Tag Archives: GDPR

October 10, 2025 · 20:54

Under Conceptual Construction

I just got hit with an idea (as ideas go). You see, I am from the world of Business Intelligence and Market Research and and idea just hit me. The setting is that data tends to be ‘humanized’, but what if it wasn’t? That is the central setting because the European GDPR has laws in place and I just thought of a way ‘around’ it. So take a setting where any MR firm requires data, but they cannot get that data because of the GDPR ‘complications’, so what is the actual issue? That doesn’t matter because Amazon, Google, IBM, Oracle and Snowflake have a way around that (Well a few more, but they do not matter). So take the next image

We have three top line population and it could be set to anyone (in that area) and as we set that population they are created a nearly unique number and never repetitive and that population gets exported, the numbers are. The MR people on the right get that number they populate the questionnaire(s) and it is send pack to the people on the left. Then that group sends out the questionnaires, the data is collected and send back to the group on the right. I reckon that this would be a nice challenge for Amazon and Snowflake I reckon. This might become an entire business unit and with privacy laws as they are placed in Europe, there might be a larger interest to seek such services. No hidden settings and all at the customers need and the consumers willingness to comply. I reckon that this might work, because as I see it, these Market Research people will see a dwindling of panel populations rather quickly in the next few years and then? Well, it would be up to them to think of a new setting, in the meantime I came up with this idea. And feel free to shoot it down straight off the bat and that is fine. As I said, it was just an idea grabbing me and as I was contemplating other venues. For that matter, how many interested parties would that bring in the Middle East and the Far East? 

Good business is all where you find it and I think I found a population and an optionally interested partner. The question now becomes can these so called ‘Agentic AI Pushers’ see the setting that is offered to them and can it pass the General Data Protection Regulation requirements? If so, we are in business. Just another idea from yours truly. Time to create another gaming IP I reckon, time to flex that grey matter under my skullcap.

Have a great day (again).

1 Comment

Filed under Finance, IT, Science

Tagged as , , , , , , , , , , , , , ,

July 25, 2025 · 14:19

Where should we look?

That is at times the issue, I would add to this “especially when we consider corporations the size of Microsoft” but this is nothing directly on Microsoft (I emphasize this as I have been dead set against some ‘issues’ Microsoft dealt us to). This is different and I have two articles that (to some aspect) overlap, but they are not the same and overlap should be subjectively seen.

The first one is BBC (at https://www.bbc.com/news/articles/c4gdnz1nlgyo) where we see ‘Microsoft servers hacked by Chinese groups, says tech giant’ where the first thought that overwhelmed me was “Didn’t you get Azure support arranged through China?” But that is in the back of my mind. We are given “Chinese “threat actors” have hacked some Microsoft SharePoint servers and targeted the data of the businesses using them, the firm has said. China state-backed Linen Typhoon and Violet Typhoon as well as China-based Storm-2603 were said to have “exploited vulnerabilities” in on-premises SharePoint servers, the kind used by firms, but not in its cloud-based service.” I am wondering about the quote “not in its cloud-based service” I have questions, but I am not doubting the quote. To doubt it, one needs to have in-depth knowledge and be deeply versed in Azure and I am not one of these people. As I personally see it, if one is transgressed upon, the opportunity rises to ‘infect’ both, but that might be my wrong look on this. So as we are given ““China firmly opposes and combats all forms of cyber attacks and cyber crime,” China’s US embassy spokesman said in a statement. “At the same time, we also firmly oppose smearing others without solid evidence,” continued Liu Pengyu in the statement posted on X. Microsoft said it had “high confidence” the hackers would continue to target systems which have not installed its security updates.” This makes me think about the UN/USA attack on Saudi Arabia regarding that columnist no one cares about, giving us the ‘high confidence’ from the CIA. It sounds like the start of a smear campaign. If you have evidence, present the evidence. If not, be quiet (to some extent). 

We then get someone who knows what he in talking about “Charles Carmakal, chief technology officer at Mandiant Consulting firm, a division of Google Cloud, told BBC News it was “aware of several victims in several different sectors across a number of global geographies”. Carmakal said it appeared that governments and businesses that use SharePoint on their sites were the primary target.” This is where I got to thinking, what is the problem with Sharepoint? And when we consider  the quote “Microsoft said Linen Typhoon had “focused on stealing intellectual property, primarily targeting organizations related to government, defence, strategic planning, and human rights” for 13 years. It added that Violet Typhoon had been “dedicated to espionage”, primarily targeting former government and military staff, non-governmental organizations, think tanks, higher education, the media, the financial sector and the health sector in the US, Europe, and East Asia.

It sounds ‘nice’ but it flows towards the thoughts like “related to government, defence, strategic planning, and human rights” for 13 years”, so were was the diligence to preventing issues with Sharepoint and cyber crime prevention? So consider that we are given “SharePoint hosts OneDrive for Business, which allows storage and synchronization of an individual’s personal work documents, as well as public/private file sharing of those documents.” That quote alone should have driven the need for much higher Cyberchecks. And perhaps they were done, but as I see it, it has been an unsuccessful result. It made me (perhaps incorrectly) think so many programs covering Desktops, Laptops, tablets and mobiles over different systems a lot more cyber requirements should have been in place and perhaps they are, but it is not working and as I see, it as this solution has been in place for close to 2 decades, the stage of 13 years of attempted transgression, the solution does not seem to be safe. 

And the end quote “Meanwhile, Storm-2603 was “assessed with medium confidence to be a China-based threat actor””, as such, we stopped away from ‘high confidence’ making this setting a larger issue. And my largest issue is when you look to find “Linen Typhoon” you get loads of links, most of them no older than 5 days. If they have been active for 13 years. I should have found a collection of articles close to a decade old, but I never found them. Not in over a dozen of pages of links. Weird, isn’t it? 

The next part is one that comes from TechCrunch (at https://techcrunch.com/2025/07/22/google-microsoft-say-chinese-hackers-are-exploiting-sharepoint-zero-day/) where we are given ‘Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day’ and this is important as a zero-day, which means “The term “zero-day” originally referred to the number of days since a new piece of software was released to the public, so “zero-day software” was obtained by hacking into a developer’s computer before release. Eventually the term was applied to the vulnerabilities that allowed this hacking, and to the number of days that the vendor has had to fix them.” This implies that this issue has been in circulation for 23 years. And as this implies that there is a much larger issue as the software solution os set over iOS, Android and Windows Server. Microsoft was eager to divulge that this solution is ‘available’ to over 200 million users as of December 2020. As I see it, the danger and damage might be spread by a much larger population. 

Part of the issues is that there is no clear path of the vulnerability. When you consider the image below (based on a few speculations on how the interactions go) 

I get at least 5 danger points and if there a multiple servers involved, there will be more and as we are given “According to Microsoft, the three hacking groups were observed exploiting the zero-day vulnerability to break into vulnerable SharePoint servers as far back as July 7. Charles Carmakal, the chief technology officer at Google’s incident response unit Mandiant, told TechCrunch in an email that “at least one of the actors responsible” was a China-nexus hacking group, but noted that “multiple actors are now actively exploiting this vulnerability.”” I am left with questions. You see, when was this ‘zero day’ exploit introduced? If it was ‘seen’ as per July 7, when was the danger in this system solution? There is also a lack in the BBC article as to properly informing people. You cannot hit Microsoft with a limited information setting when the stakes are this high. Then there is the setting of what makes Typhoon sheets (linen) and the purple storm (Violet Typhoon) guilty as charged (charged might be the wrong word) and what makes the March 26th heavy weather guilty? 

I am not saying they cannot be guilty, I am seeing a lack of evidence. I am not saying that the people connecting should ‘divulge’ all, but more details might not be the worst idea. And I am not blaming Microsoft here. I get that there is (a lot) more than meets the eye (making Microsoft a Constructicon) But the lack of information makes the setting one of misinformation and that needs to be said. The optional zero day bug is one that is riddles of missing information. 

So then we get to the second article which also comes from the BBC (at https://www.bbc.com/news/articles/czdv68gejm7o) given us ‘OpenAI and UK sign deal to use AI in public services’ where we get “OpenAI, the firm behind ChatGPT, has signed a deal to use artificial intelligence (AI) to increase productivity in the UK’s public services, the government has announced. The agreement signed by the firm and the science department could give OpenAI access to government data and see its software used in education, defence, security, and the justice system.”  Microsoft put billions into this and this is a connected setting. How long until the personal data of millions of people will be out in the open for all kinds of settings? 

