a Data Controller by an individual are permanent and immutable. An individual can give a Data Controller permission to store their private information, and, importantly, an individual can revoke that permission. This is a fundamental difference with how we in the US tend to think of privacy. It is very important to fully grasp this concept if you are planning to do business in the EU.<br>&nbsp;<br>The Right To Be Forgotten (sometimes called the Right To Deletion) gives the individual the right to ask for their data to be removed from a Data Controller’s system and for that to occur in a timely fashion. But it is only one right defined under GDPR. There are others:<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Right to opt in or out of data sharing.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Right to change data sharing permissions.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Right to know with whom data has been shared.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Right to correct data.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Right to assume data is pseudonymized, usually with encryption.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Right to be informed in a timely way of any data beach.<br>&nbsp;<br>This is not a complete list of the rights and responsibilities conferred under GDPR, but these are probably the most well-known, and probably where many organizations fail to implement proper controls.<br>&nbsp;<br>Of course, there are exceptions to data privacy rights under GDPR. Some of them are:<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Legal requirements to retain data (tax history, etc.).<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Some freedom of information requirements.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Some public knowledge aspects.<br>-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; General public health and safety.<br>&nbsp;<br>Please note that GDPR does not provide an exception to the rules because your technology prevents you from meeting RTBF deletion requests (looking at you, blockchain and IPFS). There is no programming around these requirements and clever developers do not get a magical pass to ignore them.<br>&nbsp;<br>It is also important to understand that RTBF is still being refined. This is a bubbling pot of legal activity. In my opinion the direction seems to be in favor of protecting Data Subject’s privacy rights and enforcing RTBF.<br>&nbsp;<br>GDPR applies to the EU countries and to anyone doing business in the EU. There are lots of other privacy regulations that are similar to GDPR. In the US, there is the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act of 2020 (CPRA). The UK, Australia, New Zealand and many other countries also have privacy regulations that are similar in intent. Once you start absorbing the requirements of these regulations you start to think of private information in a new way.<br>&nbsp;<br>Ok, now for some recommendations:<br>&nbsp;<br>If you are a software developer creating that killer app and the next big Unicorn, build in GDPR support right from the beginning. We know how difficult it is to “bolt on” security after the fact. It is equally hard to re-engineer applications to meet GDPR. So, get it right from the beginning and avoid some angst as you approach an IPO or a global rollout.<br>&nbsp;<br>If you are a business and have dreams of scaling your business beyond your local community, think about how you collect, store and share information about individual consumers. It is almost certain you are going to run into some flavor of GDPR at some point and you will want to be prepared. If you are not covered by GDPR, CCPA or other privacy regulations now, you may soon be.<br>&nbsp;<br>If you are using social media platforms as a part of your marketing strategy (who isn’t ???) be sure you understand how your social media provider meets GDPR. Sharing sensitive data with social media and big data brokers can be a GDPR nightmare. Make sure your social media partner has processes in place to meet GDPR data deletion requests.<br>&nbsp;<br>It was previously mentioned here that developer tools like git and Gitlab would likely not come under GDPR controls. I think the point was that tools like git and Gitlab are not typically used to collect information on individuals, and I think that is correct. It is not that GDPR exempts developer tools from its compliance scheme (it doesn’t), it is just that it is rare to use developer tools to store a lot of personal information. One caution: be careful about test data that you might store as a part of automated testing routines. Don’t store test data with information about real people! Anonymize or tokenize the data before adding it to git.<br>&nbsp;<br>What about Web3 technologies?<br>&nbsp;<br>Web3 technologies like blockchain and IPFS can make it extremely difficult (nearly impossible) to meet GDPR requirements for RTBF. If your application ingests data to blockchains and/or IPFS, or provides a public gateway to allow this type of data ingestion, I would recommend implementing application logic to prevent sensitive personal data from being added. I’ve built blockchain and IPFS applications and there is no effective delete function. If you have to store sensitive data, I would recommend against using these technologies.<br>&nbsp;<br>Lastly, remember that you will probably need proper legal advice (that is not me!) related to GDPR and other compliance regulations. Governance and compliance are proper components of a business plan and software design process.<br>&nbsp;<br>Here are some resources that may be helpful:<br>&nbsp;<br>EU General Data Protection Regulation (lots of resources here):<br><a href="https://gdpr.eu/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gdpr.eu/</span><span class="invisible"></span></a><br><a href="https://gdpr.eu/right-to-be-forgotten/?cn-reloaded=1" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gdpr.eu/right-to-be-forgotten/</span><span class="invisible">?cn-reloaded=1</span></a><br>&nbsp;<br>EU General Data Protection Regulation recitals:<br><a href="https://gdpr-info.eu/recitals/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gdpr-info.eu/recitals/</span><span class="invisible"></span></a><br>&nbsp;<br>California Consumer Privacy Act:<br><a href="https://oag.ca.gov/privacy/ccpa" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">oag.ca.gov/privacy/ccpa</span><span class="invisible"></span></a><br>&nbsp;<br>The newer California Privacy Regulation Act (If you enjoy reading legislation – I do!). Not the official site and be aware that CPRA is still undergoing implementation discussion:<br><a href="https://thecpra.org/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">thecpra.org/</span><span class="invisible"></span></a><br>&nbsp;<br>UK Data Protection Law. Good resources here:<br><a href="https://ico.org.uk/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">ico.org.uk/</span><span class="invisible"></span></a><br>&nbsp;<br>Acknowledgements and appreciation:<br>&nbsp;<br>Demi Marie Obenour (<span class="h-card" translate="no"><a href="https://infosec.exchange/@alwayscurious" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>alwayscurious</span></a></span>)<br>Gabriel Svelto (@gabrielesvelto)<br>Andi McClure (@mcc)<br>And many others!