Search
Content type: Examples
In 2017, US Immigration & Customs Enforcement (ICE) announced that it would seek to use artificial intelligence to automatically evaluate the probability of a prospective immigrant “becoming a positively contributing member of society.” In a letter to acting Department of Homeland Security Secretary Elaine Duke, a group of 54 concerned computer scientists, engineers, mathematicians, and researchers objected to ICE’s proposal and demanded that ICE abandon this approach because it would be…
Content type: Examples
US Immigrations & Customs Enforcement (ICE) used social media monitoring to track groups and people in New York City associated with public events opposing the Trump administration’s policies, including ones related to immigration and gun control. The investigative branch of ICE created and circulated a spreadsheet, entitled ‘Anti-Trump Protest Spreadsheet 07/31/2018,” that provided details of events planned between July 31, 2018, and August 17, 2018. The spreadsheet pulled data from…
Content type: Examples
The US government created a database of more than 50 journalists and immigrant rights advocates, many of whom were American citizens, associated with the journey of migrants travelling from Central America to the Mexico-US border in late 2018. Officials from Customs and Border Protection (CBP), Immigration and Customs Enforcement (ICE), the US Border Patrol, Homeland Security Investigations, and the Federal Bureau of Investigation (FBI) had access to this database. This list allowed the…
Content type: Examples
On 14 May 2018, the husband of the victim, a pharmacist living in Linthorpe in Middlesbrough, subdued his wife with insulin injection before straggling her. He then ransacked the house to make it appear as a burglary. The data recorded by the health app on the murder’s phone, showed him racing around the house as he staged the burglary, running up and down the stairs. The victim’s app showed that she remained still after her death apart from a movement of 14 paces when her husband moved her…
Content type: Examples
A private intelligence company, LookingGlass Cyber Solutions, used social media to monitor more than 600 “Family Separation Day Protests” held across the United States on June 30, 2018, to oppose the Trump administration’s policy family separation policy. The policy was part of a “zero tolerance” approach to deter asylum seekers from coming to the United States by separating children from their parents. After collecting information about these protests through Facebook, including the precise…
Content type: Examples
Absher, an online platform and mobile phone app created by the Saudi Arabian government, can allow men to restrict women’s ability to travel, live in Saudi Arabia, or access government services. This app, which is available in the Google and Apple app stores, supports and enables the discriminatory male guardianship system in Saudi Arabia and violations of womens’ rights, including the right to leave and return to one’s own country. Because women in Saudi Arabia are required to have a male…
Content type: Examples
A man from Middletown, Ohio, was indicted in January 2017 for aggravated arson and insurance fraud for allegedly setting fire to his home in September 2016. Ohio authorities decided and succeeded to obtain a search warrant for the data recorded on the pacemaker after identifying inconsistencies in the suspect’s account of facts. Ohio authorities alleged that the data showed that the accused was awake when he claimed to be sleeping. It has been reported that a cardiologist, examining data from…
Content type: Examples
Bahrain has warned its citizens and residents could face legal action simply for following social media accounts it deems anti-government, which raises concerns about the ability of Bahraini citizens and residents to exercise their fundamental rights and freedoms. In May 2019, a state terrorism law was expanded to criminalise anyone “promoting, glorifying, justifying, approving or supporting acts which constitute terrorist activities,” whether within or outside Bahrain. The government’s…
Content type: Examples
GDPR complaints about Real-Time Bidding (RTB) in the online advertising industry were filed today with Data Protection Authorities in Spain, the Netherlands, Belgium, and Luxembourg. The complaints detail the vast scale of personal data leakage by Google and other major companies in the “Ad Tech” industry. This week marks one year since the introduction of the GDPR.
The new complaints have been filed by Gemma Galdon Clavell (Eticas Foundation) and Diego Fanjul (Finch), David Korteweg (…
Content type: Examples
In an effort to improve political advertising transparency, Canada drafted a Bill that requires companies to develop ad libraries, to which ads are added immediately in order for researchers, journalists, and other people to be able to search and understand how political actors are targeting ads. In response, Google announced that it would blanket-ban all political ads in Canada, saying the company was unable to comply with the new law. Google’s decision shows both that the current state of…
Content type: Examples
As a part of Facebook’s efforts to curb disinformation and misinformation on its platform, the company introduced new rules over how political content is marked. This has resulted in content that is educational, news articles, and otherwise seemingly non-political being marked incorrectly and taken down. In Hungary (and Ukraine) this has caused frustration from newspapers, especially due to difference between how Western European papers are treated differently from others. The Guardian reports…
Content type: Examples
Political ads on Facebook are meant to be marked with a disclaimer that says who paid for the ad, as well as be archived into the platform’s ad library, where users are able to see more information about how an ad was targeted. It’s important to note that the ‘who paid for the ad’ requirement is loose, meaning that a generic organisation name could be used, instead of a name that ties the ad to an interest group, for example. These modest requirements of ads transparency came in the wake of…
Content type: Examples
The two leading Presidential candidates in Ukraine's 2019 elections have expressed frustration at major social media platform's seemingly lack of assistance combatting disinformation and bots. Bots flood social media networks and can promote content or flood platforms with pull requests to have a piece of content taken down. Campaigns are unable to directly contact Google, YouTube, and Facebook for assistance directly and waste resources constantly fighting against bot armies.
https://www.…
Content type: Examples
Facebook's efforts to remove disinformation in the wake of the 2019 Ukrainian Presidential election have so far failed. Politico reports that "Among the Facebook pages that spread spurious claims during the election was one with more than 100,000 followers that ran a video claiming (the Presidential candidate) Zelenskiy will allow Russia to take over the country with a violent military operation. Others portrayed him as a drug addict, or Poroshenko (the other Presidential candidate) as an…
Content type: Examples
Volunteers for Presidential candidate Volodymyr Zelenskiy were tasked with pouring over social media sites to search for disinformation and combat bot armies that spread negative comments about the candidate. Facebook has been slow to take down 'fake news' and so the volunteers search social media sites for such content, and then report it as violating Facebook's terms of service. While Facebook is Ukraine's most popular social media site, Radio Free Europe/Radio Liberty reports that there…
Content type: Examples
Simultaneous complaints have been filed with European data protection authorities against Google and other ad tech firms. The complainants are being made by Dr Johnny Ryan of Brave, the private web browser, Jim Killock, Executive Director of the Open Rights Group, and Michael Veale of University College London. The complaint notifies European regulators of a massive and ongoing data breach that affects virtually every user on the web.
Content type: Examples
Panoptykon Foundation, the Warsaw based digital rights organization, has joined in the complaints filed in the UK and Ireland in September by Jim Killock of the Open Rights Group, Michael Veale of University College London, and Dr Johnny Ryan of Brave, by filing a new complaint in Poland. Together, the complainants in Ireland, Poland, and the UK, have also filed new evidence today with the national data protection authorities of Ireland, Poland, and the United Kingdom, that reveals how ad…
Content type: Examples
The Irish Data Protection Commission has today launched an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry. PI's 2018 investigation and subsequent submission to the Irish DPC showed how the company is systematically collecting and exploiting people's data in ways people are unaware of. PI also investigated and complained about Acxiom, Criteo, Experian, Equifax, Oracle, and Tapad.
Content type: Examples
Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more stringent…
Content type: Examples
Dr Johnny Ryan filed a formal complaint with the Irish Data Protection Commission against IAB Europe, the tracking industry’s primary lobbying organization. The complaint was filed against IAB Europe’s use of an unlawful “cookie wall” on its website. Visitors to IAB Europe’s website, www.iabeurope.eu, are forced to accept tracking by Google, Facebook, and others, which may then monitor them.
