“The ICO was astounded by the amount of personal data stored by political parties.” (They’ve been conducting forensics on hundreds of terabytes from servers seized under criminal warrant.)
Jan-Mar 2017 filed Subject Access Request with SCL (Cambridge Analytica)
July 4, 2017 filed complaint with ICO
May 5, 2018 ICO issues enforcement order to SCL (Cambridge Analytica)
June 4, 2018 SCL fails to comply
July 11, 2018 ICO issues report announcing criminal prosecution
My lawyer @RaviNa1k to @issielapowsky on the news that @ICOnews is proceeding with criminal prosecution for failing to comply with enforcement order to fully disclose my voter profile data set as required by UK law. wired.com/story/uk-regul…
The interim #ICOReport investigation team has not yet completed the forensics to establish provenance and lineage of the data sources and models. Still fact-finding on scope and scale of ‘contamination’ ico.org.uk/media/action-w…
Thanks to all of you who have been following this data quest from the beginning. Your support has been essential in getting us here.
Important to note how both Facebook and AggregateIQ attempted jurisdictionally evasive maneuvers with the cop on the data crimes beat. #ICOReport#CambridgeAnalytica
Worth noting that this #ICOReport is essentially non-partisan given that a Remain campaign UK DPA violation may have been snagged in the dragnet.
OK folks now dig into the second #ICOReport released today “Democracy disrupted? Personal information and political influence” ico.org.uk/media/action-w…
Social media as a means to bypass the legacy infrastructure (and its guardrails and norms) to manage “marginal gains” — sound familiar?
The ICO asked all UK parties with seats in the House of Commons to document their data practices. Only UKIP refused and the dispute went to the tribunal where it was dismissed, its appeal decried as “inaccurate” ico.org.uk/media/action-w…
Wow. ICO basically saying once your data is attached to your voter registration then predictions are considered fair game for full disclosure. This is a big win for us.🥂
Keep hammering on Facebook Custom Audiences. It’s where the rubber hits the road. We still don’t know extent of tainted data being uploaded to Facebook Custom Audiences, as data models get forensically deconstructed.
Seems to me that Facebook failed to build any means to detect abuse of Custom Audiences. It’s a reckless feature and if Zuck had any integrity, he’d order a moratorium on it, for ethics review at minimum. #ICOReport
Remember that Cambridge Analytica (SCL Elections Ltd) bought data from at least Acxiom, Experian, Infogroup. So pretargeted enriched matched voter files up uploaded into Facebook for another round of data matching PII to data brokers? techcrunch.com/2018/06/06/cam…
OK we’re getting to the part where Facebook gets eviscerated for its dark patterned privacy “controls” and genuine faux transparency
ICO calls for an “ethical pause” (shortly after commanding Facebook to stand-down to issue a criminal warrant to seize servers.) Will this industry respect their regulator’s urgent call for a moratorium recognizing the new threat models of digital campaigns?
ICYMI that fateful day in March 2017 when I tweeted my Cambridge Analytica data request in a consequential thread. Now it’s been officially recognized as an inadequate response. Criminal prosecution is up next.
i mean we’re in web2 and i have unbearable nostalgia for web1 so im dreading nostalgia for web2 tbh
[future tweet or its future onchain equiv] remember when we could like go to a website and just block the trackers since the fraud bots were stealing traffic anyways and now there’s gas fees for everything and it’s always in a different token that needs converting (more fees)
whenever i wonder if web3 cryptochain could actually eat the world like adherents insist i do the thought experiment of an airline DAO 100% onchain
so if i’m understanding… by creating unauthorized financial instruments of another’s work (here: inspired-by-but-unaffiliated NFTs) it’s trafficking the derivative value of the original work by engineering a literal derivative for capitalist ‘enclosure’ rhea.art/welcome-to-the…
Especially considering how the real ClearviewAI endgame is SCOTUS showdown where surveillance is declared protected speech under 1A à la Citizens United
It’s basically a race against time. What happens first? An act of Congress and/or Constitutional Amendment enshrining a generalized right of data protection inclusive of biometrics as a 1A carveout to preserve privacy
or
ClearviewAI gets its shot before Trump’s Scotus
Nothing has changed. Facebook is still optimized for scamming gullibles and susceptibles with content fraud. Only thing that’s changed is internal reports have leaked that Facebook knows its platform is perfectly optimized for content farms and their fraudulent tactics.
Industry always says microtargeting is essential for small businesses in its grand self-defense—especially the foreign scam artists who profit from fomenting social disorder and chaos in the USA because Facebook wants you to do that because that’s how you make the most money.
Can’t believe so many give credence to feta leaving the EU. The real story is USA needs a generalized data protection regulation to achieve adequacy and preserve transnational data flows because Max Schrems will blast any dumb treaty that comes next.
Industry think tanks can dream of fanciful new “Schremsproof” treaties all day long because they get paid the big bucks but a GDPR for the USA is the only “durable” solution here. #DataRightsAreHumanRights
As US states go all-in on sports betting, it’s worth taking a peek at the data market for pseudonymous identifiers pulsing behind the screen in Europe and then imagine practices that aren’t worried about national general data protection laws because they don’t really exist here.
(I would guess the GDPR does not provision for such a grotesque abuse of sensitive personal data, but as you can see in the thread, my lawyer @RaviNa1k is often batsignaled when the persistent questions of data protection enforcement arise.)
But my point is the same: the USA needs a GDPR. A generalized data protection regulation that applies nationally and horizontally. We do not need a data privacy law for sports betting. That is beyond pointless but that is what Congress knows how to do (lobby a bill with industry)