Search
Content type: News & Analysis
The Coalition Against Unlawful Surveillance Exports (CAUSE) has today released a new policy paper calling on the EU to take the opportunity to update its Dual Use Regulation to ensure that surveillance technologies are not exported from Europe and used for human rights violations.
The proposals have been developed by the international secretariat of CAUSE, a coalition of NGOs consisting of Access, Amnesty International, Digitale Gesellschaft, Human Rights Watch, the…
Content type: News & Analysis
Privacy laws around the world are under threat by ambitious governments and voracious industry. Sixty-six privacy, digital rights and consumer rights organisations from around the world have joined forces to push back against attempts to weaken European privacy legislation. The coalition today wrote to the President of the European Commission (the civil service of the European Union) to demand that high levels of privacy protections must be respected in Europe's ongoing revision of its data…
Content type: Press release
The UN's top human rights body, the Human Rights Council, today has passed a landmark resolution endorsing the appointment of an independent expert on the right to privacy. For the first time in the UN's history, an individual will be appointed to monitor, investigate and report on privacy issues and alleged violations in States across the world.
The resolution, which appoints a Special Rapporteur on the right to privacy for an initial period of three years, was spearheaded by Germany and…
Content type: Long Read
Modern day government surveillance is based on the simple concept of “more is more” and “bigger is better”. More emails, more text messages, more phone calls, more screenshots from Skype calls. The bigger the haystack, the more needles we can find.
Thanks to Edward Snowden, we know that this fundamental idea drives intelligence agencies like the NSA and GCHQ - the desire to collect it all, to generate gigantic haystacks through which to trawl. In the almost two years since the first of Snowden…
Content type: News & Analysis
Intelligence sharing agreements can be open and transparent. In fact, the Five Eyes have already disclosed information sharing agreements that relate to key international law enforcement and national security measures.
They’re called mutual legal assistance treaties, or MLATs, and they’ve existed between the Five Eyes, excluding New Zealand, for decades. MLATs define the scope of cooperation between States in criminal investigations: States share sensitive information in criminal…
Content type: News & Analysis
To read Privacy International's take on the ruling, go here.
What does the decision actually say?
The primary question that the Court was asked to consider was whether Google Search has obligations under the Data Protection Directive 1995, the EU legal framework regulating how public bodies and businesses deal with individuals’ personal data.
There were three primary issues at hand: the first was whether Google Inc., the international entity which operates Google Search, was under the…
Content type: News & Analysis
Since the European Court of Justice in May ruled in the “right to be forgotten” case, there has been a dizzying amount of debate about the decision, and its implications for privacy and free expression.
A main thread within these discussions is an old story that US Industry loves to tell and has told for some time: Europeans love privacy law, and Americans love free speech, and the twain shall never meet.
The Google Search case at the European Court of Justice has fuelled this view…
Content type: Press release
Privacy International, Reporters Without Borders, Digitale Gesellschaft, FIDH, and Human Rights Watch welcome news that the European Commission will move ahead and add specific forms of surveillance technology to the EU control list on dual use items, thus taking steps to finally hold companies to account who sell spy equipment and enable human rights abuses.
These important steps demonstrate that policymakers are beginning to wake up to the real harm that exists…
Content type: Press release
The ruling today from the European Court of Justice, invalidating the European Union’s 2006 Data Retention Directive policy, was strong and unequivocal: the right to privacy provides a fundamental barrier between the individual and powerful institutions, and laws allowing for indiscriminate, blanket retention on this scale are completely unacceptable.
As the Court states, it is not, and never was, proportionate to spy on the entire population of Europe. The types of data retained under this…
Content type: Press release
World leaders must commit to keeping invasive surveillance systems and technologies out of the hands of dictators and oppressive regimes, said a new global coalition of human rights organizations as it launched today in Brussels.
