09.09.20

Gemini version available ♊︎

Amandine ‘Cryptie’ Jambert, CNIL (Commission Nationale de l’Informatique et des Libertés) and FSFE Privacy Scandals

Posted in Deception, Free/Libre Software at 3:11 am by Guest Editorial Team

Reprinted with permission from the Free Software Fellowship

There have recently been concerns raised on various mailing lists about the identity of Cryptie in FSFE.

For many years, Amandine Jambert has wandered around the free software world using a pseudonym, Cryptie. While anybody else using an alternative name has been accused of trolling, Jambert has had some immunity. Why? As concerns grow about the hidden conflicts of interests and corporate influence in free software organizations and as these organizations use the weight of their reputations to shame and humiliate people, it is more important than ever to identify the controllers of the organizations.

Thanks to Wright’s investigations, we can now search for information about Cryptie and search for information about Amandine Jambert @ CNIL and find they are the same person.

Amandine 'cryptie' JAMBERT, CNIL, FSFE

The Cryptie case is even more special than a regular conflict of interest. As Mr Wright pointed out in his explosive email, FSFE e.V. covered up the very type of privacy breach that Jambert’s employer, CNIL, would be expected to investigate.

CNIL is France’s Commission Nationale de l’Informatique et des Libertés. CNIL’s mission clearly includes investigating and sanctioning data privacy breaches.

Many parts of the world now have mandatory reporting of privacy breaches.

On 15 March 2018, Matthias Kirschner, president of FSFE e.V., wrote an email to the internal GA mailing list:

Subject: [GA] Report about privacy problem with financial data

From: Matthias Kirschner

Date: 15 March 2018



The archives of finance at lists.fsfe.org, and thereby all the information

including full names, amount, credit card and bank details, were public

from 18 December 2017 until 13 March 2018.

It is incredulous that such data is managed on a mailing list, especially when the list runs on the same public server as Internet-accessible public lists. All serious organizations keep such data on servers in isolated subnets, with mail allowed in through an intermediate box in the DMZ. There is never direct access from the Internet to the box where sensitive data is actually stored.

Germany, where FSFE e.V. is based, has a clear requirement for organizations to report privacy breaches to regulators and victims. Yet in Kirschner’s email, he writes that FSFE council chose not to report it: in other words, a cover-up.

It raises serious questions about how Amandine Jambert, an employee of one of the largest national regulatory bodies in Europe, can turn a blind eye. Jambert is a member of the internal FSFE GA mailing list and received the report and subsequent discussion there. Did she discuss FSFE e.V.’s privacy issues with her employer?

FSFE e.V. subsequently admitted further data breaches and used the minutes of their annual meeting to publish defamatory attacks against a former volunteer. This behaviour, deliberately naming and shaming somebody, is an assault on the principles of European data protection laws. It is not clear how Jambert or any CNIL employee can continue being a member of this organization.

This brings us to the question: why does Jambert use a pseudonym, Cryptie, in the FSFE? Why does she not want to use her real name? Is it because she knows that FSFE behaviour is so unprofessional and she wants to hide it from her workplace? Or is it the other way around, Jambert hiding her professional identity from the Free Software community so that they can make undercover investigations into the privacy practices of Free Software organizations?

Many people already feel that national privacy laws and the bodies enforcing them are toothless tigers, with companies like Google and Facebook running amok and doing as they please. With a CNIL employee moonlighting in a non-profit secretly bankrolled by Google, it will only add to the perception of incompetence.

sticker

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. “Wintel” “Secure” uEFI Firmware Used to Store Persistent Malware, and Security Theater Boot is Worthless

    Guest post by Ryan, reprinted with permission



  2. No Linux Foundation IRS Disclosures Since 2018

    The publicly-available records or IRS information about the Linux Foundation is suspiciously behind; compared to other organisations with a "tax-exempt" status the Linux Foundation is one year behind already



  3. Jim Zemlin Has Deleted All of His Tweets

    The Linux Foundation‘s Jim Zemlin seems to have become rather publicity-shy (screenshots above are self-explanatory; latest snapshot), but years ago he could not contain his excitement about Microsoft, which he said was "loved" by what it was attacking. Days ago it became apparent that Microsoft’s patent troll is still attacking Linux with patents and Zemlin’s decision to appoint Microsoft as the At-Large Director (in effect bossing Linus Torvalds) at the ‘Linux’ Foundation’s Board of Directors is already backfiring. She not only gets her whole salary from Microsoft but also allegedly protects sexual predators who assault women… by hiring them despite repeated warnings; if the leadership of the ‘Linux’ Foundation protects sexual predators who strangle women (even paying them a salary and giving them management positions), how can the ‘Linux’ Foundation ever claim to represent inclusion and diversity?



