Search
Content type: News & Analysis
20th December 2017
This post was written by PI Technologist Ed Geraghty.
At the very heart of ThornSec’s design is that we assume our security will fail. There is nothing perfect on this earth (except kittens). The entire point is to fail well. For charities and NGOs that are fragile, poorly resourced, and often at risk, this is relatively novel thinking. We prepare for that with a strict adherence to good security practice.
It is exactly this element of novelty that makes us more open than your average Open…
Content type: News & Analysis
19th December 2017
This post was written by PI Policy Officer Lucy Purdon.
In 1956, US Presidential hopeful Adlai Stevenson remarked that the hardest part of any political campaign is how to win without proving you are unworthy of winning. Political campaigning has always been a messy affair and now the online space is where elections are truly won and lost. Highly targeted campaign messages and adverts flood online searches and social media feeds. Click, share, repeat; this is what political engagement looks…
Content type: Advocacy
19th December 2017
Privacy International's comments to the Article 29 Working Party Guidelines on automated individual decision-making and profiling are here.
Content type: News & Analysis
18th December 2017
We work to collect the minimum amount of data that we need from you to do our jobs within the resources we have, and to protect and use that data in an ethical manner. We are expanding the ways we engage with our supporters, by rebuilding our tech services to ensure that we continue to live up to that commitment.
Here we explain what data we have access to, what we collect, and how we work to protect your data. This piece is more explanatory than our policy statement which is available here.…
Content type: News & Analysis
18th December 2017
Overview
CIPIT is currently investigating how the privacy of Kenyan citizens was affected by the use of biometric data during the just concluded 2017 general and repeat elections. The IEBC is mandated by law to register voters, verify their registration details and conduct elections. Accordingly, the IEBC is the custodian of the public voter register. There have been reports that individuals received SMS texts from candidates vying for various political seats during the campaign period of the…
Content type: Advocacy
18th December 2017
This briefing consolidates Privacy International's concerns on the UK Data Protection Bill as it reached Report Stage in the House of Lords.
Content type: People
18th December 2017
Holly has over 20 years of experience promoting election integrity and democratic reform worldwide.
She has served previously as Director of the Election Observation Democracy Support project, which develops methodology for EU election observation missions, and has also worked for the Organisation for Security and Cooperation in Europe’s Office for Democratic Institutions and Human Rights and the National Democratic Institute.
Holly has participated in election observation missions in over 20…
Content type: Long Read
15th December 2017
The battle for Kenyan voters’ allegiance in the 2017 Presidential election was fought on social media and the blogosphere. Paid advertisements for two mysterious, anonymous sites in particular started to dominate Google searches for dozens of election-related terms in the months leading up to the vote. All linked back to either “The Real Raila”, a virulent attack campaign against presidential hopeful Raila Odinga, or Uhuru for Us, a site showcasing President Uhuru Kenyatta’s accomplishments. As…
Content type: Long Read
15th December 2017
Introduction
Why We Are So Concerned about Government Hacking for Surveillance
Scope of Our Safeguards
1. Legality
2. Security and Integrity of Systems
3. Necessity and Proportionality
4. Judicial Authorisation
5. Integrity of information
6. Notification
7. Destruction and Return of Data
8. Oversight and Transparency
9. Extraterritoriality
10. Effective Remedy
Commentary on each
1. Legality
2. Security and Integrity of Systems
3. Necessity and Proportionality
4. Judicial…
Content type: Press release
15th December 2017
A new investigation published today by Privacy International reveals the role of an American data-based digital advertising company in the highly divisive online re-election campaign of Kenyan president Uhuru Kenyatta.
In the run-up to Kenya's presidential election in August 2017, paid advertisements for two mysterious sites dominated Google searches for election-related terms and flooded Kenyans' social media feeds. All linked back to either 'The Real Raila', a virulent attack campaign…
Content type: People
15th December 2017
Joanna Oniszk is our Resources Director. She joined us in 2015 to take on donor coordination and financial management of the organisation. She has over ten years of experience in variety of finance and management roles in corporate sector, international organisations and charities and holds an MA in Economics.
Content type: People
15th December 2017
Harmit Kambo is the Director of Campaigns at Privacy International and leads PI’s Communications and Campaigns team. He is responsible for developing greater public engagement in privacy issues. He works across our programmes to devise strategies that will increase the reach and impact of our work.
Content type: People
15th December 2017
Tomaso leads Privacy International's global policy engagement He develops the organisation's international advocacy with the UN, the EU, and other relevant intergovernmental bodies. Previously he worked for Child Soldiers International and for Amnesty International’s (AI) International Secretariat, in the International Law and Policy Program, where he was legal and policy advisor. His main responsibilities included providing advice on international human rights and humanitarian law, drafting…
Content type: News & Analysis
14th December 2017
Recently, a text from a local telecommunications company inquired whether its subscribers knew that they could now enroll their voice so they could access various services securely and conveniently. This added a further dynamic to the on-going debate in several quarters on the accelerated adoption of biometrics in Kenya. Does Kenya have the necessary framework in place to safeguard the privacy and security of its citizens? The reality is, innovators will not wait for an optimal legal…
Content type: People
14th December 2017
Ed is a Senior Technologist at Privacy International. He is responsible for our technical security and research, and leads the development of our security framework and tech engagement with our International Network.