So as we are given “But digital privacy campaigners said the partnership showed “this government’s credulous approach to big tech’s increasingly dodgy sales pitch”. The agreement says the UK and OpenAI may develop an “information sharing programme” and will “develop safeguards that protect the public and uphold democratic values”.” So, data sharing? Why not get another sever setting and the software solution is also set to the government server? When you see some sales person give you that there will be ‘additional safeties installed’ know that you are getting bullshitted. Microsoft made similar promises in 2001 (code red) and even today the systems are still getting traversed on and those are merely the hackers. The NSA and other America governments get near clean access to all of it and that is a problem with American based servers and still here, there is only so much that the GDPR (General Data Protection Regulation) allows for and I reckon that there are loopholes for training data and as such I reckon that the people in the UK will have to set a name and shame setting with mandatory prosecution for anyone involved with this caper going all the way up to Prime Minister Keir Starmer. So when you see mentions like ““treasure trove of public data” the government holds “would be of enormous commercial value to OpenAI in helping to train the next incarnation of ChatGPT”” I would be mindful to hand or give access to this data and not let it out of your hands. 

This link between the two is now clear. Data and transgressions have been going on since before 2001 and the two settings when data gets ‘trained’ we are likely to see more issues and when Prime Minister Keir Starmer goes “were sorry”, you better believe that the time has come to close the tap and throw Microsoft out of the windows in every governmental building in the Commonwealth. I doubt this will be done as some sales person will heel over like a little bitch and your personal data will become the data of everyone who is mentionable and they will then select the population that has value for commercial corporations and the rest? The rest will become redundant by natural selection according to value base of corporations. 

I get that you think this is now becoming ‘conspiracy based’ settings and you resent them. I get that, I honestly do. But do you really trust UK Labor after they wasted 23 billion pounds on an NHS system that went awry (several years ago). I have a lot of problems showing trust in any of this. I do not blame Microsoft, but the overlap is concerning, because at some point it will involve servers and transfers of data. And it is clear there are conflicting settings and when some one learns to aggregate data and connect it to a mobile number, your value will be determined. And as these systems interconnect more and more, you will find out that you face identity threat not in amount of times, but in identity theft and value assessment in once per X amount of days and as X decreases, you pretty much can rely on the fact that your value becomes debatable and I reckon this setting is showing the larger danger, where one sees your data as a treasure trove and the other claims “deliver prosperity for all”. That and the diminished setting of “really be done transparently and ethically, with minimal data drawn from the public” is the setting that is a foundation of nightmares mainly as the setting of “minimal data drawn from the public” tends to have a larger stage. It is set to what is needed to aggregate to other sources which lacks protection of the larger and and when we consider that any actor could get these two connected (and sell on) should be considered a new kind of national security risk. America (and UK) are already facing this as these people left for the Emirates with their billions. Do you really think that this was the setting? It will get worse as America needs to hang on to any capital leaving America, do you think that this is different for the UK? Now, you need to consider what makes a person wealthy. This is not a simple question as it is not the bank balance, but it is an overlap of factors. Consider that you have 2000 people who enjoy life and 2000 who are health nuts. Who do you think is set to a higher value? The Insurance person states the health nut (insurance without claims) or the retailer the people who spend and life live. And the (so called) AI system has to filter in 3000 people. So, who gets to be disregarded from the equation? And this cannot be done until you have more data and that is the issue. And the quotation is never this simple, it will be set to thousands of elements and these firms should not have access, as such I fear for the data making it to the outer UK grounds. 

A setting coming from overlaps and none of this is the fault of Microsoft but they will be connected (and optionally) blamed for all this, but as I personally see it the two elements that matter in this case are “Digital rights campaign group Foxglove called the agreement “hopelessly vague”” and “Co-executive Director Martha Dark said the “treasure trove of public data” the government holds” will be of significance danger to public data, because greed driven people tend to lose their heads over words like ‘treasure trove’ and that is where ‘errors are made’ and I reckon it will not take long before the BBC or other media station will trip up over the settings making the optional claim that ‘glitches were found in the current system’ and no one was to blame. Yet that will not be the whole truth will it?

So have a great day and consider the porky pies you are told and who is telling them to you, should you consider that it is me. Make sure that you realise that I am merely telling you what is out in the open and what you need to consider. Have a great day.

Leave a comment

Filed under Finance, IT, Law, Media, Politics, Science

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

May 23, 2022 · 23:47

The dangers of appeasing

We all know it, we still do it, although most people tend to be cautious of the setting where and who they appease, but it still happens and for the most there is no impact. For the mot there are no consequences. Yet in some cases there are, yet are we aware? Are the appeased parties aware? Because that side still matters, the appeaser and appeased are often, nearly always going from a place of innocence, or at least not knowing what will happen. 

And today the BBC gives us one side. The article ‘Clearview AI fined in UK for illegally storing facial images’ (at https://www.bbc.co.uk/news/technology-61550776) has a side to it, one that most are eagerly or unknowingly ignoring. 

We see “Clearview AI takes publicly posted pictures from Facebook, Instagram and other sources, usually without the knowledge of the platform or any permission. John Edwards, UK Information Commissioner, said: “The company not only enables identification of those people, but effectively monitors their behaviour and offers it as a commercial service. That is unacceptable.”” My initial answer is ‘And?’ This is a foundation of Facebook, it is granular data analyses and lets face it, the images were given to the internet and “but effectively monitors their behaviour” is merely the next step. You see, there is a side that we want to ignore. There is the setting of ‘publicly posted pictures’, it therefor becomes PUBLIC DOMAIN (in some cases), granted, not in all cases and there we need to ask Meta whether THEIR rules were broken. And then we get the whopper “People expect that their personal information will be respected, regardless of where in the world their data is being used.” Where is that set in stone? I mean, really. Where is the law that states that this has to happen? And then we get the part that matters “When Italy fined the firm €20m (£16.9m) earlier this year, Clearview hit back, saying it did not operate in any way that laid it under the jurisdiction of the EU privacy law the GDPR. Could it argue the same in the UK, where it also has no operations, customers or headquarters?” And now we see the setting “it did not operate in any way that laid it under the jurisdiction of the EU privacy law the GDPR” I am not debating or opposing, I am asking. Because if that is the case, if that is true, then the actions against Clearview are close to pointless and lets be clear Russia and China might be doing EXACTLY the same thing. It was on the internet and this is not new. To see that, we need to go back to September 7th 2021 when I wrote ‘As banks cut corners’ (at https://lawlordtobe.com/2021/09/07/as-banks-cut-corners/) there it was banks versus organised crime and the image (see below) remains the same, but now it is set in a commercial stage with connected images to boot.

The BBC article is less than an hour old. I wrote about similar settings out in the open 8 months ago. So when we get John Edwards, UK Information Commissioner stating “The company not only enables identification of those people, but effectively monitors their behaviour and offers it as a commercial service. That is unacceptable.” Consider the word “unacceptable”, he does not state that it is illegal, interesting is it not? So exactly what are these fines? On what legal transgression are they based? 

We see the data protection act parts when we are given:

use the information of people in the UK in a way that is fair and transparent
have a lawful reason for collecting people’s information
have a process in place to stop the data being retained indefinitely
meet the higher data protection standards required for biometric data

So what defines ‘fair and transparent’? I know what the words mean, but what do they mean here? Have a lawful reason? It is public domain, a collector has a perfectly valid reason, does he/she not? And when we get to the word indefinitely, we can set a stage of 100 years, because that is not indefinite, so where is the definition of indefinite given? As for biometric data, we accept that “physical characteristics — that can be used to identify individuals” there is however one side that is less clear. It is “used to identify individuals” what if the photo is not the identifying part, but the data is? I am merely stating a fact, most photo’s are not the greatest source of identification, for example (see below) how tall is Peter Dinklage? This photo will not give that away, will it? 