Content type: Examples
In January 2019 the UK's Information Commissioner's Office announced it was investigating an incident in which the food service company Deliveroo reported that some of its customers had complained they were charged up to £1,000 for orders they had not placed. Customers have used social media to report similar problems in the past. Deliveroo claimed that the problem was not its own security but customers who had reused user names and passwords that had been exposed by data breaches on other…
Content type: Examples
In August 2018, Apple forced Facebook to remove its Onava VPN from the App Store because the Facebook had been using it to harvest data across multiple apps and track user activity. In January 2019, a TechCrunch investigation revealed that in a separate part of the same programme Facebook had been paying users aged 13 to 35 to download a "Facebook Research" VPN and give it root access to their devices to enable it to collect data on their usage habits. The programmed, known as "Project Atlas",…
Content type: Examples
In 2019, after five years of acquisitions and billions of dollars in investment in advertising software and real-time tracking of web users, Oracle, facing questions about the practices of Data Cloud, its advertising software division, began laying off staff. The reason may have been partly financial: analysts estimate that in 2018 Data Cloud earned only $500 million of Oracle's $40 billion in revenues. Other factors include the Cambridge Analytica scandal, which led Facebook to tighten up…
Content type: Examples
In January 2018, internet users began complaining about a new wave of pop-up ads across the web: hard-to-close, misleading, and malicious, some of them making it impossible for people to read news. While many blamed reputable publishers like the New York Times and the Atlantic for being willing to run such intrusive ads, in fact the fault lies with a complex advertising system of intermediaries and exchanges and precise targeting that obscures the origins and types of ads being supplied. The…
Content type: Examples
In February 2019 Google engineers announced that they had created faster, more efficient encryption system that could function on less-expensive Android phones that were too low-powered to implement existing full-device encryption. The scheme, known as Adiantum, uses established and well-vetted encryption tools and principles. Android has required smartphones to support encryption since 2015's version 6, but low-end devices were exempt because of the performance hit. It will now be up to device…
Content type: Examples
In November 2018, Germany's Federal Cyberintelligence Agency (Bundesamt für Sicherheit in der Informationstechnik, or BSI) released a highly detailed analysis of the myriad ways that Windows 10 tracks users and showing that only enterprise versions of Windows have the ability to turn them off. BSI found that under the Full Tracking setting Windows runs 534 tracking processes and 503 on the Basic setting. Enterprise versions have an extra "security" setting available that reduces the number to…
Content type: Examples
A November 2018 report from Data & Society discusses "data craft", the methods manipulators use to create disinformation with falsified metadata, specifically platform activity signals, which can be read by machine learning algorithms, platforms, and humans. Manipulators use platform features in unexpected and skilful ways to evade moderation efforts, and their methods need to be understood. The report includes three case studies: politicians' accounts on Instagram, official US government…
Content type: Examples
A couple who tried, in February 2018, to keep their unborn child a secret from the internet, in part so the child could create its own internet identity when it was ready. They had some success in avoiding being pursued by baby-related ads, but found themselves unable to exercise the control they wanted. While no one asks for pregnancy and parenting ads to be turned on, no one is able to get them turned off, and data brokers sell the most personal details of our lives. The cost of trying to…
Content type: Examples
In October 2018, Google developers announced Manifest V3, a new standard for developing extensions for its Chrome web browser. One of the modifications included replacing the API used by extensions that need to intercept and work with network requests. The new API, DeclarativeNetRequest, limits the number of network requests an extension can access; the result was to muzzle third-party adblockers but not the new one Google was building in. Google claimed that implementing a maximum value was…
Content type: Examples
In a December 2018 update, Facebook so effectively disguised sponsored posts that it took AdBlocker Plus a month, instead of the more usual few days, to find a way to counter it. Facebook has responded to the threat posed to its business model by adblockers by both providing users with advertising settings and tweaking its code to keep adblockers from working on the site. Federal Trade Commission rules require Facebook ads to be clearly labelled as such, but the adblocking arms race has…