Content type: People
14th December 2017
Tom is a Research Officer with Privacy International and is responsible for research and dissemination in the Global South. He leads our research on fintech and identity. He has a PhD in African Studies from the University of Edinburgh, exploring ethnicity and politics in East Africa. He has a MSc in African Studies fro the University of Edinburgh, and a BA in Politics and Philosophy from the University of York. He has taught in Tanzanian universities, and has a particular interest in…
Content type: People
14th December 2017
Caroline is Privacy International’s Legal Director and General Counsel. She leads the legal advocacy at PI and counsels PI’s programmes on legal strategy and risk. Caroline is a US-qualified lawyer who previously specialised in privacy and intellectual property litigation at a prominent US law firm. Caroline received her law degree from Yale Law School and her undergraduate degree in Anthropology from the University of California, Berkeley. After law school, Caroline clerked for Judge Warren J…
Content type: People
14th December 2017
Alexandrine is Directory of Strategy at Privacy International. She manages and oversees the development and delivery of Privacy International's strategic portfolio aimed at ensuring that innovative solutions serve individual and communities and protection their dignity rather than state power and corporate interest. This portfolio explores issues of digital identity, protecting communities at risk online, the digitisation of access to economic, social and cultural rights, and the use of data…
Content type: Report
6th December 2017
When you rent a car at the airport, use a car-share for a family day trip, one of the first things you are likely to do before setting off on your journey, is to connect your phone to the car. You switch on the Bluetooth and see a list of other people’s phones that were previously connected - Mike’s iPhone, Samsung Galaxy, Bikerboy_Troi, Dee Dee. You input your journey into the navigation, perhaps noticing stored locations of previous drivers.
Seems fairly innocuous? Wrong. Your name and…
Content type: Press release
Press Release: New report shows how car rental companies are failing to protect drivers' information
5th December 2017
A new report by Privacy International shows how car rental companies and car-share schemes are failing to protect drivers' personal information, such as their location, smart phone contents, and place of residence.
The report is here: https://privacyinternational.org/node/987
Key points
Privacy International (PI) rented a series of internet-connected cars and examined the information which was collected and retained on the rental cars' infotainment system*. Every car PI rented contained…
Content type: Examples
3rd December 2017
A 2009 paper by the US National Academy of Sciences found that among forensic methods only DNA can reliably and consistency match evidence to specific individuals or sources. While it's commonly understood that techniques such as analysis of blood spatter patterns are up for debate, other types of visual evidence have been more readily accepted. In 2015 the FBI announced that virtually all of its hair analysis testing was scientifically indefensible, and in 2016 the Texas Forensic Science…
Content type: Examples
3rd December 2017
In 2016, researchers discovered that the personalisation built into online advertising platforms such as Facebook is making it easy to invisibly bypass anti-discrimination laws regarding housing and employment. Under the US Fair Housing Act, it would be illegal for ads to explicitly state a preference based on race, colour, religion, gender, disability, or familial status. Despite this, some policies - such as giving preference to people who already this - work to ensure that white…
Content type: Examples
3rd December 2017
In 2017, an automated facial recognition dispenser was installed in one of the busiest toilets in Beijing in order to prevent theft of toilet paper rolls, chiefly by elderly residents. Would-be users must remove hats and glasses and stand in front of a high-definition camera for three seconds in order to receive a 60cm length. Users have complained of software malfunctions that force them to wait, the lack of privacy, and difficulty getting the machines to work. The last of these led the city…
Content type: Examples
3rd December 2017
A US House of Representatives oversight committee was told in March 2017 that photographs of about half of the adult US population are stored in facial recognition databases that can be accessed by the FBI without their knowledge or consent. In addition, about 80% of the photos in the FBI's network are of non-criminals and come from sources such as passports. Eighteen states supply driver's licences under arrangement with the FBI. In response, privacy advocates and politicians called for…
Content type: Examples
1st December 2017
Few people realise how many databases may include images of their face; these may be owned by data brokers, social media companies such as Facebook and Snapchat, and governments. The systems in use by Snap and the Chinese start-up Face++ don't save facial images, but map detailed points on faces and store that data instead. The FBI's latest system, as of 2017, gave it the ability to scan the images of millions of ordinary Americans collected from millions of mugshots and the driver's licence…
Content type: Examples
1st December 2017
By 2017, facial recognition was developing quickly in China and was beginning to become embedded in payment and other systems. The Chinese startup Face++, valued at roughly $1 billion, supplies facial recognition software to Alipay, a mobile payment app used by more than 120 million people; the dominant Chinese ride-hailing service, Didi; and several other popular apps. The Chinese search engine Baidu is working with the government of popular tourist destination Wuzhen to enable visitors to…
Content type: Examples
1st December 2017
For a period between the end of October and November 3 2016 the heating and hot water systems in two buildings in the city of Lappeenranta, Finland were knocked out by a distributed denial of service attack designed to make the systems fail. The systems responded by repeatedly rebooting the main control circuit, which meant that the heating was never working - at a time when temperatures had already dropped below freezing. Specialists in building maintenance noted that companies often skimp on…
Content type: Examples
1st December 2017
In 2015, the Swedish startup hub Epicenter began offering employees microchip implants that unlock doors, operate printers, and pay for food and drink. By 2017, about 150 of the 2,000 workers employed by the hub's more than 100 companies had accepted the implants. Epicenter is just one of a number of companies experimenting with this technology, which relies on Near Field Communication (NFC). The chips are biologically safe, but pose security and privacy issues by making it possible to track…
Content type: Examples
1st December 2017
The payday lender Wonga announced in April 2017 that a data breach at the company affected an estimated 270,000 customers, 245,000 of them in the UK and the rest in Poland. The company sent those it thought were affected messages warning that it believed there may have been illegal and unauthorised access to some of the data in their accounts. Wonga was already controversial because of the high rates of interest in charged, and findings by the UK's financial regulator that it had made loans to…