A good idea, and not dissimilar to the UK’s code of practice:


QT robpegoraro: Stamos urges the equivalent of a food-safety label for IoT devices to spell out details like:
* Does this need the Internet to work?
* Who does it talk to online?
* What data does it send?
* What power does the cloud have over it?
* The big one: For how long will it be patched?

"Together with the Archbishop of York, Stephen Cottrell, he has written to senior members of the Church, telling them confidentiality agreements are no longer to be used."

“no longer used” v “ripping up all existing NDAs”.


It’s one of those mornings when, following a conversation with someone else about *their* pricing, I wonder if ours is just too low for what we offer.

Ah, the joys of running a business.

Join me, and many others, talking about international transfers of personal data this Thursday.

Or don't.

It's up to you.

But don't say you weren't invited.


QT EdinaRl: We have a fantastic lineup of academics on panel 1 @macsithigh @karenmccullagh @mikarv @Hacken_backer & reps of @DCMS @DPCIreland @the_cipl @OpenRightsGroup @ICCLtweet @HoganLovells @neil_neilzone on panel 2. And a huge number of registrations...

What would have been sensible? Checking that there was an arm64 release of matrix-synapse in the official repo before planning a migration to an RPi4.

With apologies to anyone hoping to contact me on matrix/element tonight, it probably won’t work as I’m on an older homeserver.

Yes! Being “normal” is hugely overrated, once you get comfortable with it.

QT AdvocateDVB: @tim2040 biggest compliment I’ve received is that I’m not a “normal” lawyer. I like that. It means my clients come to me for me & it works for them.

I like you because you inject your humour into stuff, you’re practical & so your training appeals.

Continue as a deranged insurgent 👍

Wow... that's quite a reaction.

And probably quite a popular one, which I guess must count for something when it comes to prioritising political action.


I suspect that this is Tim's understated way of announcing the launch of the 2040Training UK GDPR rap album.

QT tim2040: The most sensible ideas I have work more or less work 50% of the time. But the other 50%, they bomb.

The dafter my ideas are, they more likely they are to pay off. Conventional 'business' thinking is a trap. I should always operate like the deranged insurgent I think I am.

In my view, there’s a way for certain U.K. authorities to do this lawfully. But it’s a little convoluted…

QT TheRegister: Brit authorities could legally do an FBI and scrub malware from compromised boxen without your knowledge reg.cx/3Zm9

If e2ee is to be disabled based on the age of the user, what age is being proposed?

< 12?
< 13?
< 16?
< 18?

For those of you who want some (in the sense of a derogation to it, under UK law) reading on a Monday morning.

QT decodedlegal: Understanding the Data Protection Act's national security and defence exemption

Most controllers will never need to rely on this but, if you do, it's a useful provision, and one which you need to apply carefully.


For those who are knowledgeable about such things, is there a “middle ground” in the E2EE debate?

We’ve heard proposals for “ghost” authority users, and on-device filtering.

The proposal is for a “re-set”, but to what end if there is no middle ground?

What if there was some kind of setting, sent by a user’s browser, which signalled that the user did not want to be tracked, and thus automatically rejected all but “strictly necessary” cookies.

What could we call that…?


QT wbm312: As a human and user of the internet, I despise cookie banners...

As a privacy professional, I despise cookie banners.

There’s got to be a better way. twitter.com/kimzetter/status/1

Priti Patel, invited to talk by the NSPCC: Facebook encryption plan ‘must not hamper child protection’

The endless talking (but no publicised action to date) about end-to-end encryption by default on popular platforms is set to continue... bbc.co.uk/news/technology-5679

European Super League: “players taking part in [it] would be banned from all other competitions at domestic, European or world level and could be prevented from representing their national teams.”

Why is this not a recipe for an expensive anti-trust case? bbc.co.uk/sport/football/56794

A great thread from Dr Z-F on the history of judicial challenges to data retention, and the steps taken by states to maintain this capability.

QT gabrielazanfir: A couple of things I would keep in mind on this saga:
1) The 1st Constitutional Courts which declared unconstitutional the data retention laws transposing the defunct directive, did so in 2009, 2010 & 2011: 1st, the Romanian Const Court ❤️, then the German and Czech Const Courts. twitter.com/LauKaya/status/138

I am delighted that I need to prove my age to watch *checks notes* this acoustic cover of the Carpenters’ classic “Jambalaya”.

Think of the untold harm a child would suffer if they glimpsed this incredible guitar duet and quite wonderful singing.

I wonder how many cases of “oh no, I didn’t order this chicken, someone must have compromised my Nando’s account but not my email account” this has prevented?

QT sammachin: Why the heck do I have to have 2 factor auth to order chicken!!! This isn’t a major financial transaction I juts want an easy dinner

This post on the very basics of Microsoft Excel, by @Mother__in__law, is exactly the kind of most lawyers need. Simple steps on how to use common software, not shiny lawyer-specific SaaS.

(Why lawyers don’t use spreadsheets more, I don’t know.) lawgazette.co.uk/commentary-an

I’ll check my torte notes.

QT chrisjms: Stollen IP or prior tart?

Show more

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!