Advanced Search
Content Type: Advocacy
The Open informal consultations on lethal autonomous weapons systems, held in accordance with General Assembly resolution 79/62 at the UN in New York on 12-13 May 2025, examined various legal, humanitarian, security, technological, and ethical aspects of these weapons. These consultations aimed to broaden the scope of AWS discussions beyond those held by the Group of Governmental Experts (GGE) at the UN in Geneva. Find out more about what happened during the discussions at Researching Critical…
Content Type: Long Read
“Hey [enter AI assistant name here], can you book me a table at the nearest good tapas restaurant next week, and invite everyone from the book club?” Billions of dollars are invested in companies to deliver on this. While this is a dream that their marketing departments want to sell, this is a potential nightmare in the making.Major tech companies have all announced flavours of such assistants: Amazon’s Alexa+, Google’s Gemini inspired by Project Astra, Microsoft’s Copilot AI companion and…
Content Type: Report
First published in 2017, PI’s Guide to International Law and Surveillance is an attempt to collate relevant excerpts from these judgments and reports into a single principled guide that will be regularly updated. This is the fourth edition of the Guide. It has been updated it to reflect the most relevant legal developments until March 2024.The Guide aspires to be a handy reference tool for anyone engaging in campaigning, advocacy, and scholarly research, on these issues. The fourth…
Content Type: Advocacy
BackgroundThe Snowden revelations and subsequent litigation have repeatedly identified unlawful state surveillance by UK agencies. In response, the UK Parliament passed the highly controversial Investigatory Powers Act 2016 (IPA), which authorised massive, suspicionless surveillance on a scale never seen before, with insufficient safeguards or independent oversight.Privacy International led legal challenges to this mass surveillance regime both before and after the Act became law. The Act…
Content Type: Examples
Just as China uses technology system called "Integrated Joint Operations Platform" to control and surveil the persecuted population of Uighurs while restricting their movement and branding dissent as "terrorism", the Israeli military is using facial recognition and a massive database of personal information to control millions of Palestinians in the occupied West Bank. In November 2021, NSO Group's Pegasus spyware was found on the phones of six Palestinian human rights activists, three of whom…
Content Type: Examples
The Israeli minister of public security has joined police in denying claims in an article in Calcalist that the country's police force have used NSO Group's Pegasus software to spy on the phones of people who led protests against former premier Benjamin Netanyahu. Calcalist reported that the surveillance was carried out without court supervision or oversight of how the data was used. The daily Haaretz newspaper also reported that it had seen a 2013 invoice in which NSO billed police @@2.7…
Content Type: Press release
Amnesty International, Privacy International and The Centre for Research on Multinational Corporations (SOMO) have published a report uncovering NSO Group’s entire corporate structure, tracking the global money trail of both public and private investment into the lucrative spyware company.
Amnesty International and other rights groups have documented dozens of cases of NSO Group’s products being used by repressive governments across the world to put activists, journalists, and opposition…
Content Type: Report
In this briefing, Amnesty International, PI and The Centre for Research on Multinational Corporations (SOMO) discuss the corporate structure of NSO group, one of the surveillance industry's well-known participants. The lack of transparency around NSO Group’s corporate structure and the lack of information about the relevant jurisdictions within which it operates are significant barriers in seeking prevention of, and accountability for, human rights violations reportedly linked to NSO Group’s…
Content Type: Explainer
What is hacking?
Hacking refers to finding vulnerabilities in electronic systems, either to report and repair them, or to exploit them.
Hacking can help to identify and fix security flaws in devices, networks and services that millions of people may use. But it can also be used to access our devices, collect information about us, and manipulate us and our devices in other ways.
Hacking comprises a range of ever-evolving techniques. It can be done remotely, but it can also include physical…
Content Type: Long Read
On 8 January 2021, the UK High Court issued a judgment in the case of Privacy International v. Investigatory Powers Tribunal. The Secretary of State for Foreign and Commonwealth Affairs and Government Communication Headquarters (GCHQ) appeared as interested parties to the case.
After our initial reaction, below we answer some of the main questions relating to the case.
NOTE: This post reflects our initial reaction to the judgment and may be updated.
