Search
Content type: News & Analysis
8th July 2019
By Ailidh Callander, Legal Officer
This piece first appeared in the 500th edition of the Scottish Legal Action Group Journal (2019 SCOLAG (500, June) 124
Political scandal, stronger regulation on privacy but what about social protection?
In an increasingly digitalised and data driven world, an era of government and corporate mass data exploitation, the right to privacy and data protection and what this means in practice is more important than ever. Surveillance is a power generator and…
Content type: News & Analysis
30th April 2019
The first half of 2018 saw two major privacy moments: in March, the Facebook/ Cambridge Analytica scandal broke, followed in May by the EU General Data Protection Regulation ("GDPR") taking effect. The Cambridge Analytica scandal, as it has become known, grabbed the attention and outrage of the media, the public, parliamentarians and regulators around the world - demonstrating that yes, people do care about violations of their privacy and abuse of power. This scandal has been one of many that…
Content type: News & Analysis
30th April 2019
This piece was first published in GDPR today in March 2019.
Elections, referendums and political campaigns around the world are becoming ever more sophisticated data operations. This raises questions about the political use and abuse of personal data. With the European Union elections fast approaching and numerous national and local elections taking place across EU Member States, it is essential that the legal frameworks intended to protect our personal data do just that.
Member State laws…
Content type: News & Analysis
18th February 2019
Privacy International welcomes the focus on data and privacy contained in the final report by the UK House of Commons Digital, Culture, Media and Sport Committee (DCMS) on Disinformation and ‘fake news’. Beyond our control, companies and political parties have banded together to exploit our data. This report establishes essential steps to remedying this downward spiral. An important part of the democratic process is freedom of expression and right to political participation, including the right…
Content type: News & Analysis
8th November 2018
Email addresses
Acxiom: dataprotection@acxiom.com
Criteo: dpo@criteo.com
Equifax: complaints@equifax.com
Experian: customerservices@uk.experian.com
Oracle: https://oracle.ethicspointvp.com/custom/oracle/dp/en/form_data.asp
Quantcast: privacy.qil@quantcast.com cc: dpo@quantcast.com
Tapad: privacy@tapad.com
Letter for Acxiom and Oracle
subject line: Right to Erasure Request
I am concerned your company exploits my data.
In accordance with my right[s] under the General Data…
Content type: News & Analysis
8th November 2018
Our team wanted to see how data companies that are not used to being in the public spotlight would respond to people exercising their data rights. You have the right under the EU General Data Protection Regulation ("GDPR") to demand that companies operating in the European Union (either because they are based here or target their products or services to individuals in the EU) delete your data within one month. We wrote to seven companies and requested that they delete our data, and we've made…
Content type: Press release
8th November 2018
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. Privacy International urges the data protection authorities to investigate these companies and to protect individuals from the mass exploitation of their data.
Our complaints target companies that, despite exploiting the data of millions of…
Content type: News & Analysis
13th June 2018
While the worlds’ attention, the world’s humour, including a dedicated playlist of 89 songs on Spotify, were on the coming into force of EU’s General Data Protection Regulation (GDPR) on 25th May, the UK’s Data Protection Act 2018 (DPA 2018) that received Royal Assent only two days previously had barely received a few column inches in the mainstream press.
However, the substance of the debates in parliament during the passage of this Act has received wide attention in the UK, linking…
Content type: Press release
23rd May 2018
Tomaso Falchetta, PI's Head of Advocacy and Policy team said:
"The adoption of the Data Protection Act represents an important reform which strengthens the rights of individuals and increases obligations for the industry. The Act opens the way for the application of the EU General Data Protection Regulation in the UK, and regulates the processing of personal data by companies, public authorities, law enforcement, and intelligence agencies. PI particularly welcome increased powers for the…
Content type: Press release
15th May 2018
Today, as the Data Protection Bill reaches its final stages, Privacy International has written to the leaders of the main UK political parties asking for public commitment to not use the exemption provided in the Bill to target voters - both online and offline - in all local and national forthcoming elections or by-elections.
Privacy International has long been concerned about the exploitation of peoples’ data and the opaque data ecosystem, and the impact of such practices on the democratic…
Content type: News & Analysis
9th January 2018
This post was written by Chair Emeritus of PI’s Board of Trustees, Anna Fielder.
