Search
Content type: Press release
Consumer groups, NGOs and industry call jointly for the Council of the EU to advance ePrivacy reform
On Monday 3 December, a coalition of more than 30 consumer groups, NGOs and industry representatives sent a letter to EU Ministers and the Council of the EU calling for the conclusion of the negotiations on the reform of the ePrivacy legislation.
The letter was sent prior to yesterday's (4 December) meeting in the TTE Council, with signatories sharing concerns over the slow progress of the negotiations in the Council of the EU despite the repeated scandals that demonstrate the clear and…
Content type: News & Analysis
We found this here.
The European Union’s new privacy law, the General Data Protection Regulation, or GDPR, is being tested across Europe. The first GDPR privacy case in Romania began with an investigation that was published on November 5 about a corruption scandal involving a politician and his close relationships to a company being investigated for fraud. The Romanian data protection authority (ANSPDCP) sent a series of questions to the journalists who authored the article and asked for…
Content type: News & Analysis
Email addresses
Acxiom: [email protected]
Criteo: [email protected]
Equifax: [email protected]
Experian: [email protected]
Oracle: https://oracle.ethicspointvp.com/custom/oracle/dp/en/form_data.asp
Quantcast: [email protected] cc: [email protected]
Tapad: [email protected]
Letter for Acxiom and Oracle
subject line: Right to Erasure Request
I am concerned your company exploits my data.
In accordance with my right[s] under the General Data…
Content type: News & Analysis
Our team wanted to see how data companies that are not used to being in the public spotlight would respond to people exercising their data rights. You have the right under the EU General Data Protection Regulation ("GDPR") to demand that companies operating in the European Union (either because they are based here or target their products or services to individuals in the EU) delete your data within one month. We wrote to seven companies and requested that they delete our data, and we've made…
Content type: Press release
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. Privacy International urges the data protection authorities to investigate these companies and to protect individuals from the mass exploitation of their data.
Our complaints target companies that, despite exploiting the data of millions of…
Content type: Long Read
It’s 15:10 pm on April 18, 2018. I’m in the Privacy International office, reading a news story on the use of facial recognition in Thailand. On April 20, at 21:10, I clicked on a CNN Money Exclusive on my phone. At 11:45 on May 11, 2018, I read a story on USA Today about Facebook knowing when teen users are feeling insecure.
How do I know all of this? Because I asked an advertising company called Quantcast for all of the data they have about me.
Most people will have never heard of…
Content type: News & Analysis
Image attribution: By Blue Diamond Gallery CC BY-SA 3.0.
In March 2017, when the UN Human Rights Council requested the High Commissioner for Human Rights to prepare a report on the right to privacy in the digital age, including the responsibility of business enterprises, Cambridge Analytica was an obscure company among others. A year later the data exploitation scandal erupted, leading to plenty of soul searching by politicians in US, UK, Europe and elsewhere, pledges of…
Content type: News & Analysis
“The gathering and holding of personal information on computers, data banks, and other devices, whether by public authorities or private individuals or bodies, must be regulated by law.”
- UN Human Rights Committee, General Comment No. 16, 1988
Underpinning the obligations of those who process personal data, both public and private institutions, the grounds on which they may do so, and the rights of individuals, there are various data protection principles…
Content type: Long Read
National and International civil society organisations (CSOs) play vital roles in many aspects of our societies as watchdogs of state powers, as representatives of the voices of the people, as experts to inform and educate an array of stakeholders.
One of our key lessons learned from three decades of work, including 10 years with the Privacy International Networkto build a global privacy movement,promoting and advocating for the highest privacy and data protection safeguards has been…
Content type: News & Analysis
This month Brazil adopted a new data protection law, joining the ranks of more than 120 countries which have adopted such legislation, providing individuals with rights against the exploitation of their personal data. But after a veto from the Brazilian president, the law lacks an independent authority in charge of its application, which can severely undermine its impact.
When drafting data protection bills, one of the most important and often politically contentious issue tends to be their…
Content type: News & Analysis
Privacy International and other European civil society organisations write to European member states to urge them not to water down the e-Privacy proposal. We need more than ever strong regulation to protect the security and privacy of our digital communications, to protect us from being tracked online and to ensure that all our digital devices are set up with privacy by design and by default.