<br>&nbsp;<br><a href="https://infosec.exchange/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> <a href="https://infosec.exchange/tags/CCPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCPA</span></a> <a href="https://infosec.exchange/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> <a href="https://infosec.exchange/tags/Compliance" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Compliance</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://infosec.exchange/tags/BlockChain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BlockChain</span></a> <a href="https://infosec.exchange/tags/IPFS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IPFS</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/SoftwareDevelopment" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareDevelopment</span></a> <a href="https://infosec.exchange/tags/Programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Programming</span></a><br>&nbsp;</p>
Adrian Riskin 🇵🇸🍉<p>An excellent article by Maylin Tu on how to use the California Public Records Act in Los Angeles. (I'm quoted!)</p><p><a href="https://kolektiva.social/tags/LosAngeles" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LosAngeles</span></a> <a href="https://kolektiva.social/tags/PublicRecords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PublicRecords</span></a> <a href="https://kolektiva.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> <a href="https://kolektiva.social/tags/CaliforniaPublicRecordsAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CaliforniaPublicRecordsAct</span></a> <a href="https://kolektiva.social/tags/California" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>California</span></a> <a href="https://kolektiva.social/tags/LAPublicPress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LAPublicPress</span></a> <a href="https://kolektiva.social/tags/MaylinTu" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MaylinTu</span></a></p><p><a href="https://lapublicpress.org/2024/03/anyone-can-file-a-public-records-request-in-la-heres-how-to-file-yours/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lapublicpress.org/2024/03/anyo</span><span class="invisible">ne-can-file-a-public-records-request-in-la-heres-how-to-file-yours/</span></a></p>
Tracy Rosenberg<p>Appeals court overturns lower court ruling and says the California Privacy Rights Act can be enforced starting now. <a href="https://sfba.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> <a href="https://sfba.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://www.sfchronicle.com/politics/article/prop-24-data-privacy-18659367.php" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">sfchronicle.com/politics/artic</span><span class="invisible">le/prop-24-data-privacy-18659367.php</span></a>?</p>
Lydia F De la Torre<p>The preliminary rulemaking comments on cybersecurity audits, risk assessments, and automated decisionmaking are now available on the <a href="https://sfba.social/tags/CPPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPPA</span></a> </p><p>We greatly appreciate the public’s participation and input during the public comment period.&nbsp;&nbsp; </p><p><a href="https://sfba.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://sfba.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> <a href="https://sfba.social/tags/ccpa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ccpa</span></a> <a href="https://sfba.social/tags/california" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>california</span></a> </p><p><a href="https://cppa.ca.gov/regulations/pre_rulemaking_activities_pr_02-2023.html" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cppa.ca.gov/regulations/pre_ru</span><span class="invisible">lemaking_activities_pr_02-2023.html</span></a></p>
Lydia F De la Torre<p>The <a href="https://sfba.social/tags/California" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>California</span></a> Office of Administrative Law has approved the new <a href="https://sfba.social/tags/CCPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCPA</span></a> Regulations. The approved regulations update existing CCPA regulations to harmonize them with amendments adopted pursuant to <a href="https://sfba.social/tags/Proposition24" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Proposition24</span></a>, the California <a href="https://sfba.social/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> Rights Act <a href="https://sfba.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a>; operationalize new rights and concepts introduced by the CPRA to provide clarity and specificity to implement the law; and reorganize and consolidate requirements set forth in the law to make the regulations easier to follow and understand.</p><p><a href="https://sfba.social/tags/privacymatters" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacymatters</span></a> </p><p><a href="https://cppa.ca.gov/announcements/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">cppa.ca.gov/announcements/</span><span class="invisible"></span></a></p>
Laure<p><span class="h-card"><a href="https://mastodon.lawprofs.org/@ericgoldman" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ericgoldman</span></a></span> I for one am effin happy. More please! <a href="https://federate.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> <a href="https://federate.social/tags/cppa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cppa</span></a> <a href="https://federate.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p>
