I remember how this article impressed me in 2017. Reading it today, its prescience is even more striking: The article cites a book from 1985 and perfectly captures our present. The bottom line would be: The dystopia that threatened us was not Orwell’s 1984, but Huxley’s Brave New World.
Of course, our current dystopia has its own peculiarities: we are witnessing how the British State—is holding a trial in a secret court (??!!) to hear Apple’s claims against a measure that prevents Britons from encrypting their data and communications to keep them… secret from the British State. It´s Panoptycon all along…
Or how a septuagenarian Dorito schoolyard bully seems to be managing, through an incessant stream of absurdities, to reduce what were expected to be multibillion-euro fines on Big Tech for their cosmetic “compliance” with DSA and DMA to mere anecdotes.
If the latter turns out to be true, well… stop the train, I’m getting off.
Zuckerberg has bro-pularized a T-shirt that says "Aut Zuck aut nihil" ("Zuck or nothing"), once again proving he's a few sandwiches short of a picnic.
The real news is what Jay (@jay.bsky.team), the badass head of Bluesky, did at SXSW: my loose translation of her t-shirt would be "For a world without dictators."
Do you want one for yourself? (I do.) @analozano.bsky.social got you covered.
You're welcome.
This is ZERO PARTY DATA—the technology and law newsletter by Jorge García Herrero and Darío López Rincón.
In the free time this newsletter leaves us, we enjoy solving complex issues in personal data protection. If you have any, give us a little wave. Or contact us by email at jgh(at)jorgegarciaherrero.com.
Thank you for reading Zero Party Data! Sign up!
🗞️News from Data world🌍
.- We've already covered the situation of immigrants enslaved in Myanmar by mafias that force them to commit online scams in exchange for a plate of food. What's new is that everyone has cut off their internet access—except for Elon’s Starlink.
.- Microtargeting was used in the German elections—just like everywhere else. Coverage here.
.- Apple has crashed and burned with its promise of Apple Intelligence. Siri’s AI was supposed to launch this March, and now no one even knows when it’s coming.
.- In what has become a well-established alt-right technique (in short: every accusation is a confession), Elmo is accusing the other side of violating the privacy of Big Balls and his DOGE Bros (for "doxxing"). In reality, public officials have limited data protection… specifically when it comes to their official duties. Genius.
📄Data-heavy documents for coffee-lovers☕️
.- The European Commission’s FAQs on the European Health Data Space Regulation are the complete opposite of the EDPB’s latest guidelines: a clear, easy-to-read document. Heads up—there’s a lot of interesting data stuff in there, including a blatant nod to the Scania doctrine.
.- Guidelines for Evaluating Differential Privacy Guarantees via San Luis Montezuma.
.- The Dutch Data Protection Authority has opened a public consultation on ADM. Meanwhile, the Belgian DPA has also published and opened for consultation the latest version of its guidelines on direct marketing. Here’s an English translation for you.
.- We could dedicate an entire ZPD edition to the CJEU’s Dun ruling. And maybe we will. For now, this bluit by Michael Veale is hilarious.
.- New data protection law in Chile and a new authority in Mexico following the surprising (and embarrassing) dismantling of the INAI.
.- Solid commentary on an AEPD post (something like “less is more in neural networks”) by Johanna Rozenska.
.- I don’t recommend the Masters of Privacy podcast every week because damn Sergio Maldonado is even more prolific than I am, and I’ve lost track lately. If the same happened to you, don’t miss the autumn newsroom episode and his pods with Daniel Solove, Borja Adsuara, Daniel Jiménez, and Markus Wünschelbaum.
💀Death by Meme🤣
🤖Robots.txt or the AI staff
.- Great summary by Luca Bertuzzi on the largely overlooked disaster that is the implementation of the AI Act.
.- From David Rosenthal’s team or collaborators comes an updated risk matrix for ChatGPT, Copilot, and Gemini. It’s not one of the super-detailed risk spreadsheets we’re used to from him, but it’s worth its weight in rare earth metals to have a quick overview of whether they have a DPA, whether they’ll attempt own-use purposes, or whether they’re recommended for enterprise use. An initial assessment. Here’s the Excel, and here’s Rosenthal’s LinkedIn post.
