Search
Content type: Examples
FullScreen Research claims that in the competitive German food delivery market, Lieferando uses automation to monitor its employees and that Wolt violates labour laws by paying couriers in cash and employing them illegally A former supervisor with Lieferando says that the system flags up abnormalities for a team of watching agents, who see each courier's exact location and are supposed to ask drivers the reason for delays. Lieferando denies that it illegally controls drivers'…
Content type: Examples
German data protection authorities have ruled that the use of Microsoft Office 365 in schools is not compliant with GDPR, citing a lack of transparency around how and where Microsoft processes and stores student data as well as the potential for third-party access. German federal and state data protection authorities have been looking at how to improve Office 365 for two years but deems changes Microsoft has made insufficient to bring the software into compliance.
https://www.computerweekly.…
Content type: Examples
Germany’s contact tracing system is thought to have been critical in controlling the COVID-19 outbreak, especially given superspreader events such as infections in meat packing plants. Each of Germany’s 16 federal states is responsible for health, and together with the national Robert Koch Institute they support authorities at city or council level, who are responsible for outbreak investigation and management, including contact tracing.
The country dubbed COVID-19 a notifiable disease early,…
Content type: Examples
A study describes the data transmitted to backend servers by the Google/Apple based contact tracing (GAEN) apps in use in Germany, Italy, Switzerland, Austria, and Denmark and finds that the health authority client apps are generally well-behaved from a privacy point of view, although the Irish, Polish, Danish, and Latvian apps could be improved in this respect. However, the study also finds that the Google Play Services component of the apps contacts Google servers as often as every 20 minutes…
Content type: Examples
The German health minister, Jens Spahn, said the country required advice from the country’s ethics council before it could use the millions of antibody tests it had procured from the Swiss pharmaceutical company Roche to help determine how freely people could move around the country. Spahn cited the risk that people would try to get themselves infected if immunity passports appeared to promise greater freedom.
https://www.reuters.com/article/health-coronavirus-germany-antibodies/armed-with-…
Content type: Examples
At the end of March, jointly organised by the Robert Koch Institute (Germany’s public health body), the German Centre for Infection Research, the Institute for Virology at Berlin’s Charite hospital, and blood donation services, researchers planned to begin conducting blood tests among the general public in order to determine how many people test positive for antibodies to the coronavirus. Gerard Krause, head of epidemiology at the Helmholtz Centre for Infection Research, and Brauinschweig,…
Content type: Examples
Germany’s “Corona-Warn” contact tracing app amassed 6.5 million users (7.8% of the German population) in the first 24 hours after its June 16 launch despite setbacks that included disputes over data privacy and functionality. The app was developed in six weeks by a team of developers and engineers from Deutcsche Telekom and SAP and is built on the Apple-Google notification framework. In a poll conducted by ARD around the time of the app’s launch, 42% of Germans said they would use the app,…
Content type: Examples
Local health authorities in Germany have relied on human contact tracers since the country confirmed its first COVID-19 cases early in 2020, and say that doing so has helped the country keep its death rate comparatively low even with a less restrictive lockdown than many other countries. Germany aims to have 16,000 contract tracers overall, or five for every 25,000 people. Tracing involves phoning each newly-diagnosed patient and asking their movements; those who have been in close contact for…
Content type: Examples
Three days after announcing Germany would adopt the centralised Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) standard for contact tracing, the country's chancellery minister Helge Braun and health minister Jens Spahn announced they would instead use the decentralised approach backed by Apple, Google, and other European countries. While both standards rely on Bluetooth connections between nearby phones, PEPP-PT would have required Apple's cooperation to implement, and the company…
Content type: Examples
Germany's federal agency responsible for disease control and prevention, the Robert Koch Institute, has teamed up with the health technology start-up Thryve to develop an app called Corona-Datenspende ("data donation") that works with a variety of smartwatches and fitness wristbands. The app is designed to use the device's sensors to collect user data, and includes algorithms to it to spot symptoms linked to COVID-19 and help predict the spread and containment of the virus. More than 50,000…
Content type: Examples
On March 24 the German Bundestag passed a comprehensive amendment to the Infection Protection Act that authorises the Federal Ministry of Health to implement measures for medical care without the consent of the Federal Council. These include the ability to impose curfews and travel restrictions, override patent protection for medical products, and issue ordinances creating other exceptions to the law. The Federal Data Protection Commissioner criticised the proposals because he doubted whether…
Content type: Examples
Researchers at Germany's Robert Koch Institute and Fraunhofer Heinrich Hertz Institute are working on an app that uses Bluetooth connections between smartphones and is compliant with GDPR to anonymously save the distance and duration of contact between people on the smartphone to make it possible to digitally reconstruct infection chains. The idea is being copied from Singapore's TraceTogether app, which detects other users who have also installed the app. If someone tests positive, they can…
Content type: Examples
The German mobile operator Deutsche Telekom announced in a press conference on RKI Live that it had passed on, anonymised, its users' movement data to the Robert-Koch Institute to study the extent to which the population would follow the government's restrictions. RKI president Lothar Wieler said this data is also available for purchase, but was given to RKI at no charge.
