Advanced Search
Content Type: News & Analysis
On 11 October 2019, Privacy International together with EDRi, BEUC, AccessNow and Open Society European Policy Institute, sent an open letter to EU Member States, to urge them to conclude the negotiations on the ePrivacy Regulation.
The letter highlights the urgent need for a strong ePrivacy Regulation in order to tackle the problems created by the commercial surveillance business models, and expresses the deep concerns by the fact that the Member States, represented in the Council of the…
Content Type: Long Read
Photo by Nadine Shaabana on Unsplash
Digital identity providers
Around the world, we are seeing the growth of digital IDs, and companies looking to offer ways for people to prove their identity online and off. The UK is no exception; indeed, the trade body for the UK tech industry is calling for the development of a “digital identity ecosystem”, with private companies providing a key role. Having a role for private companies in this sector is not necessarily a problem: after all, …
Content Type: News & Analysis
The latest news of Twitter “inadvertently” sharing email addresses or phone numbers provided for safety or security purposes (for example, two-factor authentication) for advertising purposes is extremely concerning for several reasons.
First of all, it is not the first time for Twitter's used people's data in ways they wouldn't expect or that ignores their choices: in August, the company disclosed that it may have shared data on users with advertising partners, even if they had opted out from…
Content Type: News & Analysis
Photo by Daniel Jensen on Unsplash
Everyone is talking about Facebook's end-to-end encryption plans and the US, UK and Australian government's response. Feeling lost? Here is what you need to know.
What's Facebook trying to do?
First let's be clear: Facebook has many faults when it comes to privacy. It's also suffered a number of security failures recently. See here for instance.
In response to their successive failures to protect your privacy, Facebook announced in their 'pivot to privacy…
Content Type: News & Analysis
Today’s announcement regarding the UK and US agreement signed pursuant to the US CLOUD Act is being touted on both sides of the Atlantic as a major victory for law enforcement and security. But it is a step backward for privacy.
And it’s far more complicated than their press release and letter to industry.
The agreement replaces the prior system, under which law enforcement agencies from around the world, including the UK, had to meet US legal standards in order to get access to content held…
Content Type: Long Read
An analysis of what Facebook, Google, and Twitter have done to provide users with political ad transparency as of September 2019. Our full analysis is linked below.
Recently the role of social media and search platforms in political campaigning and elections has come under scrutiny. Concerns range from the spread of disinformation, to profiling of users without their knowledge, to micro-targeting of users with tailored messages, to interference by foreign entities, and more. Significant…
Content Type: News & Analysis
A new UK Times report claims that “WhatsApp, Facebook and other social media platforms will be forced to disclose encrypted messages from suspected terrorists, paedophiles and other serious criminals under a new treaty between the UK and the US.”
Several other media outlets have followed up on the report, with headlines such as “UK and US set to sign treaty allowing UK police ‘back door’ access to WhatsApp and other ‘end to end encrypted’ messaging platforms”.
While the…
Content Type: News & Analysis
Photo: The European Union
“Border Externalisation”, the transfer of border controls to foreign countries, has in the last few years become the main instrument through which the European Union seeks to stop migratory flows to Europe. Similar to the strategy being implemented under Trump’s administration, it relies on utilising modern technology, training, and equipping authorities in third countries to export the border far beyond its shores.
It is enabled by the adoption…
Content Type: News & Analysis
Photo by Francesco Bellina
The wars on terror and migration have seen international funders sponsoring numerous border control missions across the Sahel region of Africa. Many of these rely on funds supposed to be reserved for development aid and lack vital transparency safeguards. In the first of a series, freelance journalist Giacomo Zandonini sets the scene from Niger.
Surrounded by a straw-yellow stretch of sand, the immense base of the border control mobile company of Maradi, in southern…
Content Type: Long Read
Photo: Francesco Bellina
Driven by the need to never again allow organised mass murder of the type inflicted during the Second World War, the European Union has brought its citizens unprecedented levels of peace underpinned by fundamental rights and freedoms.
It plays an instrumental role in protecting people’s privacy around the world; its data protection regulation sets the bar globally, while its courts have been at the forefront of challenges to unlawful government surveillance…
Content Type: News & Analysis
Today, the High Court of South Africa in Pretoria in a historic decision declared that bulk interception by the South African National Communications Centre is unlawful and invalid.
The judgment is a powerful rejection of years of secret and unchecked surveillance by South African authorities against millions of people - irrespective of whether they reside in South Africa.
The case was brought by two applicants, the amaBhungane Centre for Investigative Journalism and journalist Stephen…
Content Type: News & Analysis
Photo by Sharon McCutcheon on Unsplash
In May, the United Nations Special Rapporteur on extreme poverty and human rights, Philip Alston invited all interested governments, civil society organisations, academics, international organisations, activists, corporations and others, to provide written input for his thematic report on the human rights impacts, especially on those living in poverty, of the introduction of digital technologies in the implementation of national social protection…
Content Type: Long Read
We found this image here.
Using Facebook, Google, and Twitter’s ad libraries, PI has tried to understand how political ads are targeted in the UK. This information – which should be very clear on political ads – is instead being squirreled away under multiple clicks and confusing headings.
Importantly, in most countries around the world, users cannot understand why they’re being targeted with political ads on these platforms at all. This is because Facebook, Google, and Twitter have taken…
Content Type: News & Analysis
Photo: The European Union
On 2 September 2019, Privacy International, together with 60 other organisations, signed an open letter to the European Parliament to express our deep concern about upcoming EU policy proposals which undermine the EU’s founding values of human rights, peace and disarmament.
Since 2017, the EU has diverted funds towards security research and security capacity-building in countries around the world. The proposal for the EU's next budget (2021-2027) will…
Content Type: News & Analysis
The global counter-terrorism agenda is driven by a group of powerful governments and industry with a vested political and economic interest in pushing for security solutions that increasingly rely on surveillance technologies at the expenses of human rights.
