Search
Content type: Long Read
Miguel Morachimo, Executive Director of Hiperderecho. Hiperderecho is a non-profit Peruvian organisation dedicated to facilitating public understanding and promoting respect for rights and freedoms in digital environments.The original version of this article was published in Spanish on Hiperderecho's website.Where does our feeling of insecurity come from? As we walk around our cities, we are being observed by security cameras most of the time. Our daily movement, call logs, and internet…
Content type: News & Analysis
It's a big question, have you purchased a card for your local surveillance camera on Surveillance Camera Day?
Yes, Surveillance Camera Day is a real thing and happens on 20 June.
Perhaps your local community could create a bingo card to see who knows where all the local cameras are. Are there any on your local bins, how about the lampposts or a billboard?
Have you had a facial recognition van in your local community? Did you see the police helicopter crew video camera…
Content type: News & Analysis
One of the UK’s largest telecommunications operators, BT, has said to Privacy International that a report claiming it “co-produces malware” with a surveillance company for the GCHQ is inaccurate – but hasn’t said why or given any more details.
The accusation was made by C5IS – a shadowy online publication claiming to be “the most widely read source of information on surveillance technologies”. In its Big Black Book of Electronic Surveillance, it claims that SS8, a…
Content type: News & Analysis
Privacy International has joined a global coalition of privacy campaigners, tech companies, and technology experts to respond to proposals by British intelligence chiefs aimed at allowing them access to encrypted messaging apps such as WhatsApp or Signal.
If implemented, the proposals would allow government authorities to force messaging platforms to silently add a law enforcement participant to a group chat or call.
Such a capability poses serious threats to…
Content type: Long Read
Details of case:
R (on the application of Privacy International) (Appellant) v Investigatory Powers Tribunal and others (Respondents)
[2019] UKSC 22
15 May 2019
The judgment
What two questions was the Supreme Court asked to answer?
Whether section 67(8) of RIPA 2000 “ousts” the supervisory jurisdiction of the High Court to quash a judgment of the Investigatory Powers Tribunal for error of law?
Whether, and, if so, in accordance with what principles, Parliament may by…
Content type: Press release
Today, after a five year battle with the UK government, Privacy International has won at the UK Supreme Court. The UK Supreme Court has ruled that the Investigatory Powers Tribunal’s (IPT) decisions are subject to judicial review in the High Court. The Supreme Court's judgment is a major endorsement and affirmation of the rule of law in the UK. The decision guarantees that when the IPT gets the law wrong, its mistakes can be corrected.Key point:UK Supreme Court rules that the UK spying tribunal…
Content type: News & Analysis
Privacy International welcomes WhatsApp's immediate reaction after the revelation that Israeli cyber intelligence company NSO group had exploited a vulnerability in their software. We encourage all WhatsApp users to update their app as soon as possible. However, we believe WhatsApp needs to be much more transparent with their users. We haven't seen a notification on the app itself that would inform users about both, the bug, and the fix. The current version merely states that you can now see…
Content type: Long Read
Imagine that every time you want to attend a march, religious event, political meeting, protest, or public rally, you must share deeply personal information with police and intelligence agencies, even when they have no reason to suspect you of wrongdoing.
First, you need to go to the police to register; have your photo taken for a biometric database; share the contacts of your family, friends, and colleagues; disclose your finances, health records, lifestyle choices, relationship status, and…
Content type: News & Analysis
Federal law enforcement is deploying powerful computer hacking tools to conduct domestic criminal and immigration investigations.
By Alex Betschen, Student Attorney, Civil Liberties & Transparency Clinic, University at Buffalo School of Law
Hacking by the government raises grave privacy concerns, creating surveillance possibilities that were previously the stuff of science fiction. It also poses a security risk, because hacking takes advantage of unpatched vulnerabilities in our…
Content type: Press release
FOR IMMEDIATE RELEASE
December 21, 2018
CONTACTS:
Alex Betschen, Civil Liberties & Transparency Clinic, [email protected], 716–531–6649
Colton Kells, Civil Liberties & Transparency Clinic, [email protected], 585–766–5119
Abdullah Hasan, ACLU, [email protected], 646–905–8879
NEW YORK — Privacy International, the American Civil Liberties Union, and the Civil Liberties & Transparency Clinic of the University at Buffalo School of Law filed a lawsuit today…
Content type: Examples
In 2017, an anonymous whistleblower sent a letter to Green party peer Jenny Jones alleging that a secretive Scotland Yard unit was illegally monitoring the private emails of campaigners and journalists. The letter included a list of ten people and the passwords to their email accounts and claimed the police were using an India-based operation that did the work of hacking emails, shredding documents, and using sex as a method of infiltration. Jones's background includes a decade on the…
Content type: Advocacy
The powers set out in the Investigatory Powers Act are wide ranging, opaque and lacking in adequate safeguards. The Government have now published updated Draft Codes of Practice for certain parts of the Act. Unfortunately, the Codes do little to solve the Act’s problems. Instead, they add little transparency, occasionally expand powers, and undermine some of the limited safeguards in the Investigatory Powers Act. These Codes demand close scrutiny. The unusually short timeframe for…
Content type: Long Read
Government hacking is unlike any other form of existing surveillance technique. Hacking is an attempt to understand a system better than it understands itself, and then nudging it to do what the hacker wants. Fundamentally speaking, hacking is therefore about causing technologies to act in a manner the manufacturer, owner or user did not intend or did not foresee.
