Advanced Search
Content Type: Long Read
In 2024, Privacy International (PI) continued to produce real change by challenging governments and corporations that use data and technology to exploit us.Since the beginning of the year, we’ve achieved some wins and would like to share the most recent ones with you.Creating change is hard, and takes time. We have to uncover problems, draw attention to them, and pressure for change. In the latest quarter, we've been able to push regulators for stronger standards on generative AI systems, draw…
Content Type: Long Read
Elections and political campaigns are increasingly mediated by digital technologies. These technologies rely on collecting, storing, and analysing personal information to operate. They have enabled the proliferation of tailor-made political advertising. The recent proliferation of AI technologies is enabling ever more sophisticated content creation and manipulation in the context of elections.In parallel, governments are continuing to invest in digital technologies for the running of elections…
Content Type: News & Analysis
Artificial intelligence decision making systems have in recent years become a fixture of immigration enforcement and border control. This is despite the clear and proven harmful impacts they often have on individuals going through the immigration system. More widely, the harms of automated decision making have been increasingly there for all to see: from systems that encode bias and discrimination, as happened in the case of an algorithm used to detect benefit fraud in the Netherlands, to…
Content Type: Advocacy
In May 2024, we made a submission for the forthcoming report of the UN Special Rapporteur on the right to education to the General Assembly in October 2024.
Amongst others we recommend the UN Special Rapporteur for this upcoming report to:
Underline the need for a human rights-based approach to all AI systems in the education sector and describe the necessary measures to achieve it.
Reassert that any interference with the right to privacy and the advancement of the right to education due to…
Content Type: News & Analysis
On 15 May 2024, a London Administrative Court handed down its judgment in the case of ADL & Ors v Secretary of State for the Home Department, just two months after another court judgment and a ruling of the UK's data protection authority (ICO). The four Claimants in this latest case (including asylum seekers and survivors of trafficking) were challenging the UK Home Office's policy of placing people released from immigration detention under 24/7 GPS surveillance - either by shackling them…
Content Type: Video
The case dealt with a Russian law obliging telecommunications service providers to indiscriminately retain content and communications data for certain time periods, as well as a 2017 disclosure order by the Russian Federal Security Service requiring Telegram Messenger company to disclose technical information which would facilitate “the decoding of communications”.Links:PI case pageECtHR judgment in the Podchasov casePI's work on encryptionPI's report on End-to-End Encryption (E2EE)More…
Content Type: News & Analysis
In a significant and forceful decision, on 1 March 2024 the UK's Data Protection Authority found that the UK Government's GPS tagging of migrants arriving to the UK by small boats and other "irregular" routes was unlawful.
The decision comes as a result of Privacy International's complaint filed in August 2022 against the GPS tagging policy, which alleged widespread and significant breaches of privacy and data protection law. Our complaint relied extensively on anonymous testimonies of…
Content Type: Advocacy
Privacy International had suggested the Human Rights Committee consider the following recommendations for the UK government:Review and reform the IPA 2016 to ensure its compliance with Article 17 of the ICCPR, including by removing the powers of bulk surveillance;Abandon efforts to undermine the limited safeguards of the IPA 2016 through the proposed Investigatory Powers Amendment Bill;Refrain from taking any measures that undermine or limit the availability of encrypted communications or other…
Content Type: Advocacy
Privacy International joined civil society efforts to call the South African Parliament not to approve the draft General Intelligence Laws Amendment Bill 2023 (GILAB), which was approved by the Cabinet and introduced in Parliament.
The Bill was proposed by the South African government, after the Constitutional Court found the Regulation of Interception of Communications Act of 2002 (RICA) unconstitutional on multiple grounds.
The draft Bill fails to meet the human rights standards on many…
Content Type: Advocacy
Background
In August 2022, Amazon announced that they had entered into a definitive merger agreement to acquire iRobot, a company that specialises in designing and building consumer robots. The transaction was formally notified to the European Commission on 1 June 2023, while the UK Competition and Markets Authority (CMA) has already launched an investigation into the transaction since April 2023.
