Posts by Doctor Syntax

Re: Ransom demand

"Can they really have only received one ransom demand?"

No, but only one's genuine. They're trying to work out which it is.

From the Grauniad's article '"Mike McCoy, the company spokesperson, said: “We understand that a clause in our severance agreement was misconstrued versus its use in actual practice"'

"Misconstrued versus it use in actual practice?" What sort of garbage is that? The construction that everyone's been placing on it is based on what it said. Actual practice may usually be something different but the reality was that the possibility was hanging over all their ex-employees. It may have been some careless drafting by HR which said something other than was meant but you really shouldn't draw up legal documents that say what you don't mean.

Maybe whoever was responsible in HR has now been sent on his or her way with assurance that they will not be called in help at a later date, paid or unpaid.

Re: Humans fail too often

"In the future I expect to see more automated AI type systems that handle the coding side for you. Entrusting important long term solutions to fleshy meat bags is a lost battle."

Who writes the AI?

Re: How to save money in IT

"what happened at SunTrust looks like moving it from one pocket to another"

And possibly the other has a hole in it.

"Needless to say my answer, in short, was 'no'."

Bad answer. The correct answer is to name a price that will require authorisation well above the manager's limit so what he's done, and its consequences, will be visible further up the ladder. Only then, unless you're actually available for the gig, do you say 'no'.

Re: They don't call El Reg a redtop for nothing...

Go one step further & read Computerworld's linked article analysing it. They compare it with an earlier severance clause used by the bank and there are some differences. The earlier clause is much more restrictive on the circumstances in which it can be invoked. The intention may have been similar and the differences due to some casual editing by HR. However it's the agreement as it actually exists that matters and everyone in tech should have learned to pay attention to what a document doesn't say.

Re: Oh, Ohh OOhhhh, oooh pick me! Pick me!!

I've recently had some success in enticing SEO spammers into an exchange of emails but as I've no website to offer them I've not succeeded in wasting too much of their time so far. I'm tempted to work out some complex phraseology that means "don't click this" when analysed carefully but at first glance seems to say the opposite and then drop in a link from whatever phishing scam has turned up recently.

Re: Date of birth

@DarkOrb

"Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes."

So if you only took DoB for credit checking you've failed on that data protection principle.

"Credit check"

In that case they don't need to keep it. If that's the only reason and they keep it anyway they fail data protection principle 5: Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

That, of course, is in addition to failing 7: Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

"One of the questions is why do they want a DOB?"

Because this piece of information which people are asked for in all sorts of circumstances is a shared secret between themselves and their customers to help identify said customers?

"Why, in my mind, does this translate into 'all of our customer's data has been compromised'?"

And why does all the stuff about constantly updating systems seem to be missing 'in the future'?

Re: Warning! Incoming - JimS

"Windows 10 however, upon being told to look for printers on the network, found all of them almost instantly and set itself up with absolutely no intervention from me."

Quite the contrary to my experience with the brief insider test. Firstly it confined itself to a subset of my LAN & would never have found the printer. Secondly, once some fixes had been rolled out to change subnet masks it still didn't help because it didn't have a driver for the printer, HP2030. I went to the HP site & downloaded the W8 version which worked OK. Maybe they ported more drivers later but this was getting close to release date.

Re: This is the sole reason I haven't had my DNA tested

I'd turn that statement round. I have no reason to have my DNA tested.

"I could either co-operate, or they would use a tuft of my hair removed by force and slap an assault charge on in addition."

That doesn't sound like an effective way to get the evidence admitted in court.

"Nice idea but for the most part, impractical. Lawsuits cost money "

If this were evidence that the prosecution were attempting to put forward for a criminal offence you'd be in court anyway. They'd have to prove reasonableness in order to get the evidence in. I don't know about US criminal proceedings but I hope that's how it still works hereabouts.

Re: Highly suspicious refusal

According to the ECJ's statement the DPC weren't aware that they had the right to investigate. Presumably there was no precedent in the matter to make it clear that that right existed. It's as well to remember that at the core of the matter is the behaviour of government bodies acting illegally. It isn't reasonable to expect the DPC to act if they had no right to do so when that's what we're all complaining about. So Schrems sued them in the Irish High Court who then booted it up to the ECJ. If the ECJ hadn't agreed with him he might have found himself paying the DPC's costs. Remember that he started it out in his own court system in Austria & they told him to raise it with Ireland.

Overall what's happened is that due process of law has been followed and it's due process, or the lack of it, which is the basis of the Safe Harbour's failure. It needed to go to the ECJ to get everything clarified. It may seem wrong that it required an individual to do this but that's the way case law works; it needs cases. Now there are rulings which can be used by other DP regulators.

Again it's worth remembering that if you want to complain about due process not being followed you can't really cavil about due process being followed when that complaint is handled.