  4. Microsoft GitHub Exposé — Part IX — Microsoft's Chief Architect of GitHub Copilot Sought to be Arrested One Day After Techrights Article About Him

    Balabhadra (Alex) Graveley has warrant for his arrest, albeit only after a lot of harm and damage had already been done (to multiple people) and Microsoft started paying him



  5. The Committee on Patent Law (PLC) Informed About Overlooked Issues “Which Might Have a Bearing on the Validity of EPO Patents.”

    In a publication circulated or prepared last week the Central Staff Committee (CSC) of the EPO explains a situation never explored in so-called 'media' (the very little that's left of it)



  6. Links 6/12/2021: HowTos and Patents

    Links for the day



  7. IRC Proceedings: Sunday, December 05, 2021

    IRC logs for Sunday, December 05, 2021



  8. Gemini Space/Protocol: Taking IRC Logs to the Next Level

    Tonight we begin the migration to GemText for our daily IRC logs, having already made them available over gemini://



  9. Links 6/12/2021: Gnuastro 0.16 and Linux 5.16 RC4

    Links for the day



  10. Links 5/12/2021: Touchpad Gestures in XWayland

    Links for the day



  11. Society Needs to Take Back Computing, Data, and Networks

    Why GemText needs to become 'the new HTML' (but remain very simple) in order for cyberspace to be taken away from state-connected and military-funded corporations that spy on people and abuse society at large



  12. [Meme] Meanwhile in Austria...

    With lobbyists-led leadership one might be led to believe that a treaty strictly requiring ratification by the UK is somehow feasible (even if technically and legally it's moot already)



  13. The EPO's Web Site is a Parade of Endless Lies and Celebration of Gross Violations of the Law

    The EPO's noise site (formerly it had a "news" section, but it has not been honest for about a decade) is a torrent of lies, cover-up, and promotion of crimes; maybe the lies are obvious for everybody to see (at least EPO insiders), but nevertheless a rebuttal seems necessary



  14. The Letter EPO Management Does Not Want Applicants to See (or Respond to)

    A letter from the Munich Staff Committee at the EPO highlights the worrying extent of neglect of patent quality under Benoît Battistelli and António Campinos; the management of the EPO did not even bother replying to that letter (instead it was busy outsourcing the EPO to Microsoft)



  15. IRC Proceedings: Saturday, December 04, 2021

    IRC logs for Saturday, December 04, 2021



  16. EPO-Bribed IAM 'Media' Has Praised Quality, Which Even EPO Staff (Examiners) Does Not Praise

    It's easy to see something is terribly wrong when the people who do the actual work do not agree with the media's praise of their work (a praise motivated by a nefarious, alternate agenda)



  17. Tux Machines is 17.5 Years Old Today

    Tux Machines -- our 'sister site' for GNU/Linux news -- started in 2004. We're soon entering 2022.



  18. Approaching 100

    We'll soon have 100 files in Git; if that matters at all...



  19. Improving Gemini by Posting IRC Logs (and Scrollback) as GemText

    Our adoption of Gemini and of GemText increases; with nearly 100,000 page requests in the first 3 days of Decembe (over gemini://) it’s clear that the growing potential of the protocol is realised, hence the rapid growth too; Gemini is great for self-hosting, which is in turn essential when publishing suppressed and controversial information (subject to censorship through blackmail and other ‘creative’ means)



  20. Links 4/12/2021: IPFire 2.27 Core Update 162 and Genode OS Framework 21.11

    Links for the day



  21. Links 4/12/2021: Gedit Plans and More

    Links for the day



  22. Links 4/12/2021: Turnip Becomes Vulkan 1.1 Conformant

    Links for the day



  23. IRC Proceedings: Friday, December 03, 2021

    IRC logs for Friday, December 03, 2021



  24. Links 4/12/2021: EndeavourOS Atlantis, Krita 5.0.0 Beta 5, Istio 1.11.5, and Wine 6.23; International Day Against DRM (IDAD) on December 10th

    Links for the day



  25. Another Gemini Milestone: 1,500 Active Capsules

    This page from Balázs Botond plots a graph, based on these statistics that now (as of minutes ago) say: “We successfully connected recently to 1500 of them.” Less than a fortnight ago more than 1,800 capsules overall were registered by Lupa, almost quadrupling in a single year



  26. [Meme] António Campinos and Socialist Posturing

    Staff of the EPO isn’t as gullible as António Campinos needs it to be



  27. António Campinos as EPO President is Considered Worse Than Benoît Battistelli (in Some Regards) After 3.5 Years in Europe's Second-Largest Institution

    The EPO's demise at the hands of people who don't understand patents and don't care what the EPO exists for is a real crisis which European media is unwilling to even speak about; today we share some internal publications and comment on them



  28. Media Coverage for Sale

    Today we're highlighting a couple of new examples (there are many other examples which can be found any day of the year) demonstrating that the World Wide Web is like a corporate spamfarm in "news" clothing



  29. Links 3/12/2021: GNU Poke 1.4 and KDDockWidgets 1.5.0

    Links for the day



  30. IRC Proceedings: Thursday, December 02, 2021

    IRC logs for Thursday, December 02, 2021


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts