Search
Content type: Advocacy
Since 2014 the Indonesian Ministry of Communication and Informatics (MOCI) has been proposing that the Parliament passes a comprehensive data protection law. A first draft data protection law was issued by the Government for public comment in 2015 but no progress was made, and then in early 2018, the Indonesian Government issued a new draft personal data protection law.
While these renewed efforts have positive intentions, a number of concerns ought to be addressed with the aim of…
Content type: Advocacy
In September 2018, the National Executive sent the proposed Data Protection Bill to the National Congress. The proposed law was directed to the Senate and it will be considered by two commissions: the Commission of Constitutional Affairs (Comision de Asuntos Constitucionales) and the Commission of Rights and Guarantees (Comision de Derechos y Garantías).
Privacy International welcomes the continued efforts by Argentina to provide protections for the right to privacy, already enshrined in the…
Content type: Press release
Consumer groups, NGOs and industry call jointly for the Council of the EU to advance ePrivacy reform
On Monday 3 December, a coalition of more than 30 consumer groups, NGOs and industry representatives sent a letter to EU Ministers and the Council of the EU calling for the conclusion of the negotiations on the reform of the ePrivacy legislation.
The letter was sent prior to yesterday's (4 December) meeting in the TTE Council, with signatories sharing concerns over the slow progress of the negotiations in the Council of the EU despite the repeated scandals that demonstrate the clear and…
Content type: News & Analysis
We found this here.
The European Union’s new privacy law, the General Data Protection Regulation, or GDPR, is being tested across Europe. The first GDPR privacy case in Romania began with an investigation that was published on November 5 about a corruption scandal involving a politician and his close relationships to a company being investigated for fraud. The Romanian data protection authority (ANSPDCP) sent a series of questions to the journalists who authored the article and asked for…
Content type: Advocacy
Privacy International, European Digital Rights, and the Association for Technology and Internet (ApTI) together with 15 other digital rights organisations sent a letter on Monday 21 November 2018, to the European Data Protection Board (EDPB), with copies to the Romanian Data Protection Authority (ANSPDCP), and the European Commission, asking for the General Data Protection Regulation (GDPR) not to be misused in order to threaten media freedom in Romania.
Shortly after a journalistic…
Content type: News & Analysis
Our team wanted to see how data companies that are not used to being in the public spotlight would respond to people exercising their data rights. You have the right under the EU General Data Protection Regulation ("GDPR") to demand that companies operating in the European Union (either because they are based here or target their products or services to individuals in the EU) delete your data within one month. We wrote to seven companies and requested that they delete our data, and we've made…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…
Content type: Long Read
It’s 15:10 pm on April 18, 2018. I’m in the Privacy International office, reading a news story on the use of facial recognition in Thailand. On April 20, at 21:10, I clicked on a CNN Money Exclusive on my phone. At 11:45 on May 11, 2018, I read a story on USA Today about Facebook knowing when teen users are feeling insecure.
How do I know all of this? Because I asked an advertising company called Quantcast for all of the data they have about me.
Most people will have never heard of…
Content type: Advocacy
Privacy International welcomes the effort by the Government of India to reaffirm its commitment to upholding and respecting the right to privacy, and for noting the need to regulate the processing of personal data as essential for the protection of privacy through the adoption of a data protection law.
The urgent need for this legislation has been validated in the Supreme Court decision regarding the Aadhaar Act, which stipulates the need for a robust data protection regime. …
Content type: News & Analysis
Image attribution: By Blue Diamond Gallery CC BY-SA 3.0.
In March 2017, when the UN Human Rights Council requested the High Commissioner for Human Rights to prepare a report on the right to privacy in the digital age, including the responsibility of business enterprises, Cambridge Analytica was an obscure company among others. A year later the data exploitation scandal erupted, leading to plenty of soul searching by politicians in US, UK, Europe and elsewhere, pledges of…
Content type: Advocacy
In parallel to the legislative process initiated by the Kenya Senate in July 2018, a Task Force constituted by the Ministry of Information, Communication and Telecommunication developed a draft Data Protection Bill which it published for consultation in May of this year.
Privacy International and its Kenya Partners, the National Coalition of Human Rights Defenders – Kenya (NCHRD-K), the Centre for Intellectual Property and Information Technology (CIPIT) are pleased to have had the…
Content type: News & Analysis
“The gathering and holding of personal information on computers, data banks, and other devices, whether by public authorities or private individuals or bodies, must be regulated by law.”
- UN Human Rights Committee, General Comment No. 16, 1988
Underpinning the obligations of those who process personal data, both public and private institutions, the grounds on which they may do so, and the rights of individuals, there are various data protection principles…
Content type: Long Read
National and International civil society organisations (CSOs) play vital roles in many aspects of our societies as watchdogs of state powers, as representatives of the voices of the people, as experts to inform and educate an array of stakeholders.
One of our key lessons learned from three decades of work, including 10 years with the Privacy International Networkto build a global privacy movement,promoting and advocating for the highest privacy and data protection safeguards has been…
Content type: Advocacy
We welcome the effort by the Pakistani Ministry of Information Technology and Telecommunications to regulate the processing of personal data in Pakistan, and take measures to guarantee the right to privacy as guaranteed under Article 14(1) of the Constitution: “[t]he dignity of man and, subject to law, the privacy of home, shall be inviolable.”
This legislative development is crucial and timely as Pakistan continues to embrace innovative governance initiatives and deploy data-intensive systems…
Content type: Advocacy
This photo originally appeared here.
For years, Privacy International and our partners in Kenya have been promoting the right to privacy in Kenya through research and investigations into government and private sector policies and practices and advocating for the adoption and enforcement of the strongest data protection and privacy safeguards.
