Search
Content type: Examples
In 2016, the US Federal Trade Coimmission issued a warning to app developers that had installed Silverpush, software that uses device microphones to listen for audio signals inaudible to the human ear that identify the television programmes they are watching. Nonetheless, similar technology continued to spread. In 2017, software from the TV data collection startup Alphonso, began to spread. As many as 1,000 gaming, messaging, and social apps using Alphonso's software, some of them aimed at…
Content type: Examples
Research from ProPublica in December 2017 found that dozens of companies, including Verizon, Amazon, and Target are using Facebook to target job ads to exclude older workers. Excluding older workers is illegal under US law, but Facebook's system allows advertisers to specify precisely who should see their ads. Verizon, for example, specified that its effort to recruit applicants for a unit focused on financial planning and analysis would run on the Facebook feeds of users 25 to 36 years…
Content type: Examples
In 2017, Amazon was granted a patent has been granted a patent, first filed in 2012, on a mechanism that allows retailers to intercept network requests such as URLs and search terms on in-store wifi and either block shoppers from conducting online price comparisons or offer them discount coupons or complementary items. The patented technology would also tell the retailer the customer's physical whereabouts so they can send a sales representative. The company's plans for this technology, which…
Content type: Examples
On September 11, 2017, while Florida residents were evacuating during the approach of Hurricane Irma, Tesla rolled out a real-time software update that increased the battery capacity of some of its Model S sedans and Model X SUVs. The update extended the vehicles' range, enabling drivers to travel further on a single charge, and was rolled out in response to requests for help from customers stuck in traffic while trying to evacuate. Tesla said the increase was temporary, and would be reversed…
Content type: Examples
A report from the University of Washington studies parents' and children's interactions with general-purpose connected devices and connected toys. There are numerous privacy issues: toy companies may collect masses of children's intimate data; the toys may enable parents to spy on their children, and criminals hacking these systems may be able to identify and locate the children. For example, the 2015 cyber attack on VTech, a children's tablet maker, exposed the personal data of 5 million…
Content type: Examples
In what proved to be the first of several years of scandals over the use of personal data in illegal, anti-democratic campaigning, in 2015 the Guardian discovered that Ted Cruz's campaign for the US presidency paid at least $750,000 that year to use tens of millions of profiles of Facebook users gathered without their permission by Cambridge Analytica, owned by London-based Strategic Communications Laboratories. Financially supported by leading Republican donor Robert Mercer, CA amassed these…
Content type: Examples
As speech recognition and language-processing software continue to improve, the potential exists for digital personal assistants - Apple's Siri, Amazon's Alexa, and Google Assistant - to amass deeper profiles of customers than has ever been possible before. A new level of competition arrived in 2016, when Google launched its Home wireless speaker into a market that already included the Amazon Echo, launched in 2014. It remained unclear how much people would use these assistants and how these…
Content type: Examples
In 2016, when security expert Matthew Garrett stayed in a London hotel where the light switches had been replaced by Android tablets, it took him only a few hours to gain access to all of the room's electronics. The steps he followed: plug his laptop into a link in place of one of the tablets; set up a transparent bridge; analyse the data traffic with WireShark to identify the protocol in use; then exploit that protocol. That protocol was Modbus, an old protocol with no authentication. Once…
Content type: Examples
By 2016, a logical direction for data-driven personalisation efforts to go was toward the "Internet of Emotions": equipping devices with facial, vocal, and biometric sensors that use affective computing to analyse and influence the feelings of device owners. Of particular concern is the potential for using subtle cues to manipulate people in a more nuanced way than is presently discussed. The beginnings of this are already visible in the example of an Amazon Echo that displayed the items a…
Content type: Impact Case Study
What is the problem
Business models of lots of companies is based on data exploitation. Big Tech companies such Google, Amazon, Facebook; data brokers; online services; apps and many others collect, use and share huge amounts of data about us, frequently without our explicit consent of knowledge. Using implicit attributes of low-cost devices, their ‘free’ services or apps and other sources, they create unmatched tracking and targeting capabilities which are being used against us.
Why it is…
Content type: News & Analysis
This post was written by Chair Emeritus of PI’s Board of Trustees, Anna Fielder.
The UK Data Protection Bill is currently making its way through the genteel debates of the House of Lords. We at Privacy International welcome its stated intent to provide a holistic regime for the protection of personal information and to set the “gold standard on data protection”. To make that promise a reality, one of the commitments in this government’s ‘statement of intent’ was to enhance…
Content type: Examples
In 2017, when user Robert Martin posted a frustrated, disparaging review of the remote garage door opening kit Garadget on Amazon, the peeved owner briefly locked him out of the company's server and told him to send the kit back. After complaints on social media and from the company's board members, CEO Denis Grisak reinstated Martin's service. The incident highlighted the capricious and fine-grained control Internet of Things manufacturers can apply and the power they retain over devices…
Content type: Examples
In 2017, Uber began a programme experimenting with using psychology and social science insights to influence when, where, and how long its drivers work. Among other techniques, Uber auto-loaded the next fare to encourage the driver equivalent of binge TV-watching; reminded drivers when they're close to their earnings targets to keep them from logging off; and used game-style graphics and small-value awards to keep drivers at the wheel. The company also had male managers adopt female…
Content type: Case Study
Our connected devices carry and communicate vast amounts of personal information, both visible and invisible.
What three things would you grab if your house was on fire? It’s a sure bet your mobile is going to rank pretty high. It’s our identity, saying more about us than we perhaps realise. It contains our photos, calendar, internet browsing, locations of where we go, where we’ve been, our emails, social media. It holds our online banking, notes with half written poems, shopping lists, shows…
Content type: News & Analysis
The past few years have seen a huge rise in the number of attacks both active and passive, against organisations big and small. Attacks against organisations happen for a multitude of reasons: extortion via "ransomware", exfiltration of commercial secrets, or just "the lulz". While this can be crippling to a commercial business, it can potentially be devastating to an NGO, especially those which work to hold powerful institutions to account. The types of information held by such NGOs could…
Content type: Press release
A European privacy group claimed today that dozens of amendments to the new Data Protection Regulation being proposed by Members of the European Parliament (MEPs) are being copied word-for-word from corporate lobby papers, with MEPs frequently failing to even remember their own amendments. Max Schrems, of the website and campaign Europe v Facebook, noticed striking similarities between proposed amendments and lobby papers written by representatives of Amazon, eBay, the American Chamber of…
Content type:
… our personal data Whether 'big tech’ companies like Google, Amazon and Facebook, or surveillance tech firms and data …
Content type:
… AMAZON / IROBOT European Commission Case M.10920 Status: Open ## Background In August 2022, Amazon announced that they had entered into a definitive … outamazon.com/2022/8/amazon-and-irobot-sign-an-agreement-for-amazon-to-acquire-irobot) to acquire iRobot, a company that …
Content type:
… disclose the full, unredacted contract between itself and Amazon. In a Freedom of Information request dated 8 October … 2019, PI sought to obtain the contract between the DHSC and Amazon. A redacted version was provided on 5 November 2019. … result in prejudice to its commercial interests, as well as Amazon’s. PI challenged the DHSC’s refusal to disclose …