Search
Content type: News & Analysis
Next week, the European Parliament will make an important decision affecting one of the world’s most vulnerable and stigmatised groups of people: asylum seekers. This decision is part of a larger debate about privacy and function creep, about authorities breaking promises that were made when personal information was collected and using it for new purposes.
EURODAC, a transnational database containing the personal and biometric information of all asylum seekers and illegal immigrants found…
Content type: News & Analysis
There have been two rounds of meetings in 2012 of the OECD Committee for Information, Computer and Communications Policy (ICCP) and some of its working parties – in May and October 2012, with further meeting of two working parties in December. A ‘foresight forum’ on the ‘big data’ theme was held on 22 October. Civil society interest in the ICCP work programme is formalised through the Civil Society Information Society Advisory Council (CSISAC).
The Working Party on Information Security…
Content type: News & Analysis
We welcome the Informational Commissioner's intention to produce guidance for data controllers around the production of Open Data. Rigorous guidance is sorely needed in this area, with even large Government departments getting it dangerously wrong. Some data can be released safely in some circumstances; depending on the type and there has been sufficient consideration of the nuance of the situation. Adequate anonymisation is exceptionally difficult, and reidentification is possibly using…
Content type: News & Analysis
Tuesday’s letter to Google CEO Larry Page, personally signed by 29 European data protection authorities, ordered the corporation (inter alia) to give users greater control over their personal information. The notions of trust and control are emphasised throughout the letter, and Google is urged to "…develop new tools to give users more control over their personal data" and "collect explicit consent for the combination of data for certain purposes". It is good news that the…
Content type: News & Analysis
Greek newspaper To Vima reported late last night that Golden Dawn MP Ilias Panagiotaros has requested the exact data of "foreign infants and young children, by country of origin, who are in nursery schools" in Greece from the Greek Ministry of Interior (the equivalent of the British Home Office or US State Department). To Vima’s headline read 'Taking a leaf out of Herod’s book'.
The request echoes earlier demands made by the party for information about immigrants’ use…
Content type: News & Analysis
APEC privacy activity has passed another milestone with the acceptance in July 2012 of the USA as the first economy to formally join the cross border privacy rules (CBPR) system. The CBPR Joint Oversight Panel (JOP), with the Canadian chair of the Data Privacy Subgroup (DPS) standing in for the US member in accordance with the ‘no conflict of interest’ provisions, accepted the US government application, which nominated the Federal Trade Commission (FTC) as the privacy enforcement authority…
Content type: News & Analysis
Privacy International welcomes the Select Committee Inquiry. We approach the proposed EU Data Protection Framework from the perspective of individual citizens and consumers.
We consider that this Inquiry and other consultations must take into account not just considerations of burdens to business and administrations, but also the fundamental rights of individuals to privacy and data protection that the UK has to comply with as a signatory to EU treaties and conventions.
The…
Content type: Advocacy
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of its proposal, a new Regulation (the “Proposed Regulation”),(1) would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive(2) (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: News & Analysis
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of its proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive2 (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: Advocacy
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of the proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: News & Analysis
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of the proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: News & Analysis
As part of the government’s ambitious Open Data programme, the Cabinet Office announced last year that data from the National Pupil Database (NPD) will be made freely available and accessible to all. The NPD, previously only available to researchers on an academic licence, contains a record for every single state school pupil in the country, covering educational attainment from reception to sixth form, as well as characteristics such as attendance, ethnic background and free…
Content type: News & Analysis
In the PI office, we have daily debates about which platforms to use for our organizational operations. As a privacy charity, we are naturally concerned about the integrity of our own information services and resources, but we frequently receive queries about the best technologies to use from a variety of other organizations, some with very complex threat models.
The sad fact is that we are all poorly served by the range of services currently available. We worry that there is a significant…
Content type: News & Analysis
By now, UK internet users are probably familiar with major sites asking them to consent to the use of website cookies. This is prompted by the 'cookie law' (aka "Directive 2002/58 on Privacy and Electronic Communications", otherwise known as the E-Privacy Directive), which is proving a privacy trainwreck. Theoretically, the Directive was a good idea - a method of preventing companies secretly following a user from site to site across the web. However, ill-executed law can be worse than no law…
Content type: News & Analysis
Privacy is internationally recognized as a fundamental right. Yet the confines of the right to privacy are subject to never-ending games of tug-of-war between individuals, governments and corporations. These games are rarely fair – individuals are often under-informed and lack the capacity to assert and protect their privacy, while those who seek to erode it are increasingly overbearing and secretive. This is particularly the case in developing countries, where the absence of adequate legal and…
Content type: Report
Following on from their 2009 discussion paper, in 2010 the European Commission published a Communication on changes to the 1995 European Union Directive on data protection. The European Union’s 1995 Directive on data protection is a leading regional instrument for privacy and is often the model for other countries across the globe. The Directive has been integral to pushing back against key surveillance and tracking initiaitives by governments and industry.
In this report we respond to that…
Content type: Press release
PI, Genewatch and the Council for Responsible Genetics launch the Forensic Genetic Policy Initiative
Today, 60 countries worldwide operate national DNA databases, and at least 34 more are considering putting them in place. The use of DNA evidence in criminal investigations can bring great benefits to society, helping to solve crimes, convict the guilty and exonerate the innocent. However, the mass storage of DNA samples and computerized profiles in databases raises important human rights concerns. Your DNA profile can be used to track you or your relatives. Your DNA sample has the…
Content type: News & Analysis
News emerged today that the new National Crime Agency will be completely exempt from Freedom of Information laws, creating a ‘cloak of secrecy’ around the organization.
