Search
Content type: Long Read
9th April 2019
(In order to click the hyperlinks in the explainer below, please download the pdf version at the bottom of the page).
Content type: Long Read
27th March 2019
(In order to click the hyperlinks in the explainer below, please download the pdf version at the bottom of the page).
Content type: Long Read
20th August 2019
This blog is about our new Twitter bot, called @adversarybot. If you want to follow the account, please do watch the pinned 'Privacy Policy' tweet before you do so.
Content type: Long Read
4th February 2019
Over the past year, the Privacy International Network has uncovered, campaigned, and advocated on how trends in surveillance and data exploitation are increasingly affecting our right to privacy.
To celebrate Data Privacy Day on 28 January, we shared a full week of stories and research, exploring how countries are addressing data governance, and the implications for our security and privacy.
Monday - Exposing Harms, Fighting Back
It is often communities who are already the most marginalised…
Content type: Long Read
2nd February 2018
To celebrate International Data Privacy Day (28 January), PI and its International Network have shared a full week of stories and research, exploring how countries are addressing data governance in light of innovations in technology and policy, and implications for the security and privacy of individuals.
Content type: Long Read
28th June 2019
Everyday objects and devices that can connect to the Internet -- known as the Internet of Things (IoT) or connected devices -- play an increasing role in crime scenes and are a target for law enforcement. Exploiting new technologies that are in our homes and on our bodies as part of criminal investigations and for use as evidence, raises new challenges and risks that have not been sufficiently explored.
We believe that a discussion on the exploitation of IoT by law enforcement would benefit…
Content type: Long Read
30th October 2017
Government hacking is unlike any other form of existing surveillance technique. Hacking is an attempt to understand a system better than it understands itself, and then nudging it to do what the hacker wants. Fundamentally speaking, hacking is therefore about causing technologies to act in a manner the manufacturer, owner or user did not intend or did not foresee.
Governments can wield this power remotely, surreptitiously, across jurisdictions, and at scale. A single hack can affect many…
Content type: Long Read
27th March 2018
As we said before, Facebook and Cambridge Analytica scandals are a wake-up call for policy makers. And also a global issue. People around the world are concerned by the exploitation of their data. The current lack of transparency into how companies are using people’s data is unacceptable and needs to be addressed.
There is an entire hidden ecosystem of companies harvesting and sharing personal data. From credit scoring and insurance quotations to targeted political communication, this data is…
Content type: Long Read
14th May 2018
Hasn't Facebook said it would give European data protection to all of their users?
Yes, but only in very vague language. In an initial reaction to the Cambridge Analytica scandal, Mark Zuckerberg declared that Facebook would apply the EU General Data Protection Regulation (GDPR) “in spirit” to their 2 billion users worldwide. When questioned by members of the US Congress, Zuckerberg declared that "[a]ll the same controls will be available around the world". Representative Green sought…
Content type: Long Read
31st October 2016
This piece was written by Ashley Gorski, who is an attorney at the American Civil Liberties Union, and PI legal officer Scarlet Kim and originally appeared in The Guardian here.
In recent weeks, the Hollywood film about Edward Snowden and the movement to pardon the NSA whistleblower have renewed worldwide attention on the scope and substance of government surveillance programs. In the United States, however, the debate has often been a narrow one, focused on the rights of Americans under…
Content type: Long Read
25th May 2018
Privacy and data protection are fundamental rights. When respected they help improve trust and reduce power imbalances. Individuals should have rights over their personal data, regardless of who holds or processes it, and effective ways to enforce those rights, through independent bodies.
While not an ideal solution, GDPR gives individuals more control over their personal data. Rather than burdening individuals with managing and protecting their data, the onus will be on the companies to do so…
Content type: Long Read
25th May 2018
The European Union's new data privacy law (General Data Protection Regulation, better known as GDPR) takes effect today May 25th, 2018, after a two-year transition period. Despite some companies appearing to believe otherwise, and many articles misrepresenting its contents, the GDPR will have a significative impact beyond the European Union, and it will extend many of its data privacy safeguards to users’ data globally.
There are a number of reasons that explain this impact:
Obligations for…
Content type: Long Read
7th July 2016
This piece originally appeared here.
On both sides of the Atlantic, we are witnessing the dramatic expansion of government hacking powers. In the United States, a proposed amendment to Rule 41 of the Federal Rules of Criminal Procedure would permit the government to obtain a warrant, in certain circumstances, to hack unspecified numbers of electronic devices anywhere in the world. Meanwhile, across the pond, the British Parliament is currently debating the Investigatory Powers Bill, which (…
Content type: Report
17th November 2014
In societies that are in the process of transition towards democracy, democratic control of intelligence organisations is both an indispensable requirement and a pressing need. In many cases, the most serious human rights violations committed by dictatorial governments were intrinsically linked to draconian surveillance and control systems. Systematic spying on trade unions, students and dissident groups was a common feature of 20th-century dictatorships. The persistent violation of citizens’…
Content type: Report
25th January 2017
This investigation looks at how surveillance is being conducted in Thailand. The first part of the investigation focuses on the ties between telecommunication companies and the state, and the second part of the investigation focuses on attacks conducted in order to attempt to circumvent encryption.
Content type: Long Read
9th August 2018
Creative Commons Photo Credit: Source
In the midst of continued widespread public outrage at the US government’s brutal ‘zero-tolerance’ policy around immigration – multiple data and analytics companies have quietly avoided answering questions about their role in feeding the US Immigration and Customs Enforcement (ICE) agency’s data backbone. These companies are bidding to work with an agency that has time and time again shown itself to be a brutal and problematic.
Privacy International has…
Content type: Report
24th May 2020
It is common for families with no recourse to public funds who attempt to access support from local authorities to have their social media monitored as part of a 'Child in Need' assessment.
