Advanced Search
Content Type: News & Analysis
Wednesday, September 28, 2022
Privacy International collaborated with the Carter Center as part of a pre-election assessment team focussing on the use of technology in the run up to and during the Kenyan election which took place 9 August.
In the context of this pre-election assessment, PI travelled to Nairobi between 4th-10th July 2022 in order take a deeper look at issues connected to voting technologies being used in the Kenyan elections with a particular focus on the implementation of the Data Protection Act.
PI first…
Content Type: News & Analysis
Monday, May 17, 2021
The report on disinformation by the UN Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression follows a growing trend by international bodies (including the Organization of American States and the European Commission) to assess and regulate the global phenomenon that is disinformation.
The report strongly links the spread of disinformation with the gratuitous data collection and profiling techniques utilised by the online advertising industry,…
Content Type: News & Analysis
Friday, March 26, 2021
Uganda's Presidential election in January 2021 resulted in the incumbent President Museveni winning his sixth term in office, having held power for 35 years. The election took place amidst a global pandemic and the run up to election day was fraught. Violence left dozens dead and hundreds more arrested, including the opposition candidate Bobi Wine. Mass rallies and in person campaign meetings were banned due to Covid restrictions and political parties in Uganda were encouraged to conduct “…
Content Type: News & Analysis
Friday, November 6, 2020
PI is collaborating with The Carter Center election observation mission in the run up to and after Myanmar's national election on November 8th. The Carter Center is a US based NGO that has been invited to observe 111 elections in 39 countries since 1989. It has maintained a presence in Myanmar since 2013 when it's office was established in Yangon, and carried out long term observation for the 2015 election as well as 2020. The international election observer mission (IEOM) assesses the…
Content Type: News & Analysis
Wednesday, June 3, 2020
Humanitarian organisations are defined by their commitment to core, apolitical principles, including: humanity, impartiality, neutrality, independence and to “do no harm”.
And yet the ways data and technology are being used in the world today are often far from being apolitical, humane, impartial, neutral and independent, and in many instances many actors are using technology to exploit people, failing to protect and empower many individuals and communities - in particular those most in need…
Content Type: News & Analysis
Friday, May 22, 2020
GDPR was hard won. PI, together with other civil society actors, fought from the beginning for a version of the law that offers the strongest rights and protections in the face of intense industry lobbying.
Holding the hidden data ecosystem to account
Two years ago, we committed to using GDPR to seek to hold to account the hidden data ecosystem - those companies that amass and exploit large amounts of our data for profit.
Here’s some of the action we’ve taken:
In Nov 2018, after months of…
Content Type: News & Analysis
Thursday, April 30, 2020
Political campaigns around the world have turned into sophisticated data operations. They rely on data- your data- to facilitate a number of decisions: where to hold rallies, which States or constituencies to focus resources on, which campaign messages to focus on in which area, and how to target supporters, undecided voters, and non-supporters.
While data driven political campaigns are not new, the granularity of data available and the potential power to sway or suppress voters through that…
Content Type: News & Analysis
Wednesday, January 22, 2020
On New Year's Day, the Twitter account @HindsightFiles began publishing internal communications and documents from the now defunct SCL Group, dating from 2014-2018. They came from the hard drive of Brittany Kaiser, who held several senior positions at SCL Group including at one of its subsidiaries, Cambridge Analytica, and featured in the Netflix documentary "The Great Hack".
Privacy International first investigated Cambridge Analytica in 2017. We questioned the company's role in the Kenyan…
Content Type: Long Read
Tuesday, June 11, 2019
IMAGE SOURCE: "My Phone Bought This" by oliver t is licensed under CC BY-NC-ND 4.0.
LAST UPDATE: 16th May 2022.
Mandatory SIM card registration laws require people to provide personal information, including a valid ID or even their biometrics, as a condition for purchasing or activating a SIM card. Such a requirement allows the state to identify the owner of a SIM card and infer who is most likely making a call or sending a message at any given time.
