Don’t trust Cloudflare with your personal data

by @edent | # # # | 11 comments | Read ~9,308 times.

It has been over a year since I cancelled my Cloudflare account. They keep emailing me and haven’t taken me off their marketing lists despite repeated requests. Their CTO told me he would investigate, but nothing changed. Their Data Protection Office hasn’t respond to my requests. Cloudflare do not appear to respect the GDPR. I’ve…

Continue reading →

GDPR and common sense

by @edent | # # # # | 3 comments | Read ~127 times.
Some giant question marks standing in a field.

Every so often, I get a glimpse into the thought processes of someone who has a very different view of the world to me. I don’t deal with people’s personal information often. So I was surprised to receive an email with a multi-megabyte spreadsheet called “Pay and Bonuses 2020”. The email contained this doozy of…

Continue reading →

Can you trust CloudFlare with your personal data?

by @edent | # # # | 1 comment | Read ~226 times.
Email with CloudFlare's new privacy policy.

I’m increasingly concerned with the power that CDNs wield – and CloudFlare in particular. So I decided to delete my CloudFlare account. While they claim to have removed my account, they still seem to count me as an active customer. I wonder how many people bought shares in their IPO based on inaccurate customer numbers?…

Continue reading →

Responsible Disclosure – Citizens Advice Bureaux

by @edent | # # # # # | Read ~249 times.

A quick report into a nasty privacy vulnerability I found with the CAB. Unusually for me, this has no Internet component. Regular readers will know about my recent court visit. As part of that, I had to telephone the CAB Volunteers at the court who look after witnesses. I called, and was put on hold,…

Continue reading →

Is HTTP 451 suitable for GDPR blocking?

by @edent | # # # | 10 comments | Read ~4,830 times.
451: Unavailable for legal reasons We recognise you are attempting to access this website from a country belonging to the European Economic Area (EEA) including the EU which enforces the General Data Protection Regulation (GDPR) and therefore cannot grant you access at this time. For any issues, e-mail us at techguy@journaltimes.com or call us at 888-460-8725.

Hello, it’s me – the idiot who helped inspire the HTTP 451 status code. I graciously allowed Tim Bray to do the hard work of getting it through the IETF process, and now it is an official RFC. Recently, I’ve seen lots of people getting het up about its “misuse” – so I want to…

Continue reading →

Privacy, Security, & Ethics – Computer Science’s “Jüdische Physik”

by @edent | # # # # # | 1 comment | Read ~267 times.
A fist emerges from a computer screen and punches the user.

I’m going to tell you an anecdote which is a gross oversimplification of a complex topic. In the early half of the twentieth century, certain physicists made breakthroughs in relativity, quantum mechanics, and nuclear energy. Many of these scientists were Jewish. The Nazis called these heretical ideas “Jewish Science” and suppressed their teaching. Jewish physicists…

Continue reading →