A strict interpretation of Art. 14 GDPR (the obligation to inform individuals whose data was gathered from third party sources) in the first fine issued by the Polish DPA:
Many persons whose data were processed by the company were not aware of this. The controller did not inform them about the processing and thus deprived them of the possibility to exercise their rights under the General Data Protection Regulation (GDPR). Therefore, they had no possibility to object to further processing of their data, to request their rectification or erasure.
(More detailed discussion on TechCrunch)
Cookiebot's report "Ad Tech Surveillance on the Public Sector Web" tells numbers on the disconcerting degree to which government websites expose citizens to private-sector surveillance:
Ad tech trackers were found on 89% of official government websites of EU member states. Deep domain scans were performed on 184,683 pages on all EU main government websites, using the Cookiebot scanning technology
Vulnerable citizens who seek official health advice are shown to be suffering sensitive personal data leakage. Their behaviour on these sites can be used to infer sensitive facts about their health condition and life situation. This data will be processed and often resold by the ad tech industry, and is likely to be used to target ads, and potentially affect economic outcomes, such as insurance risk scores.
The Prototype Fund on considerations href of moving some parts of their operations to ever more use of open source software (specifically: self-hosting their e-mail newsletter):
Not always is moving to an open source solution the only sensible way. Sensitive data on your own server with an unaudited application is not necessarily the best idea. Open source applications are not automatically more secure. This is why it is important to weigh up the advantages and disadvantages of each step, especially in the area of privacy vs. data security. Sometimes an existing service may also be the better solution in the interests of those affected; open source as an end in itself is not sufficient motivation. [translation: DeepL, edited]
"How we made the country’s most accessible grocery shopping app (without anyone noticing)" - Justin Stach on taking subversive action to implement a retail app accessibly against management's preferences, guerilla-style:
At the very best people will ignore you and leave you to get on with things. So we just chose to do it and we were lucky enough to have a team of people that for various reasons didn’t care about what our bosses thought. In all other conversations that we’d had with Directors and leaders, we’d walked away with a the usual ‘it’s nice to have but it’s not a priority right now’. We all knew from past experience that our ethical arguments, our assertions about the Tesco brand, its values and our business cases would simply be ignored.
On the FAZ (text in German), Mexican author Airen shares the fascinating story href of how a weekly-distributed USB stick - "El Paquete Semanal" - serves as a proxy for internet access in Cuba:
[The USB sticks] reach the larger cities by train, plane or ferry, from where on countless distributors take over, bringing the data package like newspaper boys to the subscribers' door. López estimated the distribution network at 50,000 helpers. This would make El Paquete Cuba's largest private employer. [translation: DeepL, edited]
A Guardian op-ed introduces Polly Higgins' fight to establish criminalization of destroying the planet:
She is a barrister who has devoted her life to creating an international crime of ecocide. This means serious damage to, or destruction of, the natural world and the Earth’s systems. It would make the people who commission it – such as chief executives and government ministers – criminally liable for the harm they do to others, while creating a legal duty of care for life on Earth.