Search
Content type: Advocacy
In our submission, we argue that the EDPB's opinion must take a firm approach to prevent peoples' rights being undermined by AI. We focus on the following issues in particular: The fundamentally general nature of AI models creates problems for the legitimate interest test;The risks of an overly permissive approach to the legitimate interests test;Web scraping as ‘invisible processing’ and the consequent need for transparency;Innovative technology and people’s fundamental rights;The (in)…
Content type: Advocacy
Generative AI models cannot rely on untested technology to uphold people's rightsThe development of generative AI has been dependent on secretive scraping and processing of publicly available data, including personal data. However, AI companies have to date had an unacceptably poor approach towards transparency and have sought to rely on unproven ways to fulfill people's rights, such as to access, rectify, and request deletion of their dataOur view is that the ICO should adopt a stronger…
Content type: Advocacy
In our submission we outline our concerns with the industry as a result of extensive technical research and complaints taken to data protection authorities in Europe as a result.
Data brokers must specifically be included in "actors in scope."
We recommend that "data brokers" are specifically included in the list of "actors in scope". A data broker is a company that collects, buys and sells personal data and this is often how they earn their primary revenue. It is a term that is entering…
Content type: Video
<br />
Links
Read more about the ICO's provisional decision
Support our work
You can find out more about Clearview by listening to our podcast: The end of privacy? The spread of facial recognition
Content type: Advocacy
International data transfers are an important feature of the present-day global economy. However, when crossing borders, data should also be accompanied by strong and effective privacy and personal data protections. Laws, such as the General Data Protection Regulation (GDPR), play an important role in ensuring data flows respect with privacy.
Trade negotiations that cover cross-border data flows can complicate this. All 80 countries that are part of digital trade negotiations should be able to…
Content type: Call to Action
Google wants to know everything about you.
It already holds a massive trove of data about you, but by announcing its plans to acquire the health and fitness tracker company Fitbit, it now clearly wants to get its hands on your health too. We don’t think any company should be allowed to accumulate this much intimate information about you. This is why we’re trying to stop its merger with Fitbit.
Google and Fitbit need the European Commission’s approval before they can merge. The merger would…
Content type: News & Analysis
GDPR was hard won. PI, together with other civil society actors, fought from the beginning for a version of the law that offers the strongest rights and protections in the face of intense industry lobbying.
Holding the hidden data ecosystem to account
Two years ago, we committed to using GDPR to seek to hold to account the hidden data ecosystem - those companies that amass and exploit large amounts of our data for profit.
Here’s some of the action we’ve taken:
In Nov 2018,…
Content type: Advocacy
In early June 2019, PI engaged in the UK's Centre for Data Ethics and Innovation consultation regarding online targeting. PI focused its submission on the use of targeting in online political and issue-based advertising, and the collection and use of data to target people online.
In considering the impact of online targeting, it is essential that the Centre for Data Ethics and Innovation have due regard for privacy as a fundamental right (as enshrined in UK, European, and International Law).…
Content type: Advocacy
In December 2018, PI responded to the UK Information Commissioner's (ICO) Call for Views on a Code of Practice for the use of personal information in political campaigns.
The consultation followed on from the ICO's policy report Democracy Disrupted?, published in July 2018, which recommended that the Government should legislate at the earliest opportunity to introduce a statutory Code of Practice under the Data Protection Act 2018 for the use of personal information in campaigns.…
Content type: Advocacy
Privacy International, European Digital Rights, and the Association for Technology and Internet (ApTI) together with 15 other digital rights organisations sent a letter on Monday 21 November 2018, to the European Data Protection Board (EDPB), with copies to the Romanian Data Protection Authority (ANSPDCP), and the European Commission, asking for the General Data Protection Regulation (GDPR) not to be misused in order to threaten media freedom in Romania.
Shortly after a journalistic…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…
Content type: Advocacy
Privacy International's briefing on the UK's Data Protection Bill for the second reading in the House of Commons.
Content type: Advocacy
Privacy International's comments to the Article 29 Working Party Guidelines on automated individual decision-making and profiling are here.
Content type: Advocacy
This briefing consolidates Privacy International's concerns on the UK Data Protection Bill as it reached Report Stage in the House of Lords.
Content type: Advocacy
Privacy International welcomes the willingness of the UK government to implement the EU General Data Protection Regulation (GDPR), which provides stronger standards of protection of personal data to those contained in the EU Directive 1995, whose provisions were implemented in the Data Protection Act 1998. Improved rights and enforcement measures will generate greater trust and therefore greater engagement in the digital environment, which will in turn benefit the economy. …
Content type: Advocacy
Following today's Justice Ministers Council meeting in Luxembourg where an agreement was reached on the proposal for a General Data Protection Regulation (GDPR), Privacy International and European Digital Rights (EDRi) issued the following statement:
In January 2012, the European Commission, following extensive consultations, published a draft Regulation. The initiative had three priorities - modernisation of the legal framework for the protection of personal data,…
Content type: Advocacy
Just over a year ago, vitally important reforms to European privacy and data protection laws were proposed. Now these reforms, which will affect the rights of half a billion Europeans, are being watered down in their passage through various European parliamentary committees as MEPs succumb to an unprecedented industry lobbying onslaught. There is now irrefutable evidence of the impact of this lobbying, thanks to a technology-powered research method comparing corporate lobby documents…
Content type: Advocacy
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of its proposal, a new Regulation (the “Proposed Regulation”),(1) would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive(2) (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: Advocacy
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of the proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive (the “Proposed Directive”), would set out new rules on “the protection of individuals with…