Search
Content type: News & Analysis
This post was written by PI Policy Officer Lucy Purdon.
In 1956, US Presidential hopeful Adlai Stevenson remarked that the hardest part of any political campaign is how to win without proving you are unworthy of winning. Political campaigning has always been a messy affair and now the online space is where elections are truly won and lost. Highly targeted campaign messages and adverts flood online searches and social media feeds. Click, share, repeat; this is what political engagement looks…
Content type: Advocacy
Privacy International's comments to the Article 29 Working Party Guidelines on automated individual decision-making and profiling are here.
Content type: Advocacy
This briefing consolidates Privacy International's concerns on the UK Data Protection Bill as it reached Report Stage in the House of Lords.
Content type: Press release
Press Release: New report shows how car rental companies are failing to protect drivers' information
A new report by Privacy International shows how car rental companies and car-share schemes are failing to protect drivers' personal information, such as their location, smart phone contents, and place of residence.
The report is here: https://privacyinternational.org/node/987
Key points
Privacy International (PI) rented a series of internet-connected cars and examined the information which was collected and retained on the rental cars' infotainment system*. Every car PI rented…
Content type: Examples
The payday lender Wonga announced in April 2017 that a data breach at the company affected an estimated 270,000 customers, 245,000 of them in the UK and the rest in Poland. The company sent those it thought were affected messages warning that it believed there may have been illegal and unauthorised access to some of the data in their accounts. Wonga was already controversial because of the high rates of interest in charged, and findings by the UK's financial regulator that it had made loans to…
Content type: Examples
A 2017 lawsuit filed by Chicagoan Kyle Zak against Bose Corp alleges that the company uses the Bose Connect app associated with its high-end Q35 wireless headphones to spy on its customers, tracking the music, podcasts, and other audio they listen to and then violates their privacy rights by selling the information without permission. The case reflects many of the concerns associated with Internet of Things devices, which frequently arrive with shoddy security or dubious data…
Content type: Advocacy
In this submission, Privacy International provides the Committee with their observations to the written replies of the Pakistani government and with additional, up to date information to that contained in the brieing submitted to the Committee in advance of the adoption of the list of issues in 2016.
Content type: News & Analysis
7 July 2016
It has been said is that we pay for free services with our personal data. Now, the Privacy Shield exponentially expands this truth and we are paying for the cost of U.S. political dysfunction combined with EU complacency with our privacy. More than four months after the first EU-US Privacy Shield was published on 29 February 2016, a new version has been leaked. Remarkably, it is expected to be adopted.
Four months, two opinions by group of EU data protection…
Content type: News & Analysis
14th August 2017
We found the image here.
We work to collect the minimum amount of data that we need from you to do our jobs within the resources we have, and to protect and use that data in an ethical manner. We are expanding the ways we engage with our supporters, by rebuilding our technical services to ensure that we continue to live up to that commitment.
Here we explain what data we have access to, what we collect, and how we work to protect your data. This piece is more explanatory…
Content type: Report
Financial services are changing, with technology being a key driver. It is affecting the nature of financial services, from credit and lending through to insurance, and even the future of money itself.
The field of fintech is where the attention and investment is flowing. Within it, new sources of data are being used by existing institutions and new entrants. They are using new forms of data analysis.
These changes are significant to this sector and the lives of people it serves. This…
Content type: Advocacy
This briefing covers Part 3 (law enforcement processing) and Part 4 (intelligence services processing) of the Data Protection Bill.
Content type: Advocacy
Privacy International has responded to the European Commission’s consultation on the interoperability of EU information systems for borders and security.
The Commission is currently looking at ways in which various border control and policing EU databases and IT systems can be connected to share and exchange more data.
The plans raise a number of concerns as highlighted by Privacy International in our response. These relate to significant potential harms associated with…
Content type: News & Analysis
This piece was written by PI Legal Office Millie Graham Wood.
“The UK is leading the way on modern data protection laws and we have worked closely with our EU partners to develop world leading data protection standards”[1] according to, Matt Hancock MP, Minister of State for Digital. However, the proposals in the UK Data Protection Bill continue and expand a highly secretive system which allows processing of personal data to be exempt from key safeguards and fundamental protections on…
Content type: Report
This report sheds light on the current state of affairs in data retention regulation across the EU post the Tele-2/Watson judgment. Privacy International has consulted with digital rights NGOs and industry from across the European Union to survey 21 national jurisdictions (Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, France, Germany, Hungary, Ireland, Italy, Luxembourg, the Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom).…
Content type: Press release
Key points
Privacy International surveyed 21 EU member states' legislation on data retention and examined their compliance with fundamental human rights standards
0 out of the 21 States examined by PI are currently in compliance with these standards (as interpreted in two landmark judgements by the Court of Justice of the European Union: Tele-2/Watson and Digital Rights Ireland)
Privacy International is calling for:
EU member states to review their legislation on data retention…
Content type: Press release
While welcoming the objective of the Bill, Privacy International has sent a briefing to the House of Lords and a letter to Minister of State for Digital, Matt Hancock MP, outlining key concerns and recommendations. The Bill's stated aim is “to create a clear and coherent data protection regime”, and to update the UK data protection law, including by bringing the EU General Data Protection Regulation (GDPR) and the Data Protection Law Enforcement Directive (DPLED) - into the UK domestic system.…
Content type: News & Analysis
We found this image here.
