Search
Content type: Long Read
Among the many challenges of 2020, the impact on elections around the world kept us all on the edge of our seats. 75 countries postponed national and local elections due to Covid 19. Of the elections that went ahead, we saw Covid safe measures at polling stations (South Korea led the way forward in April) an increase in postal voting (who can forget the USA, but also Poland) and political parties in Uganda conducting "virtual" campaigns as mass rallies and in person campaign meetings were…
Content type: Long Read
Political parties depend on data to drive their campaigns, from deciding where to hold rallies, which campaign messages to focus on in which area, and how to target supporters, undecided voters and non-supporters, including with ads on social media. Political parties increasingly hire private companies to do the bulk of this work, and our primary concern is how these companies use personal data to “profile” people and drive election campaigning.
As part of PI’s programme of work on Defending…
Content type: Long Read
This report is available in English.
La mayoría de los documentos nacionales de identidad y demás documentos emitidos por autoridades estatales incluyen un marcador de género. Estos marcadores suelen recibir el nombre de “marcador de sexo” aunque este término no sea preciso. La presencia de dichos marcadores, especialmente en los certificados de nacimiento, promueve el énfasis de nuestra sociedad en el género como criterio de asignación de identidades, roles y responsabilidades sociales. Al…
Content type: Long Read
Este informe está disponible en español.
Most national ID or identifying documents include a gender marker. This is often known as a 'sex marker,' even though the term is inaccurate. The presence of such markers, especially on birth certificates, contribute to our society’s emphasis on gender as a criterion for assigning identities, roles and responsibilities within society. With gender being such a determining and dominant identifier, it puts it at the centre of so many arrays of our…
Content type: Press release
Privacy International announces the launch of two reports as part of its work on Defending Democracy and Dissent.
The report Online Political Ads: A study of inequality in transparency standards builds on our 2019 research findings and delves into the adverse impacts of non-existent or limited transparency on democracy based on two case-studies developed by our partners InternetLab and ELSAM.
The report, Micro-Targeting in Political Campaigns,…
Content type: Report
This paper examines the various legal frameworks governing micro-targeting in political campaigns in six states: Canada, Brazil, France, Italy, Spain and the UK. It aims to assess national practices as well as point out gaps in their respective frameworks. The paper commences by examining how micro-targeting is defined and thereafter examines the legal provisions applicable to micro-targeting activities.
To do this in an accessible way, the paper follows and analyses the series of activities…
Content type: News & Analysis
Today, the CNIL announced fines of €100 million and €35 million for Gooogle and Amazon, respectively, for breaches of the French Data Protection Act.
The fines resulted from two separate investigations carried out by CNIL in relation to the use of cookies on the French websites of Google and Amazon.
The decision against Google
While it seems to be broadly stated that the CNIL fined Google €100 million, a more accurate statement is that the CNIL fined Google LLC (the parent company of Google’…
Content type: News & Analysis
The “EU Trust Fund for Stability and Addressing Root Causes of Irregular Migration and Displaced Persons in Africa” (EUTF for Africa) isn’t exactly headline news (and nor does it exactly roll off the tongue), but its influence is vast and will be felt for decades to come for millions of people across Africa.
Set up in the wake of the 2015 ‘migration crisis’ in Europe and largely made up of money earmarked for development aid (80% of its budget comes from development and humanitarian aid funds…
Content type: News & Analysis
Le « Fonds fiduciaire d’urgence de l’Union européenne en faveur de la stabilité et de la lutte contre les causes profondes de la migration irrégulière et du phénomène des personnes déplacées en Afrique » (le « fonds fiduciaire pour l’Afrique ») ne fait pas les grands titres (et il est plutôt difficile à retenir), mais son influence est vaste et aura des conséquences pendant plusieurs décennies sur la vie de millions de personnes sur le continent africain.
Mis en place suite à la « crise…
Content type: Long Read
Tucked away in a discrete side street in Hungary’s capital, the European Union Agency for Law Enforcement Training (CEPOL) has since 2006 operated as an official EU agency responsible for developing, implementing, and coordinating training for law enforcement officials from across EU and non-EU countries.