The Coalition Against Unlawful Surveillance Exports (CAUSE) – which includes Amnesty International, Digitale Gesellschaft, FIDH, Human Rights Watch, the New America Foundation’s Open Technology Institute, Privacy International, and Reporters without Borders – aims to…
Content type: News & Analysis
Facing intense scrutiny from a Swiss government inquiry into the human rights impact of the commercial surveillance trade, companies have packed up and are no longer attempting to export their spying technology from Switzerland.
Speaking with St. Galler Tagblatt, one of Switzerland’s largest German-language daily newspapers, government spokeswoman Marie Avet confirmed that the companies have cancelled export applications for surveillance technology - including all applications for…
Content type: News & Analysis
Only a few days after it was reported that intrusive surveillance technology developed and sold by Italian surveillance company Hacking Team was found in some of the most repressive countries in the world, Privacy International has uncovered evidence which suggests the company has received over €1 million in public financing.
It has come to Privacy International’s attention that Hacking Team appears to have received €1.5 million from two venture capital funds originating from the Region of…
Content type: News & Analysis
In the same week that the Advocate General of the European Court of Justice labelled the retention of electronic communications data throughout Europe as a “serious interference with the right to privacy”, the French National Assembly has codified into law a suite of invasive and unrestrained surveillance powers, allowing an expanded range of government bodies invasive access to citizens electronic communications data and content and threatening the privacy rights of the French people.…
Content type: News & Analysis
Update:
After an initial discussion with technical and government experts involved in drafting and negotiating the new controls on “intrusion software”, some of our initial questions have been clarified. To read what they had to say, go here.
One of the major dangers of imposing export controls on surveillance systems is the risk of overreach. While you want the scope of the systems being controlled and the language to be wide enough to catch the targeted product and its variants, you also…
Content type: News & Analysis
The proliferation of private companies across the world developing, selling and exporting surveillance systems used to violate human rights and facilitate internal repression has been largely due to the lack of any meaningful regulation.
But a huge step toward finally regulating this billion-dollar industry was taken this week, when on Wednesday night the 41 countries that make up the Wassenaar Arrangement, the key international instrument that imposes controls on the export of…
Content type: News & Analysis
Today’s much-anticipated launch of the 2013 Aid Transparency Index, an industry standard for assessing transparency among major aid donors, shows that, despite progress, many aid agencies continue to maintain secrecy around what they are funding.
Further, for those agencies that achieved high rankings in the index, transparency alone does not prevent one of our larger concerns: aid which facilitates impermissible surveillance of communities and individuals in the developing world.…
Content type: News & Analysis
In an encouraging first response to our complaint against surveillance company Gamma International (Gamma), the UK National Contact Point (NCP) of the Organisation for Economic Cooperation and Development (OECD) announced that it will further investigate our claim against Gamma, as the evidence submitted appears to substantiate our allegations.
In February 2013, Privacy International, together with the European Center for Constitutional and Human Rights, Bahrain Watch, the Bahrain Center…
Content type: News & Analysis
The drive for accountability in aid spending has put humanitarian and development agencies under pressure to collect an ever-growing amount of data about those who receive their assistance. Donors also increasingly demand that new technologies are deployed to ensure aid reaches those it is targeted at; preventing people from fraudulently using refugees’ identities, for example, was a key motivation behind UNHCR’s recent introduction of biometric technology to register Syrian…
Content type: Press release
A European privacy group claimed today that dozens of amendments to the new Data Protection Regulation being proposed by Members of the European Parliament (MEPs) are being copied word-for-word from corporate lobby papers, with MEPs frequently failing to even remember their own amendments. Max Schrems, of the website and campaign Europe v Facebook, noticed striking similarities between proposed amendments and lobby papers written by representatives of Amazon, eBay, the American Chamber of…
Content type: News & Analysis
By now, UK internet users are probably familiar with major sites asking them to consent to the use of website cookies. This is prompted by the 'cookie law' (aka "Directive 2002/58 on Privacy and Electronic Communications", otherwise known as the E-Privacy Directive), which is proving a privacy trainwreck. Theoretically, the Directive was a good idea - a method of preventing companies secretly following a user from site to site across the web. However, ill-executed law can be worse than no law…
Content type: News & Analysis
Earlier this year, Privacy International began research into the corporate social responsibility policies of companies that sell communications surveillance technology. Given that this technology is known to facilitate human rights abuses in repressive regimes around the world, surveillance tech companies that claims corporate responsibility might be expected to address such concerns in their CSR policy documents.