And this data protection act only works for the UK, if the British people were photographed outside of the UK, the photo is out of consideration, is it not? Consider ‘people in the UK’, what if they were in Rome, Amsterdam or Brazil. How would that rule apply? All questions that come up and there might be for a lot of them rules that stop certain part, but not all parts and Clearview has 20,000,000,000 images. We would need to check them all and that will take a group of 20,000 people months, if not a whole year. So who pays for that part? All whilst there are parts that rely on Public Domain. It is a dangerous setting. I get it, it is dangerous and my part of the banks, merely makes things worse, makes the dat more complete and that is not merely banks. Consider the data Dunnhumby has, the data collectors, the panel creators. Dozens of data agencies and consider that several are outside the UK and EU, what happens when that data is combined? This mess is a whole lot worse than anyone considers and it was not due to big tech, it was due to greed driven people seeking new currencies and people are currency. I am not stating that Clearview is innocent, but they got here because the laws were lacking for decades. Now that the data sources are there, it is already too late. Whatever music John Edwards, UK Information Commissioner is playing, it suits his ego and the ego of his friends. For the people it is largely too late and it has been for a while, a setting I saw a long time ago and I illustrated it last September. I knew this because I used to do this and I was good, very good at doing this. So I leave you to wonder just how protected you are, because you are not, but you will learn that soon enough.

Leave a comment

Filed under IT, Law, Media, Science

Tagged as , , , , , , , , , , , , ,

October 4, 2020 · 18:33

A coin with 2 sides of greed

This morning started out alright, I was still pondering on what I had wrote yesterday and I still stand by it. Any voices on complexity are not dimmed, the issue is larger than I wrote about it, but to take the full scope makes the matter too complex, I was all about oversimplification, as that tends to show things, but it also polarises any view (including mine). This is what was in my mind when the news on Proton-mail and Andy Yen hit me. You see the moment any firm goes into some preaching stage of ‘App Fairness’ mode, the hairs in my neck tend to rise to the occasion. Now, those who read my blog regularly will have seen that I have no issue slapping the big boys silly whenever I can. So like the proverbial pitbull, I have had a mouthful of pants with Apple, Google, IBM and Microsoft logo’s and a chunk of their asses. No matter how big they are, I do not pull my punches (much more fun the way), so let’s have a look at Andy Yen, actually, let’s do something else first, it helps you to understand the station where I am at.

In 2008 Apple launched the App store, initially with around 500 apps. Apple saw in the early days the third party developers would bring home the bacon, but in those years it was not easy being a developer. Those developing for windows had well over a decade of experience and in those days the Software Development Kit would cost a developer $1500, with the additional programming packages and consultancy lessons. So ANY developer would be out of pocket between $3,000 and $5,000 and they would not have anything to show for it. The cost would drastically increase when the program was ready, but the was for another time. So in those days Apple got clever about it and gave us “To publish apps on App Store, developers must pay a $99 yearly fee for access to Apple’s Developer Program”, now consider the first setting of $99 versus $3,000, a new stage that allowed the dreamers and the wickedly clever to publish without a setting of some bulk investment and there was another part, “The income app stores take is 30%. Apple started setting that as a standard – they weren’t the first, but the iOS app ecosystem has been used as a model by many other players in the mobile app space”, now consider the you are a small developer, selling your software will need servers, protection software, shopping kart software, income checkers and go on from that. Apple delivered a system that does it all, so the developer will only need to upload their readied product. Thousands of dollars saved and the small developers get an almost free ride and they pay later through every sale. 

This is beyond fair, because the one million programs that came in the first decade would evolve, these people had a second option. They would sell their program for $0.99-$5 and Apple merely takes 30% of the sale, 70% remains with the makers and that contribution setting was already in play with software houses from the 90’s, yet those programs were often $299-$999. A mobile with the option of programs costing less than $5 are more easily sold and these makers suddenly made thousands of dollars, most of them massively happy. In that same light under Microsoft these developers would never exist. The cost of being up and running would strip all revenue away. As such Apple (and Google too) would create a wave of people creating the thousands of dollars to fuel the system would basically be paid for by the more successful players in this field.

So when I see the headline ‘Why we joined the Coalition for App Fairness’, I merely see a greed driven non-truth that is (as I personally see it) fuelled by greed.

So now the you have some of the background, we see the real deal, people like Epic Games and Proton-mail, they had an idea and they used that system to get ahead, which is nice for them, yet now, now that they made it, they want to avoid fees, they want the 30% that they initially signed up for as well. It is basically the same with Epic Games, once they made the numbers, their success went to their heads and they are now fishing (or is that phishing) for the 30% they signed up for? They want to avoid the apple fee and for one player it makes sense, yet this system was designed so that the small players would get a chance to become big, a stage that many faced. So when I see these ‘displays of fairness’ I merely see greed driven players merely wanting more.

The setting is however larger. The quote “First, to be clear, our mission at Proton is to foster an open, free, private, and secure internet. We exist today because a large community of people agree with these goals and support our work. Helping to found CAF does not in any way signal a deviation from these core values. Proton will always remain fiercely protective of our independence in order to put user interests first” gets to be ripped to shreds when we see “to foster an open, free, private, and secure internet”, yes they do have a free option, but it is limited, which might be fair enough, their goal is to be ready for the 4.00 € and 24.00 € a month users, whilst their free accounts are limited, the paying ones are driving this and so far they got 10 million people in their accounts, I am not aware how many constitutes free accounts.

Another point was “Our purpose for joining CAF is not about advancing the goals of Spotify and Epic, but about making sure that you, our community, have a voice in this important debate”, is the so? I find it debatable, for the simple reason that we are also handed “ProtonMail is run by Proton Technologies AG, a company based in the Canton of Geneva, and its servers are located at two locations in Switzerland, outside of US and EU jurisdiction”, whilst this sounds nice, outside of jurisdictions comes at a price and one could argue the organised crime finds the approach appealing, as do some people the want to avoid data accountability, but for the most, I am on the fence of how reliable data safety outside of jurisdictions tend to be (I am not making any statement on the security they run). So the app store has them as a free app, which implies that they are free, but they offer ‘Offers In-App Purchases’, and their own Twitter account gives us “We actually don’t understand the significance of paid account here? ProtonMail doesn’t offer in app purchases on Android, so purchases need to be made through our Swiss website”, and there is the kicker, they want it via their own website to avoid the 30%, exactly how Epic Games set it up, once they have the foundation of users, they want to avoid Apple (and/or Google) fees. 

I need to admit that Andy Yen is in a slightly different setting (as is Epic Games). You see, he started with the backing through kick-starters and ended up with a beginning capital of $500K, 5 times of what they needed to get started, a lot do not have that option, which I admit is not the stage that Andy Yen cares about (yet he claims the opposite), we get it, but when we see ‘a better internet that puts people first’, we need to realise the this was exactly what Apple did (Google too), by setting the contribution cycle almost EVERY developer had their chance at stardom, and whilst we see ‘free app’, how many people would have taken it up when the app had to be bought at $9.99, or $19.99? You forget that if we avoid the contribution cycle, we see the the funds need to be found somewhere, do they not? You really cannot get it both ways and for the most the contribution cycle is the most fair, because it is only taken from actual sales, so the newbies get to be there for free or for nothing (or both), and the big players basically pay for the little people.

Consider that and the fact that there is a price for being able to chose from 1.75 million app on a store. If that setting did not exist these store would end up having well over a million apps less. And this year, in the covid year, there is suddenly the need to avoid paying because the investors need to be appeased. As I personally see it greed is the final equaliser against choice, because these players want to be the only provider and the current stage allows new developers deploy their system, optionally a real innovative one, but they get a to because the costs of starting are not there, not like it was anyway.

Happy now?

Leave a comment

Filed under Finance, IT

Tagged as , , , , , , , , , , , ,

October 2, 2020 · 23:52

A new road

We all have new roads, some roads are completely new, some are ‘sort of’ new. We tend to like the ‘sort of’ new roads as they feel more familiar, but it does not imply the this is the best road. This is the way we move forward. In all this, how does one react when we go towards a road we have never seen before? Consider the stage the this is not some adventure, it is a choice of life, a choice that impacts one’s life to the latest degree, do we feel as certain? 