SIM card registration undermines peoples…
Content Type: Explainer
Wednesday, January 9, 2019
Photo credit: warrenski
Mandatory SIM card registration eradicates the potential for anonymity of communications, enables location-tracking, and simplifies communications surveillance and interception. By facilitating the creation of an extensive database of user information, it places individuals at risk of being tracked or targeted, and having their private information misused. In the absence of comprehensive data protection legislation and judicial oversight, SIM users' information can be…
Content Type: Advocacy
Wednesday, December 19, 2018
Since 2014 the Indonesian Ministry of Communication and Informatics (MOCI) has been proposing that the Parliament passes a comprehensive data protection law. A first draft data protection law was issued by the Government for public comment in 2015 but no progress was made, and then in early 2018, the Indonesian Government issued a new draft personal data protection law.
While these renewed efforts have positive intentions, a number of concerns ought to be addressed with the aim of…
Content Type: Advocacy
Wednesday, December 19, 2018
In September 2018, the National Executive sent the proposed Data Protection Bill to the National Congress. The proposed law was directed to the Senate and it will be considered by two commissions: the Commission of Constitutional Affairs (Comision de Asuntos Constitucionales) and the Commission of Rights and Guarantees (Comision de Derechos y Garantías).
Privacy International welcomes the continued efforts by Argentina to provide protections for the right to privacy, already enshrined in the…
Content Type: Advocacy
Tuesday, October 2, 2018
In parallel to the legislative process initiated by the Kenya Senate in July 2018, a Task Force constituted by the Ministry of Information, Communication and Telecommunication developed a draft Data Protection Bill which it published for consultation in May of this year.
Privacy International and its Kenya Partners, the National Coalition of Human Rights Defenders – Kenya (NCHRD-K), the Centre for Intellectual Property and Information Technology (CIPIT) are pleased to have had the opportunity…
Content Type: Long Read
Wednesday, September 26, 2018
Image attribution: By Legaleagle86 at en.wikipedia, CC BY-SA 3.0.
In a long-anticipated judgment, the Indian Supreme Court has ruled that India's controversial identification system Aadhaar is Constitutional. They based their conclusion on notes that there are sufficient measures in place to protect data, and that it is difficult to undertake surveillance of citizens on the basis of Aadhaar.
But there is some good in this ruling. The court has demanded that the Government introduce a 'strong…
Content Type: News & Analysis
Monday, September 24, 2018
“The gathering and holding of personal information on computers, data banks, and other devices, whether by public authorities or private individuals or bodies, must be regulated by law.”
- UN Human Rights Committee, General Comment No. 16, 1988
Underpinning the obligations of those who process personal data, both public and private institutions, the grounds on which they may do so, and the rights of individuals, there are various data protection principles which promote and uphold values…
Content Type: Long Read
Wednesday, September 5, 2018
National and International civil society organisations (CSOs) play vital roles in many aspects of our societies as watchdogs of state powers, as representatives of the voices of the people, as experts to inform and educate an array of stakeholders.
One of our key lessons learned from three decades of work, including 10 years with the Privacy International Networkto build a global privacy movement,promoting and advocating for the highest privacy and data protection safeguards has been how civil…
Content Type: News & Analysis
Thursday, August 23, 2018
This month Brazil adopted a new data protection law, joining the ranks of more than 120 countries which have adopted such legislation, providing individuals with rights against the exploitation of their personal data. But after a veto from the Brazilian president, the law lacks an independent authority in charge of its application, which can severely undermine its impact.
When drafting data protection bills, one of the most important and often politically contentious issue tends to be their…
Content Type: Advocacy
Tuesday, August 14, 2018
We welcome the effort by the Pakistani Ministry of Information Technology and Telecommunications to regulate the processing of personal data in Pakistan, and take measures to guarantee the right to privacy as guaranteed under Article 14(1) of the Constitution: “[t]he dignity of man and, subject to law, the privacy of home, shall be inviolable.”
This legislative development is crucial and timely as Pakistan continues to embrace innovative governance initiatives and deploy data-intensive systems…
Content Type: Advocacy
Wednesday, July 18, 2018
This photo originally appeared here.