Providing training to some 29,000 officials in 2018 alone, it has seen its budget rocket from €5 million in 2006 to over €9.3 million in 2019, and offers courses in everything from…
Content type: Long Read
Content type: Examples
By the end of its first three weeks of availability, the French contact tracing app, “StopCovid”, had seen 1.9 million downloads. Of these, only 68 people had entered a positive COVID-19 test result, and only 14 were notified that they might have been exposed, according to the French junior minister for digital affairs, Cédric O. He attributed the app’s uninstallation by 460,000 people to a “decline in concern” about the epidemic in France.
https://www.politico.eu/article/french-contact-…
Content type: Examples
A new requirement to wear wear masks in public in order to curb the spread of the coronavirus poses a problem in France and Belgium, where laws prohibit wearing face coverings, with health as the only allowed exception.
In France, where the law was passed in 2010, between 2011 and 2017 1,830 Muslim women were fined for wearing veils and 145 were warned. The law does not state how to distinguish when face coverings are worn for health reasons rather than religious belief.
This leaves…
Content type: Examples
France has been testing AI tools with security cameras supplied by the French technology company Datakalab in the Paris Metro system and buses in Cannes to detect the percentage of passengers who are wearing face masks. The system does not store or disseminate images and is intended to help authorities anticipate future oubreaks.
https://www.theguardian.com/world/2020/jun/18/coronavirus-mass-surveillance-could-be-here-to-stay-tracking
Writer: Oliver Holmes, Justin McCurry, and Michael Safi…
Content type: Long Read
Q&A: EU's top court rules that UK, French and Belgian mass surveillance regimes must respect privacy
Content type: Press release
By treating everyone as a suspect, the bulk data collection or retention regimes engage European fundamental rights to privacy, data protection, freedom of expression, as guaranteed respectively by Articles 7, 8, and 11 of the EU Charter of Fundamental Rights.
Caroline Wilson Palow, Legal Director of Privacy International, said:
"Today’s judgment reinforces the rule of law in the EU. In these turbulent times, it serves as a reminder that no government should be above the law. Democratic…
Content type: Examples
The French data protection authority, CNIL, has examined the French contact tracing app and ruled that it is not fully compliant with the provisions of GDPR and the French data protection law. CNIL’s primary complaint was that the app transferred the news that a user had been infected to all their contacts, not just those who had been in recent proximity, and the privacy policy was insufficiently specific about the categories of data that were being processed and its recipients. Finally, the…
Content type: Examples
All migrants arriving in the UK since June have been ordered to quarantine, but a Border Force source said that little is being done to ensure the rules are followed and some in emergency accommodation are being given vouchers to go to the shops.
Thousands of British tourists returning from France are now being forced to self-isolate for 14 days whilst those it is understood that some of those crossing the Channel on small boats migrants are still going shopping for food.
The Home Office…
Content type: News & Analysis
In the last few weeks, the UK government has announced various new measures to ensure that crossings across the Channel were “inviable” including by appointing a new role of “clandestine Channel threat commander" and further plans to deploy the navy to stop migrants from crossing to the UK from France across the Channel. Premature plans it seems, as not only would such measures be contrary to the UK’s international obligations to allow individuals to seek asylum in the UK, but also since such…
Content type: Explainer
In the name of reinforcing migration control and increasing security, the EU is introducing a host of new surveillance measures aimed at short-term visitors to the Schengen area. New tools and technologies being introduced as part of the visa application process and the incoming “travel authorisation” requirement include automated profiling systems, a ‘pre-crime’ watchlist, and the automated cross-checking of numerous national, European and international databases. There are significant risks…
Content type: News & Analysis
Banning TikTok? It's time to fix the out-of-control data exploitation industry - not a symptom of it
Chinese apps and tech companies have been at the forefront of the news recently. Following India's ban of 59 chinese apps in July, President Trump announced his desire to ban TikTok, shortly followed by his backing of Microsoft's intention to buy the US branch of its parent company ByteDance. Other than others lip syncing his public declaration, what does President Trump fear from this app, run by a firm, based in China?
