Search
Content type: Examples
MBDA’s start-up NEODE Systems has secured its first major contract from France’s defense procurement agency (Direction Générale de l’Armement) to enhance the Akeron MP missile system with AI-driven capabilities. The project will test a decision-support tool designed to boost surveillance, targeting, identification and engagement performance for beyond-line-of-sight missions.https://www.army-technology.com/news/neode-akeron-mp-contract/Publication: Army Technology
Content type: Examples
The NATO Support and Procurement Agency (NSPA) has ordered Carl-Gustaf M4 weapon systems and munitions from Swedish defense firm Saab on behalf of the Netherlands and France to support ground combat modernization. The contract includes advanced ammunition types and will begin delivery in 2025. This order builds on a €176 million framework agreement since 2022 and highlights ongoing collaboration between Saab, NSPA, and NATO member states.https://defence-industry.eu/nspa-orders-carl-gustaf-m4-…
Content type: News & Analysis
As the New York Times reports the health programmes are being cut by USAID cuts, the US Government declares them as “inconsistent with the national interest or agency policy priorities.” Sadly at PI we know the kind of foreign aid that governments believe are in the national interest: surveillance funding.We’re alarmed by aid budgets being cut by governments world-wide. People will be hurt, and people will die.And while most of the news has been dominated by the US’s cuts, the UK and France…
Content type: Long Read
Intrusive surveillance technology is increasingly used during protests around the world, and we’ve been tracking its use around the world for years.This technology is often being deployed in secret, without a clear legal basis and without the safeguards and oversight applied to other surveillance technologies under international human rights law.We’ve increasingly observed the use of unlawfully generated and collected data from these technologies being used in court against people exercising…
Content type: Examples
Uber has been fined €290 million in the Netherlands for sending European taxi drivers' data to the US without appropriate safeguards in violation of the EU's GDPR. The Dutch data protection authority, which adjudicated a complaint originally filed in France on behalf of more than 170 drivers there, says Uber has since stopped the practice. Uber contests this decision; the appeal is expected to take four years. Earlier in 2024, the authority also fined Uber €10 million for infringing privacy…
Content type: Long Read
IntroductionIn early October this year, Google announced its AI Overviews would now have ads. AI companies have been exploring ways to monetise their AI tools to compensate for their eye watering costs, and advertising seems to be a part of many of these plans. Microsoft have even rolled out an entire Advertising API for its AI chat tools.As AI becomes a focal point of consumer tech, the next host of the AdTech expansion regime could well be the most popular of these AI tools: AI chatbots.…
Content type: Long Read
Table of contentsIntroductionWeighing the (potential) benefits with the risksPrivacy rights and the right to healthThe right to healthPrivacy, data-protection and health dataThe right to health in the digital contextWhy the drive for digitalImproved access to healthcarePatient empowerment and remote monitoringBut these same digital solutions carry magnified risks…More (and more connected) dataData leaks and breachesData sharing without informed consentProfiling and manipulationTools are not…
Content type: Video
Links - Read more about PI's work on encryption- Matt Blaze and crypto.com; you can now find Matt at mattblaze.org - More about ITAR and the export of cryptography- More about France's ban on encryption ending in this 1999 article from the Register- More about the Data Encryption Standard - Find out more about the Clipper Chip or take a look at this NY Times article from 1994 (paywalled)- Matt Blaze's flaw in the Clipper Chip- NSA Data Center and NSA holding data- An…
Content type: Long Read
Sports are a huge part of daily life for billions around the world, a fundamental aspect of the rich tapestry of the human experience.Attending a major sporting event can be a formative experience in someone’s life, as a place to share in a communal culture.Increasingly we have seen surveillance, and especially mass surveillance measures, being introduced at sports events impeding the enjoyment particularly of the right to privacy and right to participate in sporting life.When we saw that the…
Content type: Examples
The Dutch data protection authority has fined Uber €10 million for failing to inform drivers how long it retains their data or how it secures it when sending it to countries outside the EEA, and hindering drivers' access to their data by making requests unnecessarily complicated. The fine follows a complaint filed by 170 French drivers with a human rights organization, which complained to the French data protection authority, which forwarded It to the Netherlands, where Uber has its European…