As some are in a stage where they are considering that President Trump could optionally die of Covid before the next election, we see that this is perhaps the weirdest years we face in half a century. In the UK we see lockdowns with a 5 minute warning, now the is one way to change the settings of any game, yet is it wise? It is in the same direction that others face, a new road, different decisions, but is it all really new? We could call all the plays in the international scene, but we have seen it before, it is a play based upon a play that is old and stale. Even now as the EU wants to limit the apps Apple and Google put on phones, it is merely a variant of Internet Explorer V3 all over again, the greed driven will never learn. So whilst we get informed on “Draft rules would force the tech giants to share their data with rivals, and limit how many of their own apps they pre-install on devices”, I am actually surprised that they did not give us “share their data with non-Chinese rivals”, a stage the we have seen before and one that we will see again, to be honest, I am not certain if the people setting the rules have any clue who the people are that they represent, merely the setting of larger tech company trying to get a grip on technology the they ignored for too long. And ever as we are told “The draft rules, known as the Digital Services Act, aim to set the ground rules for data-sharing and how digital marketplaces operate. They are expected to come into force by the end of the year”, we see a stage where tax rules are ignored, it is too complex for them, they will do it later (or so they believe). Even as we are told “The case has taken on urgency because of the dependence of thousands of EU companies on the tech giants for their business”, a setting which I regard to be a joke, because those ‘thousands of EU companies’ refused to budge on several items when too going was good, they merely latched on like leeches, getting max result for zero effort, I know this because if that was not the case, I would not have the IP I have now, and there are only two contestants for the IP to get ownership, the rest is merely dumbstruck on the side of the road and as they are realising that the digital highway os beyond their comprehension and as they feel the floor slip from under them as 5G comes into power, now they all cry like little girls, all with their own version of ‘Google/Apple is such a mean old bastard, boo hoo hoo hoo’ theatrics and optional fake tears. 

My view is given by a few quotes, the first one is “The App Store was opened on July 10, 2008, with an initial 500 applications available”, we then see the that the app store grew with 2 million apps in 2017 and now it has 1.75 million apps. So these people had a decade to get involved with Apple, as such where it their timeline? Bullet point idiots basing their needs on concepts. Where it the actual and factual engineering in place? The story for Google is pretty similar. Global businesses  (not merely EU companies) with short sighted goals, short sighted, merely because their spreadsheet was dictated by financial people, not a long term sight in place. I reckon (my speculation) the some people tarted to reconsider their position when Apple announced the 10 billion download mark somewhere in 2011, but at the point the credit crunch got in the way and the people (more lazy than anything else) decided to wait, but the Digital highway is one where waiting is a sin and Google showed the easy enough. And now, as companies are realising that 5G will merely see exponential options where established apps are in place, unless you have a third party data need and that is overwhelmingly attractive, but there the Google and Apple stores are a problem for them. They will happily play with GDPR fines, yet the Google and Apple stores are the problems and as I see it, and as I see it, the EU is stupid enough to force open the doors to others. 

My vision?

Why is this my vision, because we are told “limit which apps Apple and Google pre-install on your phone”, just like the setting it had in the Internet Explorer v3 age. I thought they would have learned by now. In the first, Apple people go iOS, Google people go Android. In all this we the consumer chose what WE want, but did you see any of the in the article? Our voice is not heard ad not given any power, because it is about appeasing ‘the dependence of thousands of EU companies’, the companies that were asleep at the wheel in the first place, not merely asleep, they have nothing to contribute, a concept at best but when you look at the staff, they have none, yet they will sure others the these people will be hired the moment certain steps are finalised, and it will be a ‘complex issue’ to say the least. In all this, these companies have never considered a new road, adjustment and aggregating what they have and what they are delivering, but they all hide behind players like Epic games with, if a game maker can do it, so can our EU business enterprise, can it not? And there we see the first flaw from the very beginning, these people are mostly clueless. Should you consider me wrong, then consider that on the digital highway beyond Apple and Google, the third player is one the started as a book shop, a bloody bookshop no less (Amazon) and its owner, who copycatted his hairstyle from Telly Savalas (just like Vin Diesel did). So consider that whilst we see another gravy train trap our choices in what THEY call open choices, but it is not, it will make life harder for the consumer, not easier and none of them will guarantee your data.

So in the words of Lieutenant Kojak “Who loves you baby!

Leave a comment

Filed under Finance, IT, Media, Politics

Tagged as , , , , , , , , , , , , ,

August 5, 2020 · 23:46

EU fart bit, Google Fit Bit

Yes, we leap left, we leap right and as we see options for choice, we also see options for neglect. In Reuters we see “Google’s parent company Alphabet agreed a $2.1bn (£1.6bn) takeover of the wearable tech firm last year. However, the deal has yet to be completed”, we see that at https://www.bbc.com/news/technology-53647570, and as we see the BBC article, we wonder about a lot more. Yes we acknowledge “While the European Commission has said its main concern is the “data advantage” Google will gain to serve increasingly personalised ads via its search page”, and in the matter of investigations we see:

  • The effects of the merger on Europe’s nascent digital healthcare sector
  • Whether Google would have the means and ability to make it more difficult for rival wearables to work with its Android operating system.

From there there are two paths, for me personally the first one is Competition Commissioner Margrethe Vestager, to be honest, I do not trust her. I will admit right off the bat that this is personal, but her deal relying on what was requires her to get a win, any win. The setting is founded on “officials acknowledge that the EU’s competition enforcer faces hard choices after judges moved to quash her order for the US tech company to pay back €14.3bn in taxes to Ireland”, which was a juridical choice, but in all this she needs a win and I reckon she will do whatever er she can to get any of the FAANG group. For the most I would be on her side in the tax case, but on the other side the entire sweep of the Google Fitbit leaves me with questions.

The first point is on ‘effects of the merger’, so how is this in regards to the Apple Smart Watch, the Huawei smart watch (android), and a few other versions, how much investigation did Apple get? How much concern is there for Huawei? Then we see the second part ‘Whether Google would have the means and ability’, it is not a wrong position for Margrethe Vestager to take, but as he does it upfront, in light of the EU inactions regarding IBM and Microsoft, it seems weird that this happens upfront now (well to me it does). And as we see ‘difficult for rival wearables to work with its Android operating system’ I see Huawei and the solutions they have, Android solutions no less, so why is Google the problem? 

Then there are two other parts. The first one is “Analysts suggested part of the attraction for Google was the fact that Fitbit had formed partnerships with several insurers in addition to a government health programme in Singapore”, the second one is “Google has explicitly denied its motivation is to control more data”, in all this there is less investigation in regards to what data goes to Singapore, or better stated the article makes no mention towards it, and as I see it, there is no mention on it from the office of Margrethe Vestager either. The second part is how Google explicitly denies its part, yet that denial does not give us anything towards the speculated “its motivation is to have access to more data”, and when you decide on a smart watch, data will end up somewhere and the statements are precise (something that worries me), I have no issue with Google having access, but the larger issue is not Google, it is ‘partnerships with several insurers’, the idea of privacy is not seen remarked upon by Margrethe Vestager and her posse of goose feather and ink-jar wielders, the focus is Google and is seemingly absent from investigations into Fitbit pre-Google in an age where the GDPR is set to be gospel, so who are the insurers and where are they based? Issues we are unlikely to get answers on. Yet when we consider “John Hancock, the U.S. division of Canadian insurance giant Manulife, requires customers to use activity trackers for life insurance policies in their Vitality program if they want to get discounts on their premiums and other perks”, so what happens when that data can be accessed? Is the larger stage not merely ‘What we consent to’, but a stage where the insurer has a lessened risk, but we see that our insurance is not becoming cheaper, there is the second stage that those not taking that path get insurance surcharge. So what has the EU done about that? We can accept that this is not on the plate of Margrethe Vestager, but it is on someones plate and only now, when Google steps in do we see action? 

So whilst the old farts at the EU are taking a gander at what they can get, I wonder what happens to all the other parts they are not looking at. Should Google acquire my IP, with access to 440,000,000 retailers and well over 1,500,000,000 consumers, will they cry murder? Will they shout unfair? Perhaps thinking out of the box was an essential first requirement and Fitbit is merely a stage to a much larger pool that 5G gives, but as they listened to the US, they can’t tell, not until 2022, at that point it is too late for the EU, I reckon that they get to catch on in 2021 when they realise that they are losing ground to all the others, all whilst they could have been ahead of the game, lets say a Hail Mary to those too smitten by ego. 

