Search
Content type: Examples
In 2018, the Paris prosecutor's office opened a preliminary inquiry after the lawyer Pierre Farge accused a Bercy specialist intelligence branch of the tax authorities of hacking his firm's database to access information covered by professional confidentiality. The case serves to illustrate the difficulties of launching such a challenge in France, and also the functioning of the tax administration even after the passage of a 2017 law protecting whistleblowers.
https://www.lelanceur.fr/…
Content type: Examples
A 2016 Privacy International report on Syrian state surveillance found that between 2007 and 2012 the Assad regime spent millions of dollars on building a nationwide communications monitoring system. By 2012, this surveillance capability helped the Syrian government target and murder journalists, including American Sunday Times reporter Marie Colvin and French photographer Rémi Ochlik in 2012, both covering the war. In 2018, the Colvin family filed a video of the journalists' final moments…
Content type: News & Analysis
Email addresses
Acxiom: [email protected]
Criteo: [email protected]
Equifax: [email protected]
Experian: [email protected]
Oracle: https://oracle.ethicspointvp.com/custom/oracle/dp/en/form_data.asp
Quantcast: [email protected] cc: [email protected]
Tapad: [email protected]
Letter for Acxiom and Oracle
subject line: Right to Erasure Request
I am concerned your company exploits my data.
In accordance with my right[s] under the General Data…
Content type: News & Analysis
Our team wanted to see how data companies that are not used to being in the public spotlight would respond to people exercising their data rights. You have the right under the EU General Data Protection Regulation ("GDPR") to demand that companies operating in the European Union (either because they are based here or target their products or services to individuals in the EU) delete your data within one month. We wrote to seven companies and requested that they delete our data, and we've made…
Content type: Press release
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. Privacy International urges the data protection authorities to investigate these companies and to protect individuals from the mass exploitation of their data.
Our complaints target companies that, despite exploiting the data of millions of…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…
Content type: Long Read
It’s 15:10 pm on April 18, 2018. I’m in the Privacy International office, reading a news story on the use of facial recognition in Thailand. On April 20, at 21:10, I clicked on a CNN Money Exclusive on my phone. At 11:45 on May 11, 2018, I read a story on USA Today about Facebook knowing when teen users are feeling insecure.
How do I know all of this? Because I asked an advertising company called Quantcast for all of the data they have about me.
Most people will have never heard of…
Content type: Long Read
The European Court of Human Rights ruled today that the UK government's mass interception program violates the rights to privacy and freedom of expression. The Court held that the program "is incapable of keeping the 'interference' to what is 'necessary in a democratic society'". This finding is an important victory for human rights and the rule of law. Below, we break down the key parts of the decision.
The Court's ruling comes after a five-year battle against two UK mass surveillance…
Content type: Long Read
Privacy International’s new report shows how countries with powerful security agencies are training, equipping, and directly financing foreign surveillance agencies. Driven by advances in technology, increased surveillance is both powered by and empowering rising authoritarianism globally, as well as attacks on democracy, peoples’ rights, and the rule of law.To ensure that surveillance powers used by governments are used to protect rather than endanger people, it is essential that the public,…
Content type: Long Read
Privacy International (PI) has today released a new report, 'Teach 'em to Phish: State Sponsors of Surveillance', showing how countries with powerful security agencies are training, equipping, and directly financing foreign surveillance agencies.
Spurred by advances in technology, increased surveillance is both powered by and empowering rising authoritarianism globally, as well as attacks on democracy, rights, and the rule of law.
As well as providing a background to the issue, the report…
Content type: Press release
Privacy International has today released a report that looks at how powerful governments are financing, training and equipping countries — including authoritarian regimes — with surveillance capabilities. The report warns that rather than increasing security, this is entrenching authoritarianism.Countries with powerful security agencies are spending literally billions to equip, finance, and train security and surveillance agencies around the world — including authoritarian regimes. This is…
Content type: Examples
In 2012 the US Consumer Watchdog advocacy group filed a complaint against Google alleging that the company had violated its 2011 consent decree with the US Federal Trade Commission in the case about Google Buzz. The complaint was based on February 2012 revelations that the site was failing to honour do-not-track settings in Apple's Safari web browser. The browser itself was set by default to refuse to accept third-party cookies, as these are often used to track users across the web. Google's…
Content type: Examples
In 2012, Google announced it would condense 70 different privacy policies into a single one that would allow the company to merge the data collected across all its services, including Maps, search, Android, Books, Chrome, Wallet, Gmail, and the advertising service provided by its DoubleClick subsidiary into a single database. The company claimed the purpose was to enable a better, more unified experience - for example, it said it would be able to deliver better search results by combining…
Content type: Examples
In 2010, Google revealed that a data audit required by Germany's data protection authority had revealed that since 2007 the cars deployed to capture images for its Street View project had accidentally captured 600GB of data from local wifi networks, including personal web browsing histories. Google said it used network names (SSIDs) and router identifiers (MAC addresses) to use for its location services, but did not use any of the payload data, which the company said consisted only of fragments…
Content type: Examples
In September 2017, the Spanish national data protection regulator fined Facebook €1.2 million, alleging that the company collected personal information from Spanish users that could then be used for advertising. The investigation, which took place alongside others in Belgium, France, Germany, and the Netherlands, found three cases in which Facebook had collected information such as gender, religious beliefs, personal tastes, and browsing histories of millions of Spanish users without disclosing…
Content type: Examples
In May 2017, the French data protection regular, CNIL, fined Facebook €150,000 saying the company had failed to inform users properly about how their personal data is tracked and shared with advertisers. The regulator did not, however, order the company to change its practices. The decision was one of a series of European regulatory examinations of changes made to Facebook's privacy policy in 2014. CNIL's action followed rulings in 2016, when CNIL gave Facebook three months to stop tracking non…
Content type: Press release
Photo credit: Forbrukerrådet
The Norwegian Consumer Council has today published a report which shows how Facebook and Google appear to push users into sharing personal data, and raises questions around how such practices are GDPR compliant.