The UK Data Protection Bill is currently making its way through the genteel debates of the House of Lords. We at Privacy International welcome its stated intent to provide a holistic regime for the protection of personal information and to set the “gold standard on data protection”. To make that promise a reality, one of the commitments in this government’s ‘statement of intent’ was to enhance people’s enforcement…
Content type: News & Analysis
3rd November 2017
This piece was written by PI Legal Office Millie Graham Wood.
“The UK is leading the way on modern data protection laws and we have worked closely with our EU partners to develop world leading data protection standards”[1] according to, Matt Hancock MP, Minister of State for Digital. However, the proposals in the UK Data Protection Bill continue and expand a highly secretive system which allows processing of personal data to be exempt from key safeguards and fundamental protections on…
Content type: Press release
23rd October 2017
Key points
Privacy International surveyed 21 EU member states' legislation on data retention and examined their compliance with fundamental human rights standards
0 out of the 21 States examined by PI are currently in compliance with these standards (as interpreted in two landmark judgements by the Court of Justice of the European Union: Tele-2/Watson and Digital Rights Ireland)
Privacy International is calling for:
EU member states to review their legislation on data retention and, if…
Content type: Press release
1st October 2017
While welcoming the objective of the Bill, Privacy International has sent a briefing to the House of Lords and a letter to Minister of State for Digital, Matt Hancock MP, outlining key concerns and recommendations. The Bill's stated aim is “to create a clear and coherent data protection regime”, and to update the UK data protection law, including by bringing the EU General Data Protection Regulation (GDPR) and the Data Protection Law Enforcement Directive (DPLED) - into the UK domestic system.…
Content type: News & Analysis
21st January 2014
Big data consists mainly of data that is openly available, created and stored. It includes public sector data such as national health statistics, procurement and budgetary information, and transport and infrastructure data. While big data may carry benefits for development initiatives, it also carries serious risks, which are often ignored. In pursuit of the promised social benefits that big data may bring, it is critical that fundamental human rights and ethical values are not cast aside.…
Content type: News & Analysis
11th July 2013
It is a long-standing privacy principle that an individual should have access to their personal information. This is particularly necessary in healthcare - after all there is nothing more personal than health information.
As the mass digitisation of health records increases, many issues arise about this access right. The right of 'subject access' comes with its own complexities. One challenge is that individuals can sometimes be compelled to conduct subject access requests in order to share…
Content type: News & Analysis
31st May 2013
Compulsory data on every state school pupil in the country can now be used for research “promoting the education or well-being of children in England”, according to UK Department for Education.
The Department’s response to the highly worrying National Pupil Database (NPD), released in late May, is far narrower than previously suggested late last year, with none of the deeply troubling aspects being included in the final proposals, and existing definitions of terms remaining unchanged.
The…
Content type: News & Analysis
8th May 2013
Privacy International welcomes the absence of a Communications Data Bill in the Queen's Speech. The Communications Data bill was originally set to significantly expand the powers of communications surveillance in the UK and set another bad standard globally. Because of the work by Parliamentarians, a concerted effort by civil society groups and some within industry, this expansion was avoided, for now. However the Queen's Speech did include a mention of new proposals:
In relation to the…
Content type: News & Analysis
26th April 2013
We very much welcome today's announcement by Health Secretary Jeremy Hunt that people will be allowed to opt out of having their medical records shared in the NHS England centralised information bank.
The move is an important one for data privacy and patient choice, and has been a key objective of Privacy International in our collaboration with the new medConfidential (which launched yesterday). A month ago, NHS England (and the Director of Patients and Information) was refusing to offer any…
Content type: News & Analysis
21st April 2013
Privacy International welcomes the news that the UK NHS Data Spine is being replaced. We have fundamental privacy concerns about the existing infrastructure, and the proposed changes have the potential to enable the necessary privacy protections to be implemented in a meaningful way.
Core elements of the NHS Spine, the technological infrastructure underpinning the Service that cost the Government over £12 billion pounds, will be have to be replaced after numerous failures. The interfaces…
Content type: News & Analysis
27th March 2013
"This judgment exposes the widespread and sinister nature of police surveillance of ordinary members of the public in this country. It also acts as a safeguard against the creeping criminalisation of peaceful protest. The Association of Police Officers and Metropolitan Police Commissioner have sanctioned this unlawful conduct for almost a decade and must be made accountable”.