This practice appears to be part of a proactive strategy on the part of local authorities to discredit vulnerable families in order to refuse support. In our experience, information on social media accounts is often wildly misinterpreted by local authorities who make serious and unfounded allegations…
Content type: Long Read
24th May 2020
It is common for families with no recourse to public funds who attempt to access support from local authorities to have their social media monitored as part of a ‘Child in Need’ assessment.
This practice appears to be part of a proactive strategy on the part of local authorities to discredit vulnerable families in order to refuse support. In our experience, information on social media accounts is often wildly misinterpreted by local authorities who make serious and unfounded allegations…
Content type: Report
16th June 2020
Back in October 2019, PI started investigating advertisers who uploaded personal data to Facebook for targeted advertising purposes. We decided to take a look at "Advertisers Who Uploaded a Contact List With Your Information", a set of information that Facebook provides to users about advertisers who upload files containing their personal data (including unique identifier such as phone numbers, emails etc...). Looking at the limited and often inaccurate information provided by…
Content type: Long Read
27th September 2018
Written jointly by Privacy International and the American Civil Liberties Union (ACLU).
In a landmark decision earlier this month, the European Court of Human Rights ruled that one of the mass surveillance programs revealed by Edward Snowden violates the rights to privacy and freedom of expression. While the case challenges the U.K. government’s mass interception of internet traffic transiting its borders, the court’s judgment has broader implications for mass spying programs in Europe and…
Content type: Long Read
23rd July 2019
image from portal gda (cc)
Many people are still confused by what is 5G and what it means for them. With cities like London, New York or San Francisco now plastered with ads, talks about national security, and the deployment of 5G protocols being treated like an arms race, what happens to our privacy and security?
5G is the next generation of mobile networks, which is meant to be an evolution of the current 4G protocols that mobile providers have deployed over the last decade, and there are…
Content type: Long Read
4th February 2019
During the last World Economic Forum in Davos, the CEO of Microsoft joined the chorus of voices calling for new global privacy rules, saying the following in regard to the new European General Data Protection Regulation (GDPR):
“My own point of view is that it's a fantastic start in treating privacy as a human right. I hope that in the United States we do something similar, and that the world converges on a common standard."
We have come a long way. From tech companies fighting and…
Content type: Long Read
9th February 2017
This piece was orignally published in Slate in February 2017
In 2015, the FBI obtained a warrant to hack the devices of every visitor to a child pornography website. On the basis of this single warrant, the FBI ultimately hacked more than 8,700 computers, resulting in a wave of federal prosecutions. The vast majority of these devices—over 83 percent—were located outside the United States, in more than 100 different countries. Now, we are in the midst of the first cases to work their way…
Content type: Long Read
4th December 2020
In 2019, we exposed the practices of five menstruation apps that were sharing your most intimate data with Facebook and other third parties. We were pleased to see that upon the publication of our research some of them decided to change their practices. But we always knew the road to effective openness, transparency, informed consent and data minimisation would be a long one when it comes to apps, which for the most part make profit from our menstrual cycle and even sometimes one’s desire to…
Content type: Long Read
25th September 2018
The UK's domestic-facing intelligence agency, MI5, today admitted that it captured and read Privacy International's private data as part of its Bulk Communications Data (BCD) and Bulk Personal Datasets (BPD) programmes, which hoover up massive amounts of the public's data. In further startling legal disclosures, all three of the UK's primary intelligence agencies - GCHQ, MI5, and MI6 - also admitted that they unlawfully gathered data about Privacy International or its staff. You can read the…
Content type: Long Read
29th January 2018
Privacy International is celebrating Data Privacy Week, where we’ll be talking about privacy and issues related to control, data protection, surveillance and identity. Join the conversation on Twitter using #dataprivacyweek.
Exercising the right to privacy extends to the ability of accessing and controlling our data and information, the way it is being handled, by whom, and for what purpose. This right is particularly important when it comes to control of how States perform these activities.…
Content type: Long Read
21st June 2018
Update 28 June 2018
Last week Privacy International wrote to Thomson Reuters Corporation asking the company to commit to ensuring the vast amounts of data they provide to US immigration agencies isn’t used to identify families for indefinite detention or separation, or for other human rights abuses.
Thomson Reuters has unfortunately ignored our specific questions and made no such commitment.
Instead, the CEO Thomson Reuters Special Services (TRSS) a subsidiary, makes clear that instead of…
Content type: Long Read
14th August 2018
Creative Commons Photo Credit: Source
UPDATE: 30 July 2019
Privacy International has identified the following:
Two RAB officers received approval to travel to the USA in April 2019 for training on “Location Based Social Network Monitoring System Software for RAB Intelligence Wing”
Three RAB officers received approval to travel to Russia in August 2017 to participate in user training of “Backpack IMSI Catcher (2G, 3G, 4G)” paid for by Annex SW Engineering, a UAE-based company
In August 2018…
Content type: Report
5th May 2005
This report investigates the probable effect of the proposed UK national Identity Card system on people who are marginalised, who suffer social disadvantage or exclusion, and those who are disabled. The work focuses on the biometrics element of the government’s proposals (specifically facial recognition, ngerprinting and iris scanning).
The Report provides a specific assessment of the recently published biometrics trial conducted by the UK Passport Service (UKPS), and compares these findings…
Content type: Long Read
11th July 2018
Yesterday the UK's Information Commissioner's Office (ICO) - which is responsible for ensuring people's personal data is protected - announced it intends to fine Facebook the maximum amount possible for its role in the Cambridge Analytica scandal.
This decision highlights of how serious and rampant misuse and exploitation of data is. Facebook is responsible and failed to comply with data protection 101: be upfront and honest about what you are doing with people's data.
Importantly, the ICO's…