The need for Kenya to adopt a comprehensive data protection framework (in addition to strengthening privacy protections in other legislation) has always…
Content type: News & Analysis
Privacy International and other European civil society organisations write to European member states to urge them not to water down the e-Privacy proposal. We need more than ever strong regulation to protect the security and privacy of our digital communications, to protect us from being tracked online and to ensure that all our digital devices are set up with privacy by design and by default.
Content type: News & Analysis
While the worlds’ attention, the world’s humour, including a dedicated playlist of 89 songs on Spotify, were on the coming into force of EU’s General Data Protection Regulation (GDPR) on 25th May, the UK’s Data Protection Act 2018 (DPA 2018) that received Royal Assent only two days previously had barely received a few column inches in the mainstream press.
However, the substance of the debates in parliament during the passage of this Act has received wide…
Content type: News & Analysis
We found the image here.
As the hype around the EU General Data Protection Regulation’s entry into force begins to die down, confidentiality of digital communications in Europe is facing a new challenge.
On one side, companies are lobbying to prevent the finalisation of the proposal for a new e-privacy regulation to protect privacy of communications and prevent unauthorised access to the data stored on devices, and the tracking of individual’s behaviour online.
On the other, a group…
Content type: Press release
WASHINGTON, D.C. – U.S. companies should adopt the same data protection rules that are poised to go into effect in the European Union on May 25, Public Citizen, the Center for Digital Democracy and Privacy International said today.
In a sign-on letter, 28 groups are calling on some of the world’s largest companies – including Facebook, Google and Amazon, as well as digital advertisers like Nestle, Walmart and JPMorgan Chase – to use Europe’s impending General Data Protection Regulation (GDPR…
Content type: Press release
Today, as the Data Protection Bill reaches its final stages, Privacy International has written to the leaders of the main UK political parties asking for public commitment to not use the exemption provided in the Bill to target voters - both online and offline - in all local and national forthcoming elections or by-elections.
Privacy International has long been concerned about the exploitation of peoples’ data and the opaque data ecosystem, and the impact of such practices on the democratic…
Content type: Long Read
Hasn't Facebook said it would give European data protection to all of their users?
Yes, but only in very vague language. In an initial reaction to the Cambridge Analytica scandal, Mark Zuckerberg declared that Facebook would apply the EU General Data Protection Regulation (GDPR) “in spirit” to their 2 billion users worldwide. When questioned by members of the US Congress, Zuckerberg declared that "[a]ll the same controls will be available around the world". Representative Green sought…
Content type: Advocacy
Today Privacy International, with TACD, published a document detailing 10 things that US companies need to know about the forthcoming General Data Protection Regulation (GDPR).
People’s data should be treated with the highest privacy protections no matter where they are based. Privacy is a fundamental human right and data protection is intrinsically linked to it. While GDPR is not perfect, it does provide enforceable rights and obligations. If US companies want to demonstrate true commitment…
Content type: Impact Case Study
PI and our global partners have been at the forefront of challenging communications data retention for over a decade.
What is the problem
Communications data, also known as metadata, tells a story about your digital activity and answers the who, when, what, and how of a specific communication. While communications data doesn't include the contents of a message, all of the other information about the message can be very revealing about people, their habits, thoughts, health and personal…
Content type: Impact Case Study
What happenedStrong and effective data protection law is a necessary safeguard against industry and governments' quest to exploit our data. A once-in-a-generation moment arose to reform the global standard on data protection law when the European Union decided to create a new legal regime. PI had to fight to ensure it wasn't a moment where governments and industry would collude to reduce protections.In January 2012, the European Commission published a proposal to comprehensively reform the…
Content type: News & Analysis
El 10 de mayo de 2018, en el marco del 30º período de sesiones del Examen Periódico Universal (EPU) en el Consejo de Derechos Humanos de las Naciones Unidas, toca la revisión de Colombia, lo que es una oportunidad Colombia y otros Estados para declarar qué acciones han tomado para mejorar la situación de derechos humanos en sus propios países, para cumplir sus obligaciones internacionales en la materia.
Colombia se encuentra actualmente en un punto de inflexión, debido al proceso de transición…
Content type: Long Read
As we said before, Facebook and Cambridge Analytica scandals are a wake-up call for policy makers. And also a global issue. People around the world are concerned by the exploitation of their data. The current lack of transparency into how companies are using people’s data is unacceptable and needs to be addressed.
There is an entire hidden ecosystem of companies harvesting and sharing personal data. From credit scoring and insurance quotations to targeted political communication, this…
Content type: Long Read
Today Privacy International together with 27 other organisations from across Europe urge European governments to strengthen the protection of privacy and security of online communications. The proposal to reform e-privacy in Europe was launched in January 2017. However, despite the clear and urgent need of this reform, recently demonstrated by the Facebook/Cambridge Analytica case, the negotiations by EU member states have been inconclusive. Worse still, some governments seem willing to…
Content type: Long Read
The ongoing Facebook and Cambridge Analytica scandal is a wake-up call for UK policy-makers who too often encourage and promote digital industries over the protection people’s personal data. The scandal has shown that the public is concerned by companies’ exploitation of their data. The current lack of transparency into how companies are using people’s data is unacceptable and needs to be addressed.
Reform should not be limited to the behaviour of individual companies. Consumers are confronted…
Content type: Advocacy
At the core of data protection debates, there is a power play between empowering individuals to control their data and empowering those who use (or want to) use their data. By regulating data processing, it provides avenues for individuals to exercise their rights if there is any unlawful interference in this power play.
It is crucial for any regulatory framework to be centred around the protection of human rights, autonomy and dignity, and therefore essential to ensure that…