Source: https://frask.de/coronavirus-deutscher-mobilfunkbetreiber-gibt-bewegungsdaten-weiter/
Content type: Examples
A Hamburg geotracking startup called Ubilabs is working with the Hannover School of Medicine on a data analysis platform that could track people who have tested positive for the coronavirus and their contacts, Der Tagesspiegel reported on Tuesday; this type of tracking would require individuals' consent to have a legal basis for processing.
Source: https://www.nytimes.com/reuters/2020/03/11/technology/11reuters-health-coronavirus-privacy-explainer.html
Content type: Examples
A review of European privacy laws considers whether the tracking and monitoring methods China used to shut down the COVID-19 epidemic are in compliance with GDPR. The French data protection authority CNIL says employers are not allowed to take mandatory temperature readings from employees or visitors or require them to fill out compulsory medical questionnaires. Italy passed emergency legislation requiring anyone who has recently stayed in an at-risk area to notify health authorities. Germany…
Content type: Examples
A 19-year-old medical student was raped and drowned in the River Dresiam in October 2016. The police identified the accused by a hair found at the scene of the crime. The data recorded by the health app on his phone helped identify his location and recorded his activities throughout the day. A portion of his activity was recorded as “climbing stairs”, which authorities were able to correlate with the time he would have dragged his victim down the river embankment, and then climbed…
Content type: Key Resources
In the lead up to the 2017 German federal elections, there was much debate about the benefits and dangers of data analytics for political purposes. There were some controversies concerning the use of data and the lack of information provided by political parties also raised concerns.
Content type: Examples
Following Ms. Vestager’s investigation into Amazon and its own sector enquiry into online price comparison services in October 2017, in June 2018 the German Federal Cartel Office (“Bundeskartellamt”) claimed that it “received a lot of complaints” and is said to be “looking at the role and market power of Amazon” with regards to Amazon’s hybrid function. (Nicholas Hirst, MLEX, 27 June 2018, Amazon’s ‘hybrid function’ catches eye of German antitrust enforcers.) Germany is Amazon’s…
Content type: News & Analysis
The first half of 2018 saw two major privacy moments: in March, the Facebook/ Cambridge Analytica scandal broke, followed in May by the EU General Data Protection Regulation ("GDPR") taking effect. The Cambridge Analytica scandal, as it has become known, grabbed the attention and outrage of the media, the public, parliamentarians and regulators around the world - demonstrating that yes, people do care about violations of their privacy and abuse of power. This scandal has been one of…
Content type: Examples
In the lead up to the 2017 German federal election (Bundestagswahl), all political parties used social media like Facebook, Twitter, Instagram, YouTube, and e-mails as platforms to reach voters.