 

Leave a comment

Filed under Finance, IT, Law, Media, Politics

Tagged as , , , , , , , , , , , , , , , , , , ,

July 27, 2020 · 04:05

The day after the day before

I just noticed a story on Reuters, which came a day after I gave the lowdown on the GDPR. In their story ‘Companies need immediate rethink on U.S. data transfers, says watchdog’ I see “Companies seeking to transfer data to the United States must revert to new arrangements with immediate effect after the Privacy Shield transatlantic pact was declared invalid last week, a European Union watchdog said on Friday”, OK, we know that, but Reuters gives a little more, with “The European Data Protection Board (EDPB) said that companies that transfer data to the United States via standard contractual clauses would have to self-assess whether these have suitable safeguards and inform their national privacy enforcer” we see a part I had forgotten about (Yes, I forget things too), when we consider ‘via standard contractual clauses would have to self-assess’, I am confronted with a thought I had in 1998 in another station. You see there is an issue with ‘self-assess’ and ‘backups’. The self assess part is to ignore that small little data cruncher, whilst the global standardisation of back-up systems give a larger implied stage that for US Intelligence, it remains business as usual, with the optional larger workflow. Did anyone consider that?

So when we see “The EDPB, together with the European Commission, is now looking into ways to beef up standard contractual clauses and binding corporate rules that could be legal, technical or organisational”, I wonder how many delays back up solutions are given before that train ends, I reckon that it will take a while. And the situation is not new, ITProPortal gave us in 2018 “The legislation gives customers the right to be removed from the records of companies even if they have previously agreed to the collection and storage of their data. It’s called the ‘right to be forgotten’ and could be a potential stumbling block as organisations keep backup copies of their data. A request to have personal data removed, technically means that it should be removed from all copies including the cloud, or tape kept off-site in deep storage. Having to do this each time a request comes in, however, has been deemed excessive by those overseeing GDPR due to the logistical challenges it would throw up” and even if you think that it is something else, think again! We see this in “technically means that it should be removed from all copies including the cloud, or tape kept off-site in deep storage. Having to do this each time a request comes in, however, has been deemed excessive by those overseeing GDPR due to the logistical challenges it would throw up” and consider that there is a situation, we see this in “According to France’s GDPR supervisory authority, CNIL, organisations don’t have to delete backups when complying with the right to erasure. … You should also document policies and procedures for keeping backup data secure. This will include instructions on encrypting backups and where you will keep backup devices”, yes this is still about the right to be forgotten, but there is an absence on tertiary locations for backups and cloud backups, they can still be in the US, as such, the Intelligence conclave (the alphabet group) are still in a stage of business as usual. One source is giving me in 2019 “Rather than backing up everything in bulk as whole systems, organisations may find it easiest to separate systems backups and personal data backups so that systems backups can be kept for much longer retention periods than might be allowed/justifiable for the personal data”, yet the station of ‘organisations may find it easiest’ as well as ‘so that systems backups can be kept for much longer retention periods than might be justifiable for the personal data’, which in itself is not really an answer and I was surprised to the amount of ambiguity towards operational and logistical needs, whilst keeping the limelight away from backups, as such I believe that there is a lot more going on and no real matters regarding privacy will be solved any day soon. In this Curtis Preston, chief technical architect at Druva raised in 2019 “GDPR is not going to be able to force companies to ‘forget’ people in their backups – especially personal data found inside an RDBMS or spreadsheet.” (at https://www.theregister.com/2018/05/31/backup_gdpr_analysis/), and it seems that everyone links it to ‘the right to be forgotten’, so what happens to the off site backups of global databases? Are they still in the US? And why is there such a darkness around the states of backups? I find the comment ‘due to the logistical challenges’ a bit of a joke, they had years to get ready. Even closer to home, last January we see “Although Apple uses end-to-end encryption for both iMessage and FaceTime, it doesn’t do the same for iCloud backups. They are encrypted, but Apple holds the key, meaning that the company has access to a copy of almost everything on your phone – and that includes stored messages. I’d long expected Apple to fix this, but a report today claims that the company has decided not to…” so what else has not been done, and where are all these iCloud backups? If they are on an Apple Server, there is every chance others have access (speculation from my side). Which is actually not the weirdest thought, when we go back to 2018 and consider “authorities also discovered a series of hacking tools and files that allowed the 16-year-old boy to break into Apple’s mainframe repeatedly”, so if a 16 year old has access to the Apple mainframe, do you really believe that US Intelligence cannot enter it? 

So when we consider where our backups are, also consider how up to date your personal records are at 57 Duker Rd, Farmville, VA 23901, United States. To be ‘speculatively more precise’, how about IBM-VA23901-1-3.213.5? I wonder how many other places your data can be found, all for the simple reason of national security, all whilst we see the media take a hard look on all the cyber tools that some agencies have no one seems to be looking at all the access that they have to backups. The fact that several locations are giving us versions of ambiguity, none of them look deeper into the matter, I reckon that the Stakeholders wouldn’t allow it, but that is me grasping at straws.

There is a larger station now that the agreement has fallen apart for the EU, on the other hand, there will be a pool of new talent be required all over Europe, and in the light of the Corona events, I wonder how many are still alive. So, what will we see tomorrow in this regard?

 

Leave a comment

Filed under IT, Law, Politics, Science

Tagged as , , , , , , , , , , , , , , ,

July 24, 2020 · 23:35

The Fantastic Four and the bully

Yup its Friday! The match is set and also tempered and set against the Fantastic Four, they face it because the people who they are defending against are not that clued-in on the abilities of the digital economy and they merely want better pickings from these four, I am actually surprised that Netflix is missing there on a few stages, but perhaps they promised the not so clued in spectacle seekers to give them all the illumination they are worthy for, it is a dicey call, but when you can lose it all, you can also play it all.

They are up against a congress who has fiddled and played away well over 8 trillion in stupidity, the rest was unavoidable, they are that not clued in and the batter is about to hit the hedges, so they need a play so that they can retire unabated and without accountability. This was not new, there had been announcements and for the most, I actually thought that in light of what was playing now, that US Congress might give this a miss, but no, I was wrong.So as we look t the article (at https://www.reuters.com/article/us-usa-tech-congress/big-tech-ceos-ready-defenses-for-u-s-congress-hearing-into-their-growing-power-idUSKCN24O16K), we notice the lead ‘Big Tech CEOs ready defenses for U.S. Congress hearing into their growing power’, yet did we also notice “The panel is questioning the companies as part of its probe into whether they actively work to harm and eliminate smaller rivals, while not always making the best choices for their customers”, perhaps you remember the old court case, where we get the number one hilarious moment (at https://www.nbcnews.com/video/senate-gop-and-white-house-tentatively-agree-on-1-trillion-coronavirus-relief-88172613521), NBC was not the only one giving us that, but you get the idea on how clueless American Politics seems to be. You see, there are two parts in this. The first is “while not always making the best choices for their customers”. The sides here are 1. ‘Who is the customer?’, and 2. ‘What are the best choices?’, as I personally see it, congress does not have the brightest players in the first place, so there is every chance that at least 20% of that panel is clueless to the digital environment. And that is not all. If we consider “The high-profile hearing, which will bring together Amazon’s Jeff Bezos, Facebook’s Mark Zuckerberg, Apple’s Tim Cook and Google’s Sundar Pichai, will be a key moment in the growing backlash against Big Tech in the United States and is likely to set up a face-off between the executives and skeptical lawmakers from both parties”, we see an optional stage of discrimination. In the first Twitter and Netflix are not there, in the second, as far as I (and others can tell), these players have acted on the letter of the law, the fact that others can’t do that, is not competition Law, it makes it something else (not sure what actually). I agree that I do not have all the answers, but this in the end we need to see that this is optionally not about what they say it is, the European Law and their GDPR is biting hard, as the US privacy shield is falling short by too much, there is every chance that the US government is missing out on terabytes of personalised data as their FISA act opted access for and that is not sitting pretty with them. So where is my evidence?