We believe that this acquisition is likely to significantly impede effective competition in and…
Content Type: Advocacy
Privacy International welcomes the aim of the Cyber Resilience Act to bolster cybersecurity rules to ensure more secure hardware and software products. Nevertheless, we note that the proposal put forward by the European Commission contains certain shortcomings which could both hamper innovation and harm consumers who are increasingly relying on digital products and services.
It is essential these shortcomings, detailed below, are effectively addressed by the EU co-legislators through the…
Content Type: Long Read
We won our case against the UK’s Security Service (MI5) and the Secretary of State for the Home Department (SSHD). The Investigatory Powers Tribunal (IPT) – the judicial body responsible for monitoring UK’s intelligence and security agencies – held that MI5 acted unlawfully by knowingly holding people’s personal data in systems that were in breach of core legal requirements. MI5 unlawfully retained huge amounts of personal data between 2014 and 2019. During that period, and as a result of these…
Content Type: Press release
In a landmark judgment, handed down today (Monday 30 January 2023), the Investigatory Powers Tribunal have found that there were “very serious failings” at the highest levels of MI5 to comply with privacy safeguards from as early as 2014, and that successive Home Secretaries did not to enquire into or resolve these long-standing rule-breaking despite obvious red flags.
Human rights organisations Liberty and Privacy International, who brought this significant legal case in January 2020, have…
Content Type: Press release
The decision by the EU’s oversight body follows a year-long inquiry prompted by complaints outlining how EU bodies and agencies are cooperating with governments around the world to increase their surveillance powers filed by Privacy International, Access Now, the Border Violence Monitoring Network, Homo Digitalis, International Federation for Human Rights (FIDH), and Sea-Watch.The complainants welcome the decision by the European Ombudsman and call on the Commission to urgently review its…
Content Type: News & Analysis
In a judgment of 14 October 2022, the UK High Court ordered the UK Home Office to provide remedy to the thousands of migrants affected by its unlawful policy and practice of seizing mobile phones from people arriving by small boats to UK shores.
The availability and spread of new technologies, and the exponential amounts of data they generate, are regularly being abused by governments to surveil and control people - but these new forms of surveillance are only starting to make their way through…
Content Type: Long Read
In the wake of the recent news of the US Supreme Court’s decision to overturn the ruling of Roe v Wade in its ruling in Dobbs v Jackson Women's Health Organization, headlines have been dominated by conversations around privacy and fears of how the criminalisation of abortion care and surveillance by law enforcement will play out in a tech driven world.This discussion is increasingly important as governments move towards digitising their healthcare systems and as more individuals choose to…
Content Type: Press release
Meta, the largest provider of social media sites and display advertising in the UK, acquired GIPHY, the largest provider of GIFs. In its report of 30 November 2021 the CMA found that the completed merger between Meta and GIPHY will give rise to a substantial lessening of competition.
The CAT confirmed the CMA's assessment and dismissed all but one of Meta’s appeal grounds, paving the way for Meta to sell GIPHY, as demanded by the CMA.
PI was granted permission to intervene in this case, one of…
Content Type: News & Analysis
Background
Today judgment has been handed down in the landmark case of R (HM and MA and KH) v Secretary of State for the Home Department.
This is a Judicial Review decision concerning the UK Home Office’s secret and blanket policy of seizing mobile phones of all migrants who arrived to the UK by small boat between April 2020 and November 2020, and extracting data from all phones. PI was a third party intervener in the case.
The case revealed that migrants were searched on arrival at Tug Haven…
Content Type: Video
In Kenya, if you don’t have an ID, life can be extremely difficult. But for thousands of people across the country, getting an ID can be nigh on impossible. Some Kenyan citizens can’t obtain a national ID because they are registered in the Kenyan refugee database. Often referred to as victims of double registration, their predicaments reveal a deeper problem with ID itself.
Now Haki na Sheria - a Kenyan organisation advocating for and supporting the victims of double registration - and three…
Content Type: News & Analysis
The notorious Clearview AI first rose to prominence in January 2020, following a New York Times report. Put simply, Clearview AI is a facial recognition company that uses an “automated image scraper”, a tool that searches the web and collects any images that it detects as containing human faces. All these faces are then run through its proprietary facial recognition software, to build a gigantic biometrics database.
