Advanced Search
Content Type: People
Alexandrine is Directory of Strategy at Privacy International. She manages and oversees the development and delivery of Privacy International's strategic portfolio aimed at ensuring that innovative solutions serve individual and communities and protection their dignity rather than state power and corporate interest. This portfolio explores issues of digital identity, protecting communities at risk online, the digitisation of access to economic, social and cultural rights, and the use of data…
Content Type: Report
When you rent a car at the airport, use a car-share for a family day trip, one of the first things you are likely to do before setting off on your journey, is to connect your phone to the car. You switch on the Bluetooth and see a list of other people’s phones that were previously connected - Mike’s iPhone, Samsung Galaxy, Bikerboy_Troi, Dee Dee. You input your journey into the navigation, perhaps noticing stored locations of previous drivers.
Seems fairly innocuous? Wrong. Your name and…
Content Type: Press release
Press Release: New report shows how car rental companies are failing to protect drivers' information
A new report by Privacy International shows how car rental companies and car-share schemes are failing to protect drivers' personal information, such as their location, smart phone contents, and place of residence.
The report is here: https://privacyinternational.org/node/987
Key points
Privacy International (PI) rented a series of internet-connected cars and examined the information which was collected and retained on the rental cars' infotainment system*. Every car PI rented…
Content Type: Examples
A 2009 paper by the US National Academy of Sciences found that among forensic methods only DNA can reliably and consistency match evidence to specific individuals or sources. While it's commonly understood that techniques such as analysis of blood spatter patterns are up for debate, other types of visual evidence have been more readily accepted. In 2015 the FBI announced that virtually all of its hair analysis testing was scientifically indefensible, and in 2016 the Texas Forensic Science…
Content Type: Examples
In 2016, researchers discovered that the personalisation built into online advertising platforms such as Facebook is making it easy to invisibly bypass anti-discrimination laws regarding housing and employment. Under the US Fair Housing Act, it would be illegal for ads to explicitly state a preference based on race, colour, religion, gender, disability, or familial status. Despite this, some policies - such as giving preference to people who already this - work to ensure that white…
Content Type: Examples
In 2017, an automated facial recognition dispenser was installed in one of the busiest toilets in Beijing in order to prevent theft of toilet paper rolls, chiefly by elderly residents. Would-be users must remove hats and glasses and stand in front of a high-definition camera for three seconds in order to receive a 60cm length. Users have complained of software malfunctions that force them to wait, the lack of privacy, and difficulty getting the machines to work. The last of these led the city…
Content Type: Examples
A US House of Representatives oversight committee was told in March 2017 that photographs of about half of the adult US population are stored in facial recognition databases that can be accessed by the FBI without their knowledge or consent. In addition, about 80% of the photos in the FBI's network are of non-criminals and come from sources such as passports. Eighteen states supply driver's licences under arrangement with the FBI. In response, privacy advocates and politicians called for…
Content Type: Examples
Few people realise how many databases may include images of their face; these may be owned by data brokers, social media companies such as Facebook and Snapchat, and governments. The systems in use by Snap and the Chinese start-up Face++ don't save facial images, but map detailed points on faces and store that data instead. The FBI's latest system, as of 2017, gave it the ability to scan the images of millions of ordinary Americans collected from millions of mugshots and the driver's licence…
Content Type: Examples
By 2017, facial recognition was developing quickly in China and was beginning to become embedded in payment and other systems. The Chinese startup Face++, valued at roughly $1 billion, supplies facial recognition software to Alipay, a mobile payment app used by more than 120 million people; the dominant Chinese ride-hailing service, Didi; and several other popular apps. The Chinese search engine Baidu is working with the government of popular tourist destination Wuzhen to enable visitors to…
Content Type: Examples
For a period between the end of October and November 3 2016 the heating and hot water systems in two buildings in the city of Lappeenranta, Finland were knocked out by a distributed denial of service attack designed to make the systems fail. The systems responded by repeatedly rebooting the main control circuit, which meant that the heating was never working - at a time when temperatures had already dropped below freezing. Specialists in building maintenance noted that companies often skimp on…
Content Type: Examples
In 2015, the Swedish startup hub Epicenter began offering employees microchip implants that unlock doors, operate printers, and pay for food and drink. By 2017, about 150 of the 2,000 workers employed by the hub's more than 100 companies had accepted the implants. Epicenter is just one of a number of companies experimenting with this technology, which relies on Near Field Communication (NFC). The chips are biologically safe, but pose security and privacy issues by making it possible to track…
Content Type: Examples
The payday lender Wonga announced in April 2017 that a data breach at the company affected an estimated 270,000 customers, 245,000 of them in the UK and the rest in Poland. The company sent those it thought were affected messages warning that it believed there may have been illegal and unauthorised access to some of the data in their accounts. Wonga was already controversial because of the high rates of interest in charged, and findings by the UK's financial regulator that it had made loans to…
Content Type: Examples
In 2017, an anonymous whistleblower sent a letter to Green party peer Jenny Jones alleging that a secretive Scotland Yard unit was illegally monitoring the private emails of campaigners and journalists. The letter included a list of ten people and the passwords to their email accounts and claimed the police were using an India-based operation that did the work of hacking emails, shredding documents, and using sex as a method of infiltration. Jones's background includes a decade on the…
Content Type: Examples
In 2017, when user Robert Martin posted a frustrated, disparaging review of the remote garage door opening kit Garadget on Amazon, the peeved owner briefly locked him out of the company's server and told him to send the kit back. After complaints on social media and from the company's board members, CEO Denis Grisak reinstated Martin's service. The incident highlighted the capricious and fine-grained control Internet of Things manufacturers can apply and the power they retain over devices…
Content Type: Examples
A 2017 research report found that the most vulnerable smartphone users are the ones whose devices are most open to fraud and harassment. Cheaper, low-end devices are less secure to begin with, and they are also less often replaced than their more expensive counterparts made by. Apple and Google. At any given time there are millions of Android devices that are open to known exploits. Worse, the poorer population that owns these phones are more likely to use them as their sole means of accessing…
Content Type: Examples
Facebook has come under fire after leaked documents revealed the social media site has been targeting potentially vulnerable children.