We see part off this in “Apple is likely to be quizzed about the way it manages its app store after facing criticisms it hurts newcomers. Apple told Reuters it will argue it does not have controlling market share for apps. The iPhone maker views its store as a feature designed to ensure the security and reliability of its phones.” The App Store is a rather large being, but it is amped towards Apple products, and as such security is key. So far the issues we see are a mere fraction of what could be. In this Forbes gave us that part yesterday with “With the July 22 launch of the Apple’s SRD program, security researchers will be able to go and hunt bugs much deeper within iOS. Apple said that the iPhones, which will be dedicated exclusively to such work, and known as security research devices, will come “with unique code execution and containment policies.” What this means, for example, is that the file system will be accessible for inspection rather than just looking at crash log snapshots or using jailbroken devices. The latter being far from perfect as jailbreak vulnerabilities are generally patched quickly, and so any research is more easily denied by Apple as being flawed.” Again, this shows two parts, the first is that Apps are often defined by hardware and Apple hardware is in transit, making most issues moot for Apple, the second part is that we see “the file system will be accessible for inspection rather than just looking at crash log snapshots”, we can argue that this betters the US government access to data, but does not really prove it, the merely get a better look at where to seek what they desperately want. I am still not convinced that this hearing isn’t an option for old goats (oops, I meant members of Congress) to get selfie time wit the 4 most wanted selfie objects in history.

I wil forgo on Amazon, these people have enough problems to set a proper definition of what is a hazard and how to identify it, I briefly discussed that in ‘6 simple questions’ in February this year, where a load of shortcomings, or is that shortcumings? Are set in motion, I never understand how people get their rocks of on bad work, but that might merely be me. I discussed it (at https://lawlordtobe.com/2020/02/03/6-simple-questions/) it also had a link to another article that shows questionable parts of FTI Consulting, as such and quoting CNN who gave us “The report’s limited results are a reminder that it can be extremely challenging to reconstruct the activities of a determined, well-resourced hacker”, all whilst the identity of the hacker is still up in the air, and this is set against a person who has more money than the combined resources of all who live in New York, which is saying something. He is 25% of what Congress faces? To be honest, I feel that the US audience are facing another Mickey Mouse show, which is weird as Disney is not in the dock, but I got extra popcorn, so that I can watch and giggle at the same time. Oh and by the way, I wrote this all on an innovative MacBook Air, as such we see that other players are not up to scrap to show us what is truly innovative. As I see it, this is the first truly innovative piece of hardware since the release of the G5 in 2004, so I wonder what Congress is really trying to achieve. And when we see “in recent weeks the firm has published blog posts and a white paper asserting that it still faces plenty of competition and that the fees it charges ad buyers and sellers are justified.” We see an optional path for Google, all whilst the non US Data centres of Google are being upholstered to avoid GDPR issues, as I see it the US Bully, oops, I mean Congress, are out of their depth in an age where computers and hardware changes quicker then the identity of the average man’s mistress. There are so many tackles and interactions, I have no trust in what US Congress is trying to achieve, but there is an upside for me, a they fail more and more, we see that my IP is still untouched and no one got near it, all this whilst the 5G site is going forward in most area’s, l except the USA. Perhaps Congress should have other priorities, like sorting out the tax laws that these four face, is that a little over the top?

 

Leave a comment

Filed under Finance, IT, Media, Politics

Tagged as , , , , , , , , , , , , , , , ,

January 16, 2020 · 10:30

The time is now

Yesterday, an article in the BBC made me aware of a few items. Now, I was aware to a larger degree of most items, yet I kept it in the second drawer of the third desk of my brain, it was something I took for accepted and then shrug it off, so what changed? Nothing actually changed, but the article seems good enough to take a few items on view.

The article (at https://www.bbc.com/news/technology-51115315) gives us “Google has announced a timeline for implementing new privacy standards that will limit third-party use of a digital tool known as cookies“, now this is nothing new, it was always going to happen, yet we also see: “analysts say the move gives Google more control over the digital ad market where it is already a major player.  To make advertising more personal web browsers collect small bits of information that allow them to create a profile of the users likes and online habits“, the question becomes, is that actually true? And when we see “This presents a core problem from a competition perspective. It is yet another example of Google diminishing ad rivals’ access to data for the stated purpose of protecting users’ privacy“, a quote from Dina Srinivasan, a lawyer focused on competition issues is not really that truthful, is it? Apple made a similar move in 2017 and when we go back in time, we see Google Chrome, Mozilla Firefox, Internet Explorer, Safari, Microsoft Edge, and Opera. Most will have forgotten Netscape who became defunct in 2003, and basically stopped making a blip 2 years before that. We seemingly forgot about the exploitative market that Microsoft had in those days with Internet Explorer and all the crap it added to our HTML files (as did Word when we saved as an HTML file), in those days data in files was still an issue because there was a limit to what we could safe when we were not rich. Chrome was the first to keep our files clean, or at least lacking a lot of rubbish. Netscape was however on a different route, an employee of Netscape Communications, which was developing an e-commerce application for MCI. MCI did not want its servers to have to retain partial transaction states which was a killer for storage, as such they asked the people at Netscape to find a way to store partial options and methods of transactions where it mattered the most, at the side of the buyer, Cookies provided a solution to the problem of reliably implementing a virtual shopping cart, Google found a new way of using that idea and used cookies in the far reaching solution it currently has, they innovated, others merely took on board someone else’s solution and not they are all crying foul. Perhaps when these people had taken the time to innovate, they would have the choice, and the option of two years seems decent, so when I read “advertisers had hoped to have more time before it was implemented” is as I personally see a larger BS issue on timeframes and exploitation, if advertisers are in the now, they would be all about advanced implementation, yet they like their bonus and they seemingly do not like to spend money on investments to counter the timeline (an assumption from my side). 

Google’s director of Chrome engineering, Justin Schuh gives us “Users are demanding greater privacy – including transparency, choice and control over how their data is used – and it’s clear the web ecosystem needs to evolve to meet these increasing demands“, which seems slightly too political to my liking, but there we have it. Business Day gives us “But GDPR also made life harder for a cohort of second-tier adtech players trying to compete with the likes of Google and Facebook. The regulation’s provision to prevent data being shared wantonly with third parties seemed to give the tech giants an opportunity to tighten their control over user data” where we see that this was one of the foundations that led to the end of SizMek, some state that it was DSP Rocket Fuel that ended the heartbeat of SizMek, yet everyone ignores a simple truth, ‘an overcrowded ad tech market with independent vendors with an inability to face serious cost pressures to their pricing structures‘, they all arrogantly believed that THEIR solution was the real one and they all basically read cookies like the ones Google had distributed. You can all claim to have the magic potion that Asterix drinks, but when the truth comes out that he drinks Darjeeling tea from India, the playing field gets overcrowded and when the customer figures out what they get priced for the end is pretty much around the corner of the next door you face.

So as we are told “third-party ad sellers will need to go through Google to get information about internet users. But critics say that is an advantage that makes the market less fair and safe“, in my view my question becomes: ‘Which critics, names please!‘, the problem is that third party ad sellers have no rights, none at all, the rights should be with the owner of the computer, Google (Apple also) are setting (not by their own accord) that stage, Microsoft is using their Azure Cloud to counter the Cookie option on PC and Microsoft Console, but the hard sight is already there, the people who are unable, unwilling and cannot afford to set the stage still want their freebee and they are now starting to complain as they are made aware that their time has ended, even though this was the direction we saw in US politics and EU politics well over three years ago. The EU had their General Data Protection Regulation (GDPR) and everyone shrugged their shoulders stating that it would not happen that fast, yet that was three years ago and now the time has been set back to merely two years to go and the ad sellers are feeling the pinch of the cost they will actually face. Moreover, they are seeing the red lights of career ends. The Verge gave us “an industry that’s used to collecting and sharing data with little to no restriction, that means rewriting the rules of how ads are targeted online“, they gave us that on May 25th 2018, so 1.5 years ago, why is this now a problem? The people wanted this, ad soon it will be here, Google has not been sitting still updating their systems accordingly, and as such we see that the flaccid and non-concerned rest is now looking at a deadline a mere two years away. When we look to the larger field we see Criteo, LiveRamp, Trade Desk, Rubicon, and Telaria, all losing value as ad-tech providers, yet the opposite could also be true when they offer to the customer a value, a value where most ad-tech companies never bothered going. Yet the power of any ad-tech was never the cookie, that was for the most merely the revenue. They had 5 years to consider the power of ad-tech and they didn’t. The power of this is basically engagement. Facebook showed this year after year and now it is out on the larger field, those who engage will survive, the rest will end up on a dog eat dog football field and a few will survive but only as long as they push to the next hurdle and make it, if not they will end up on the obituary page (just like Netscape, however Netscape ended there for other reasons). 

I wonder if that is why Google is so adamant about its stadia? It would get a massive tier of small time developers creating engagement content to be released on mobiles. That i me merely speculating. 

