Search
Content type: Report
In contrast to automated decision-making, profiling is a relatively novel concept in European data protection law. It is now explicitly defined in Article 4(4) of the EU General Data Protection Regulation (GDPR), and refers to the automated processing of data (personal and not) to derive, infer, predict or evaluate information about an individual (or group), in particular to analyse or predict an individual’s identity, their attributes, interests or behaviour.
Through profiling, highly…
Content type: Long Read
As we said before, Facebook and Cambridge Analytica scandals are a wake-up call for policy makers. And also a global issue. People around the world are concerned by the exploitation of their data. The current lack of transparency into how companies are using people’s data is unacceptable and needs to be addressed.
There is an entire hidden ecosystem of companies harvesting and sharing personal data. From credit scoring and insurance quotations to targeted political communication, this…
Content type: Long Read
Today Privacy International together with 27 other organisations from across Europe urge European governments to strengthen the protection of privacy and security of online communications. The proposal to reform e-privacy in Europe was launched in January 2017. However, despite the clear and urgent need of this reform, recently demonstrated by the Facebook/Cambridge Analytica case, the negotiations by EU member states have been inconclusive. Worse still, some governments seem willing to…
Content type: Long Read
The ongoing Facebook and Cambridge Analytica scandal is a wake-up call for UK policy-makers who too often encourage and promote digital industries over the protection people’s personal data. The scandal has shown that the public is concerned by companies’ exploitation of their data. The current lack of transparency into how companies are using people’s data is unacceptable and needs to be addressed.
Reform should not be limited to the behaviour of individual companies. Consumers are confronted…
Content type: Advocacy
At the core of data protection debates, there is a power play between empowering individuals to control their data and empowering those who use (or want to) use their data. By regulating data processing, it provides avenues for individuals to exercise their rights if there is any unlawful interference in this power play.
It is crucial for any regulatory framework to be centred around the protection of human rights, autonomy and dignity, and therefore essential to ensure that…
Content type: Advocacy
India has been leading at developing some of the most complex and intense data-intensive systems in the world as exemplified with their mass biometric identification system, known as Aadhaar, as well as in the development and design of new technologies. To find out more about the main privacy issues in India, check out the State of Privacy in India.
And yet, India does not have a comprehensive privacy legislation and only limited data protection standards can be found under section 43A and…
Content type: Advocacy
Este informe de terceras partes interesadas es una contribución escrita presentada por Dejusticia, Fundación Karisma y Privacy International (PI). Dejusticia es una organización de derechos humanos colombiana que brinda conocimientos especializados sobre derechos humanos. Fundación Karisma es una organización de la sociedad civil colombiana que busca dar respuesta a las oportunidades y a las amenazas que surgen en el contexto de la tecnología para el desarrollo para el ejercicio de los derechos…
Content type: Advocacy
This stakeholder report is a submission by Dejusticia, Fundación Karisma and Privacy International (PI). Dejusticia is a Colombian human rights organization that provides expert knowledge on human rights. Fundación Karisma is a Colombian civil society organization that seeks to respond to the opportunities and threats that arise in the context of ‘technology for development’ for the exercise of human rights. PI is a human rights organisation that works to advance and promote the right to…
Content type: Advocacy
Privacy International's briefing on the UK's Data Protection Bill for the second reading in the House of Commons.
Content type: Long Read
To celebrate International Data Privacy Day (28 January), PI and its International Network have shared a full week of stories and research, exploring how countries are addressing data governance in light of innovations in technology and policy, and implications for the security and privacy of individuals.
Content type: News & Analysis
What we can achieve. What we are doing.
A week to discuss global privacy
Throughout these last days, in the context of the #dataprivacyweek, we have been talking about privacy from a global perspective, while showcasing the research done by Privacy International and the organisations who are part of its International Network.
The right to privacy is a particularly multifaceted human right, which manifests in diverse and nuanced ways. As we said when we set the tone for this week, privacy is…
Content type: Long Read
To celebrate International Data Privacy Day (28 January), PI and its International Network have shared a full week of stories and research, exploring how countries are addressing data governance in light of innovations in technology and policy, and implications for the security and privacy of individuals.
At the core of data protection debates, there is a power play between empowering individuals to control their data and empowering those who use (or want to) use their data.