The allegations suggest the company is gathering information on young people who “need a confidence boost” to facilitate predatory advertising practices.
Confidential documents obtained by The Australian reportedly show how Facebook can exploit the moods and insecurities of teenagers using the platform for the benefit of advertisers.…
Content Type: Examples
In 2017, Uber began a programme experimenting with using psychology and social science insights to influence when, where, and how long its drivers work. Among other techniques, Uber auto-loaded the next fare to encourage the driver equivalent of binge TV-watching; reminded drivers when they're close to their earnings targets to keep them from logging off; and used game-style graphics and small-value awards to keep drivers at the wheel. The company also had male managers adopt female…
Content Type: Examples
Connecticut police have used the data collected by a murder victim's Fitbit to question her husband's alibi. Richard Dabate, accused of killing his wife in 2015, claimed a masked assailant came into the couple's home and used pressure points to subdue him before shooting his wife, Connie. However, her Fitbit's data acts as a "digital footprint", showing she continued to move around for more than an hour after the shooting took place. A 2015 report from the National Institute of…
Content Type: Examples
Even after they move out, domestic abusers may retain control over their former residence via Internet of Things devices and the mobile phone apps that control them. Using those tools, abusers can confuse, intimidate, and spy upon their former spouses and partners. Lack of knowledge about how these technologies work means that those who complain are often not taken seriously. Even the victims themselves may believe it's all in their minds; lawyers are struggling to develop language to add to…
Content Type: Examples
A 2017 lawsuit filed by Chicagoan Kyle Zak against Bose Corp alleges that the company uses the Bose Connect app associated with its high-end Q35 wireless headphones to spy on its customers, tracking the music, podcasts, and other audio they listen to and then violates their privacy rights by selling the information without permission. The case reflects many of the concerns associated with Internet of Things devices, which frequently arrive with shoddy security or dubious data…
Content Type: News & Analysis
13 June 2016
"State capacity to conduct surveillance may depend on the extent to which business enterprises cooperate with or resist such surveillance” notes the Special Rapporteur on freedom of expression in his report on the role of the private sector to respect human rights in the digital age. The Special Rapporteur will present its findings and recommendations to the Human Rights Council on Thursday.
It is no longer sufficient for companies to simply point the finger at…
Content Type: Advocacy
In this submission, Privacy International provides the Committee with their observations to the written replies of the Pakistani government and with additional, up to date information to that contained in the brieing submitted to the Committee in advance of the adoption of the list of issues in 2016.
Content Type: Examples
In 2017, a website run by the Jharkhand Directorate of Social Security leaked the personal details of over.1 million Aadhaar subscribers, most of them old age pensioners who had enabled automatic benefits payment into their bank accounts. Aadhaar is a 12-digit unique identification number issued to all Indian residents based on their biometric and demographic data. Both cyber security agencies and the Supreme Court have expressed concerns over its security,…
Content Type: News & Analysis
Following the alarming evidence that EU-made electronic surveillance equipment is still being exported to authoritarian countries around the world, we strongly urge all EU member states and institutions to respect their human rights obligations and call on them to prioritise long overdue EU reforms.
We are extremely concerned that little has changed since civil society first recognised the need to modernise current EU rules governing the export of surveillance equipment as far back…
Content Type: News & Analysis
20 June 2016
Privacy International joins DRF and A19 in reiterating our serious concerns about the proposed Prevention of Electronic Crimes Bill which is currently being discussed in the Senate in Pakistan. While we note that the Bill adopted by the National Assembly in April 2016 includes some improvements compared to the earlier version, the Bill as currently drafted introduces a series of new provisions that pose a grave risk to freedom of expression and privacy in Pakistan…
Content Type: Advocacy
The powers set out in the Investigatory Powers Act are wide ranging, opaque and lacking in adequate safeguards. The Government have now published updated Draft Codes of Practice for certain parts of the Act. Unfortunately, the Codes do little to solve the Act’s problems. Instead, they add little transparency, occasionally expand powers, and undermine some of the limited safeguards in the Investigatory Powers Act. These Codes demand close scrutiny. The unusually short timeframe for…
Content Type: News & Analysis
7 July 2016
It has been said is that we pay for free services with our personal data. Now, the Privacy Shield exponentially expands this truth and we are paying for the cost of U.S. political dysfunction combined with EU complacency with our privacy. More than four months after the first EU-US Privacy Shield was published on 29 February 2016, a new version has been leaked. Remarkably, it is expected to be adopted.
Four months, two opinions by group of EU data protection…
Content Type: News & Analysis
31 October 2016
This piece originally appeared in The Guardian here.
This government’s “neither confirm nor deny” mantra over the extent of its surveillance powers has been replaced with a new one: “Never apologise, never explain.” On Monday, the tribunal tasked with hearing complaints against our intelligence agencies found that for more than a decade our intelligence agencies had been unlawfully amassing, in bulk, vast amounts of our personal data.
The official public…
Content Type: Advocacy
The feedback in this document was submitted as part of an open Request for Information (RFI) process regarding the document created by The IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems ("The IEEE Global Initiative") titled, Ethically Aligned Design: A Vision for Prioritizing Human Wellbeing with Artificial Intelligence and Autonomous Systems.