Search
Content type: Press release
A European privacy group claimed today that dozens of amendments to the new Data Protection Regulation being proposed by Members of the European Parliament (MEPs) are being copied word-for-word from corporate lobby papers, with MEPs frequently failing to even remember their own amendments. Max Schrems, of the website and campaign Europe v Facebook, noticed striking similarities between proposed amendments and lobby papers written by representatives of Amazon, eBay, the American Chamber of…
Content type: News & Analysis
Today is Data Privacy Day, which commemorates the 1981 signing of the Coucil of Europe's Convention 108, the first legally binding international treaty dealing with privacy and data protection. It is celebrated all over Europe, as well as in Canada and the United States since 2008. To mark the occasion, Privacy International, together with other prominent privacy and digital rights organisations, is launching the Brussels Declaration. It urges Brussels parliamentarians and European…
Content type: News & Analysis
On International Data Privacy Day, it is important that we all ask ourselves: who has access to our personal information? Who can find out where we’ve been and who we’ve called, who can read our emails and our text messages? Who can find which websites we access and which files we download?
Statistics released by Google and Twitter over the past week are a sobering reminder that it is not only the corporations to which we consensually provide this information which are able…
Content type: Press release
Google's latest Transparency Report, released at 3pm GMT this afternoon, shows that requests by European governments for the browsing history, email communications, documents and IP addresses of Google's users have skyrocketed since the Transparency Report was launched three years ago. Countries in the European Union made 7,254 requests about 9,240 users or accounts between July and December 2012, averaging over 1,200 requests a month. This represents over a third of all requests made by…
Content type: News & Analysis
Court Of Appeal Tells UK Government That Criminal Records Bureau Checks System Breaches Human Rights
Yesterday the Court of Appeal delivered its judgment in the case of R (on the application of T) v Chief Constable of Greater Manchester & Others concerning the operation of the criminal records check system. The court was considering three cases that hinged on the same question: whether or not the blanket requirement on those applying for jobs involving contact with children and vulnerable adults (approximately four million people each year) to disclose all past convictions,…
Content type: News & Analysis
A full analysis of the UK Information Commissioner's "Anonymisation code of practice: managing data protection risk" will take time and working knowledge of how the code is used in practice.
At the launch, the ICO signalled that while they believed the code was now up to scratch, they were open to additions and clarifications given that it is the first document of its kind in the world. We applaud them for this; the code is likely to be copied internationally, so it is particularly…
Content type: News & Analysis
Next week, the European Parliament will make an important decision affecting one of the world’s most vulnerable and stigmatised groups of people: asylum seekers. This decision is part of a larger debate about privacy and function creep, about authorities breaking promises that were made when personal information was collected and using it for new purposes.
EURODAC, a transnational database containing the personal and biometric information of all asylum seekers and illegal immigrants found…
Content type: News & Analysis
There have been two rounds of meetings in 2012 of the OECD Committee for Information, Computer and Communications Policy (ICCP) and some of its working parties – in May and October 2012, with further meeting of two working parties in December. A ‘foresight forum’ on the ‘big data’ theme was held on 22 October. Civil society interest in the ICCP work programme is formalised through the Civil Society Information Society Advisory Council (CSISAC).
The Working Party on Information Security…
Content type: News & Analysis
We welcome the Informational Commissioner's intention to produce guidance for data controllers around the production of Open Data. Rigorous guidance is sorely needed in this area, with even large Government departments getting it dangerously wrong. Some data can be released safely in some circumstances; depending on the type and there has been sufficient consideration of the nuance of the situation. Adequate anonymisation is exceptionally difficult, and reidentification is possibly using…
Content type: News & Analysis
Tuesday’s letter to Google CEO Larry Page, personally signed by 29 European data protection authorities, ordered the corporation (inter alia) to give users greater control over their personal information. The notions of trust and control are emphasised throughout the letter, and Google is urged to "…develop new tools to give users more control over their personal data" and "collect explicit consent for the combination of data for certain purposes". It is good news that the…
Content type: News & Analysis
Greek newspaper To Vima reported late last night that Golden Dawn MP Ilias Panagiotaros has requested the exact data of "foreign infants and young children, by country of origin, who are in nursery schools" in Greece from the Greek Ministry of Interior (the equivalent of the British Home Office or US State Department). To Vima’s headline read 'Taking a leaf out of Herod’s book'.
The request echoes earlier demands made by the party for information about immigrants’ use…
Content type: News & Analysis
APEC privacy activity has passed another milestone with the acceptance in July 2012 of the USA as the first economy to formally join the cross border privacy rules (CBPR) system. The CBPR Joint Oversight Panel (JOP), with the Canadian chair of the Data Privacy Subgroup (DPS) standing in for the US member in accordance with the ‘no conflict of interest’ provisions, accepted the US government application, which nominated the Federal Trade Commission (FTC) as the privacy enforcement authority…
Content type: News & Analysis
Privacy International welcomes the Select Committee Inquiry. We approach the proposed EU Data Protection Framework from the perspective of individual citizens and consumers.
We consider that this Inquiry and other consultations must take into account not just considerations of burdens to business and administrations, but also the fundamental rights of individuals to privacy and data protection that the UK has to comply with as a signatory to EU treaties and conventions.