By…
Content type: News & Analysis
It has been almost 40 years since the Council of Europe’s Convention 108 for the Protection of Individuals with regard to Automatic Processing of Personal Data was signed. The Convention was the first binding treaty dealing with privacy and data protection that recognised the necessity to “reconcile the fundamental values of the respect for privacy and the free flow of information between peoples” and is the reason why we celebrate Data Protection Day annually on 28 January.
It has since been…
Content type: News & Analysis
This post was written by Chair Emeritus of PI’s Board of Trustees, Anna Fielder.
The UK Data Protection Bill is currently making its way through the genteel debates of the House of Lords. We at Privacy International welcome its stated intent to provide a holistic regime for the protection of personal information and to set the “gold standard on data protection”. To make that promise a reality, one of the commitments in this government’s ‘statement of intent’ was to enhance…
Content type: News & Analysis
This post was written by PI Policy Officer Lucy Purdon.
In 1956, US Presidential hopeful Adlai Stevenson remarked that the hardest part of any political campaign is how to win without proving you are unworthy of winning. Political campaigning has always been a messy affair and now the online space is where elections are truly won and lost. Highly targeted campaign messages and adverts flood online searches and social media feeds. Click, share, repeat; this is what political engagement looks…
Content type: Advocacy
Privacy International's comments to the Article 29 Working Party Guidelines on automated individual decision-making and profiling are here.
Content type: Advocacy
This briefing consolidates Privacy International's concerns on the UK Data Protection Bill as it reached Report Stage in the House of Lords.
Content type: Press release
Press Release: New report shows how car rental companies are failing to protect drivers' information
A new report by Privacy International shows how car rental companies and car-share schemes are failing to protect drivers' personal information, such as their location, smart phone contents, and place of residence.
The report is here: https://privacyinternational.org/node/987
Key points
Privacy International (PI) rented a series of internet-connected cars and examined the information which was collected and retained on the rental cars' infotainment system*. Every car PI rented…
Content type: Examples
The payday lender Wonga announced in April 2017 that a data breach at the company affected an estimated 270,000 customers, 245,000 of them in the UK and the rest in Poland. The company sent those it thought were affected messages warning that it believed there may have been illegal and unauthorised access to some of the data in their accounts. Wonga was already controversial because of the high rates of interest in charged, and findings by the UK's financial regulator that it had made loans to…
Content type: Examples
A 2017 lawsuit filed by Chicagoan Kyle Zak against Bose Corp alleges that the company uses the Bose Connect app associated with its high-end Q35 wireless headphones to spy on its customers, tracking the music, podcasts, and other audio they listen to and then violates their privacy rights by selling the information without permission. The case reflects many of the concerns associated with Internet of Things devices, which frequently arrive with shoddy security or dubious data…
Content type: Advocacy
In this submission, Privacy International provides the Committee with their observations to the written replies of the Pakistani government and with additional, up to date information to that contained in the brieing submitted to the Committee in advance of the adoption of the list of issues in 2016.
Content type: News & Analysis
7 July 2016
It has been said is that we pay for free services with our personal data. Now, the Privacy Shield exponentially expands this truth and we are paying for the cost of U.S. political dysfunction combined with EU complacency with our privacy. More than four months after the first EU-US Privacy Shield was published on 29 February 2016, a new version has been leaked. Remarkably, it is expected to be adopted.
Four months, two opinions by group of EU data protection…
Content type: News & Analysis
14th August 2017
We found the image here.
We work to collect the minimum amount of data that we need from you to do our jobs within the resources we have, and to protect and use that data in an ethical manner. We are expanding the ways we engage with our supporters, by rebuilding our technical services to ensure that we continue to live up to that commitment.
Here we explain what data we have access to, what we collect, and how we work to protect your data. This piece is more explanatory…
Content type: Report
Financial services are changing, with technology being a key driver. It is affecting the nature of financial services, from credit and lending through to insurance, and even the future of money itself.
The field of fintech is where the attention and investment is flowing. Within it, new sources of data are being used by existing institutions and new entrants. They are using new forms of data analysis.
These changes are significant to this sector and the lives of people it serves. This…
Content type: Advocacy
This briefing covers Part 3 (law enforcement processing) and Part 4 (intelligence services processing) of the Data Protection Bill.
Content type: Advocacy
Privacy International has responded to the European Commission’s consultation on the interoperability of EU information systems for borders and security.
The Commission is currently looking at ways in which various border control and policing EU databases and IT systems can be connected to share and exchange more data.
The plans raise a number of concerns as highlighted by Privacy International in our response. These relate to significant potential harms associated with…