Last week three of the country’s most senior judges in the Court of Appeal found that the Association of Chief Police…
Content type: News & Analysis
Court Of Appeal Tells UK Government That Criminal Records Bureau Checks System Breaches Human Rights
13th January 2013
Yesterday the Court of Appeal delivered its judgment in the case of R (on the application of T) v Chief Constable of Greater Manchester & Others concerning the operation of the criminal records check system. The court was considering three cases that hinged on the same question: whether or not the blanket requirement on those applying for jobs involving contact with children and vulnerable adults (approximately four million people each year) to disclose all past convictions, cautions and…
Content type: News & Analysis
18th December 2012
A full analysis of the UK Information Commissioner's "Anonymisation code of practice: managing data protection risk" will take time and working knowledge of how the code is used in practice.
At the launch, the ICO signalled that while they believed the code was now up to scratch, they were open to additions and clarifications given that it is the first document of its kind in the world. We applaud them for this; the code is likely to be copied internationally, so it is particularly important…
Content type: News & Analysis
10th November 2012
We welcome the Informational Commissioner's intention to produce guidance for data controllers around the production of Open Data. Rigorous guidance is sorely needed in this area, with even large Government departments getting it dangerously wrong. Some data can be released safely in some circumstances; depending on the type and there has been sufficient consideration of the nuance of the situation. Adequate anonymisation is exceptionally difficult, and reidentification is possibly using subtle…
Content type: News & Analysis
10th September 2012
As part of the government’s ambitious Open Data programme, the Cabinet Office announced last year that data from the National Pupil Database (NPD) will be made freely available and accessible to all. The NPD, previously only available to researchers on an academic licence, contains a record for every single state school pupil in the country, covering educational attainment from reception to sixth form, as well as characteristics such as attendance, ethnic background and free school meal…
Content type: News & Analysis
17th August 2012
In the PI office, we have daily debates about which platforms to use for our organizational operations. As a privacy charity, we are naturally concerned about the integrity of our own information services and resources, but we frequently receive queries about the best technologies to use from a variety of other organizations, some with very complex threat models.
The sad fact is that we are all poorly served by the range of services currently available. We worry that there is a significant…
Content type: News & Analysis
6th February 2012
News emerged today that the new National Crime Agency will be completely exempt from Freedom of Information laws, creating a ‘cloak of secrecy’ around the organization.
The National Crime Agency (NCA), the government’s proposed successor to the Serious and Organised Crime Agency (SOCA), will target organized crime, fraud, child exploitation and smuggling. Described in the media as an ‘FBI-style’ intelligence agency, the NCA is proposed to become fully operational in December 2013.
But despite…
Content type: News & Analysis
10th October 2011
Prime Minister David Cameron may not be quite the “pitiless blank-eyed hell wraith” Charlie Brooker portrayed in yesterday’s Guardian, but he does have some pretty frightening ideas about the Internet. This morning the Prime Minister announced, at a meeting with the Christian charity Mother’s Union, that four of the UK’s biggest ISPs will henceforth require users to opt in if they want to view pornographic material – thereby creating a commercially-owned and controlled database of porn-watching…
Content type: Press release
27th September 2011
Privacy International today published documentation that establishes a deliberate cover-up by the UK Information Commissioner’s Office (ICO) of a failure to uphold its responsibility to enforce the Data Protection Act.
A request under the Freedom of Information Act by PI and No-CCTV has revealed a conflict of interest in the ICO’s mandate and a fundamental failure of process within the Office. The material disclosed proves that the ICO conspired to delay the FOIA request, and attempted to…
Content type: News & Analysis
6th September 2006
Booz Allen Hamilton, Inc., a prominent defence and intelligence consulting and engineering firm, has been hired as an outside "independent" auditor of the CIA and Treasury Department's Terrorist Finance Tracking Program ("TFTP"), which monitors banking transactions made through the Society for Worldwide Interbank Financial Telecommunication (SWIFT). Though Booz Allen's role is to verify that the access to the SWIFT data is not abused, its relationship with the U.S. Government calls its…