What this means is that without your knowledge, your face could be stored…
Content Type: News & Analysis
What if we told you that every photo of you, your family, and your friends posted on your social media or even your blog could be copied and saved indefinitely in a database with billions of images of other people, by a company you've never heard of? And what if we told you that this mass surveillance database was pitched to law enforcement and private companies across the world?
This is more or less the business model and aspiration of Clearview AI, a company that only received worldwide…
Content Type: Video
<br />
Links
Read more about the ICO's provisional decision
Support our work
You can find out more about Clearview by listening to our podcast: The end of privacy? The spread of facial recognition
Content Type: Advocacy
Our environment is increasingly populated by devices connected to the Internet, from computers and mobile phones to sound systems and TVs to fridges, kettles, toys, or domestic alarms. There has been research into the negative safety and privacy impacts of inadequate security provided by the software in such devices (such as the creation of large scale botnets). This is also the case with outdated security, a risk enabled by software support periods that are shorter than a product’s usable life…
Content Type: Long Read
For many, browsing the internet or checking social media comes with its fair share of being targeted with ads selling “fad diet” subscription-based programmes, magic weight-loss powders, or promising a secret trick to lose weight quickly. Some of the products and programmes sold have been described as scams, with a very real impact for those suffering from eating disorders and those who fall prey to these ads. This is even more problematic due to the Covid-19 pandemic, which has seen the…
Content Type: News & Analysis
What happened
On 22 July 2021, the Investigatory Powers Tribunal (IPT) issued a declaration on our challenge to the UK bulk communications regime finding that section 94 of the Telecommunications Act 1984 (since repealed by the Investigatory Powers Act 2016) was incompatible with EU law human rights standards. The result of the judgment is that a decade’s worth of secret data capture has been held to be unlawful. The unlawfulness would have remained a secret but for PI’s work.
You…
Content Type: Long Read
On 25 May 2021, the European Court of Human Rights issued its judgment in Big Brother Watch & Others v. the UK. Below, we answer some of the main questions relating to the case.
After our initial reaction, below we answer some of the main questions relating to the case.
NOTE: This post reflects our initial reaction to the judgment and may be updated.
What’s the ruling all about?
In a nutshell, one of the world’s most important courts, the Grand Chamber of the European Court of Human…
Content Type: Press release
The Grand Chamber of the European Court of Human Rights has today ruled that UK mass surveillance laws violate the rights to privacy and freedom of expression.
It found that:
The UK’s historical bulk interception regime violated the right to privacy protected by Article 8 of the European Convention on Human Rights and freedom of expression, protected by Article 10. Particularly it found that:
the absence of independent authorisation,
the failure to include the categories of selectors…
Content Type: News & Analysis
Back in 2019, UK Health Secretary Matt Hancock announced a partnership between the NHS and Amazon Alexa. The goal of the partnership was for Alexa to be able to use the content of the NHS website when people asked health-related questions.
At the time, we expressed a number of concerns regarding this agreement: Amazon did not appear to be an actor that should be trusted with our health information, and seeing the Health Secretary publicly praising this new agreement appeared to give…
Content Type: News & Analysis
Unwanted Witness’ research into Safeboda highlighted the company’s failure to comply with some of the law's core data protection principles, with a number of implications for the exercise of data subject rights. The enforcement action against Safeboda by National Information Technology Authority, Uganda (NITA-U) requires the company to make fundamental changes to how they handle people's personal data in order to comply with the Data Protection and Privacy Act, 2019.
This first landmark…
Content Type: Long Read
What’s the ruling all about?
The Constitutional Court of South Africa in a historic judgment declared that bulk interception by the South African National Communications Centre is unlawful and invalid. Furthermore, the Constitutional Court found that the Regulation of Interception of Communications and Provision of Communication-Related Information Act (RICA) 1) was deficient in failing to provide at least a post-notification procedure for subjects of interception; 2) failed to ensure the…