Advanced Search
Content Type: Advocacy
Last week, Privacy International joined more than 30 UK charities in a letter addressed to the British Prime Minister Boris Johnson, following his recent declaration, asking him to lift No Recourse to Public Funds (NRPF) restrictions.
Since 2012, a ‘NRPF condition’ has been imposed on all migrants granted the legal right to live and work in the UK. They are required to pay taxes, but they are not permitted to access the public safety net funded by those taxes.
This is not a topic we are known…
Content Type: News & Analysis
As countries around the world develop contact tracing apps to contain the spread of Coronavirus, they keep facing a problem: for them to be effective a certain percentage of the population has to download them. Something like 60% is the threshold for the app to be effective. So far only Iceland has gotten close with 38% of their country downloading it.
The UK is currently trialling an app, which is designed to notify people if they've been close to someone with symptoms of covid-19 for 15…
Content Type: Frequently Asked Questions
The right to access your personal data (or access right) is just one of a number of data rights that may be found in data protection law, including the European Union's General Data Protection Regulation. Data Subject Access Requests, or DSARs, have helped us several times understand the extent of data companies and governments might hold on us, how this data might be shared among various recipients, or what other third parties a company might be using to obtain additional data and enrich their…
Content Type: Case Study
In the UK, asylum seekers cannot claim benefits. Some of them are entitled to an ASPEN card, a pre-paid payment card that allocates them a weekly sum of money. Most of them are allowed to use it the way we would use any debit card. But people, whose applications have been refused but who cannot return to their countries, aren’t allowed to withdraw cash. That means that every single payment they make can be monitored by the Home Office.
Evidence has started emerging that this monitoring has led…
Content Type: Case Study
As working from home is becoming the new normal, employees’ monitoring becomes the new norm.
Companies around the globe are increasingly using software to monitor how long we spend in front of our computer, what websites we visit and what apps we use, when we type, for how long and how fast, how long our mouse stay inactive — any more than 15 seconds away can shift us from ‘active’ to ‘idle’ — and require us to keep our camera and microphone on at all times. These systems pit us against our…
Content Type: Video
A quick catch-up on the state of play of apps round the world - though we end up mostly discussing India and the UK - and we celebrate a very special birthday.
You can find a much deeper and more detailed look at the various questions and concerns around coronavirus apps on our website: https://privacyinternational.org/long-read/3792/covid-contact-tracing-apps-are-complicated-mess-what-you-need-know and all the latest news in our tracker https://privacyinternational.org/examples/tracking-…
Content Type: Long Read
The Chief Surveillance Commissioner, The Rt Hon Sir Christopher Rose’s Annual Report 2011 - 12 did not refer to social networks but to overt investigations using the internet as a surveillance tool, stating that:
“5.17 A frequent response to my Inspectors’ enquiries regarding a reduction in directed surveillance is that ‘overt’ investigations using the Internet suffice. My Commissioners have expressed concern that some research using the Internet may meet the criteria of directed…
Content Type: Long Read
Online covert activity
3.10 The growth of the internet, and the extent of the information that is now available online, presents new opportunities for public authorities to view or gather information which may assist them in preventing or detecting crime or carrying out other statutory functions, as well as in understanding and engaging with the public they serve. It is important that public authorities are able to make full and lawful use of this information for their statutory purposes. Much…
Content Type: Report
SUMMARY
In the UK, local authorities* are looking at people’s social media accounts, such as Facebook, as part of their intelligence gathering and investigation tactics in areas such as council tax payments, children’s services, benefits and monitoring protests and demonstrations.
In some cases, local authorities will go so far as to use such information to make accusations of fraud and withhold urgently needed support from families who are living in extreme poverty.
THE PROBLEM
Since 2011…
Content Type: Long Read
Office of Surveillance Commissioners Guidance - Covert surveillance of Social Networking Sites (SNS)
Covert surveillance of Social Networking Sites (SNS)
289. The fact that digital investigation is routine or easy to conduct does not reduce the need for authorisation. Care must be taken to understand how the SNS being used works. Authorising Officers must not be tempted to assume that one service provider is the same as another or that the services provided by a single provider are the same.
289.1 Whilst it is the responsibility of an individual to set privacy settings to protect…
Content Type: Long Read
Dear Sir/Madam,
Freedom of information act request
RE: Social media monitoring / social media intelligence
FOIA REQUEST
For definition of social media intelligence please see background explanation below. We further note the comments of the Office of Surveillance Commissioners Annual Report 2016 cited below.
1. In 2016 the Rt Hon Lord Judge, then Chief Surveillance Commissioner, wrote to all Local Authorities regarding use of social media in investigations. Please confirm whether you are…
Content Type: Explainer
Social media platforms are a vast trove of information about individuals, including their personal preferences, political and religious views, physical and mental health and the identity of their friends and families.
Social media monitoring, or social media intelligence (also defined as SOCMINT), refers to the techniques and technologies that allow the monitoring and gathering of information on social media platforms such as Facebook and Twitter which provides valuable intelligence to others…
Content Type: Long Read
It is common for families with no recourse to public funds who attempt to access support from local authorities to have their social media monitored as part of a ‘Child in Need’ assessment.
This practice appears to be part of a proactive strategy on the part of local authorities to discredit vulnerable families in order to refuse support. In our experience, information on social media accounts is often wildly misinterpreted by local authorities who make serious and unfounded allegations…
Content Type: Report
It is common for families with no recourse to public funds who attempt to access support from local authorities to have their social media monitored as part of a 'Child in Need' assessment. This practice appears to be part of a proactive strategy on the part of local authorities to discredit vulnerable families in order to refuse support. In our experience, information on social media accounts is often wildly misinterpreted by local authorities who make serious and unfounded allegations…
Content Type: News & Analysis
This week, we read that a former Apple contractor who blew the whistle on the company’s programme to listen to users’ Siri recordings has decided to go public, in protest at the lack of action taken as a result of the July 2019 disclosures. The news adds to a series of revelations that have been reported over the past months.