Content type: News & Analysis
This piece originally appeared here.
The tech industry is ramping up its attack and promulgation of myths around the ePrivacy regulation, as shown by Julia Apostle’s op-ed “We survived GDPR, but now another EU privacy law looms” (June 14). Let’s set the record straight.
Myth #1: the ePrivacy regulation will be detrimental for innovation. This predictable and tired argument is made anytime companies face regulation. It is particularly fallacious in this case. The aim of the ePrivacy regulation…
Content type: News & Analysis
While the worlds’ attention, the world’s humour, including a dedicated playlist of 89 songs on Spotify, were on the coming into force of EU’s General Data Protection Regulation (GDPR) on 25th May, the UK’s Data Protection Act 2018 (DPA 2018) that received Royal Assent only two days previously had barely received a few column inches in the mainstream press.
However, the substance of the debates in parliament during the passage of this Act has received wide…
Content type: News & Analysis
We found the image here.
As the hype around the EU General Data Protection Regulation’s entry into force begins to die down, confidentiality of digital communications in Europe is facing a new challenge.
On one side, companies are lobbying to prevent the finalisation of the proposal for a new e-privacy regulation to protect privacy of communications and prevent unauthorised access to the data stored on devices, and the tracking of individual’s behaviour online.
On the other, a group…
Content type: Long Read
The European Union's new data privacy law (General Data Protection Regulation, better known as GDPR) takes effect today May 25th, 2018, after a two-year transition period. Despite some companies appearing to believe otherwise, and many articles misrepresenting its contents, the GDPR will have a significative impact beyond the European Union, and it will extend many of its data privacy safeguards to users’ data globally.
There are a number of reasons that explain this impact:
Obligations…
Content type: Press release
On the day that GDPR comes into force, PI has launched a campaign investigating a range of data companies that make up a largely hidden data ecosystem. This hidden data ecosystem is comprised of thousands of non-consumer facing data companies - such as Acxiom, Criteo, Quantcast - that amass and exploit large amounts of personal data. Using the rights and obligations provided for within the new data privacy law, PI's campaign involves investigating a selection of these companies whose business…
Content type: Long Read
Privacy and data protection are fundamental rights. When respected they help improve trust and reduce power imbalances. Individuals should have rights over their personal data, regardless of who holds or processes it, and effective ways to enforce those rights, through independent bodies.
While not an ideal solution, GDPR gives individuals more control over their personal data. Rather than burdening individuals with managing and protecting their data, the onus will be on the companies to do so…
Content type: Press release
WASHINGTON, D.C. – U.S. companies should adopt the same data protection rules that are poised to go into effect in the European Union on May 25, Public Citizen, the Center for Digital Democracy and Privacy International said today.
In a sign-on letter, 28 groups are calling on some of the world’s largest companies – including Facebook, Google and Amazon, as well as digital advertisers like Nestle, Walmart and JPMorgan Chase – to use Europe’s impending General Data Protection Regulation (GDPR…
Content type: Press release
Tomaso Falchetta, PI's Head of Advocacy and Policy team said:
"The adoption of the Data Protection Act represents an important reform which strengthens the rights of individuals and increases obligations for the industry. The Act opens the way for the application of the EU General Data Protection Regulation in the UK, and regulates the processing of personal data by companies, public authorities, law enforcement, and intelligence agencies. PI particularly welcome increased powers for the…
Content type: Press release
Today, as the Data Protection Bill reaches its final stages, Privacy International has written to the leaders of the main UK political parties asking for public commitment to not use the exemption provided in the Bill to target voters - both online and offline - in all local and national forthcoming elections or by-elections.