It's all about that data
One clear answer emerges: the exploitation of…
Content type: Examples
The Manchester-based cybersecurity company VST Enterprises is working a digital health company Circle Pass Enterprises to create the “Covi-pass” digital health passport intended to allow holders to work and travel safely. The Covi-pass uses a colour system of red, green, and amber to indicate whether the holder has tested positive or negative for the coronavirus, and holds other key information such as name, address, and age, plus a biometric. Despite the challenge of sourcing enough…
Content type: Examples
La Quadrature du Net and La Ligue des Droits de l’Homme have won a ruling from the Conseil d’État, France’s highest administration court, making drones equipped with cameras and flying low enough to detect individuals by their clothing or a distinctive sign illegal. During the lockdown, French police having been using hundreds of drones to monitor and capture images of people in the stret who may not be respecting the lockdown rules, as well as to broadcast audio sanitation instructions.…
Content type: Examples
By the end of March 2021 Eurostar will roll out a facial verification system in which passengers will send a scan of their passport and a selfie so that when boarding they can prove their identity by walking through a camera-lined “biometric” corridor instead of presenting their documents. The Department for Transport is funding the system as part of a £9.4 million competition to revolutionise rail travel and is being developed by the British company iProov in partnership with Eurostar and the…
Content type: Examples
The lives of residents in French and Scottish nursing homes have been put in danger by the homes’ use of Dahua and Hikvision fever scanning cameras. The homes are violating ISO standards for such cameras: they have been incorrectly installed in front of large windowed doors, the staff are not given sufficient time to acclimate after coming in from outdoors, and the cameras deliver incorrect readings when the forehead is obscured by hair or a hat.
https://ipvm.com/reports/hikua-nursing
Writer:…
Content type: News & Analysis
In September 2019, PI published the report Your Mental Health for Sale. Our investigation looked into popular mental health websites and their data sharing practices.
Our findings suggest that, at the time of the research, most websites we looked at were using third party tracking for advertising purposes, sometimes relying on programmatic advertising technologies such as Real Time Bidding (RTB), sharing personal data with potentially thousands of actors. Some websites were also found sharing…
Content type: Examples
As part of their preparations to ease the lockdown, French authorities have added AI tools into the CCTV cameras in the Paris Metro to detect the number of passengers who are wearing face masks. The system is also being used in outdoor markets and buses in Cannes. Although it is mandatory to wear a mask on public transport in France, the software won't be used to identify, rebuke, or fine people, and the system has not proved as contentious as contact tracing. The data protection regulator CNIL…
Content type: Examples
France, like the UK, opted to develop its own contact tracing app. "StopCovid", using a centralised design developed by the Pan-European Privacy-Preserving Proxity Tracing (PEPP-PT) group, which created a framework called ROBust and the privacy-presERving proximity Tracing protocol (ROBERT). French ministers have defended the decision to choose ROBERT rather than the decentralised options, DP3T or Apple's and Google's jointly developed API, saying that the app is not intended to monitor…
Content type: News & Analysis
On June 9th, in light of the global debate against racial injustices, the company IBM announced they would stop selling facial recognition. In a letter to the US congress, they demanded a “national dialogue on whether and how facial recognition technology should be employed by domestic law enforcement agencies.”
It is worth noting first of all that it is not entirely clear that IBM is actually stopping facial recognition. The letter states that "IBM no longer offers general purpose IBM facial…
Content type: Examples
As part of a survey of the human rights compliance of contact tracing apps Amnesty International's Security Lab discovered that security vulnerabilities in Qatar's mandatory contact tracing app, EHTERAZ, would have allowed attackers to access the personal information, including name, national ID, health status, and location data, of the app's more than 1 million users because the central server did not have security measures in place to protect the data. The authorities fixed the problem within…