While the issue raises serious questions regarding the compatibility of such practices with data protection laws, at the same time, it highlights a wider problem that…
Content Type: News & Analysis
GDPR was hard won. PI, together with other civil society actors, fought from the beginning for a version of the law that offers the strongest rights and protections in the face of intense industry lobbying.
Holding the hidden data ecosystem to account
Two years ago, we committed to using GDPR to seek to hold to account the hidden data ecosystem - those companies that amass and exploit large amounts of our data for profit.
Here’s some of the action we’ve taken:
In Nov 2018,…
Content Type: Advocacy
Privacy International sent a letter to the Investigatory Powers Commissioner’s Office (IPCO) addressing social media monitoring carried out by Local Authorities.
The submission builds on a campaign and research carried out by PI highlighting the growth of social media monitoring across Local Authorities, as well as the general lack of internal oversight for some of these activities. After providing an introduction to the research and the findings, the letter highlights each of PI’s concerns…
Content Type: Case Study
You have the right to decent standards and dignity at work, and the right to join a union to protect yourself and your rights. That might come as a shock to Amazon - who have been using Covid-19 as a reason to undermine those rights.
Chris Smalls, an organiser and now former Amazon warehouse assistant manager, led a walkout at a New York City facility and within days he’d been fired under a dubious pretext.
The walkout was to ensure workers’ safety - they were asking for the warehouse to be…
Content Type: Examples
As the first confirmed coronavirus case in Pakistan, Yahyah Jaffery became a pariah after his identity, photograph, and home address were leaked on social media. Similar leaks about dozens of other patients and medical staff followed. The contact tracing system being used for coronavirus was originally developed by the country's Inter-Service Intelligence (ISI) to combat terrorism; it is based on a new data hub in Islamabad that will collect information from the ISI tracking system and share…
Content Type: Examples
A remote-controlled yellow and black robot dog built by Boston Dynamics has been deployed in a Singapore central park for a two-week trial in which the dog politely, in a female voice, in English, reminds cyclists and joggers to stay at least one metre apart. Breaking the lockdown rules attracts fines and even jail time. Residents are only allowed to leave home alone for essential trips and must wear a mask at all times in public.
Other robots being trialled include a small car. The robot dog…
Content Type: Examples
Under the country's emergency laws, on May 4 the Hungarian government announced it would suspend parts of GDPR and exempted authorities from key provisions such as subject access rights, the right to request erasures, and providing notice that personal information is being collected and stored as long as the data is being collected under the rubric of coronavirus-related health protection.
The changes will remain in place until the government declares the end of the emergency. Opposition…
Content Type: Examples
Only 16% of Australians had downloaded the country's COVIDSafe app by May 3, a week after its launch on April 26, even though most said they support the federal government's coronavirus contact tracing app. In an Ipsos poll, 80% of those who said they were unlikely to download the app cited privacy concerns such as who holds and has access to the data, and which country's law applies. The government has said its goal is for at least half of the population to download and install the app.…
Content Type: Examples
The Australian journalist Chris Buckley, who reports for the New York Times, was forced to leave China on April 10 after 24 years of reporting on the country, bringing the number of journalists forced out of the country in the last year to 19.
After travelling to Wuhan to report on the unfolding outbreak on the day the city was locked down in January, he was told to stop when his press card expired in February. The division of the Foreign Ministry responsible for international media…
Content Type: Examples
The Egyptian president, Abdel-Fattah el-Sissi, has approved 18 amendments to the country's emergency law that allow him and security agencies additional powers. Only five of the amendments are clearly related to public health.
Along with closing schools and universities, quarantining people returning to the country, postpone taxes and utility payments, and provide economic support, additions include expanded powers to ban public and private meetings, protects, celebrations, and other forms of…
Content Type: Examples
A parliamentary panel granted Israel's Shin Bet security service an additional three weeks to use mobile phone data to track people infected with the coronavirus; prime minister Benjamin Netanyahu had requested a six-week extension while his government drafts legislation to regulate the data use in line with requirements imposed by the Israeli Supreme Court. Testimony given to the parliament's intelligence subcommittee showed that the Shin Bet surveillance was the reason it was possible to…
Content Type: Examples
After a call from a vendor, India's state-owned Broadcast Engineering Consultants Limited (BECIL) put out an expression of interest for electronic bracelets and accompanying software for use to ensure that COVID-19 patients do not violate their quarantine orders.
A hundred companies responded. BECIL saw the idea as an opportunity to sell a patient surveillance system to municipal corporations, private companies, welfare resident societies, and central government departments. BECIL, which was…
Content Type: News & Analysis
In a legal challenge brought by French activist group, La Quadrature du Net (LGDN), the Conseil d’État, the French highest court, has ruled that the use of drones by the police in the context of monitoring compliance with Covid-19 lockdown measures was unlawful.
The ruling found that the imagery and footage captured by drones flying at a low altitude was personal data to the extent that individuals filmed were identifiable. Consequently, the operation of drones by the police amounted…
Content Type: Examples
A security lapse exposed one of the core databases of the coronavirus self-test symptom checker app launched by India's largest cellphone network, Jio, shortly before the government lockdown began in late March.
The database, which had no password protection and contained millions of logs and records collected during the last two weeks in April, was found by security researcher Anurag Sen on May 1.
Some of the exposed records included individuals who answered a series of questions to create a…