Adrian Riskin 🇵🇸🍉<p>LAPD accidentally releases undercover cop photos in response to a public records request and now they're available on Stop LAPD Spying's website!</p><p>Here's the story in the LA Times: <a href="https://www.latimes.com/california/story/2023-03-21/los-angeles-police-accidentally-release-photos-of-undercover-officers-to-watchdog-website" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">latimes.com/california/story/2</span><span class="invisible">023-03-21/los-angeles-police-accidentally-release-photos-of-undercover-officers-to-watchdog-website</span></a></p><p>Here's the website in question: <a href="https://watchthewatchers.net/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">watchthewatchers.net/</span><span class="invisible"></span></a></p><p><a href="https://kolektiva.social/tags/StopLAPDSpying" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StopLAPDSpying</span></a> <a href="https://kolektiva.social/tags/LAPD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LAPD</span></a> <a href="https://kolektiva.social/tags/LATimes" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LATimes</span></a> <a href="https://kolektiva.social/tags/FacialRecognition" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FacialRecognition</span></a> <a href="https://kolektiva.social/tags/ACAB" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ACAB</span></a> <a href="https://kolektiva.social/tags/UndercoverCops" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UndercoverCops</span></a> <a href="https://kolektiva.social/tags/PublicRecords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PublicRecords</span></a> <a href="https://kolektiva.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> <a href="https://kolektiva.social/tags/LosAngeles" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LosAngeles</span></a></p>
Don Marti<p><span class="h-card"><a href="https://mastodon.laurenweinstein.org/@lauren" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lauren</span></a></span> <span class="h-card"><a href="https://mastodon.social/@ocdtrekkie" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>ocdtrekkie</span></a></span> That's a good point, and helps explain why people vote for privacy laws like <a href="https://federate.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> (Prop. 24) that require companies to respect global privacy controls and authorized agents. Even if every surveillance company maintained a friendly Google-like form that only took a few minutes to figure out, the time commitment would be unrealistic for most people.</p>
Don Marti<p>bad news: the <a href="https://federate.social/tags/Virginia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Virginia</span></a> <a href="https://federate.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> law that goes into effect tomorrow was weakened by surveillance lobbyists</p><p>good news: most companies don't have enough developers to do another code path just for Virginia--so we just add "and Virginia" to the <a href="https://federate.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> compliance project and call it good</p><p><a href="https://www.reuters.com/investigates/special-report/amazon-privacy-lobbying/" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">reuters.com/investigates/speci</span><span class="invisible">al-report/amazon-privacy-lobbying/</span></a></p>
Don Marti<p>Hope they either get around to back-porting this fix to California <a href="https://federate.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> regs, or that the surveillance companies figure it's not worth it to maintain both understandable RtKs for Colorado and mysterious alphanumeric codes for California</p>
Don Marti<p>the big news from this <a href="https://federate.social/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> case is not the money—it's the documents. </p><p>It's now on record that the company is violating California's <a href="https://federate.social/tags/CCPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCPA</span></a> + <a href="https://federate.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> by failing to disclose inferred data. Adding all the inferred columns about you to your "Download Your Information" file will be a big project</p><p><a href="https://www.theverge.com/2022/12/23/23523862/meta-cambridge-analytica-class-action-lawsuit-settlement-725-million" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theverge.com/2022/12/23/235238</span><span class="invisible">62/meta-cambridge-analytica-class-action-lawsuit-settlement-725-million</span></a></p><p><a href="https://federate.social/tags/meta" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>meta</span></a> <a href="https://federate.social/tags/endSurveillanceCapitalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>endSurveillanceCapitalism</span></a></p>
Don Marti<p>From the <a href="https://federate.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> tools news department...</p><p><a href="https://federate.social/tags/ConsumerReports" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConsumerReports</span></a> has launched Permission Slip -- an <a href="https://federate.social/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iOS</span></a> app for <a href="https://federate.social/tags/CCPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CCPA</span></a> / <a href="https://federate.social/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> opt-outs and deletes.</p><p>"With a tap, you can tell a company to stop selling your data or to delete your data entirely."</p><p><a href="https://digital-lab.consumerreports.org/2022/11/16/introducing-permission-slip/" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">digital-lab.consumerreports.or</span><span class="invisible">g/2022/11/16/introducing-permission-slip/</span></a></p>
Cyrus Farivar 🔥📰🖖🏽🚴🏼🏕️<p>Hello, world. Consider this my <a href="https://journa.host/tags/introduction" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>introduction</span></a>.</p><p>I’ve been a reporter for nearly 20 years. Have written for everyone from Macworld to NYT (I wrote the first-ever article for NYT on podcasts back in 2004!) to Slate to The Economist to NPR to staff jobs at Ars Technica, then NBC, and now to Forbes.</p><p>When I’m not journalizing, I’m probably riding my bike (yo, <a href="https://journa.host/tags/biketooter" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>biketooter</span></a>!), yammering about <a href="https://journa.host/tags/startrek" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>startrek</span></a>, or contemplating my next <a href="https://journa.host/tags/FOIA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FOIA</span></a> or <a href="https://journa.host/tags/CPRA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPRA</span></a> request from beautiful <a href="https://journa.host/tags/Oakland" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Oakland</span></a> , <a href="https://journa.host/tags/California" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>California</span></a>.</p>