"I think it means that,"
To which someone should have replied
"It is your job to know what it means, and you are doing the part of your job that pertains to knowing what it means."
The government has moved to allay fears over amendments to the Data Protection Bill that critics say could undermine both the law and the powers of the UK’s privacy watchdog. The changes, for a Framework for Data Processing for Government, were quietly inserted at the Bill’s final committee stage in November – but soon faced a …
Up to a point, Lord Copper.
But wasn't it a Minister speaking? His civil servants (whose job it really is) may have explained it ambiguously, or even misleadingly, to him.
Think Sir Humphrey. He misleads Hacker into giving unwittingly wrong answers in parliament a few times. And in the matter of Big Brother surveillance (series 1, episode 4), it's Humphrey pushing the state's power-grab while the minister fights to protect the rights of his citizens.
“I hope that by the end I will be able to convince noble Lords that this is not quite as sinister as has been made out,” Ashton said in his opening remarks in the discussion.
So he's trying to divert attention from the fact that the bill gives the Secretary of State the power to make arbitrary changes to the functional content of the bill at whim? And this is not "as sinister", inappropriate or just downright contrary to democracy or a fair and accountable society?
So he's trying to divert attention from the fact that the bill gives the Secretary of State the power to make arbitrary changes to the functional content of the bill at whim?
This has been an increasingly common practice since the time of Blair. This is termed "secondary legislation", and there's absolutely tons of it, because it makes life far easier for shithead politicians to do as they want, without the embarrassment of having to put all the detail through parliament.
More than 48 hours. If you make the discovery at 4:00 on a Friday afternoon and don't report it before you go home, then 8:00 the following Monday is a whole 64 hours away.
And if there's a public holiday, of course...
And yet it can't mean "72 working hours". Assuming a standard 8-hour day, that would be nine days; if the discoverer is only working part-time, it might mean several weeks. And I don't think TPTB would stand for that.
So I think it has to be "72 hours by the clock", and if you do make the discovery at 4:00 on a Friday - unless you want to work that weekend - you'd better be able to show that you sent the email about it before you went home that day.
Moral: don't do reidentification research on Fridays.
Either there is a framework in place and that framework should be respected, or there is none. Allowing someone to exempt themselves from a framework means that there is, in effect, no framework.
So revise the framework and impose it, otherwise this whole thing is just a PR exercise.
If someone has found that the data is fallible then they should be able to report it to the government whenever they can, putting 72 hours on it is a complete waste of time, what if you miss the deadline do you just leave the data vulnerable? What if you're not sure and to be sure it's going to take you some time? Something I can see happening quite often.
Clearly this has nothing to do with protecting data and is being used to scare people off from investigating the integrity of the data in the first place. I hate to be the bearer of bad news but malicious actors won't give a flying f*ck about the 72 hours and trying to deter the people that will help stop them sums up the stupidity of government.
That's my assumption as well, and I see the point of that; otherwise any crook can just turn round, claim to be a researcher and simply "not have reported it yet".
Whether 72hrs is the right number is a fair question, along with how extensive the report is.
If it's a simple "Dear ICO, I believe that combining X with Y can reveal Z, but I'm sitll working on. Cheers" then that could be reasonable. If we're talking about an indepth analysis, then that's a different situation.
“I hope that by the end I will be able to convince noble Lords that this is not quite as sinister as has been made out,” Ashton said in his opening remarks in the discussion.
It just allows the secretary of state to change the framework at their every whim, so not sinister at all.
Being allowed to change framework at their every whim is not democracy.
“I hope that by the end I will be able to convince noble Lords that this is not quite as sinister as has been made out,” Ashton said
But they admit it's sinister, they just disagree the level of sinister, presumably, it's perfectly acceptable to be sinister as long as it's the government.
It's quickly getting to the point that anarchy with no government would be more humane than the future the mentally challenged architects of the new age in the UK would have it, by intent or mismanagement.
“I hope that by the end I will be able to convince noble Lords that this is not quite as sinister as has been made out,” Ashton said in his opening remarks in the discussion.
To be pedantic, this is not a denial. "I hope that by the end I will be able to convince [you]" isn't the same as "it's not true". The sentence simply expresses the speaker's aspiration to make the listeners believe something, regardless of whether it is true or not.
And as Teiwaz has already pointed out "Not quite as sinister" still means it's sinister, just a tiny bit less than supposed.
I hope he was very much clearer in denying it during the rest of the debate.
STOP.
Seriously. How are we going to be able to continue this without an official El Reg standard for sinisisterism?, er, sinisterishness? drat, sinisterishlyness? maybe sinisterness? Whatever. We need a proper measure for this. Maybe even some spelling as well.
Where is the El Reg standards soviet when we need them?
FTFY
Funny how with data "protection " legislation the clauses that allow government civil "servants" and their alleged "masters," to do WTF they want when they want are very carefully drafted to do so, while the actual protective ones are ambiguous to the Nth degree with many, and varied exclusions, reasons-not-to-report certain behaviours etc.