The far-right Alternative for Germany party (AfD) reportedly hired a Texas-based company for their campaign. Harris Media is known for their work with Republican, far-right and nationalist candidates in the US and worldwide. In 2017, Privacy International revealed that Harris Media was behind the…
Content type: Examples
In the lead up to the German elections, the conservative Christian Democratic Union (CDU) created a mobile app, Connect 17, which was designed to create a feedback loop between party headquarters and door-to-door volunteers (also known as canvassers).
The app drew on data from the federal statistics office and polling agencies. It let canvassers decide routes, record whether anyone was home, and whether a conversation had been successful. It also allowed canvassers to compare their…
Content type: Examples
The Sunday edition of the national newspaper Bild reported that Chancellor Angela Merkel's conservative Christian Democrats (CDU) party and the centre-right Free Democrats (FDP) party purchased "more than a billion" pieces of personal data about potential voters from a subsidiary of Deutsche Post, which offered target-mailing concepts to its clients. The Deutsche Post subsidiary, Deutsche Post Direkt, rejected these claims.
Instead, Deutsche Post is reported as insisting that it never…
Content type: Examples
Police in the German state of Hesse are using a bespoke version of Palantir's Gotham software system, specially adapted for the police force. Palantir CEO Alex Karp sits on the board of the German mega publisher Axel Springer.
Publication: WorldCrunch, Jannis Brühl
Date: 20 November 2018
Content type: News & Analysis
Private surveillance companies selling some of the most intrusive surveillance systems available today are in the business of purchasing security vulnerabilities of widely-used software, and bundling it together with their own intrusion products to provide their customers unprecedented access to a target’s computer and phone.
It's been known for some time that governments, usually at a pricey sum, purchase such exploits, known as zero- and one-day exploits, from security researchers to…
Content type: Press release
A 400 gigabyte trove of internal documents belonging to surveillance company Hacking Team has been released online. Hacking team sells intrusive hacking tools that have allegedly been used by some of the most repressive regimes in the world.
The documents reportedly confirm Hacking Team has customers in 35 countries, including some that routinely abuse human rights. These documents seemingly validate research conducted by Citizen Lab…
Content type: Long Read
Privacy International in October 2014 made a criminal complaint to the National Cyber Crime Unit of the National Crime Agency, urging the immediate investigation of the unlawful surveillance of three Bahraini activists living in the UK by Bahraini authorities using the intrusive malware FinFisher supplied by British company Gamma.
Moosa Abd-Ali Ali, Jaafar Al Hasabi and Saeed Al-Shehabi, three pro-democracy Bahraini activists who were granted asylum in the UK, suffered variously…
Content type: News & Analysis
Last year, UK-based surveillance company Gamma TSE sold the Indonesian military US$ 6.7 million worth of equipment as part of the military's weapons modernisation effort. As early as 2005, Indonesian officials were soliciting the advice of a close partner of Gamma, Germany-based Elaman, to create technical surveillance unit (TSU), according to a white paper published as part of the WikiLeak SpyFiles and found in the Surveillance Industry Index.
Gamma and Elaman are…
Content type: News & Analysis
After two years of pressing the Government to come clean on what, if anything, they are doing to investigate the potentially illegal export of the spyware FinFisher, a ruling today by the Administrative Court in Privacy International’s favour marks a significant turning point in our long-running campaign to bring more transparency and accountability to the surveillance industry.
The High Court slammed Her Majesty’s Revenue and Customs for not disclosing whether it was investigating…
Content type: Press release
After challenging HMRC's blanket refusal to release information about the potentially unlawful export of Gamma International's FinFisher surveillance technology, the court has said that the case should proceed to trial and the grounds of Privacy International's challenge are of public importance.
Privacy International in February filed for judicial review of a decision of HMRC, the body responsible for enforcing export regulations, claiming the department is acting unlawfully in its refusal to…
Content type: Press release
The United Nations General Assembly should approve a new resolution and make clear that indiscriminate surveillance is never consistent with the right to privacy, five human rights organizations said in a November 21, 2013 letter to members of the United Nations General Assembly.
After heated negotiations, the draft resolution on digital privacy initiated by Brazil and Germany emerged on November 21 relatively undamaged, despite efforts by the …