Account Share

 

Thread by @PrivacyMatters: "1/ Facebook “in the spirit of providing privacy protections that empower individuals and are implementable by innovators, we wish to highlig […]" #Kenya #WhatsApp

, 36 tweets, 7 min read
Profile picture
1/ Facebook “in the spirit of providing privacy protections that empower individuals and are implementable by innovators, we wish to highlight some aspects of the Bill and Policy that may need further consideration in light of #Kenya’s goals for its digital economy”
2/ Facebook wants to remove the requirement for registration entirely because ‘accountability” will deal with this.

“we recommend appropriately limiting the Bill’s applicability by clarifying that “personal data” belongs to data subjects in Kenya”
3/ “We also suggest revising the definition to account for information that is linked may be “reasonably linked” to data subjects, rather than information that is merely “relating to” a specific natural person. “
4/ “For instance, a person has brown hair” arguably “relat[es] to” a natural person, but, without more, it could not be linked back to that person” ..... <wait for it ..... her comes the but/and ....
5/ & “In addition, we suggest aligning the definition with international standards by specifying that information that has been de-identified or that is obtainable from publicly available sources is excluded from the definition” <wow . Publicly available info should be excluded
6/ so is this Facebook saying that personal data in the public domain should be exempt entirely from the definition / scope of the Kenyan Data Protection Bill - if so, wow.
7/ Hey Kenya, “don’t fuck with our business model” <Facebook didn’t really say that but .... 8/
8/ “‘location’ data should be narrowed to cover precise GPS locations – not location in general, which could include the country where a person is located or more general types of location that are reflected in the Internet protocol address a person uses on a network”
9/ “we recommend the Ministry for moving away from its previous approach that relied heavily on consent in favor of the model provided by Article 6 of the GDPR, which recognizes multiple legal bases under which data may be processed (including consent)”<remember #WhatsApp ?
10/ “research shows that requiring consent too frequently can result in what is known as “consent fatigue,” in which users are asked to provide consent so frequently that they stop paying attention to the privacy notices presented to them” <Oh Facebook 🤦‍♂️ techcrunch.com/2018/05/25/fac…
11/ 👀 “amend the bill to focus more directly on people’s expectations about how their information will be used – imposing higher obligations in cases where a use is inconsistent w/the context in which information was collected or the entity’s relationship with the data subject”
12/ Hey Kenya. Think of our bottom line won’t ya.> “The Bill provides several collection, purpose, and retention restrictions that are incompatible with the flexibility required for a modern data economy”
13/ Facebook. Really. You shouldn’t. You’re being too kind. It’s embarrassing. Really. We know you care> “As an overarching principle, we support the Bill’s notion that data should be processed “lawfully, fairly, and in a transparent manner.” < oh. Wait. 👉 HOWEVER
14/ “However, the Bill also requires that personal data only be collected for “explicit, specified, & legitimate” purposes,” “not further processed in a manner incompatible with those purposes,” & that all personal data collected be “adequate, relevant, & limited to ....” /15
15/ ”what is necessary in relation to the purposes for which it is processed. In addition, the Bill requires that collected personal data be “kept up to date, with every reasonable step being taken to ensure that any inaccurate personal data” be erased or rectified without delay”
16/ “Although we believe it’s important for people to know when their information will be used for purposes that are significantly different from what they were orig told, the Bill should reflect that data may reasonably be collected for more than 1 purpose in the 1st instance”
17/ “the reasonable data subject has certain expectations that his or her information may be used and processed in a variety of ways in order to offer a variety of services” <I’d love to see @Facebook’s research on what are the expectations of a ‘reasonable data subject’ 🤔
18/ “Finally, we suggest removing the requirement that data be kept “up to date.” First, we anticipate this requirement will be too burdensome for many orgs, especially when the data subject is in the best position to identify and correct inaccuracies in their own personal data.”
19/ Oh @facebook You really are being too kind. “We believe that everyone deserves strong privacy protections, including many of the data subject rights reflected in the Bill, and we support the idea that people should have basic protections for their data across organization” 👉
20/ 👉BUT “As the Ministry considers the specific approach to adopting these data subject rights, we encourage you to anticipate situations where those rights should be limited to protect other important interests” <‘did we say don’t fuck with our biz model yet?’
21/ “data subject rights would not apply in situations where exercising these rights would: (1)enable fraud or other unlawful activity,(2) interfere with law enforcement or judicial activity,(3) undermine privacy or data security interests of others,(4) be unduly burdensome or..”
22/ “.. excessive, (4) reveal proprietary assets or business insights, or (5) require the collection or processing of additional personal information about the consumer.”
23/ “We also encourage the Ministry to recognize that the exercise of certain data subject rights may mean that an organization will not provide requested products or services to an individual” 👉
24/ “For instance, if a particular service relies on the processing of a particular piece of data, the organization providing that service may not be able to provide the service if the data subject does not allow the data processing” 🤔worries over consent perhaps ..
25/ 👉We like rights but

