[B] マイクロプラスチックによる環境汚染 有力汚染源は人工芝

日刊ベリタ
2 months 2 weeks ago
つい先だって、新聞だったかテレビだったかの報道で、ティーバッグのお茶を飲むと、溶けだしたマイクロプラスチックが体内に入り、えらいことになるばかりでなく地球全体に広がり、収拾がつかなくなる、という話を知りました。こりゃもうどうにもならんな、と思っていたところに本書『人工芝はなぜこわい?』(日本消費者連盟ブックレット)に出くわしました。怖い、怖い。とても怖い話です。(大野和興)
日刊ベリタ

Weekly Report: フィッシング対策協議会が「送信ドメイン認証技術「DMARC」の導入状況と必要性について」を公開

JPCERT
2 months 2 weeks ago
フィッシング対策協議会は、国内のフィッシング詐欺における送信ドメイン認証技術「DMARC」の導入状況と必要性を解説する文書を公開しました。本文書では、国内企業におけるDMARCの導入状況と運用実態を示すとともに、より強力な対策を実現するためにポリシー強度を引きあげる必要があることを指摘しています。

European Commission Gets Dinged for Unlawful Data Transfer, Sending a Big Message About Accountability

EFF update
2 months 2 weeks ago

The European Commission was caught failing to comply with its own data protection regulations and, in a first, ordered to pay damages to a user for the violation. The €400 ($415) award may be tiny compared to fines levied against Big Tech by European authorities, but it’s still a win for users and considerably more than just a blip for the “talk about embarrassing” file at the commission.

The case, Bindl vs. EC, underscores the principle that when people’s data is lost, stolen, or shared without promised safeguards—which can lead to identity theft, cause uncertainty about who has access to the data and for what purpose, or place our names and personal preferences in the hands of data brokers —they’ve been harmed and have the right to hold those responsible accountable and seek damages.

Some corporations, courts, and lawmakers in the U.S. need to learn a thing or two about this principle. Victims of data breaches are subject to anxiety and panic that their social security numbers and other personal information, even their passport numbers, are being bought and sold on the dark web to criminals who will use the information to drain their bank accounts or demand a ransom not to.

But when victims try to go to court, the companies that failed to protect their data in the first place sometimes say tough luck—unless you actually lose money, they say you’re not really harmed and can’t sue. And courts in many cases go along with this.

The EC debacle arose when a German citizen using the commission’s website to register for a conference was offered to sign in using Facebook, which he did—a common practice that, surprise, surprise, can and does give U.S.-based Facebook access to signees’ personal information.

Here’s the problem: In the EU, the General Data Privacy Regulations (GDPR), a comprehensive and far-reaching data privacy law that came into effect in 2018, and a related law that applies to EU institutions, Regulation (EU) 2018/1725, requires entities that handle personal data to abide by certain rules for collecting and transferring it. They must, for instance, ensure that transfers of someone’s personal information, such as their IP address, to countries outside the EU are adequately protected.

The GDPR also give users significant control over their data, such as requiring data processors to obtain users’ clear consent to handle their personal data and allowing users to seek compensation if their privacy rights are infringed—although the regulations are silent on how damages should be assessed.

In what it called a “sufficiently serious breach,” a condition for awarding damages, the European General Court, which hears actions against EU institutions, found that the EC violated EU privacy protections by facilitating in 2022 the transfer of German citizen Thomas Bindl’s IP address and other personal data to Meta, owner of Facebook. The transfer was unlawful because there were no agreements at the time that adequately protected EU users’ data from U.S. government surveillance and weak data privacy laws.

“…personal data may be transferred to a third country or to an international organisation only if the controller or processor has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available,” the court said. “In the present case, the Commission has neither demonstrated nor claimed that there was an appropriate safeguard, in particular a standard data protection clause or contractual clause…”

(The EC in 2023 adopted the EU-US Data Privacy Framework to facilitate mechanisms for  personal data transfers between the U.S. and EU states, Great Britain, and Switzerland with protections that are supposed to be consistent with EU, UK, and Swiss law and limit US intelligence services’ access to personal data transferred to America.)

Bindl sought compensation for non-material—that is, not involving direct financial loss—damages because the transfer caused him to lose control of his data and deprived him of his rights and freedoms.

Applying standards it had set in a data mishandling case from Austria involving non-material damage claims, the court said he was entitled to such damages because the commission had violated the GDPR-like regulation 2018/1725 and the damages he suffered were caused by the infringement.

Importantly, the court specified that the right to compensation doesn’t hinge on an assessment of whether the harms are serious enough to take to court, a condition that some EU member state courts have used to dismiss non-material damage claims.

Rather, it was enough that the data transfer put Bindl “in a position of some uncertainty as regards the processing of his personal data, in particular of his IP address,” the court said. This is criterion that could benefit other plaintiffs seeking non-material damages for the mishandling of their data, said Tilman Herbrich, Bindl’s attorney.