To facilitate the adoption of these measures, a plethora of bodies, groups and networks of governments and other interested private stakeholders develop norms, standards and ‘good practices’ which often end up becoming hard national laws…
Content Type: News & Analysis
Photo by Jake Hills on UnsplashOur research has shown how some apps like Maya by Plackal Tech and MIA by Mobbap Development Limited were – at the time of the research – sharing your most intimate data about your sexual life and medical history with Facebook.Other apps like Mi Calendario, Ovulation Calculator by Pinkbird and Linchpin Health were letting Facebook know every time you open the app.We think companies like theses should do better and we are pleased to see some of them have already…
Content Type: Long Read
In December 2018, Privacy international exposed the dubious practices of some of the most popular apps in the world.
Out of the 36 apps we tested, we found that 61% automatically transfer data to Facebook the moment a user opens the app. This happens whether the user has a Facebook account or not, and whether they are logged into Facebook or not. We also found that some of those apps routinely send Facebook incredibly detailed and sometimes sensitive personal data. Again, it didn’t matter if…
Content Type: Long Read
A new study by Privacy International reveals how popular websites about depression in France, Germany and the UK share user data with advertisers, data brokers and large tech companies, while some depression test websites leak answers and test results with third parties. The findings raise serious concerns about compliance with European data protection and privacy laws.
This article is part of a research led by Privacy International on mental health websites and tracking. Read our…
Content Type: News & Analysis
This article is part of a research led by Privacy International on mental health websites and tracking. Read our full report.
According to the World Health Organisation (WHO), 25 percent of the European population suffers from depression or anxiety each year, yet about 50% of major depressions remain untreated. This means that everyday thousands of people are looking for information about depression online. They take tests to find out how serious their symptoms are, they try to access…
Content Type: News & Analysis
The Irish Data Protection Commissioner has made a ruling on the controversial Public Services Card (PSC) that has described much of what is is done with the card as unlawful. The PSC has proven controversial: introduced in 2012 for welfare claimants, it's use expanded to more and more uses, including its use to get a driving licence or passport. Now, following campaigns from civil liberties organisations, this expansion of use has now been found to be unlawful by Ireland's Data Protection…
Content Type: Long Read
It is common ground that bulk collection of content would be a deprivation of the right to privacy. That is an inexcusable or unjustifiable step too far. Repeatedly the Government whether in litigation or legislating, has emphasised that they are not taking content in bulk. Content is the forbidden ground.
This has resulted in the Government seeking to explain, for example, what parts of an email would constitute content and meta data. Within the Investigatory Powers Act it has led to the…
Content Type: Long Read
This blog is about our new Twitter bot, called @adversarybot. If you want to follow the account, please do watch the pinned 'Privacy Policy' tweet before you do so.
Content Type: News & Analysis
The Watson/Tele2 decision of the CJEU concerned section 1 and 2 of DRIPA and the Data Retention Regulations 2014. This contained the legislative scheme concerning the power of the Secretary of State to require communications service providers to retain communications data. Part 3 of the Counter-Terrorism and Security Act 2015 amended DRIPA so that an additional category of data - that necessary to resolve Internet Protocol addresses - could be included in a requirement to retain…
Content Type: Long Read
Six years after NSA contractor Edward Snowden leaked documents providing details about how states' mass surveillance programmes function, two states – the UK and South Africa – publicly admit using bulk interception capabilities.
Both governments have been conducting bulk interception of internet traffic by tapping undersea fibre optic cables landing in the UK and South Africa respectively in secret for years.
Both admissions came during and as a result of legal proceedings brought by…
Content Type: News & Analysis
Picture: XoMEoX CC BY 2.0
1. Definitions of ‘fraud’ lack transparency and are often deceptive. States often define ‘fraud’ in vague and overbroad terms, which creates a seemingly compelling catch-all justification for denying or terminating benefits. The general public will often support this political narrative unless they have a greater understanding of the realities facing social benefit claimants and their experience navigating confusing and complex social benefits systems.…
Content Type: News & Analysis
Picture: Antti T. Nissinen, CC BY 2.0
In addition to the issues we highlighted in stage 1, where intrusive personal information is required in order to apply for social benefits, recipients who seek to maintain their social benefits are required to regularly disclose similar information and are also subjected to the numerous forms of surveillance described above.
1. Social benefits systems use monitoring to exert control over recipients. These systems are imbued with the…
Content Type: News & Analysis
Picture: Christian Schnettelker
1. The process of applying for social benefits subjects people to humiliating and punishing scrutiny. It is gruelling and harmful in and of itself. It requires people to invest significant time and resources, and to disclose vast amounts of personal information. For example, people may be required to turn over troves of personal documents (such as documents that show people’s financial status, housing, income, family structure, and identity), provide biometric…
Content Type: News & Analysis
On Tuesday, Twitter disclosed that it may have shared data on users with advertising partners, even if they have opted out from personalised ads, and shown people ads based on inferences made about the devices they use without permission. According to Twitter, the issue was fixed on Monday, even though it is not yet clear how many users have been affected.
This is not the first time that Twitter had to admit that it leaked user data to advertisers. In May 2019, the social…
Content Type: Long Read
Image credit: Emil Sjöblom [ShareAlike 2.0 Generic (CC BY-SA 2.0)]
Prepaid SIM card use and mandatory SIM card registration laws are especially widespread in countries in Africa: these two factors can allow for a more pervasive system of mass surveillance of people who can access prepaid SIM cards, as well as exclusion from important civic spaces, social networks, and education and health care for people who cannot.
Mandatory SIM card registration laws require that people provide personal…