What’s the ruling all about?
In…
Content Type: Frequently Asked Questions
On 8 January 2021, the UK High Court issued a judgment in the case of Privacy International v. Investigatory Powers Tribunal. The Secretary of State for Foreign and Commonwealth Affairs and Government Communication Headquarters (GCHQ) appeared as interested parties to the case.
After our initial reaction, below we answer some of the main questions relating to the case.
NOTE: This post reflects our initial reaction to the judgment and may be updated.
Content Type: News & Analysis
Today, the UK High Court has quashed a decision by the Investigatory Powers Tribunal (IPT) and held that section 5 of the Intelligence Services Act (ISA) 1994 does not permit the issue of general warrants to authorise property interference and certain forms of computer hacking.
The Court referred to cases dating back to the 18th century, which demonstrate the common law’s insistence that the Government cannot search private premises without lawful authority even in the national security…
Content Type: Press release
Today, the UK High Court has quashed a decision by the Investigatory Powers Tribunal (IPT), and ruled that section 5 of the Intelligence Services Act (ISA) 1994 does not permit the issuing of general warrants to authorise property interference and certain forms of computer hacking.
The Court referred to cases dating back to the 18th century, which demonstrate the common law’s insistence that the Government cannot search private premises without lawful authority even in the context of national…
Content Type: Case Study
Privacy matters. It matters when you’re walking the streets of your home town and when you’re fleeing your home in search of safety. It matters if you’re at a protest or if you’re in bed.
Our wellbeing in each of these instances depends on the protection of our privacy. No situation can be fully understood in isolation.
Unjustifiable intrusions on our privacy become a weapon to eradicate communities and prey upon refugees and asylum seekers, push people away from protests in fear of…
Content Type: Case Study
Numerous sexist, mysoginistic, homophobic and racist practices are flourishing online, in ways that are harder for national authorities to stop than when abuse takes place offline. One of these practices is ‘revenge pornography’, which involves online distribution of private sexual images without the consent of the person depicted.
One victim of image based sexual abuse (more commonly known as revenge porn): Chrissy Chambers. Chrissy was 18 years old when her boyfriend convinced her to spend…
Content Type: Examples
Many of the steps suggested in a draft programme for China-style mass surveillance in the US are being promoted and implemented as part of the government’s response to the pandemic, perhaps due to the overlap of membership between the National Security Commission on Artificial Intelligence, the body that drafted the programme, and the advisory task forces charged with guiding the government’s plans to reopen the economy. The draft, obtained by EPIC in a FOIA request, is aimed at ensuring that…
Content Type: Case Study
You have the right to decent standards and dignity at work, and the right to join a union to protect yourself and your rights. That might come as a shock to Amazon - who have been using Covid-19 as a reason to undermine those rights.
Chris Smalls, an organiser and now former Amazon warehouse assistant manager, led a walkout at a New York City facility and within days he’d been fired under a dubious pretext.
The walkout was to ensure workers’ safety - they were asking for the warehouse to be…
Content Type: Long Read
This week saw the release of a coronavirus tracking app within the United Kingdom, initially to be trialled in the Isle of Wight. Privacy International has been following this closely, along with other ‘track and trace’ apps like those seen in over 30 other countries.
The UK’s app is no different. It is a small part of a public health response to this pandemic. As with all the other apps, it is vital that it be integrated with a comprehensive healthcare response, prioritise people, and…
Content Type: Case Study
Over the past decade targeted advertisement has become exponentially more invasive. To enable targeted advertisement, massive amounts of data about individuals are collected, shared and processed often without their knowledge or consent. This information about us is then used to profile us and micro-target us to sell us products or influence our views.
This is a significant intrusion to our privacy inevitably affects our perogative not to reveal our thoughts; not to have our thoughts…
Content Type: Case Study
Since August 2017 742,000 Rohingya people - including children - fled across the Myanmar border to Bangladesh, escaping what the UN labelled a “textbook example of ethnic cleansing”.
In this context of ethnoreligious violence, Facebook has been a central figure. For many in Myanmar “Facebook is the internet” - as of January 2018 around 19 million people in Myanmar were facebook users, this is roughly equal to the number of internet users in the country.