Noting the ease with which IP addresses can be used to connect a person to an existing online profile and exploit their data, Bindl, in conversation with The International Association of Privacy Professionals (IAPP), said “it’s totally clear that this was more than just this tiny little piece of IP address, where people even tend to argue whether its PII (personal identifiable information) or not.”  Bindl is the founder of EuGD European Society for Data Protection, a Munich-based litigation funder that supports complainants in data protection lawsuits.

The court’s decision recognizes that losing control of your data causes real non-material harm, and shines a light on why people are entitled to seek compensation for emotional damage, probably without the need to demonstrate a minimum threshold of damage.

EFF has stood up for this principle in U.S. courts against corporate giants who—after data thieves penetrate their inadequate security systems, exposing millions of people’s private information—claim in court that victims haven’t really been injured unless they can prove a specific economic harm on top of the obvious privacy harm.

In fact, negligent data breaches inflict grievous privacy harms in and of themselves, and so the victims have “standing” to sue in federal court—without the need to prove more.

Once data has been disclosed, it is often pooled with other information, some gathered consensually and legally and some gathered from other data breaches or through other illicit means. That pooled information is then used to create inferences about the affected individuals for purposes of targeted advertising, various kinds of risk evaluation, identity theft, and more.

In the EU, the Bindl case could bring more legal certainty to individuals and companies about damages for data protection violations and perhaps open the door to collective-action lawsuits. To the extent that the case was brought to determine whether the EC follows its own rules, the outcome was decisive.

The commission “should set the standard in terms of implementation of how they are doing it,” Bindl said. “If anyone is looking at somebody who is doing it perfectly right, it should be the commission, right?”

 

Karen Gullo

【出版トピックス】フリー編集者 本屋を4月にオープン!=出版部会

日本ジャーナリストクラブ(JCJ)
2 months 2 weeks ago
◆出版物販売額1兆5716億 2024年の出版物(紙+電子)販売額は1兆5,716億円(前年比1.5%減)となった。紙の出版物の販売金額は1兆56億円(同5.2%減)。内訳は書籍5,937億円(同4.2%減)、雑誌4,119億円(同6.8%減)。 電子出版は5,660億円(同5.8%増)、内訳は電子コミック5,122億円(6.0%増)、電子書籍452 億円(同 2.7%増)、電子雑誌86億円(同6.2%増)。電子コミックは、コロナ禍前の19年から5年間で倍増となった。◆文春砲..
JCJ

Volunteer role: Social media support

Statewatch
2 months 2 weeks ago
About

Statewatch is a small team with limited resources and would like to be able to do more. Much of our impactful work is thanks to a vast network of contributors who share their time and expertise with us. Now, we are looking to expand this network to include a few individuals who can offer regular support in writing and publishing social media content. This would help us to better publicise our work and important developments related to human rights, civil liberties, and democratic standards. 

 

About Statewatch

We are activists, researchers, lawyers and journalists exposing state power across Europe and its borders. Our work has supported debates, movements and campaigns since 1991.

Our vision: An open Europe of democracy, civil liberties, personal and political rights, free movement, freedom of information, equality and diversity.

Our mission: To monitor, analyse and expose state activity that threatens civil liberties, human rights and democratic standards in order to inform and enable a culture of diversity, debate and dissent.

 

About the position

In this role, you will support the Head of Communications with the following.

  1. Populating the editorial calendar

    • Review team content input

    • Identify relevant connections between news and Statewatch work

    • Schedule content accordingly

  1. Writing accessible copy for social media:

    • Distil news into key points and collect quotes

    • Draft copy for social media content following editorial guidance

    • Ensure messaging aligns with Statewatch's mission and messaging guidelines.

    • Review edits by Head of Communications

  1. Drafting promotional graphics:

    • Use Canva templates and brand guidelines to draft graphics for social media

    • Maintain Canva folder organisation

    • Review edits by Head of Communications

 

Key results

  1. Regular posts promoting news and research.

  2. Consistent, accessible copy that aligns with Statewatch’s brand voice.

  3. Develop skills related to inclusive and accessible communications.

 

About you

We are looking for someone who:

  • Understands basic legal and political language

  • Is proficient in written communication in the English language

  • Has an interest in translating complex concepts into accessible and inclusive communications

 

Benefits:

  • Gain hands-on experience in accessible communications promoting research and journalism.

  • Work closely with a dedicated team passionate about civil liberties and human rights.

  • Make a meaningful contribution to Statewatch's work exposing state power.

  • Develop valuable skills in communication, research, and advocacy.

 

Terms

Time commitment: Flexible, 1-3 days per week, including regular check-in with the Head of Communications.

Starting date: Immediately.

Compensation: This is an unpaid volunteer position.

Location: Remote

 

How to apply:

Please send a CV and a brief statement of interest (no more than 250 words) to comms[at]statewatch.org. We welcome alternative formats if preferred, but we ask that they be similar in length and size to a brief statement (for example, videos of no more than 2 minutes). Applications will be reviewed on a rolling basis.

mckensie