Search
Content type: Press release
Today, the European Court of Human Rights (ECtHR) has handed down a decision in a case brought by Privacy International and a coalition of internet and communications service providers and campaign groups including the Chaos Computer Club (Germany), GreenNet (UK), Jinbonet (Korea), May First/People Link (US), and Riseup (US) (the “coalition”).The case challenges the conduct of hacking operations abroad by one of the UK’s intelligence agencies, the Government Communications…
Content type: Long Read
There are few places in the world where an individual is as vulnerable as at the border of a foreign country.As migration continues to be high on the social and political agenda, Western countries are increasingly adopting an approach that criminalises people at the border. Asylum seekers are often targeted with intrusive surveillance technologies and afforded only limited rights (including in relation to data protection), often having the effect of being treated as “guilty until proven…
Content type: Explainer
In a scramble to track, and thereby stem the flow of new cases of Covid-19, Governments around the world are rushing to track the locations of their populace. One way to do this is to leverage the metadata held by mobile service providers (telecommunications companies - "Telcos" - such as Hutchison 3 (Also known as Three), Telefonica (Also known as O2), Vodafone, and Orange) in order to track the movements of a population, as seen in Italy, Germany and Austria, and with the European Commission…
Content type: Examples
Mexico is one of the biggest buyers of next-generation surveillance technology. And now data leaked to Forbes indicates it's taken an unprecedented step in becoming the first-known buyer of surveillance technology that silently spies on calls, text messages and locations of any mobile phone user, via a long-vulnerable portion of global telecoms networks known as Signalling System No. 7 (SS7).
The revelation was contained in what an anonymous source close claimed was…
Content type: Examples
The whistleblower said they were unable to find any legitimate reason for the high volume of the requests for location information. “There is no other explanation, no other technical reason to do this. Saudi Arabia is weaponising mobile technologies,” the whistleblower claimed.
The data leaked by the whistleblower was also seen by telecommunications and security experts, who confirmed they too believed it was indicative of a surveillance campaign by Saudi Arabia.
The data shows requests for…
Content type: Explainer
In a scramble to track, and thereby stem the flow of, new cases of Covid-19, Governments around the world are rushing to track the locations of their populace. One way to do this is to write a smartphone app which uses Bluetooth technology, and encourage (or mandate) that individuals download and use the app. We have seen such examples in Singapore and emerging plans in the UK.
Apps that use Bluetooth are just one way to track location. There are several different technologies in a smartphone…
Content type: Impact Case Study
What HappenedOn 5 June 2013, The Guardian published the first in a series of documents disclosed by Edward Snowden, a whistleblower who had worked with the NSA. The documents revealed wide-ranging mass surveillance programs conducted by the USA’s National Security Agency (NSA) and the UK’s Government Communications Headquarters (GCHQ), which capture the communications and data of hundreds of millions of people around the world. In addition to revealing the mass surveillance programs of the NSA…
Content type: Examples
In December 2017, it was revealed that the large telco Bharti Airtel made use of Aadhaar-linked eKYC (electronic Know Your Customer) to open bank accounts for their customers without their knowledge or consent. eKYC is a way of using data in the UIDAI database as part of the verification process, which Airtel made use of for the issuing of SIM cards, and also secretly opened bank accounts with their Airtel Payments Bank. More than 2 million accounts could have been opened, receiving more than…
Content type: Long Read
If you operate an internet company in Russia, you aren’t necessarily surprised to one day open the door to someone, grasping in one hand a bundle of wires and in the other a letter from a government agency demanding access to your servers, with a black box wedged under one arm.
Internet companies in Russia are required by law to store the content of users’ communications for six months and the metadata of users’ communications for three years, essentially meaning that what a person does…