Changes
Jump to navigation
Jump to search
Line 1:
Line 1: + + + + + + + + + + + + + + + + + + + + + + + + + + + +
no edit summary
= Overall strategy =
== Philosophy ==
The right of access is a tool to provide accountability for profiling, beyond consent/legal basis.
The right of access allows to probe the entire ecosystem, strategically. Using this strategy requires to blend knowledge of law and technology.
== Key factors ==
* Get "meaningful information" to "investigator".
* Knowing flows of data from a technological standpoint (but: limited auditing capacity);
* Knowing purposes for each data processing operation, including transfers;
* Knowing the legal positioning of the services, including over each data transfer (data controller vs data processor);
* Knowing to whom the user is identifiable, and how (including if more information is provided).
== Strategy ==
* Ignore the average end user. Focus on investigator, who is a blend of:
** legal scholar;
** tech auditor;
** strategic litigation NGO;
** educator;
** data protection authority confidante;
** journalist (for amplification).
(it is a technical and human, but secondary, problem to break the one-brain barrier within civil society -- does require to overcome traditional barriers, like attribution)
* Classify services, based on business presentations. Enter at each step of the process through access requests.
*
== Tactics ==
* Filing a SAR is cheap, takes time. Carpet bombing is A-OK, given the timing and everything.
== Interesting queries ==
== Interesting queries ==
* [{{SPARQLEmbed|query=
* [{{SPARQLEmbed|query=