Governments can wield this power remotely, surreptitiously, across jurisdictions, and at scale. A single hack can affect many…
Content type: News & Analysis
The short answer is yes.
I'm sure many of you have seen people with stickers over their webcams and wondered why (probably writing that person off as paranoid). But it's well known in tech circles that a camera in a computer or smartphone can be turned on remotely by an attacker with the resources, time, and motivation.
Security is hard, and our defences are weak. The capability of an adversary to attack your devices doesn't necessarily hinge upon a consumer choice of…
Content type: Press release
On 5 October 2017, Privacy International will appear before the UK Court of Appeal to continue its challenge to the British government's large scale hacking powers. The case questions the decision by the Investigatory Powers Tribunal (IPT) to sanction the UK government's power to hack broad categories of people or property without any individualised suspicion.
TIMELINE AND KEY POINTS
- Privacy International began fighting bulk government hacking in 2014 at the…
Content type: Long Read
European Court of Human Rights Intervention
On 15 September 2017, Privacy International filed an intervention to the European Court of Human Rights in Association Confraternelle de la Presse Judiciare and 11 Other Applications v. France. This case challenges various surveillance powers authorised under the French Intelligence Act of 24 July 2015 as incompatible with Articles 8 and 10 of the European Convention on Human Rights, which respectively protect the right to privacy…
Content type: Advocacy
On 28 June 2017, Privacy International sent a letter and briefing to the Mexican government following reports indicating that Mexican authorities had used NSO Group’s Pegasus spyware to target journalists and human rights defenders working to expose government corruption and human rights abuses. NSO Group is a surveillance technology company that sells products and services, including malware, exclusively to government clients.
These attacks were designed to compromise the mobile phones of…
Content type: Press release
Please find attached a copy of the briefing along with promotional photographs with the briefing.
Privacy International has today sent top EU and UK Brexit negotiators* a briefing on their vulnerability to potential surveillance by each other, and others. Brexit negotiations are to begin today.
The global privacy rights NGO has highlighted to the negotiators the risk of sophisticated surveillance capabilities being deployed against each other and by others, and provided…
Content type: News & Analysis
Dear Minister Dr. Wolfgang Brandstetter, Minister Mag. Wolfgang Sobotka, Minister Dr.in Pamela Rendi-Wagner, MSs, Minister Mag. Hans Peter Doskozil,
Privacy International is a United Kingdom-based non-governmental organization, which is dedicated to protecting the right to privacy around the world. Privacy International is committed to ensuring that government surveillance complies with the rule of law and the international human rights framework. As part of this commitment, Privacy…
Content type: Advocacy
Privacy International generally opposes hacking as a tool for surveillance. While the DDL Orlando is an opportunity to fill the current legislative gap in the use of hacking for investigative purposes, PI believes that it falls short of the requirements of existing international human rights law.
Content type: News & Analysis
Why would we ever let anyone hack anything, ever? Why are hacking tools that can patently be used for harm considered helpful? Let's try to address this in eight distinct points:
1) Ethical hacking is a counter proof to corporate claims of security.
Companies make products and claim they are secure, or privacy preserving. An ethical hack shows they are not. Ethical hackers produce counter-proofs to government or corporate claims of security, and thus defend us, piece by tiny…
Content type: Advocacy
Privacy International and the Italian Coalition for Civil Liberties' Joint Submission in Consideration of the Sixth Periodic Report of Italy Human Rights Committee 119th Session (6-29 March 2017).
The submission brings to the attention of the Committee the ongoing concern with Italian security agencies’ hacking capabilities and intelligence sharing arrangement, with Italian data retention procedures, and its export control regime as it relates to its robust…
Content type: Press release
Privacy International Executive Director Dr Gus Hosein said:
“If today’s leaks are authenticated, they demonstrate what we’ve long been warning about government hacking powers — that they can be extremely intrusive, have enormous security implications, and are not sufficiently regulated. Insufficient security protections in the growing amount of devices connected to the internet or so-called “smart” devices, such as Samsung Smart TVs, only compound the problem, giving governments easier…
Content type: Long Read
Introduction
A growing number of governments around the world are embracing hacking to facilitate their surveillance activities. Yet hacking presents unique and grave threats to our privacy and security. It is far more intrusive than any other surveillance technique, capable of accessing information sufficient to build a detailed profile of a person, as well as altering or deleting that information. At the same time, hacking not only undermines the security of targeted systems, but also has…
Content type: Long Read
This piece was orignally published in Slate in February 2017
In 2015, the FBI obtained a warrant to hack the devices of every visitor to a child pornography website. On the basis of this single warrant, the FBI ultimately hacked more than 8,700 computers, resulting in a wave of federal prosecutions. The vast majority of these devices—over 83 percent—were located outside the United States, in more than 100 different countries. Now, we are in the midst of the first cases…