The…
Content type: Advocacy
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of its proposal, a new Regulation (the “Proposed Regulation”),(1) would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive(2) (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: News & Analysis
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of its proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive2 (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: Advocacy
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of the proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: News & Analysis
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of the proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: News & Analysis
As part of the government’s ambitious Open Data programme, the Cabinet Office announced last year that data from the National Pupil Database (NPD) will be made freely available and accessible to all. The NPD, previously only available to researchers on an academic licence, contains a record for every single state school pupil in the country, covering educational attainment from reception to sixth form, as well as characteristics such as attendance, ethnic background and free…
Content type: News & Analysis
In the PI office, we have daily debates about which platforms to use for our organizational operations. As a privacy charity, we are naturally concerned about the integrity of our own information services and resources, but we frequently receive queries about the best technologies to use from a variety of other organizations, some with very complex threat models.
The sad fact is that we are all poorly served by the range of services currently available. We worry that there is a significant…
Content type: News & Analysis
By now, UK internet users are probably familiar with major sites asking them to consent to the use of website cookies. This is prompted by the 'cookie law' (aka "Directive 2002/58 on Privacy and Electronic Communications", otherwise known as the E-Privacy Directive), which is proving a privacy trainwreck. Theoretically, the Directive was a good idea - a method of preventing companies secretly following a user from site to site across the web. However, ill-executed law can be worse than no law…
Content type: News & Analysis
Privacy is internationally recognized as a fundamental right. Yet the confines of the right to privacy are subject to never-ending games of tug-of-war between individuals, governments and corporations. These games are rarely fair – individuals are often under-informed and lack the capacity to assert and protect their privacy, while those who seek to erode it are increasingly overbearing and secretive. This is particularly the case in developing countries, where the absence of adequate legal and…
Content type: Report
Following on from their 2009 discussion paper, in 2010 the European Commission published a Communication on changes to the 1995 European Union Directive on data protection. The European Union’s 1995 Directive on data protection is a leading regional instrument for privacy and is often the model for other countries across the globe. The Directive has been integral to pushing back against key surveillance and tracking initiaitives by governments and industry.
In this report we respond to that…
Content type: Press release
PI, Genewatch and the Council for Responsible Genetics launch the Forensic Genetic Policy Initiative
Today, 60 countries worldwide operate national DNA databases, and at least 34 more are considering putting them in place. The use of DNA evidence in criminal investigations can bring great benefits to society, helping to solve crimes, convict the guilty and exonerate the innocent. However, the mass storage of DNA samples and computerized profiles in databases raises important human rights concerns. Your DNA profile can be used to track you or your relatives. Your DNA sample has the…
Content type: News & Analysis
News emerged today that the new National Crime Agency will be completely exempt from Freedom of Information laws, creating a ‘cloak of secrecy’ around the organization.
The National Crime Agency (NCA), the government’s proposed successor to the Serious and Organised Crime Agency (SOCA), will target organized crime, fraud, child exploitation and smuggling. Described in the media as an ‘FBI-style’ intelligence agency, the NCA is proposed to become fully operational in December 2013.
But…
Content type: News & Analysis
Last evening (in India, that is) we got some very good news. Earlier, an online news item in a major newsmagazine described a forthcoming report from the Parliamentary Standing Committee on Finance, a cross-party body created to study Bills being presented for consideration in Parliament, as having expressed its reservations about the NIAI Bill, that they would recommend recasting it. The NIAI Bill seeks to set up a National Information Authority, whose job is to take over the functioning of…
Content type: News & Analysis
A widely-leaked version of the first legislative proposal for a General Data Protection Regulation is making its way through Brussels and beyond. The purpose of this 'Regulation' is to provide a new tool for harmonising the protection of personal data across the European Union, and one that takes into consideration the current legislative and technological environment. The key point is that Europe's rules on privacy are often taken as an example to the world -- and provide a rare…
Content type: News & Analysis
Prime Minister David Cameron may not be quite the “pitiless blank-eyed hell wraith” Charlie Brooker portrayed in yesterday’s Guardian, but he does have some pretty frightening ideas about the Internet. This morning the Prime Minister announced, at a meeting with the Christian charity Mother’s Union, that four of the UK’s biggest ISPs will henceforth require users to opt in if they want to view pornographic material – thereby creating a commercially-owned and controlled database of…
Content type: Press release
Privacy International today published documentation that establishes a deliberate cover-up by the UK Information Commissioner’s Office (ICO) of a failure to uphold its responsibility to enforce the Data Protection Act.
A request under the Freedom of Information Act by PI and No-CCTV has revealed a conflict of interest in the ICO’s mandate and a fundamental failure of process within the Office. The material disclosed proves that the ICO conspired to delay the FOIA request, and attempted to…
Content type: News & Analysis
Skype has consistently assured that it protects its users and their communications. Having reviewed the company's technology and policies we have grounds for concern about Skype's overall level of security, and we believe there are a number of questions to which the company must respond. Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk. It's time for Skype to own up to the reality of its security and to take a leadership…
Content type: News & Analysis
The European Commission is about to announce the compulsory fingerprinting of all visitors to the EU, both visa holders and non-visa holders, along with automated border checks of EU nationals through the analysis of fingerprints and facial scans.
The Communication from December 2007, available here on the PI site, outlines the plans. Below we summarise the plans. Also see PI's commentary in the Guardian CommentisFree section from February 11, 2008.
Critical Analysis
The Communication does…