Search
Content type: Explainer
PI has long worked on the exploitation of data by companies. We've filed complaints against companies that constantly track you around the internet, we've shown how numerous phone apps share data with Facebook, we've exposed how advertisers track visitors on mental health websites, we've shown how period tracking apps collect and share data of users (including whether they are having unprotected sex or not!), exposed how major tech companies are not providing meaningful transparency to their…
Content type: Long Read
Sitting on the ground inside an unadorned courtyard in Koira Tegui, one of Niamey’s most popular districts, Halimatou Hamadou shows a copy of what, she’s been told, is a certificate of birth.
The 33 year old woman, who’s unable to read and write, received it days earlier during a crowded public ceremony at a nearby primary school.
“It’s my first document ever,'' she says, with surprise.
Thanks to the paper, she’ll be able to take part in a crucial passage for the future of Niger: the…
Content type: Long Read
Photo: Francesco Bellina
Driven by the need to never again allow organised mass murder of the type inflicted during the Second World War, the European Union has brought its citizens unprecedented levels of peace underpinned by fundamental rights and freedoms.
It plays an instrumental role in protecting people’s privacy around the world; its data protection regulation sets the bar globally, while its courts have been at the forefront of challenges to unlawful government surveillance…
Content type: Long Read
A new study by Privacy International reveals how popular websites about depression in France, Germany and the UK share user data with advertisers, data brokers and large tech companies, while some depression test websites leak answers and test results with third parties. The findings raise serious concerns about compliance with European data protection and privacy laws.
This article is part of a research led by Privacy International on mental health websites and tracking. Read our…
Content type: Report
The full report of Privacy International's study on how popular websites about depression in France, Germany and the UK share user data with advertisers, data brokers and large tech companies, while some depression test websites leak answers and test results with third parties. The findings raise serious concerns about compliance with European data protection and privacy laws.
Content type: News & Analysis
This article is part of a research led by Privacy International on mental health websites and tracking. Read our full report.
According to the World Health Organisation (WHO), 25 percent of the European population suffers from depression or anxiety each year, yet about 50% of major depressions remain untreated. This means that everyday thousands of people are looking for information about depression online. They take tests to find out how serious their symptoms are, they try to access…
Content type: Examples
In January 2019 the UK Home Office announced it would collaborate with France to overhaul its regime for suspicious activity reports in order to fight money laundering. In 2018, the number of SARs filed with the National Crime Agency rose by 10% to nearly 464,000. Banks, financial services, lawyers, accountants, and estate agents are all obliged to file SARs if they suspect a person or organisation is involved in money laundering, terrorist finance, or other suspicious activity. The system has…
Content type: News & Analysis
On Tuesday, Twitter disclosed that it may have shared data on users with advertising partners, even if they have opted out from personalised ads, and shown people ads based on inferences made about the devices they use without permission. According to Twitter, the issue was fixed on Monday, even though it is not yet clear how many users have been affected.
This is not the first time that Twitter had to admit that it leaked user data to advertisers. In May 2019, the social…
Content type: Advocacy
Dear Chair and Committee colleagues,
Privacy International is an international NGO, based in London, which works with partners around the world to challenge state and corporate surveillance and data exploitation. As part of our work, we have a dedicated programme “Defending Democracy and Dissent” where we advocate for limits on data exploitation throughout the electoral cycle.
We have been closely following the important work of the Committee. Prompted by the additional evidence provided…
Content type: Long Read
The UK public, regulators, and parliamentarians have all expressed concern about the wide use of third-party data by all political parties in the UK and its impact on privacy and democracy. In the week the remaining six candidates to be the UK’s next Prime Minister are reduced to two, Privacy International takes a look at their privacy policies to illustrate how such policies can be used to identify the use of third-party data by political candidates from all political parties.
The…
Content type: Long Read
IMAGE SOURCE: "My Phone Bought This" by oliver t is licensed under CC BY-NC-ND 4.0.
LAST UPDATE: 16th May 2022.
Mandatory SIM card registration laws require people to provide personal information, including a valid ID or even their biometrics, as a condition for purchasing or activating a SIM card. Such a requirement allows the state to identify the owner of a SIM card and infer who is most likely making a call or sending a message at any given time.
SIM card…
Content type: Long Read
Like millions of other people, you use messaging apps, social media, share, read and watch content on your phone or computer. If that’s the case then hundreds of AdTech companies collect and exchange your data every single day. AdTech, a short form of advertisement technology, is a catch-all term that describes tools and services that connect advertisers with target audiences and publishers. It’s also a multi-billion-dollar industry that is facing investigations by Data Protection Authorities…
Content type: Examples
Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more stringent…
Content type: Press release
The Irish Data Protection Commission has today launched an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry. PI's 2018 investigation and subsequent submission to the Irish DPC showed how the company is systematically collecting and exploiting people's data in ways people are unaware of. PI also investigated and complained about Acxiom, Criteo, Experian, Equifax, Oracle, and Tapad.