A New York Times report revealed that…
Content Type: Examples
The whistleblower said they were unable to find any legitimate reason for the high volume of the requests for location information. “There is no other explanation, no other technical reason to do this. Saudi Arabia is weaponising mobile technologies,” the whistleblower claimed.
The data leaked by the whistleblower was also seen by telecommunications and security experts, who confirmed they too believed it was indicative of a surveillance campaign by Saudi Arabia.
The data shows requests for…
Content Type: Examples
Bluetooth utilizes a device pairing mechanism based on elliptic-curve Diffie-Hellman (ECDH) key exchange to allow encrypted communication between devices. The ECDH key pair consists of a private and a public key, and the public keys are exchanged to produce a shared pairing key. The devices must also agree on the elliptic curve parameters being used. Previous work on the "Invalid Curve Attack" showed that the ECDH parameters are not always validated before being used in computing the resulted…
Content Type: Examples
“The BlueBorne attack vector requires no user interaction, is compatible to all software versions, and does not require any preconditions or configurations aside of the Bluetooth being active,” warned the researchers.
“Unlike the common misconception, Bluetooth enabled devices are constantly searching for incoming connections from any devices, and not only those they have been paired with,” they added.
“This means a Bluetooth connection can be established without pairing the devices at all.…
Content Type: Case Study
The right to privacy is crucial to protect a couple’s equal rights within marriage.
The recent rise of spyware as an “off-the-shelf” product that anyone can purchase has been extremely worrying, as installing spyware on someone else’s phone means getting access to their contacts, their messages, their google searches, their location and more - all without them knowing.
Spyware is, increasingly, becoming another way for abusive spouses to control and monitor their partners. Nearly a third of…
Content Type: Case Study
In Peru, you get asked for your fingerprint and your ID constantly - when you’re getting a new phone line installed or depositing money in your bank account – and every Peruvian person has an ID card, and is included in the National Registry of Identity – a huge database designed to prove that everyone is who they say they are. After all, you can change your name, but not your fingerprint.
However, in 2019 the National Police of Peru uncovered a criminal operation that was doing just that:…
Content Type: Case Study
There are 29.4 million refugees and asylum seekers across the globe today. These are people who have fled their countries due to conflict, violence or persecution seeking protection in safer environments.
People have protected those in need fleeing from dire situations since antiquity. However, over recent years, European countries have become increasingly hostile towards refugees - treating them as criminals instead of people in need.
In 2017, German authorities passed a…
Content Type: Case Study
The increasing deployment of highly intrusive technologies in public and private spaces such as facial recognition technologies (FRT) threaten to impair our freedom of movement. These systems track and monitor millions of people without any regulation or oversight.
Tens of thousands of people pass through the Kings Cross Estate in London every day. Since 2015, Argent - the group that runs the Kings Cross Estate - were using FRT to track all of those people.
Police authorities rushed in secret…
Content Type: Video
You’re a witness or a victim or a suspect of a crime; or even just travelling going on holiday. Officials demand your phone, then disappear with it. What happened to your phone? What happened to your data? What will happen to you?
We all generate vast amounts of data using our mobile phones - more than most of us are aware of - and that data has become increasingly attractive to law enforcement agencies around the world, enabled by ‘extraction technologies’ supplied by companies like…
Content Type: Case Study
In 2015, a man in Connecticut was charged with murdering his wife based on evidence from her Fitbit. Richard Dabate, the accused, told the police that a masked assailant came into the couple’s suburban home at around 9am on 23 December 2015, overpowering Dabate then shooting his wife as she returned through the garage.
However, the victim’s fitness tracker told a different story. According to data from the device, which uses a digital pedometer to track the wearer’s steps, Dabate’s wife was…
Content Type: Case Study
In early May 2019, it was revealed that a spyware, exploiting a vulnerability in Facebook’s WhatsApp messaging app, had been installed onto Android and iOS phones. The spyware could be used to turn on the camera and mic of the targeted phones and collect emails, messages, and location data. Citizen Lab, the organization that discovered the vulnerability, said that the spyware was being used to target journalists and human rights advocates in different countries around the world. The spyware…