For years, Privacy International and our partners in Kenya have been promoting the right to privacy in Kenya through research and investigations into government and private sector policies and practices and advocating for the adoption and enforcement of the strongest data protection and privacy safeguards.
The need for Kenya to adopt a comprehensive data protection framework (in addition to strengthening privacy protections in other legislation) has always…
Content Type: Long Read
Friday, May 25, 2018
The European Union's new data privacy law (General Data Protection Regulation, better known as GDPR) takes effect today May 25th, 2018, after a two-year transition period. Despite some companies appearing to believe otherwise, and many articles misrepresenting its contents, the GDPR will have a significative impact beyond the European Union, and it will extend many of its data privacy safeguards to users’ data globally.
There are a number of reasons that explain this impact:
Obligations for…
Content Type: Press release
Thursday, May 24, 2018
WASHINGTON, D.C. – U.S. companies should adopt the same data protection rules that are poised to go into effect in the European Union on May 25, Public Citizen, the Center for Digital Democracy and Privacy International said today.
In a sign-on letter, 28 groups are calling on some of the world’s largest companies – including Facebook, Google and Amazon, as well as digital advertisers like Nestle, Walmart and JPMorgan Chase – to use Europe’s impending General Data Protection Regulation (GDPR…
Content Type: Press release
Wednesday, May 23, 2018
Tomaso Falchetta, PI's Head of Advocacy and Policy team said:
"The adoption of the Data Protection Act represents an important reform which strengthens the rights of individuals and increases obligations for the industry. The Act opens the way for the application of the EU General Data Protection Regulation in the UK, and regulates the processing of personal data by companies, public authorities, law enforcement, and intelligence agencies. PI particularly welcome increased powers for the…
Content Type: Advocacy
Tuesday, May 8, 2018
Today Privacy International, with TACD, published a document detailing 10 things that US companies need to know about the forthcoming General Data Protection Regulation (GDPR).
People’s data should be treated with the highest privacy protections no matter where they are based. Privacy is a fundamental human right and data protection is intrinsically linked to it. While GDPR is not perfect, it does provide enforceable rights and obligations. If US companies want to demonstrate true commitment…
Content Type: Report
Monday, April 9, 2018
In contrast to automated decision-making, profiling is a relatively novel concept in European data protection law. It is now explicitly defined in Article 4(4) of the EU General Data Protection Regulation (GDPR), and refers to the automated processing of data (personal and not) to derive, infer, predict or evaluate information about an individual (or group), in particular to analyse or predict an individual’s identity, their attributes, interests or behaviour.
Through profiling, highly…
Content Type: Advocacy
Tuesday, March 13, 2018
At the core of data protection debates, there is a power play between empowering individuals to control their data and empowering those who use (or want to) use their data. By regulating data processing, it provides avenues for individuals to exercise their rights if there is any unlawful interference in this power play.
It is crucial for any regulatory framework to be centred around the protection of human rights, autonomy and dignity, and therefore essential to ensure that legislative…
Content Type: Advocacy
Wednesday, February 21, 2018
Privacy International's briefing on the UK's Data Protection Bill for the second reading in the House of Commons.
Content Type: Long Read
Monday, January 29, 2018
To celebrate International Data Privacy Day (28 January), PI and its International Network have shared a full week of stories and research, exploring how countries are addressing data governance in light of innovations in technology and policy, and implications for the security and privacy of individuals.
At the core of data protection debates, there is a power play between empowering individuals to control their data and empowering those who use (or want to) use their data.
By regulating…
Content Type: News & Analysis
Sunday, January 28, 2018
It has been almost 40 years since the Council of Europe’s Convention 108 for the Protection of Individuals with regard to Automatic Processing of Personal Data was signed. The Convention was the first binding treaty dealing with privacy and data protection that recognised the necessity to “reconcile the fundamental values of the respect for privacy and the free flow of information between peoples” and is the reason why we celebrate Data Protection Day annually on 28 January.
It has since been…