PI welcomes this announcement and its focus on…
Content type: Long Read
Image Source: "Voting Key" by CreditDebitPro is licensed under CC BY 2.0
Democratic society is under threat from a range of players exploiting our data in ways which are often hidden and unaccountable. These actors are manifold: traditional political parties (from the whole political spectrum), organisations or individuals pushing particular political agendas, foreign actors aiming at interfering with national democratic processes, and the industries that provide products that …
Content type: Long Read
Imagine that every time you want to attend a march, religious event, political meeting, protest, or public rally, you must share deeply personal information with police and intelligence agencies, even when they have no reason to suspect you of wrongdoing.
First, you need to go to the police to register; have your photo taken for a biometric database; share the contacts of your family, friends, and colleagues; disclose your finances, health records, lifestyle choices, relationship status, and…
Content type: News & Analysis
The first half of 2018 saw two major privacy moments: in March, the Facebook/ Cambridge Analytica scandal broke, followed in May by the EU General Data Protection Regulation ("GDPR") taking effect. The Cambridge Analytica scandal, as it has become known, grabbed the attention and outrage of the media, the public, parliamentarians and regulators around the world - demonstrating that yes, people do care about violations of their privacy and abuse of power. This scandal has been one of…
Content type: Examples
According to research conducted by Ronan Chardonneau, a French associate professor of digital marketing at Angers University, none of the websites of the eleven candidates' in the 2017 French presidential elections, that he looked into respected CNIL's directives regarding information that should be available on the website and consent requirements for data collection. According to this research, nine of the candidates used Google Analytics, without activating the option to anonymize data…
Content type: Examples
A company called Liegey Muller Pons (LMP) offers data analysis tools to help candidates and political parties improve their political campaign strategy. The three founders of the company were member's of former President François Hollande's 2012 campaign team. LMP was then hired by current President Emmanuel Macron during his Grande Marche campaign before the elections and during the presidential elections by the Socialist Party candidate Benoît Hamon. LMP offers data analysis that allows…
Content type: Examples
NationBuilder is an American political campaigning software company, which offers a fully integrated suite of tools for the organization of a campaign, and outreach through e-mail, telephone, social media, and traditional door-to-door campaigning. Many candidates in the 2017 French presidential elections were reported as using their services. Among others, the company offers a functionality called 'match'. When users provide their email address on a campaign's website, 'match' allows the…
Content type: Examples
During the primary elections in November 2016, the former French president, Nicolas Sarkozy, reportedly used an app, called Knockin, that made it possible to identify and geolocate supporters for door-to-door campaigning. Based on a report by the French Radio RMC, the app would harvest public data about anyone that liked a page or a post that the candidate put on his campaign page in order to find the supporter's address. Door-to-door volunteers were then able to see on the app the address…
Content type: Long Read
This image was found here.
Spain is holding a national general election on April 28 (its third in four years). Four weeks later Spaniards will again go to the polls to vote in the European Parliament elections. At Privacy International we are working to investigate and challenge the exploitation of people’s data in the electoral cycle including in political campaigns. This includes looking at the legal frameworks governing the use of data by political parties and their…
Content type: Examples
In 2014, when the the far-right party of French politician Marine Le Pen needed cash, the loan of €9.4 million came from First Czech-Russian Bank, which was founded in the early 2000s as a joint venture between a Czech state bank and a Russian lender and went on to come under the personal ownership of Russian financier Roman Popov and obtain a European license via a subsidiary in the Czech Republic. Two and a half months after the Le Pen loan was signed, a Mediapart investigative journalist…
Content type: Examples
In November 2018, the Spanish senate approved 220-21 an online data protection law intended to ensure compliance with the General Data Protection Regulation with an added amendment that allowed political parties to use personal data obtained from web pages and other publicly accessible sources for political purposes during campaign periods. Spain's Platform for the Defence of Freedom of Information criticised the law's potential to allow parties to create ideological profiles and emulate the…
Content type: News & Analysis
At Privacy International, we talk about: “the world being on fire.”We say it to talk about the recurring threats to our democracies, the elections of authoritarian leaders, the current political climate… Or the actual climate. More often than not, we use it to talk about the (lack of) security in the design and implementation of computer systems.
But there is another kind of fire. The fourth wave of feminism – the one that contributed to the protests following the 2012 gang rape of…
Content type: Long Read
During the last World Economic Forum in Davos, the CEO of Microsoft joined the chorus of voices calling for new global privacy rules, saying the following in regard to the new European General Data Protection Regulation (GDPR):
“My own point of view is that it's a fantastic start in treating privacy as a human right. I hope that in the United States we do something similar, and that the world converges on a common standard."
We have come a long way. From tech companies fighting and…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgement
The State of Privacy in Paraguay is the result of an ongoing collaboration by Privacy International and TEDIC in Paraguay.
Key privacy facts
1. Constitutional privacy protection: The constitution does not mention the word privacy but protects private life under the "right to intimacy."
2. Data protection…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgment
The State of Privacy in Pakistan is the result of an ongoing collaboration by Privacy International and the Digital Rights Foundation.
Between 2014-2016, Bytes for All contributed to previous versions of the 'Data Protection' sections of this briefing.
Key Privacy Facts
1. Constitutional privacy protections: Article 14(1) of…