.- The European Commission has updated the AI-specific Standard Contractual Clauses (SCCs) based on high-risk vs. non-high-risk classification. Everything is named the same just to keep us confused with the classic data protection SCCs.
.- In Spain, the first step has been taken to draft a bill adapting national regulations to marvellous RIA, which is already here. Jorge Morell Ramos notes that the AEPD would be tasked with overseeing prohibited biometric systems and border management systems—and shares further insights on the recent AI-related developments that have come all at once.
.- The AEPD has published an interesting post on misleading AI concepts. Since it heavily relies on an ICO document, you get a two-for-one: AEPD’s version in Spanish, and the ICO’s original in English. (As with all ICO materials, there’s additional substance in the linked pages.)
.- Are there contradictions between the AI Act and the GDPR? You bet. A take from the Runblox blog.
🧷 Useful tools 🔧
.- If you wrinkle your nose when reading about AI agents, it’s because you haven’t tried OpenAI’s Deep Research, MY FRIEND.
.- Another AI agent that looks seriously promising is the one integrated into the Opera browser. I’m more of a Brave user myself, but check out what these guys are saying:
.- I’ve been using KeePass forever (a solid, open-source, and free password manager), but if all you need is a decent password generator—especially one that creates passphrases (a widely used technique since they’re easier to remember)—check out Password Generator.
.- Via Thomas O’Neil Álvarez, two… let’s say controversial things:
Mr. Holmes: an ethical OSINT tool. Or rather, one recommended for ethical use—which isn’t necessarily the same thing.
https://usersearch.ai. Always interesting to tinker with tools like this (or Kali, for that matter) to better understand the world.
.- Want more? With the current Trumpist climate potentially sinking the DPF, it’s not a bad idea to have a couple of search engines that offer European alternatives. Keep in mind that some may not always be viable due to volume, availability, or other factors—and, as always, check GDPR compliance just in case.
European Alternatives: The most classic one, filtering by these criteria: HQ in an EU, EEA, EFTA, or DCFTA member country; If it's a subsidiary, the parent company must also be headquartered in one of those regions, and no mere sub-hosting providers like AWS (you know this sh*t is not enough).
Go European: Less well-known, but yielding decent results in test searches. It filters by: HQ in Europe, and If a subsidiary, the parent company must also be based in Europe. They use BRAUN as an example—lots of people think it’s a German company, but it doesn’t pass the test because its parent company is based in the U.S.
.- Not exactly a VPN ranking, but a collection of useful insights on what a VPN can and can’t do, and how to choose the best one for your needs. If it’s not helpful for you, at least drop the link in your friends / family group chat.
.- Not exactly a technical tool, but this Critical Thinking Tool by Paul Dervan (via Joan Sardá) is something I consider essential to keep on hand and revisit from time to time.
We recomended another bunck of tools some weeks ago, here:
📄 Papers of the Week
.- No doubt about the paper of the week: “Assessing (the Severity of) Impact on Fundamental Rights” by one of our favorite data stars, Cristiana Santos, this time with Gianclaudio Malgieri.
.- As a counterpoint to the last two special editions of this newsletter—where we explored practical (not theoretical) ways to legitimize personal data processing for training generative AI models—it’s always useful to have all the problems gathered in one place. And that’s exactly what Professor Daniel Solove and Woodrow Hartzog do in The Great Scrape.
🏠 Our Two Cents
.- Mikel Recuero has written a fantastic post for the Citizen8 blog—and there’s no one better to break down the European Health Data Space Regulation, published on March 5th.
.- The bald guy was on TV. And the Mandalorian helmet on screen almost cost him his marriage. (“He looks like your brother, dude,” his partner snapped at him.) I’m sharing this here as therapy because, let’s be real, no one reads this anyway—you know how it is.
🙄 Da-Ta Dum Bass
.- From a great fictional leader to a real-life one. X still has flashes of its former glory (and the circus tent doesn’t look half bad).
.- This thread about hippos is one of the best things I’ve read this year.
Thanks for reading Zero Party Data! Don’t miss next week’s edition!
I read all the way, Jorge.