Content type: Examples
Uber Eats delivery drivers in northern French cities went on strike on October 22, 2023 to protest falling wages since the platform changed its policies to effectively reduce its per-kilometre compensation. Drivers complain the platform is less transparent since the changes.https://actu.fr/economie/livreurs-uber-eats-en-greve-dans-le-nord-ils-denoncent-une-baisse-de-leur-remuneration_60249320.html Publication: Lille Actu
Content type: Examples
French data protection agency CNIL has fined Amazon's French warehouse management unit €32 million, or about 3% of its turnover, for its "excessively intrusive" surveillance of the performance of its thousands of staff. The system relied on data collected from the scanners warehouse staff use to process packages. CNIL said the surveillance placed workers under continuous pressure and forced them to justify absences, as the scanners timed inacctivity to the second and also penalised workers for…
Content type: Examples
In preparing to host COP28, the UAE, where individuals may be prosecuted for unauthorised protests, speech deemed to spark or encourage social unrest, or offending foreign states, said it would designate areas of the site where it would permit demonstrations. Campaigners remained concerned that protesters on human rights and environmental issues would be arrested, detained, or surveilled, especially digitally. Guidelines published on the UN's COP28 website and drafted by the UAE's team reminded…
Content type: Report
Over the past years, data retention regulation imposing generalised and indiscriminate data retention obligations to telecommunication companies and Internet service provides has been introduced in various jurisdictions across the world. As the data retention practices across the world have evolved this new report is an attempt to shed some light on the current state of affairs in data retention regulation across ten key jurisdictions. Privacy International has consulted with human…
Content type: Examples
An administrative court in Montreil, France issued a preliminary ruling ordering the Paris-based Distance Learning Institute to suspend its use of the e-proctoring platform TestWe, which uses facial recognition and algorithmic analysis to monitor students.Video and sound analysis track students' eye movements and their surroundings, a practice the court ruled disproportionate. The case was brought by a group of students represented by La Quadrature du Net and casts doubt on the legality of…
Content type: Examples
Four French trade unions representing drivers signed an agreement with ride-hailing platforms to provide drivers with a minimum income and provide greater transparency regarding suspending and terminating drivers. Platforms must now give drivers a chance to respond before deactivating their accounts and must provide compensation based on previous income if an account's suspension proves unjustified. https://www.bfmtv.com/economie/entreprises/vtc-nouvel-accord-entre-plateformes-et-syndicats…
Content type: Long Read
IntroductionData about our health reveals some of the most sensitive, intimate - and potentially embarrassing - information about who we are. Confidentiality is, and has always been, at the very heart of medical ethics. People need to be able to trust their doctors, nurses and other healthcare providers so that they are not afraid to tell them something important about their health for fear of shame, judgement or social exclusion.It’s no surprise then that data protection regimes around…
Content type: Examples
Authorities in Germany and France are using legal powers intended for use against organised crime and extremist groups to crack down on direct action protests intended to spur public action against climate change. State authorities in Germany are preventively detaining protesters, in one case holding an individual for 30 days without charge. In France, lawmakers passed new surveillance and detection laws, and in UK legislation has made it illegal to lock or glue yourself to physical…
Content type: Long Read
Why does this decision matter?
Our complaint against Criteo formed part of a larger set of coordinated complaints we filed in 2018 against 7 data brokers (Acxiom, Oracle), AdTech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France (CNIL), Ireland, (DPC) and the UK (ICO). The EU General Data Protection Regulation (GDPR) had recently come into force, and the AdTech industry was (and still is) a prime affront to the…
Content type: Long Read
In 2022, Privacy International continued to produce real change by challenging governments and corporations that use data and technology to exploit us. And, we produced substantial impact that directly affects each of us.
Here are a handful of our biggest achievements in 2022.