The National Crime Agency (NCA), the government’s proposed successor to the Serious and Organised Crime Agency (SOCA), will target organized crime, fraud, child exploitation and smuggling. Described in the media as an ‘FBI-style’ intelligence agency, the NCA is proposed to become fully operational in December 2013.
But…
Content type: News & Analysis
Last evening (in India, that is) we got some very good news. Earlier, an online news item in a major newsmagazine described a forthcoming report from the Parliamentary Standing Committee on Finance, a cross-party body created to study Bills being presented for consideration in Parliament, as having expressed its reservations about the NIAI Bill, that they would recommend recasting it. The NIAI Bill seeks to set up a National Information Authority, whose job is to take over the functioning of…
Content type: News & Analysis
A widely-leaked version of the first legislative proposal for a General Data Protection Regulation is making its way through Brussels and beyond. The purpose of this 'Regulation' is to provide a new tool for harmonising the protection of personal data across the European Union, and one that takes into consideration the current legislative and technological environment. The key point is that Europe's rules on privacy are often taken as an example to the world -- and provide a rare…
Content type: News & Analysis
Prime Minister David Cameron may not be quite the “pitiless blank-eyed hell wraith” Charlie Brooker portrayed in yesterday’s Guardian, but he does have some pretty frightening ideas about the Internet. This morning the Prime Minister announced, at a meeting with the Christian charity Mother’s Union, that four of the UK’s biggest ISPs will henceforth require users to opt in if they want to view pornographic material – thereby creating a commercially-owned and controlled database of…
Content type: Press release
Privacy International today published documentation that establishes a deliberate cover-up by the UK Information Commissioner’s Office (ICO) of a failure to uphold its responsibility to enforce the Data Protection Act.
A request under the Freedom of Information Act by PI and No-CCTV has revealed a conflict of interest in the ICO’s mandate and a fundamental failure of process within the Office. The material disclosed proves that the ICO conspired to delay the FOIA request, and attempted to…
Content type: News & Analysis
Skype has consistently assured that it protects its users and their communications. Having reviewed the company's technology and policies we have grounds for concern about Skype's overall level of security, and we believe there are a number of questions to which the company must respond. Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk. It's time for Skype to own up to the reality of its security and to take a leadership…
Content type: News & Analysis
The European Commission is about to announce the compulsory fingerprinting of all visitors to the EU, both visa holders and non-visa holders, along with automated border checks of EU nationals through the analysis of fingerprints and facial scans.
The Communication from December 2007, available here on the PI site, outlines the plans. Below we summarise the plans. Also see PI's commentary in the Guardian CommentisFree section from February 11, 2008.
Critical Analysis
The Communication does…
Content type: News & Analysis
Together with a coalition with 18 Japanese rights groups, Privacy International today delivered a letter to the Japanese Minister of Justice to protest against the implementation of a fingerprinting system and face-scanning system at its borders. All visitors and many foreign residents to Japan will be fingerprinted under this plan. Our letter to the Minister is endorsed by 68 organisations from 30 countries. In our letter, we show that there are numerous problems with the government's plans.…
Content type: News & Analysis
Privacy International and the American Civil Liberties Union have appealed to the Council of the European Union, the European Commission, the European Parliament, and privacy commissioners in 31 countries across Europe to repeal the agreement between the EU and the US on passenger data transfers. We argue that, with the recent disclosure of the 'Automated Targeting System' being used by the US Department of Homeland Security, the US has violated both American law and the agreement with the EU…
Content type: News & Analysis
Booz Allen Hamilton, Inc., a prominent defence and intelligence consulting and engineering firm, has been hired as an outside "independent" auditor of the CIA and Treasury Department's Terrorist Finance Tracking Program ("TFTP"), which monitors banking transactions made through the Society for Worldwide Interbank Financial Telecommunication (SWIFT). Though Booz Allen's role is to verify that the access to the SWIFT data is not abused, its relationship with the U.S. Government calls its…
Content type: News & Analysis
Dear Mr Schrank,
I am writing with regard to the current controversy over the private arrangement between SWIFT and the U.S. Government that facilitates the extradition of confidential financial transaction data from SWIFT to U.S. authorities. You will be aware that Privacy International contends that this arrangement breaches privacy and data protection law, and we have lodged complaints with regulatory authorities in 38 countries.
In my many discussions with SWIFT officials over the past…
Content type: News & Analysis
The Supreme Court of Canada has upheld the legality of the DNA database, including the retroactive collection of profiles. This decision supports the DNA Identification Act of 1998 and sees the taking of DNA from those who are convicted of serious offences not so much as a search but more as an act that enables identification.
In the case R v Rodgers (2006), decided 4-3, the Court was asked to consider, amongst numerous other issues:
Whether collection of DNA samples for data bank…
Content type: News & Analysis
A campaign to eliminate the DNA profiles of 24,000 innocent juveniles from the database has been instigated by a Conservative Member of Parliament after a lengthy battle to remove the record of a concerned constituent’s son who was arrested as a result of misidentification. The National DNA Database currently holds the records of 750,000 juveniles – some of whom have been convicted of offences but many of whom were only charged, cautioned, questioned or were mere witnesses to incidents.
The…