El Reg uses doubleclick... tracking straight back to Google.
505 publicly visible posts • joined 24 May 2010
TSA doesn’t retain the details of people’s faces—what’s called biometric data—after the comparison is made. “Biometric data is overwritten as soon as the next passenger steps up to the queue,” Langston says. “And then, when the technology is turned off at the end of the day, whatever storage system in there dumps completely. There is no saved image.”
But Langston acknowledges that, until this week, some of travelers’ biometric data was collected and sent...
So, the statement "There is no saved image" was a lie. Obviously every image is sent to NSA/FBI/etc. Why not? Nobody in the surveillance chain suffers any ramifications should the truth come out.
TeleSign told The Register it was compliant with the law, saying: "Telesign has in place a data privacy program, which encompasses global law and regulations including the General Data Protection Regulation (GDPR) and the California Consumer Protection Act (CCPA). The company constantly reviews internal policies and practices to maintain compliance with the evolving regulatory landscape."
TeleSign told The Register it was compliant with the law?
No, they didn't old chap. "data privacy program... encompasses global law and regulations" does not mean "abides by the laws", just means that the laws are taken into account. Not quite the same thing.
"Average" could be mean, median, or mode. Same answer in a Normal distribution. Definately not in a distribution such as personal assets, where a few very large values (billionaires) skew the mean way up and give a false impression.
TL;DR If an article says average as opposed to declaring the statistic to be one of mean, median, or mode... then the argument is probably biassed.
Two basic choices to explain badly managed layoffs, which destroy molare in remaining employees:
1. Poor management, in which case the company is surely at risk of failure because poor management is rarely siloed.
2. Deliberate policy, to encourage others to resign before the next wave of let-goes.
Either way, wouldn't want to be an investor.
The UK is under DPA, as you say, not the GDPR.
Sure, the DPA wording was copied across because UK was subject to GDPR before Brexit.
But now, the UK can change what's in the DPA, and I'm sure they will to weaken citizen protections and attempt to attract FB from Ireland. And then spend 10 years pretending to the EU that the changed DPA is equivalent to GDPR...
Data privacy lawyer Kingsley Hayes, head of data and privacy litigation at Keller Postman UK, said the "ruling is good news for people seeking compensation in data breach cases, as it provides a clearer path to seeking damages for GDPR violations."
Except GDPR doesn't apply in UK since Brexit.
NHS England said that patients would not be allowed to block the transfer of their data under the National Data Opt-outs programme since the data was due to be "anonymized in accordance with the Information Commissioner Office's Anonymisation Code of Practice before being released."
Well, you can grab that here: https://ico.org.uk/media/1061/anonymisation-code.pdf
Foreword: "This code of practice is not a security engineering manual, nor does it cover every anonymisation technique."
It actually doesn't give a code of practice, but rather a newbie's guide to anonymisation. In Annex 3: "In this annex, we will set out a few examples of the anonymisation of data, to indicate the range of techniques available to the information manager."
It advises the get out jail free card: "The DPA does not require anonymisation to be completely risk free".
Nutshell: Do something, and if it fails you are not liable.