On 11 October, the LIBE Committee of the European Parliament votes on the draft e-privacy regulation. As the landscape of generation, collection, and other processing of data in the digital sphere evolves, the proposal seeks to update the rules on confidentiality and security of electronic communications and online activities.
Unsurprisingly, companies whose business models rely on tracking individuals online have been busy lobbying against the new regulation. The…
Content type: Advocacy
Privacy International welcomes the aim of this Bill (Data Protection Bill), “to create a clear and coherent data protection regime”, and to update the UK data protection law, including by bringing the EU General Data Protection Regulation (GDPR) and the Data Protection Law Enforcement Directive (DPLED) - into the UK domestic system. This is Privacy International’s briefing on the Data Protection Bill for second reading in the House of Lords
Content type: Press release
While welcoming the objective of the Bill, Privacy International has sent a briefing to the House of Lords and a letter to Minister of State for Digital, Matt Hancock MP, outlining key concerns and recommendations. The Bill's stated aim is “to create a clear and coherent data protection regime”, and to update the UK data protection law, including by bringing the EU General Data Protection Regulation (GDPR) and the Data Protection Law Enforcement Directive (DPLED) - into the UK domestic system.…
Content type: News & Analysis
What do Honduras, Pakistan, and Switzerland have in common? They are all bound to respect and protect the right to privacy under Article 17 of the International Covenant on Civil and Political Rights. And in July 2017, they all also happened to be under the scrutiny of the UN Human Rights Committee, which found the countries’ human rights record wanting in many respects, including the scope of their surveillance legislation.
Intelligence sharing
Reviewing Pakistan, the Committee…
Content type: Advocacy
Privacy International welcomes the willingness of the UK government to implement the EU General Data Protection Regulation (GDPR), which provides stronger standards of protection of personal data to those contained in the EU Directive 1995, whose provisions were implemented in the Data Protection Act 1998. Improved rights and enforcement measures will generate greater trust and therefore greater engagement in the digital environment, which will in turn benefit the economy. …
Content type: News & Analysis
Este artículo fue co-escrita con Valeria Milanes de la Asociación por los Derechos Civiles (ADC). Una versión en ingles está disponible aquí.
En Enero de 2015, el sistema de inteligencia de Argentina fue objeto de atención pública luego de la muerte del fiscal Alberto Nisman, debido a la presunta participación de los servicios de inteligencia en dicho suceso. Este escándalo impulsó la reforma del sistema de inteligencia del país.
En Febrero del mismo…
Content type: Advocacy
This week, from 17th-20th October 2016, the Kingdom of Morocco will be hosting the 38th International Conference of Data Protection and Privacy Commissioners (ICDPPC).
And two scenarios could play out…
Scenario one — like many other occasions, this will be used as wonderfully strategic PR stunt, whereby participants will be whisked directly from the airport to their hotel to the conference venue, and will be enchanted by the genuinely warm Moroccan hospitality. But they will leave…
Content type: Advocacy
This stakeholder report is a submission by Privacy International (PI) and the Right2Know Campaign (R2K). This report has been prepared with the assistance and research done by the Media Policy and Democracy Project. PI is a human rights organisation that works to advance and promote the right to privacy and fight surveillance around the world. R2K is a broad- based, grassroots campaign formed to champion and defend information rights and promote the free flow of information in South Africa…
Content type: Advocacy
This stakeholder report is a submission by Centre for Internet and Society India (CIS India) and Privacy International (PI). CIS is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. Through its diverse initiatives, CIS explores, intervenes in, and advances contemporary discourse and practices around internet, technology and society in India, and elsewhere. PI is a human rights organisation that…
Content type: Advocacy
After the adoption of the EU General Data Protection Regulation, the Data Protection Directive for Law Enforcement Agencies, the EU-US Privacy Shield, your understandable EU privacy policy fatigue is excused.
But when a coalition of tech and telecom industries calls for a relatively obscure EU directive to be repealed, it may unintentionally trigger an atypical Streisand effect: if companies, which often so cavalier to individuals’ privacy, want to get rid of the EU e-privacy…
Content type: News & Analysis
After the adoption of the EU General Data Protection Regulation, the Data Protection Directive for Law Enforcement Agencies, the EU-US Privacy Shield, your understandable EU privacy policy fatigue is excused.
But when a coalition of tech and telecom industries calls for a relatively obscure EU directive to be repealed, it may unintentionally trigger an atypical Streisand effect: if companies, which often so cavalier to individuals’ privacy, want to get rid of the EU e-privacy…