“when a person exercises the right to object to the use of his or her information for direct marketing, the Bill should anticipate that a company may no longer provide services that are funded through advertising to a person who does not wish to see ads”
26/ “To avoid these unanticipated complications, the Ministry might decide to amend the right to object to processing of data so that it extends only to uses of data that are materially inconsistent with the uses disclosed by the data controller/processor ..” 27/
27/ “or with the relationship between the data subject and the data controller/processor” < Oh Facebook. A right to object to direct marketing is a “unanticipated complication.”
28/ Facebook says it likes transparency but “we recommend that the notice obligations under the Bill be modified so that notice is not required to be given before the collection of personal data” ... 29/
29/ “Although prior notice is in many cases desirable, research suggests that in many instances just-in-time notice – that is, notice contemporaneous with the data collection – is preferable, and may in some instances be a more effective way to educate people”
30/ eg “when people share photos on Facebook, they’re given the opportunity to review & control whom they are sharing such photographs with at the same time. We believe this [approach] can be effective at informing users of their choices than lengthy privacy notices” <needs both
31/ “we recommend narrowing the breach notification obligations to
circumstances in which the breach is likely to result in a material risk to the rights and freedoms of natural persons”
32/ Hey Kenya. Won’t ya think of our bottom line! “We are encouraged .. that the Commissioner is explicitly charged with promoting self-regulation among controllers & processors & suggest that the Bill also charge the Commissioner with promoting innovation, as well”
33/ ok. “Adopting provisions that enable unusually broad government access to data raise meaningful concerns for companies that may seek to do business in Kenya, and could also complicate Kenya’s effort to achieve findings of adequacy under foreign data protection regimes”
34/ “in several places the Bill contemplates imprisonment as a penalty, an approach that is highly unusual in data protection legislation. To maintain parity with most modern data protection regimes & avoid disincentives for foreign entities to partner with Kenyan businesses or”
35/ “.. further invest in Kenya, we encourage the Ministry to modify the Bill to focus on financial penalties subject to a reasonable cap, such as a flat amount specified by statute or a percentage of the revenue the entity earned in Kenya during the preceding year” <$$$
36/ link to Facebook’s submission to the Kenyan consultation on a Data Protection Bill ca.go.ke/wp-content/upl…
Missing some Tweet in this thread?
You can try to force a refresh.
Profile picture
This content can be removed from Twitter at anytime, get a PDF archive by mail!
 This is a Premium feature, you will be asked to pay $30.00/year
for a one year Premium membership with unlimited archiving.
Don't miss anything from @PrivacyMatters,
subscribe and get alerts when a new unroll is available!
Did Thread Reader help you today?
Support us: We are indie developers! Read more about the story
Become a 💎 Premium member ($30.00/year) and get exclusive features!
Too expensive?
Make a small donation instead. Buy us a coffee ($5) or help for the server cost ($10):
Donate with 😘 Paypal or  Become a Patron 😍 on Patreon.com
Related hashtags:
#Kenya #WhatsApp
More from @PrivacyMatters see all
Profile picture
1/ Lots of attention yesterday to @apple’s Privacy developments. Don’t forget it’s still a data company though and makes money off data. I’d like understand from @tim_cook know why on iOS, users cannot set the default search engine of THEIR CHOICE? ..
2/ @Apple only allows one of four predetermined search engines from @google @yahoo (think @oath ) @bing @DuckDuckGo The default is automatically set by Apple to the @Google search Engine - Privacy by Design? I don’t think so. So .../
3/ on what basis does Apple allow @google @Yahoo @bing @DuckDuckGo to be the chosen four? Purely altruism? Some quid pro quo?

I will be ready to ask @tim_cook about this at the @icdppc2018 given that Mr Cook is due to give a keynote.
Read 16 tweets
Profile picture
1/ I took quick look at the Facebook Portal portal.facebook.com

As usual, the devil is in the ambiguities of what Facebook says & of course what it doesn’t say. After all, this is a company that has mastered #DeceptiveByDesign approach, to privacy (think #WhatsApp)
2/ #FacebookPortal Facebook says the Portal is 'Private by Design’ and was "created with privacy .. in mind.” Well, that depends on what you mean by 'private’ and ‘privacy’.

It’s not ‘private’ in the sense that you can't prevent Facebook hoovering up all your data.
3/ Let’s check a few of the Facebook Portal FAQs. But first, having a Facebook device in your living room or bedroom is like putting Dracula in charge of the blood-bank.