Privacy International has long been concerned about the exploitation of peoples’ data and the opaque data ecosystem, and the impact of such practices on the democratic…
Content type: News & Analysis
En el 2011 se liquidó el DAS. Las violaciones, excesos y abusos de la inteligencia estatal que comenzaban por la intimidad y terminaban con la vida de los ciudadanos habían producido condenas judiciales a varios exdirectores: claro indicador de que se necesitaba un cambio. Siete años ha tenido el Estado colombiano para ordenar la casa y esta semana someterá sus récords de derechos humanos al examen de los miembros de Naciones Unidas. La evaluación analizará, entre otros…
Content type: News & Analysis
Los frecuentes escándalos sobre el abuso de la vigilancia estatal en actividades de inteligencia, la exagerada obligación legal que tienen las empresas de telefonía de retener los datos de las comunicaciones de sus usuarios por cinco años o la manera como se diluye el concepto de privacidad en el Código de Policía serán parte del examen que se haga en el seno de la ONU sobre la forma como Colombia cumple sus compromisos de derechos humanos.
Dirigido por los Estados y con el auspicio del…
Content type: News & Analysis
In the lead-up to the 30th session of the Universal Periodic Review which took place on 10 May 2018, Fundación Karisma, a partner organisation in the Privacy International Network, joined a coalition of civil society groups in Colombia to raise more awareness about the country's human rights record.
As part of the joint effort, the coalition produced factsheets on various human rights in the Colombian context, including the right to privacy. It is available in both English and Spanish.
Content type: Long Read
Hasn't Facebook said it would give European data protection to all of their users?
Yes, but only in very vague language. In an initial reaction to the Cambridge Analytica scandal, Mark Zuckerberg declared that Facebook would apply the EU General Data Protection Regulation (GDPR) “in spirit” to their 2 billion users worldwide. When questioned by members of the US Congress, Zuckerberg declared that "[a]ll the same controls will be available around the world". Representative Green sought…
Content type: News & Analysis
El 10 de mayo de 2018, en el marco del 30º período de sesiones del Examen Periódico Universal (EPU) en el Consejo de Derechos Humanos de las Naciones Unidas, toca la revisión de Colombia, lo que es una oportunidad Colombia y otros Estados para declarar qué acciones han tomado para mejorar la situación de derechos humanos en sus propios países, para cumplir sus obligaciones internacionales en la materia.
Colombia se encuentra actualmente en un punto de inflexión, debido al proceso de transición…
Content type: News & Analysis
Today, the Transatlantic Consumer Dialogue (TACD) sent a letter to the CEO of Facebook, Mark Zuckerberg, urging Facebook to adopt the General Data Protection Regulation (GDPR) as a baseline standard, not just for EU consumers as it is required, but for all Facebook services.
The letter comes ahead of Facebook Chief Executive Officer, Mark Zuckerberg’s, appearance before congressional committee over Cambridge Analytica’s misuse of customer data to interfere in the U.S. presidential election.…
Content type: Long Read
As we said before, Facebook and Cambridge Analytica scandals are a wake-up call for policy makers. And also a global issue. People around the world are concerned by the exploitation of their data. The current lack of transparency into how companies are using people’s data is unacceptable and needs to be addressed.
There is an entire hidden ecosystem of companies harvesting and sharing personal data. From credit scoring and insurance quotations to targeted political communication, this…
Content type: Long Read
Today Privacy International together with 27 other organisations from across Europe urge European governments to strengthen the protection of privacy and security of online communications. The proposal to reform e-privacy in Europe was launched in January 2017. However, despite the clear and urgent need of this reform, recently demonstrated by the Facebook/Cambridge Analytica case, the negotiations by EU member states have been inconclusive. Worse still, some governments seem willing to…
Content type: Long Read
The ongoing Facebook and Cambridge Analytica scandal is a wake-up call for UK policy-makers who too often encourage and promote digital industries over the protection people’s personal data. The scandal has shown that the public is concerned by companies’ exploitation of their data. The current lack of transparency into how companies are using people’s data is unacceptable and needs to be addressed.
Reform should not be limited to the behaviour of individual companies. Consumers are confronted…
Content type: Long Read
To celebrate International Data Privacy Day (28 January), PI and its International Network have shared a full week of stories and research, exploring how countries are addressing data governance in light of innovations in technology and policy, and implications for the security and privacy of individuals.