Of the 246 companies known to partake in the communications surveillance…
Content type: News & Analysis
The APEC Data Privacy Subgroup (DPS) commenced a new five year work programme at a meeting in Moscow in February 2012. This follows the commitment by APEC Leaders in late 2011 to the Cross Border Privacy Rules (CBPR) system as one way implementing the APEC Data Privacy Framework.
The Joint Oversight Panel was formed at the DPS meeting in Moscow and comprises members from the US (chair), Chinese Taipei and Mexico, with the chair of the DPS (from Canada) as alternate – who will…
Content type: News & Analysis
The second 2011 meeting of the APEC Privacy Subgroup took place in San Francisco in mid September, and finalised the package of documents that comprise the Cross Border Privacy Rules (CBPR) system. Endorsed by the parent Electronic Commerce Steering Group (ECSG), these will now go forward for ratification by Ministers in Hawaii in November, and subsequent implementation. The Subgroup’s 2012 Work Plan envisages establishment of the Joint Oversight Panel (JoP), commencement of…
Content type: News & Analysis
An international alliance of organisations and individuals from 27 countries has lodged a petition calling on the Council of Europe to start an indepth survey on the collection and storage of biometric data by member states.
European governments are increasingly demanding storage of biometric data (fingerprints and facial scans) from individuals. These include storage on contactless 'RFID' chips in passports and/or ID cards. Some are going even further by implementing…
Content type: News & Analysis
2011 is supposed to be the year that the APEC pathfinder projects on Cross Border Privacy Rules (CBPR) deliver a functional system for businesses to be certified for transfer of personal information between participating APEC economies.
After the last round of APEC privacy meetings in Washington DC on 1-3 March, this prospect is looking increasingly remote. Even the basic set of documentation and processes required for the process of self-certification and assessment of businesses has yet to…
Content type: News & Analysis
Skype has consistently assured that it protects its users and their communications. Having reviewed the company's technology and policies we have grounds for concern about Skype's overall level of security, and we believe there are a number of questions to which the company must respond. Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk. It's time for Skype to own up to the reality of its security and to take a leadership…
Content type: News & Analysis
Not since the 1990s has the internet been so exciting. With its use by political activists and journalists around the world, we can now again entertain the discussions that the internet brings freedom. Digital data traverses routers with little regard to national boundaries and so traditional constraints not longer apply. So it is no surprise that protestors on the streets of Tehran or Cairo are using the internet to organise. We like to believe in the freedom of the internet again, after…
Content type: News & Analysis
Privacy International and EPIC praised a vote today in the European Parliament today that rejected the transfer of finacial records to the United States under an interim agreement. A resolution to reject the deal passed 378-16, with 31 abstentions. Members of the parliament stated the proposed agreement lacked adequate privacy safeguards, and was a disproportionat response to US concerns about terrorism that also lacked reciprocity.
Simon Davies, Director General of Privacy International…
Content type: News & Analysis
Privacy International and the American Civil Liberties Union have appealed to the Council of the European Union, the European Commission, the European Parliament, and privacy commissioners in 31 countries across Europe to repeal the agreement between the EU and the US on passenger data transfers. We argue that, with the recent disclosure of the 'Automated Targeting System' being used by the US Department of Homeland Security, the US has violated both American law and the agreement with the EU…
Content type: News & Analysis
At its last session on November 21st and 22nd 2006, the Article 29 Working Party has again been dealing with the SWIFT case and has unanimously adopted Opinion 128 on its findings in this case.
In this Opinion, the Article 29 Working Party emphasizes that even in the fight against terrorism and crime fundamental rights must remain guaranteed. The Article 29 Working Party insists therefore on the respect of global data protection principles.
SWIFT is a worldwide financial messaging service…