Why do we need data protection laws?

Here's why: https://www.bloomberg.com/news/articles/2018-08-30/google-and-mastercard-cut-a-secret-ad-deal-to-track-retail-sales Short version - if you buy something in a US store with your Mastercard, they tell Google about it. Google then reconciles your purchase with your advertising exposure while logged in with a Google account, and sends a report to advertisers to show how on-line ads drive offline sales. This is, of course, … Continue reading Why do we need data protection laws?

The ICO reads my blog!

[Link updated as the ICO has moved its blog] On the 25th of April, I wrote GDPR: you're all getting it wrong. On the 9th of May, Steve Wood (the Deputy Commissioner) wrote this: https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2018/05/blog-raising-the-bar-consent-under-gdpr/ See? I may be a voice in the wilderness, but I'm not (always) wrong.

Meltdown, Spectre and other James Bond movie titles

Hoo boy. Here we go again. More silly codenames, more incomprehensible tech gobbledegook, more security flaws, more worry. What does it all mean? I’m not going to give a detailed technical explanation. The best one is here. The very very short version is that processor speeds have run ahead of memory speeds for some time, … Continue reading Meltdown, Spectre and other James Bond movie titles

It’s 2018 and we still can’t get basic things right

I wrote a blog entry five years ago, explaining why using security questions for password resets was a bad idea. (Why “improved” on-line security could compromise your bank account). It's still true, and we're still getting it wrong. Last week saw an American fined about £200k and sent to prison for nine months for hacking … Continue reading It’s 2018 and we still can’t get basic things right