Still the words of Dina Srinivasan are not entirely without merit, she gives the Facebook issue (at https://www.wsj.com/articles/yale-law-grads-hipster-antitrust-argument-against-facebook-findsmainstream-support-11575987274), and she makes a good case, yet the history of certain players need to be taken into account. Even as she was her own misgivings about the evolution of the digital advertising market, history had been clear, some of them basically did not bother, they wanted it handed to them for free and in the beginning they got away with it. And she made a point with “How could a company with Facebook Inc.’s checkered privacy record have obtained so much of its users’ personal data?“, yet equally we need to weigh this with the words of U.S. Attorney General William Barr. He gives us “he is “open to that argument” that consumer harm can exist through the use of personal data, even if a service is free. “I am inclined to think there is no free lunch. Something that is free is actually getting paid for one way or the other”“, which is what I have been saying on my blog for around 4 years, so happy to see people wake up in January 2020. So when I see “Ms. Srinivasan would prefer that Facebook be forced to change certain business practices, including how it tracks users when they are off the company’s platforms“, I wonder when they give account to the small truth that Facebook is a free service for a reason and they are no longer alone in this, you are going after the large players when they are in the largest danger by losing slices of that revenue pie to contenders elsewhere in the world (EU and China). 

Whatever you want to do is fine, but realise that it will put a large group of people in the streets without a job, I am not against them losing their job, but that revenue and that data will also flow in other directions and that is the one part that all players (with political support) are trying to counter as much as possible. I wonder if they will succeed. The weird part is that if this group had been properly taxed 3 out of the 5 major issues would also fall away and in that view a workable solution could be pivoted to.

 

Leave a comment

Filed under Finance, IT, Media, Politics

Tagged as , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

June 18, 2019 · 12:41

London Bridge had fallen

This is not some event involving Mike Banning as the never failing US Secret Agent, it is also not a movie involving Gerard Butler in command of a Nuclear Submarine (Cool movie though). No this is reality!

In 2017, on June 3rd an attack took place, the inquest is still going on 2 years later. 3 people ramming pedestrians and after that ran into the public in the Borough Market area and decided to stab a whole lot more people. They were wearing fake explosives, carrying knives. That pretty much sums it up. In the end 8 died and 48 were wounded, the three ‘terrorists’ were killed in the process.

According to all sources these three were ‘inspired’ by ISIS.

I took notice of it initially, but it was not high on my radar, it got my attention again last week, but i was looking into the Strait of Hormuz issue. It kept at the back of my mind. So let’s start with last week: ‘MI5 admin errors meant attackers link ‘was missed’‘, it got to me as MI-5 does a whole lot of things, errors are actually quite rare and anyone stating that there should not be any errors is an idiot. Anything involving intelligence gathering is prone to issues. The right stage, the right interpretation, the right connections and the right actions. These are all matters that influence the stage. You can check this for yourself, go to any recruiter and apply for a job, what are the chances that he/she places you wrong or gives you less useful advice, considers you not to be the ‘right’ person for the job? That chance is rather high.

So when I see the BBC article (at https://www.bbc.com/news/uk-48626134) giving me: “Youssef Zaghba was stopped at Bologna airport in 2016 after telling staff he was going to Turkey to be a terrorist“, so in the clear setting of a first, a terrorist does not tell anyone he/she is one. The more verbose version is: “Asked why he was going to Turkey, he said to be “a terrorist” before quickly changing his answer to “tourist”, the court heard“, o now we get a person who is basically an idiot and customs has to deal with hundreds if not thousands on a daily basis. This part is already numb and done for. So at best we have a video game wannabe, at worst we have a person with mental health issues. At present neither two score high on the list, at most a police chat would have been warranted.

Regarding Zaghba we also see (at https://www.bbc.com/news/uk-40169985) In 2016, Zaghba was stopped at Bologna Guglielmo Marconi Airport by Italian officers who found ISIS-related materials on his mobile phone. So what materials were they? He apparently was placed on a watch list, which is shared with many countries including the UK, as such is he merely watched when he travelled or 24:7? There is a difference and one does not warrant the other.

Yet now there is a clarity of optional failure that is increased with: “Witness L, who is head of policy, strategy and capability for MI5’s international counter-terrorism branch, told the court MI6 did not translate the Italian request for two months – and then sent it to the wrong person in MI5“, not only is my question:

  1. How could this be send to the wrong person and why was there no return/response on wrongful send information?
  2. Then we get: ‘The optional escalation had 1 year to find corrections and optional change in surveillance. Why was this not done?
  3. How often is the shared list vetted and checked for additional information whether the watch list is still accurate and more important useful?

Three direct questions that now put MI-5 on the radar for a few failings. In addition we also need to enlarge the scope, if SIGINT is GCHQ, how was this optionally missed twice over?

There are also serious questions regarding the Lawyer of the 6 victims. When we see that he had: ‘previously told the court there had been missed opportunities to prevent the attack.‘ It is important to see this part. In another story we get: “Gareth Patterson, the lawyer representing several victims’ families, said there was evidence the attackers had been in contact since January 2017“, here I disagree to some degree, and with ““any reasonably competent investigation” had the chance to detect the planning that was going on between the three men” I disagree even further.

You see, when we look at the elements. The fake explosives means that it could have been made in any way, for the most stuff from a toy store might have sufficed, at most a stroll through B&Q or Wickes would have sufficed. Then there is the stage of interpreting the Zaghba part, a terrorist claiming to be one is not one. I would have been able to do all the needed parts without setting off any flags or alarms. The biggest risk I run is getting a lorry, they did not get one either for mere payment issues that one element also shows that they commenced a terrorist act, but were not terrorists (or almost the worst prepared one). The absence of planning, the absence of dotting the ‘i‘ and crossing the ‘t‘ is what sets them apart. Merely three men with water bottles, pretending that to be explosives, knives that one can buy at IKEA and when we learn that the Guardian (at https://www.theguardian.com/uk-news/2017/jun/10/worse-terror-attack-on-london-bridge-foiled-by-chance-police-say) that the van had “13 wine bottles containing flammable liquid with rags stuffed in them, essentially Molotov cocktails” that were either forgotten, or just ignored by these three, we see a wannabe terrorist who forgot that they had options to increase the death count by a lot. These are all elements that count, because MI-5 is there for serious threats and these three were seemingly ignoring all their options even during the event. Going back to the lorry, that one might be easy when I stalk the right bars and mickey the right person, with him tied up in the back of the van I could start my spree, no flag raised at all. In my case I would have been able to get the stuff that goes boom; I merely needed to change perspective on the how. All issues that would never raise a flag; that is what MI-5 has to deal with and they have the one additional benefit that they are on an island.

We agree that steps were missed on Zaghba, but none of this is still evident that it would have prevented the attack. The higher part is Khuram Shazad Butt, he has enough flags that warrant consideration, his presence is a real issue, yet how much flags did he raise before the attack? We seem to blame after the effect, yet in the UK we see more whingers and whiners on freedom and privacy than in most other places in the world, well, congratulations! If MI-5 had that data this might have been prevented, they did not. You wanted the Data Protection Act 2018, you got it, you wanted General Data Protection Regulation (GDPR) and it was handed to you, you also face additional dangers because of it, so stop crying!

Back to the attack! I see Rachid Redouane as the actual fuse here. An illegal immigrant, a failed asylum seeker and he remained under the radar, also implying he could get a lot of stuff done whilst not being noticed, not getting noticed and working as a pastry chef, so how did he get that job? He was the part that Butt needed, and as such MI-5 had optionally even less to work with.

You see, when we look after the event, we might see issues to blame MI-5 (optionally GCHQ) with, but there are a lot more markers making at least 1 out of the three a dud from the start. And in all this, no one seems to realise that a failed Asylum seeker was hopping back and forth between the UK and Ireland, there is a larger failing in all this, yet I am stating that MI-5 was not it.

Yesterday

The Guardian yesterday (at https://www.theguardian.com/uk-news/2019/jun/17/communication-issues-left-london-bridge-attack-casualties-without-first-aid) gives us the larger failing, but not in regards to the attack. When we see: ‘police waited for help that wasn’t coming‘ we feel anger and frustration, yet in which direction?