Off the back of the analysis, Privacy International is joining NCC and several other consumer and privacy groups in Europe to ask European data protection authorities to investigate whether the companies are acting in accordance with GDPR. Copies of the…
Content type: Press release
Privacy International, Liberty, and Open Rights Group have joined over 60 NGOs, community groups, and academics across the European Union to file complaints to the European Commission. The complaints call for the EU governments to stop requiring companies to store all communications data. The practice was ruled unlawful by the Court of Justice of the European Union (CJEU) in two separate judgments in 2014 and 2016. The UK complaint was filed by Privacy International, Liberty, and Open Rights…
Content type: Advocacy
Introduction
Why We Are So Concerned about Government Hacking for Surveillance
Scope of Our Safeguards
1. Legality
2. Security and Integrity of Systems
3. Necessity and Proportionality
4. Judicial Authorisation
5. Integrity of information
6. Notification
7. Destruction and Return of Data
8. Oversight and Transparency
9. Extraterritoriality
10. Effective Remedy
Commentary on each
1. Legality
2. Security and Integrity of Systems
3. Necessity and Proportionality
4.…
Content type: Examples
Facebook and Twitter have advised Damian Collins, the chair of the UK Parliament's digital, culture, media, and sport committee, that the companies will hand over some information relating to the rearch of Russia-backed posts during the EU referendum. Facebook has already given the US Senate similar information about Russia-backed posts during the 2016 presidential election; this information showed that campaign ads and fake news generated by the Internet Research Agency troll factory in St…
Content type: Impact Case Study
What is the problem
For over two decades we have been documenting an alarming use and spread of surveillance. It is no longer just the wars on terror or drugs or migration that is driving this trend. The management of health crises and distribution of welfare regularly are among others being used to justify this turn to increasingly invasive forms of surveillance. From country to country we see the same ideas and the same profiteers expanding their reach.
When we first released our report on…
Content type: Impact Case Study
[Photo By Ludovic Courtès - Own work, CC BY-SA 3.0] Last update: 14 December 2022What is the problem and why it is importantUntil the early '10s, the right to privacy had been sidelined and largely unaddressed within the UN human rights monitoring mechanisms, despite being upheld as a fundamental human right in the Universal Declaration of Human Rights and the International Covenant on Civil and Political Rights (ICCPR).Beyond the ICCPR General Comment No.16: Article 17 (…
Content type: Long Read
To mark International Women’s Day 2018, Privacy International and some of our partner organisations - Datos Protegidos, Derechos Digitales, the National Coalition for Human Rights Defenders-Kenya, the Karisma Foundation, and the Foundation for Media Alternatives – are telling the stories of women across the world as told by their data over the next seven days (for us, it’s International Women’s Week!).
Gender inequality has many complex dimensions and data exploitation is yet another.…
Content type: News & Analysis
Written by Privacy International
07:06: Camille’s smart pillow sends a signal to her smartphone that it’s time for her to wake up. She checks the quality of sleep on the app – last night was not great. Because the pillow tracks the motion in her bed, the company knows what else she may (or may not) have been up to. But the company doesn’t just track her when she is in bed. By downloading the app, Camille has also authorised access to her location wherever she goes, her camera, her contact…
Content type: News & Analysis
Privacy International welcomes reports that the French Government has come out against the export of surveillance technology to oppressive regimes. According to the French website reflets.info, the State Secretary for the Digital Economy Fleur Pellerin announced her opposition to such exports last Friday, during a radio show hosted by Le Monde and public broadcaster FranceCulture. The statement may indicate a sea change in the government's policies regarding surveillance technology, which have…
Content type: Key Resources
Introduction
Why We Are So Concerned about Government Hacking for Surveillance
Scope of Our Safeguards
1. Legality
2. Security and Integrity of Systems
3. Necessity and Proportionality
4. Judicial Authorisation
5. Integrity of information
6. Notification
7. Destruction and Return of Data
8. Oversight and Transparency
9. Extraterritoriality
10. Effective Remedy
Commentary on each
1. Legality
2. Security and Integrity of Systems
3. Necessity and Proportionality
4.…