Wednesday, 16 November 2016

Apollo – they can’t still be up to their old tricks?

Two years ago I blogged about an unsettling experience I had with Apollo, a firm that had confused me as to what they were really all about. 

Since then, I’ve had a number of emails from people who have had similar experiences. Today, I’m reprinting (most of) the most recent one – which comments about an organisation called Apollo-Transitions. Surely, this is not the same company as the Apollo company I had encountered?  But, spookily, Apollo Transitions Ltd has a remarkably similar logo to the old Apollo– and the same colour scheme. And, Geoff Russell, the person I met in 2014, is a member of the senior team.

Anyway, here’s the letter:

I have recently moved back to the UK [redacted].

As you did, I received the standard email wanting to organise a meeting with the senior partner etc. Whilst it all seems very odd, having a bit of time on my hands I thought I would go to a few meetings to see what I thought. By nature I'm a suspicious guy and to me this doesn't add up.

Like your experience in London I was very underwhelmed with the offices. A Regus office with no signage for Apollo in Cambourne, Cambridgeshire. 

Meeting the with senior partner was a great boost to my confidence as after a few questions and computer exercises (over the two meetings) I feel like I could head up NASA and solve world peace on the side. Whilst I understand that they are pumping up my ego, which is a great thing for job seekers, it's the little things that nag me.

  • Why no signage?
  • Why doesn't the ISO accreditation check out?
  • Recent company name changes
  • Long list of registered and de registered companies associated.
  • £1000 up front and £2000 paid over two months with no guarantees?
  • Very vague reviews
  • Concrete testimonials
  • Not seeing any other customers coming or going over two meetings.
  • Generic career management options.
  • A lack of contacts of partners and staff on LinkedIn?
  • So many directors/ partners etc
  • Why did the laptop provided have no up arrow key button?
  • The white board having the same writing on it for a week.
  • Taking an important phone call during the meeting to explain how busy things are
  • Keeping me waiting for 5 minutes past the scheduled meeting time with no one leaving
  • A stack of topical books for improvement, job progression.

During the process I was under the impression I would be put in contact with some senior executives and would basically be buying a contact list and referral. When I asked this directly that seems not to be the case?

I find this whole thing very odd. In perspective £3000 for your dream job is probably a good buy but it's a hell of a lot of money for someone to jazz up your cv and say don't fidget during an interview.

If I had a lazy £3000 I would follow this through out of interest but i think the old additive "if it's too good to be true" probably is the one to use in this situation.

As a disclaimer I would love to be completely wrong about his company. I hope they are placing thousands of people in great jobs who are advancing their careers and improving both their and their families lives.

I share these closing sentiments, too.


Wednesday, 9 November 2016

Post the result of the US Presidential election, what hope is there for the Privacy Shield?

In light of the recent US elections, paving the way for a Trump presidency in 2017, why should companies take the risk of adopting the Privacy Shield as a means of legitimising EU/US transfers?

Frankly, I wouldn't bother.

Not until the latest set of legal challenges has been resolved, anyway.


Well, a recent lunch with a chum who is closer to the minds of the policy-making and legal elites within the EU reminded me of the deep cultural divide that exists inside the Brussels bubble. “Fortress Europe” is the phrase that springs to mind, with a deep unwillingness on the part of the European institutions to accept that other views can quite legitimately be held by actors outside that fortress.

I’m a little worried at how quickly the relations are likely to sour between the UK and the European Institutions, post Brexit. I used to predict with confidence that, post Brexit, representatives from the ICO would be invited to observe the meetings of the (by then) European Data Protection Board, the successor to the Article 29 Working Party. And, that the ICO’s sensible and pragmatic advice would continue to be appreciated by the working groups that will be set up by the Board.  But I’m not so confident now.

My chum had an alarming tale to tell about the way the European institutions maneuvered to impede the work of some of the European groups they were involved with – because the project wasn't wholly within the European Commission’s control. Later, I learnt a little more about the basis on which the Commission decided that certain non-EU countries had “adequate” levels of data protection. Enough said. I won’t reveal any more details.

But the impression I was left with was that the European Commission acts when it is politically expedient for it to act. It either leads, or follows, public opinion. In terms of the General Data Protection Regulation, I think its fair to assume that it’s leading public opinion. After 27 years in this game, I still struggle to meet many members of the public who are as obsessed with privacy as those that devised the GDPR. And I’ve met fewer that have the mental capacity to understand such a complicated Regulation.

So, given a US President –elect with an “American First” agenda, what is the likelihood of EU judges agreeing that the Privacy Shield provides adequate protection against whatever today’s American bogyman is? 

Regardless of the comforting words muttered by some of Europe’s elite, congratulating Donald Trump on his achievement, I sense the tectonic plates shifting again, with Fortress Europe building ever stronger protections against those oiks who see themselves at nationalists, rather than Europeans.

I sense that, post Brexit, most European institutions will be giving the Brits the cold shoulder as we try to engage with European businesses – while the Americans will face a much frostier reaction.

And I suspect that one of the battles will rage around the EU–US personal information flows.

I suspect that well intentioned Europeans will redouble their efforts to prevent EU citizen’s personal data being transferred what they perceive to be an evil empire -  despite the heroic efforts by both sides to agree a framework that was more reassuring than Safe Harbor.

And I suspect that the EU courts may find some sympathy with their motives.

So, we are due a fierce fight about the legitimacy of the Privacy Shield. It ain’t court proof, and I’m awaiting with some degree of unease the result of the legal challenges that have already been made, and, no doubt, the result of further legal challenges that will come. 

My advice to data controllers who worry about such issues today is simple: Sit tight, rely on the current European Commission-approved model clauses to legitimize your EU/US data flows, wait for them (in turn) to be denounced by the European courts, and then wait several months before the European Commission decides what form of legalese really does need to be incorporated into the contracts. And then act.