The first is seen with: “police and members of the public being left to treat victims of the London Bridge terror attacks and not knowing why paramedics were not coming to their aid“, as well as “when paramedics were told to evacuate the area, the officers in the courtyard were left treating the casualties on their own awaiting help that did not arrive” we get the first gist of it. You cannot send paramedics in a dangerous situation, we get it we understand it and we accept it. I believe that an alteration to the armed response unit is required. I believe that any armed response unit requires a trained medic to give first aid like in a metropolitan war zone. Yes, it would be great to send in the paramedics, but let’s be honest how would you feel when a police officer tells you: “Look, there are three terrorists over there somewhere, can you go into that place ad see if you can treat some of the wounded people?” I get it, plenty of them medics would, but it is optionally super reckless and highly irresponsible. The fact that the police was not properly warned on the spot could have been for several reasons, all unintentional. This is a situation that is not merely fluid, it involves a lot of people thinking on their feet, whilst running trying to scope the size of the issue in absence of reliable information. These are not mistakes made, they are to some extent coming from experience and actual successful attacks have been really rare, besides that at some point you cannot just call for boy scouts (SAS) at any point, time is a factor. So when I see: “Five people died in or around the courtyard, one of whom, Sebastian Belanger, 36, a French chef, could possibly have been saved if he had received swifter, higher-quality medical attention“, I accept the stage and I accept the premise, but the score on getting ‘higher-quality medical attention‘ is optionally not a realistic one, not in a location of armed conflict and so there we see the stage of time versus location versus available intelligence. We can jump high and low, but reality is a factor and I feel that the after the fact Monday morning quarterbacks are now feeding an inquest of what ‘might have been done’, and I accept I am in this view a Monday morning quarterback as well.

For the larger view we need to go to the actual inquest and I noticed something in day 20 (at https://londonbridgeinquests.independent.gov.uk/wp-content/uploads/2019/06/LBI-Day-20.pdf). The transcript gives us a side that was not part of the actual attack, yet it does involve Khuram Butt, it is actually a lot more important than you think for two reasons on opposite sides of the scale. The transcript gives us:

Witness M, you will appreciate that the investigation that you are here to help us with lasted for something in the region of two years, so I ’ ve got a fair amount to cover but I ’ ll try to be as concise as I can be.

You were asked questions by Mr Hough about the Transport for London employment and you told us that there came a time when you and your team learnt about this job that Khuram Butt obtained working at Westminster underground station.

A: That is correct , yes.

Q: So can I be clear : you learnt about this after he had begun working at that station ?

A: I cannot recall at what stage we learnt about him either seeking out employment or having that employment.

Q: Was that something that you – –

A: But we were aware of the fact that he was working at London Underground.

Q: So it wasn’t something that you learned at the application stage before the decision had been made as to whether they should give him the job?

A: I cannot answer that.

Q: Were arrangements in place at the time for the counter terrorism police to be notified by Transport for London of the names of people applying to be employed by Transport for London in vulnerable locations ?

A: I ’m not aware of any such arrangement. That’s not to say it doesn’t exist , but it ’ s not something I’m aware of .

Q: So to this day can Transport for London receive applications by people who might be terrorist suspects, the subject of ongoing investigations , and then a decision made to employ them without you or your partner agency being notified ?

A: So, again, I can’ t categorically say whether that process exists . That sounds to me that it’s something, if it did exist , would be more in the ”protect” side of our business.

It is important, and let us look at both sides of this equation. On the one hand if there was stronger vetting there was a chance that Khuram Butt might have been stronger on the radar, yet the attack would not have been prevented as the London Underground was not a stage and was not used to set the stage, more importantly there was a chance to set off alarms within Khuram Butt making him a lot more cautious, optionally resorting to a different style of attack. On the other hand, we see that this path would have given MI-5 up to 1500% more work, so a lot less resources to deal with optional more serious threats.

We see more in Day 20 (on page 4, paragraph 9, 10). Here we see the flags issue I raised earlier and the questioning party who is seemingly not all up to date on intelligence, more on finding a part to blame. When we see:

Q: In September 2016 the categorisation was downgraded to P2M, so the risk is now a medium risk, you told us?

A: That is correct. Yes, it was categorised down to a P2M.

Q: And when you dealt with this in your report at paragraph 5.9, you linked this decision to the fact that there had been no indications of actual steps to plan an attack.

A: That’s correct, that is in my report.

Q: But as you’ve accepted a number of times, from the very start, this is somebody who had, throughout, exhibited a degree of operational security.

A: We see that across the entire range of individuals we investigate.

Q: Yes. But an ordinary member of the public with nothing to hide is unlikely to be taking steps to avoid surveillance or to hide their activities; would you agree?

A: He’s not an ordinary member — he was not an ordinary member of the public; he was under investigation.

Q: But that of itself rings alarm bells, doesn’t it , if he is positively taking steps to disguise what his activities are?

A: It’s concerning, but it becomes more concerning when it is attached to other intelligence around other activity. And that will elevate the risk and elevate our posture and our response.

Q: After that decision to recategorise as medium risk, he then re-engaged, you told us, with ALM in the autumn of 2016.

A: So that – – that’s correct, that was the assessment at the time that he started to re-engage with other ALM individuals.

Q: He was also identified as having an inflammatory presence around other extremists, wasn’t he?

A: How do we know that?

Q: Well, you confirmed yesterday that you were aware of that and that’s information that reached you via MI5. We see it in the report of Witness L at paragraph 116.

A: Okay. So I can’t say with any certainty I was aware of that before that time, but just the mere presence — the mere fact that he was associating with other ALM individuals or becoming further engaged is of concern

I see this as an issue. The issue is not the interview, the issue is the available resources and the questioning party seems to live in la la land as there is the consideration that at any time all resources are available, that one clear failure makes the inquest a problem to some extent and that is merely looking at one day, merely Day 20. The focus on Khuram Butt being an ‘inflammatory presence‘, we could argue that this is a good thing, we could argue that pushing other extremists before they are ready is one clear sign to botch attacks (MI-5 will be pleased), the two parts in the transcript give rise to a larger failing, in part the inquest is set to a stage it does not comprehend, it does not facilitate a stage of comprehension where it concerns lone wolves and wannabe’s. In the second degree we see the push regarding re-engagement and the consideration of a medium risk person. Even as there is no valid intelligence giving us that direct action was called for (implied at least). So when I see ‘there had been no indications of actual steps to plan an attack‘, my less diplomatic view towards the barrister would be ‘move the fuck onwards barrister‘, if there is no indication of actual steps, there is no indication for acceleration of increasing profile surveillance, the resources are just not there.

It is the largest failing, not merely the fact that there is no SIGINT working on data that could have been worked on, the stretch on resources, what is available, its definition and the stage of recognising on how to use resources are in the wind and that failing matters, because that recognition is essential to stop attacks by an actual terrorist, a lone wolf or a wannabe, and as long as that part is not clearly in play, there will be more successful attacks and here I regard the premise of a successful attack any attack where more than 5 lives were lost.

We need to accept that choices have impact, we need to see that the attacks will continue and until we find a better way to register dangers this is how it will be and we need to see that the failing was larger, but there is no one to actually blame.

Consider blaming customs for allowing a failed asylum seeker (Rachid Redouane) going back and forth between the UK and Ireland, getting other places to live, is that landlord to blame? There are cogs that are not working for numerous reasons and when we realise that ‘the machine‘ is off its mark by a decent amount, we do not get to blame MI-5 (or GCHQ for that matter). When we consider that Youssef Zaghba might have made a claim and if GCHQ had a right at that point to capture all data regarding that person, there might have been a chance that together with the Khuram Butt data there was a decent chance that this could have been stopped (in theory), but that was not an option was it? Here the Data Protection Act 2018, as well as the application of the General Data Protection Regulation (GDPR) stopped GCHQ from getting essential results to report to MI-5, you wanted this so from my point of view you have to accept the dead people too. You cannot get it both ways, it is just not on.

There is, as I personally see it a larger failure in play, it is not MI-5, it is not GCHQ, it is not the police, it is us and the bullshit setting of privacy whilst we hand over all of our private lives to Facebook and mobile game data collectors, we are doing this too, we ourselves. We can optionally argue that there needs to be a better direct action armed response unit with a trained medic in these teams, but that is an optional investigation for another day, one that is far far away.

 

Leave a comment

Filed under Law, Media, Military, Politics

Tagged as , , , , , , , , , , , , , , , , , , , ,