Advanced Search
Content Type: Press release
La CNIL a aujourd'hui prononcé une sévère sanction contre Criteo, une des plus grandes sociétés françaises de pistage et publicité en ligne. Le montant de l'amende a été réduit de 60 à 40 millions d'euros depuis l'audience qui s'est tenue à la CNIL en Mars 2023, durant laquelle Criteo avait mis en avant son bénéfice net de 10 millions d'euros en 2022 pour plaider en faveur d'une réduction de sa peine. La CNIL semble avoir entendu ces arguments, mais a heureusement maintenu une amende…
Content Type: Press release
French data regulator CNIL announced today a strong sanction against Criteo, one of the world's largest AdTech companies. Although close to the maximum GDPR fine, the amount of the fine was reduced from 60 to 40 million following a hearing at CNIL's offices in March 2023, during which Criteo pleaded for a reduced fine in light of its 10 million euros profit in 2022. CNIL seems to have acknowledged this argument but maintained a significant fine. This sanction follows a Privacy International…
Content Type: Frequently Asked Questions
On 27 October 2020, the UK Information Commissioner's Office (ICO) issued a report into three credit reference agencies (CRAs) - Experian, Equifax and TransUnion - which also operate as data brokers for direct marketing purposes.
After our initial reaction, below we answer some of the main questions regarding this report.
Content Type: News & Analysis
Privacy International (PI) welcomes today's report from the UK Information Commissioner's Office (ICO) into three credit reference agencies (CRAs) which also operate as data brokers for direct marketing purposes. As a result, the ICO has ordered the credit reference agency Experian to make fundamental changes to how it handles people's personal data within its offline direct marketing services.
It is a long overdue enforcement action against Experian.…
Content Type: News & Analysis
Almost a year and a half ago we complained about seven companies to three data protection authorities in Europe. These companies, ranging from AdTech to data brokers and credit rating agencies, thrive on the collection, exploitation and processing of personal data. They profile and categorise people - without our knowledge and infringing multiple legal requirements.
Now, the French Data Protection Authority CNIL has informed us that they are following the same route and …
Content Type: Advocacy
Privacy International provided comments to the UK Financial Conduct Authority on the Terms of Reference to its Credit Information Market Study.
We highlighted that:
Credit data (whether ‘traditional’ credit data; data from Open Banking sources, or other sources of data like social media) are hugely revealing of people’s lives far beyond the state of their financial affairs.
The affects upon consumer behaviour of this use of data in the credit sector extends beyond the choices they…
Content Type: Advocacy
Dear Chair and Committee colleagues,
Privacy International is an international NGO, based in London, which works with partners around the world to challenge state and corporate surveillance and data exploitation. As part of our work, we have a dedicated programme “Defending Democracy and Dissent” where we advocate for limits on data exploitation throughout the electoral cycle.
We have been closely following the important work of the Committee. Prompted by the additional evidence provided…
Content Type: Press release
The Irish Data Protection Commission has today launched an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry. PI's 2018 investigation and subsequent submission to the Irish DPC showed how the company is systematically collecting and exploiting people's data in ways people are unaware of. PI also investigated and complained about Acxiom, Criteo, Experian, Equifax, Oracle, and Tapad.
PI welcomes this announcement and its focus on…
Content Type: Press release
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. Privacy International urges the data protection authorities to investigate these companies and to protect individuals from the mass exploitation of their data.
Our complaints target companies that, despite exploiting the data of millions of…
Content Type: Long Read
It’s 15:10 pm on April 18, 2018. I’m in the Privacy International office, reading a news story on the use of facial recognition in Thailand. On April 20, at 21:10, I clicked on a CNN Money Exclusive on my phone. At 11:45 on May 11, 2018, I read a story on USA Today about Facebook knowing when teen users are feeling insecure.
How do I know all of this? Because I asked an advertising company called Quantcast for all of the data they have about me.
Most people will have never heard of…
Content Type: Long Read
This piece was written by Ashley Gorski, who is an attorney at the American Civil Liberties Union, and PI legal officer Scarlet Kim and originally appeared in The Guardian here.
In recent weeks, the Hollywood film about Edward Snowden and the movement to pardon the NSA whistleblower have renewed worldwide attention on the scope and substance of government surveillance programs. In the United States, however, the debate has often been a narrow one, focused on the…
Content Type: Long Read
This week, Privacy International, together with nine other international human rights NGOs, filed submissions with the European Court of Human Rights. Our case challenges the UK government’s bulk interception of internet traffic transiting fiber optic cables landing in the UK and its access to information similarly intercepted in bulk by the US government, which were revealed by the Snowden disclosures. To accompany our filing, we have produced two infographics to illustrate the…
Content Type: Long Read
Few revelations have been been as troubling for the right to privacy as uncovering the scope of the Five Eyes alliance. The intelligence club made up of Australia, Canada, New Zealand, the United Kingdom and the United States has integrated its collection efforts, staff, bases, and analysis programs. Yet the legal rulebook governing how the agencies ensure the most comprehensive joint surveillance effort in the history of mankind remains secret.
The little that is known suggests a…
Content Type: Long Read
Many people imagine intelligence sharing to be a practice whereby men in trench coats silently slide manilla envelopes containing anonymous tip-offs or intelligence reports marked TOP SECRET across tables in smoke-filled rooms.
While such practices certainly exist, they represent only a tiny slice of intelligence sharing activities, and are vastly overshadowed by the massive exchange of bulk unanlysed (raw) intelligence data that takes place between the UK and its Five Eyes allies.…
Content Type: Long Read
Bad analogies about surveillance technology pervade newspaper reports, politicians’ speeches, and legal arguments. While it’s natural to want simple explanations to understand complex technology, it does us a disservice when governments, the media, or the courts mislead us through analogies that are inadequate. It is even worse if these analogies are used as a basis for policy change.
Privacy International’s legal challenge against GCHQ’s mass surveillance rests…
Content Type: Long Read
The recent revelations, made possible by NSA-whistleblower Edward Snowden, of the reach and scope of global surveillance practices have prompted a fundamental re- examination of the role of intelligence services in conducting coordinated cross-border surveillance.
The Five Eyes alliance of States – comprised of the United States National Security Agency (NSA), the United Kingdom’s Government Communications Headquarters (GCHQ), Canada’s Communications Security Establishment Canada (CSEC), the…
Content Type: Report
The recent revelations, made possible by NSA-whistleblower Edward Snowden, of the reach and scope of global surveillance practices have prompted a fundamental re-examination of the role of intelligence services in conducting coordinated cross-border surveillance.
The Five Eyes alliance of States – comprised of the United States National Security Agency (NSA), the United Kingdom’s Government Communications Headquarters (GCHQ), Canada’s Communications Security Establishment Canada (CSEC), the…
Content Type: News & Analysis
With the launch of the "Eyes Wide Open" project, Privacy International has put together a fact sheet about the secretive Five Eyes alliance. Consider this a guide to the secret surveillance alliance that has infiltrated every aspect of the modern global communications system.
Beginning in 1946, an alliance of five English-speaking countries (the US, the UK, Australia, Canada and New Zealand) developed a series of bilateral agreements over more than a decade that became known as the UKUSA…
Content Type: Long Read
Britain's spy agency, GCHQ, is secretly conducting mass surveillance by tapping fibre optic cables, giving it access to huge amounts of data on both innocent citizens and targeted suspects, according to a report in the Guardian.
Mass, indiscriminate surveillance of this kind goes against an individual's fundamental human right to privacy. The scope and scale of this program, which monitors the entire British public and much of the world, is neither necessary nor proportionate and thus,…