#DataVampires
Read 39 tweets
Profile picture
1/ 2017: @EU_Commission Communication on 'Exchanging and Protecting Personal Data in a Globalised World’/ 3.3.1. Promoting data protection standards through multilateral instruments and fora.
@EU_Commission 2/ "the Commission encourages accession by third countries to Council of Europe #Convention108 and its additional Protocol.” “The Convention .. is the only binding multilateral instrument in the area of data protection."
3/ "the @EU_Commission will actively promote the swift adoption of the modernised text [of #Convention108+ ] with a view to the EU becoming a Party"
Read 5 tweets
Related threads
Profile picture
all of us have been playing our roles in the great cultural drama that leads to sex, which our ancestors have shrouded under layers and layers of shame. in this drama, the man is trained to ask, to keep pushing till he gets a yes,
and the woman is trained to either be horrified or to play coy because otherwise the same man will call her a slut. we have all been assigned roles we never agreed to play. both women and men. we never signed up for this.
this space between push and resist is very VERY murky. it is a space that contains violence. men have for centuries been blind to how violent it is because it "won" them sex. if you are a man,
Read 8 tweets
Profile picture
Morning campers! I’ll be live-tweeting from the European Court of Justice today about @Google’s “Right to be Forgotten” hearing.

What’s the main point? Should Europe (or France’s #privacy regulator) be able to apply its rules over the internet worldwide.

A recap:
La Vanguardia, a Spanish newspaper, published records in the late 1990s detailing the debt delinquencies of Mario Costeja.

About a decade later, Costeja sued, saying that the publication breached his right to privacy.
After a lengthy legal dispute, the case was referred to the ECJ which, in 2014, ruled that individuals had the right to ask that search engines like @Google remove links (but not the underlying webpages) from search results
Read 60 tweets
Profile picture
001/ [article content in this tweet series 001-180 reproduced with permission from Martin Howe QC of Lawyers for Britain @lawyers4britain]
#quote "Leaving the EU on WTO terms: pulling down the barriers to world trade
Introduction: why prices will FALL after Brexit, not rise" /002
002/ #quote "Over the past couple of weeks, the media have been full of lurid scare stories about what will happen if the UK leaves the EU on WTO terms, because negotiations with the EU do not result in a withdrawal agreement." /003
#tariffs #NoDeal #Brexit #WTO #ProjectFear #shortages #food #medicines
003/ #quote "One of the most ridiculous and UNJUSTIFIED of these absurd scare stories is that it will lead to higher prices, and even shortages, of foods and medicines." /004
Read 180 tweets
Profile picture
A commenter recently had a different take on the Lot example I gave yesterday - fleeing the corruption of the Church as Lot fled from Sodom. This is an interesting take, but I think the analogy isn’t quite on target:
First, let's rewind a bit. Abram was not told to bring Lot along when he left Haran to go to Canaan. But he did. He was told to leave his “country and kindred” and go to a land he would be shown.
Anyway, upon returning from a brief period in Egypt, Abram and Lot's herdsmen fight, so they decide to separate. Lot gets to choose first and chooses based on what he saw with his eyes - the well-watered areas of the plain of Jordan.
Read 25 tweets
Profile picture
<pops open bonnet of car>
Mark: "There you go, there's the engine. 4 cylinder petrol engine"
@CommonsCMS: "Where are the horses?"
Mark: "Horses?"
CMS: "We heard it's a 100 Horsepower engine."
Mark: "That's just a metaphor…?"
.@CommonsCMS: "No, we know there are horses. That engine is a black box. You're not being transparent about where the horses are."
Mark: "But that's not how cars really work…"
CMS: "Everyone knows that cars are driven by horsepower. We want to see the horses." #algorithms
Author's Note: this may sound like whimsy, but it's only a few years since I had the following conversation with a member of a London-based "civil society" campaigning organisation:
Read 9 tweets
Profile picture
#Facebook thread:
Ahead of Zuckerberg's Congress testimony, a quick revision guide.
All you need to know about Facebook (and why you should be concerned), brought to you by the Observer/Guardian's investigation into data and democracy...
Hard to believe it was less than a month ago that @carolecadwalla broke the story about GSR harvesting 50m+ Facebook profiles for @CamAnalytica to use in political campaigning:
Revealed: 50 million Facebook profiles harvested for Cambridge Analytica.. theguardian.com/news/2018/mar/…
Via the first major interview with @CamAnalytica whistleblower @chrisinsilico which explained Facebook had known about the leak for at least 18months and detailed Robert Mercer / Steve Bannon's central roles ‘I made Bannon’s psychological warfare tool’: theguardian.com/news/2018/mar/…
Read 26 tweets
Trending hashtags
#Spain #Trump #redpilled #Socialist #nationalism #importation #NewtonInterviews #campaign #HillaryClinton #Bitcoin #WeThePeople #NordicModel #goods #Duterte #FacebookHack #conservatism #cognitive #regulation #GreatDepression #Bush #terrorism #UK #discrimination #global #notallgeographers
Did Thread Reader help you today?
Support us: We are indie developers! Read more about the story
Become a 💎 Premium member ($30.00/year) and get exclusive features!
Too expensive?
Make a small donation instead. Buy us a coffee ($5) or help for the server cost ($10):
Donate with 😘 Paypal or  Become a Patron 😍 on Patreon.com