WE CHALLENGED COMPANIES TO CHANGE THEIR BUSINESS MODELS AND PRACTICES
Regulators in UK, France, Greece, and Italy fined and restricted Clearview AI’s activity
Clearview AI built a massive database of our biometrics, by…
Content type: Examples
The French minister of national education and youth has advised schools not to use the free versions of Microsoft Office 365 and Google Workspace because French public procurement contracts require payment. Paid versions may be allowed if they do not violate data protection rules, including a 2020 French ruling that cloud services that store data in the US are not compliant with GDPR.
https://www.theregister.com/2022/11/22/france_no_windows_google/
Writer: Thomas Claburn
Publication: The…
Content type: Examples
In a preliminary ruling, the administrative court of Montreuil suspended the use of algorithmic e-proctoring software called TestWe after students at the Institute of Distant Study of the University of Paris 8 brought a legal case, assisted by La Quadrature du Net. The plaintiffs argued that the software failed to comply with GDPR because the software failed to comply with data minimisation standards and its visual and audio surveillance was disproportionate to the intended purpose. A final…
Content type: Report
PI has been fighting against police using intrusive & disproportionate surveillance technologies at protests around the world for years. Unregulated surveillance and indiscriminate intrusions on our privacy have a chilling effect on the right to freedom of assembly.
We've fought to uncover the types of technologies that police secretly deploy at protests, and we have detailed how protesters around the world can try to protect their intimate and sensitive data from being captured by the…
Content type: Long Read
Last update: 26 April 2023
In 2022, Privacy International continues to produce real change by challenging governments and corporations that use data and technology to exploit us.
We know life moves quickly. So, we wanted to keep you in the loop and ensure you don’t miss out on how we’re changing the world for the better.
That’s why we’ve created this highlight reel of our wins in the past year.
Take a look below!
PS: To continue to do this, and more, into 2023, we need your support. We…
Content type: Advocacy
The European Union Artificial Intelligence Act (AI Act) will regulate the development and use of ‘high-risk’ AI, and aims to promote the uptake of ‘trustworthy AI’ whilst protecting the rights of people affected by AI systems.
However, in its original proposal, the EU AI Act does not adequately address and prevent the harms stemming from the use of AI in the migration context. Whilst states and institutions often promote AI in terms of benefits for wider society, for marginalised communities,…
Content type: Report
Introduction
Several policy initiatives are in progress at the EU level. They seek to address the sustainability of connected devices such as smartphones, tablets and smart speakers. While initiatives to extend the useful life of hardware are important, software must not be ignored. Almost any digital device with which we interact today relies on software to function, which acts as a set of instructions that tells the hardware what to do. From smart thermostats to smart speakers, to our…
Content type: Press release
A YouGov survey commissioned by PI shows that consumers expect their smartphones, computers, smart TVs and gaming consoles to receive security updates for a much longer period than what several manufacturers actually provide, leaving consumers with expensive tech that is vulnerable to cyberattacks.
The majority of consumers in the survey assumed their devices would be protected beyond two years, but current industry practices fail to meet these expectations. PI investigated the software…
Content type: Advocacy
We, the undersigned civil society organizations and individuals, urge the World Bank and other international organizations to take immediate steps to cease activities that promote harmful models of digital identification systems (digital ID).
The signatories of this letter are located in different countries, work with diverse communities, and bring a wide range of expertise. Among this group, there are many shared concerns and similar experiences documenting the harmful impacts…
Content type: Advocacy
In our submission we outline our concerns with the industry as a result of extensive technical research and complaints taken to data protection authorities in Europe as a result.
Data brokers must specifically be included in "actors in scope."
We recommend that "data brokers" are specifically included in the list of "actors in scope". A data broker is a company that collects, buys and sells personal data and this is often how they earn their primary revenue. It is a term that is entering…
Content type: Report
Privacy International’s submissions for the Independent Chief Inspector of Borders and Immigration inspection of the Home Office Satellite Tracking Service Programme
The Home Office have introduced 24/7 electronic monitoring and collection of the location data of migrants via GPS ankle tags. This seismic change cannot be overstated. The use of GPS tags and intention to use location data, kept for six years after the tag is removed, in immigration decision-making goes far beyond the mere…