Search
Content type: News & Analysis
This week International Health Day was marked amidst a global pandemic which has impacted every region in the world. And it gives us a chance to reflect on how tech companies, governments, and international agencies are responding to Covid-19 through the use of data and tech.
All of them have been announcing measures to help contain or respond to the spread of the virus; but too many allow for unprecedented levels of data exploitation with unclear benefits, and raising so many red flags…
Content type: Video
This week: it's a weird one - rather than our normal look at technology, we've got recommendations for movies and games you might enjoy while you're locked down.
Music by Simon Mathewson, you can find more from him here: https://freemusicarchive.org/music/Simon_Mathewson
Recommendations include:
Sorry to Bother You
Legally Blonde
S-Club Seeing Double
Snowpiercer
Broforce
Ultimate Chicken Horse
Hidden in plain site
Don't starve
You can listen and subscribe to the podcast where…
Content type: News & Analysis
These are difficult and challenging times around the world.
In this global crisis, businesses are stepping in to support efforts by Governments and public health authorities to seek to control the impact of the virus.
This is important, as help of all kinds is sorely needed. However, we must also be wary that industry initatives and public-private partnerships are not used as an opportunity to profit from this crisis or to exploit data without legal safeguards.
Companies all over the world…
Content type: Examples
On November 3rd, 2019, [...] a critical vulnerability affecting the Android Bluetooth subsystem [was reported]. This vulnerability has been assigned CVE-2020-0022 and was now patched in the latest security patch from February 2020. The security impact is as follows:
On Android 8.0 to 9.0, a remote attacker within proximity can silently execute arbitrary code with the privileges of the Bluetooth daemon as long as Bluetooth is enabled. No user interaction is required and only the Bluetooth MAC…
Content type: Case Study
The right to privacy is crucial to protect a couple’s equal rights within marriage.
The recent rise of spyware as an “off-the-shelf” product that anyone can purchase has been extremely worrying, as installing spyware on someone else’s phone means getting access to their contacts, their messages, their google searches, their location and more - all without them knowing.
Spyware is, increasingly, becoming another way for abusive spouses to control and monitor their partners. Nearly a third of…
Content type: Video
We can’t believe we’re having to say this, but the hours after giving birth are private. If you’re a parent, you may have heard of Bounty, a sales and marketing company allowed access to hospital maternity wards and approach women who have just given birth. This doesn’t happen on any other hospital ward. Can you imagine coming round from major surgery to find a stranger trying to sell you stuff? The physical invasion of privacy is bad enough, but delving into the company’s relationship with…
Content type: Examples
After Asian countries used mass surveillance of smartphones to trace contacts and halt the spread of the coronavirus, Western countries such as the UK and Germany are trying to find less-invasive ways to use phones to collect and share data about infections that would work within data privacy laws and retain public trust. Nearly half of virus transmissions may occur before the individual shows symptoms of the disease. At Oxford researchers are working on a notification app that would notify…
Content type: Examples
Facebook's scientists are analysing location data about compliance with social distancing recommendations in various countries using information from a private vault of location information its apps have collected. The analysis shows that only "very modest" changes in habits in the US, France, and the UK, and much more substantial change in Spain and Italy between mid-February and mid-March. Other companies such as Google and Apple, may also be able to contribute insights into public behaviour…
Content type: Examples
US government agencies are considering a range of tracking and surveillance technologies as part of efforts to control the spread of the novel coronavirus. These include: geolocation tracking and facial recognition systems to analyse photos, both to enable contact tracing. Palantir is working with the Centers for Disease Control and Prevention to model the virus outbreak, and other companies that scrape public social media data have contracts in place with CDC and the National Institutes of…
Content type: Examples
On Wednesday, the government of Madrid will launch a free app to track COVID-19 cases similar to those developed in Asian countries such as South Korea, China, and Taiwan. The development is being carried out at no charge by developers from Google, Telefónica, Ferrovial, Goggo Network, Carto, ForceManager and Mendesaltaren, and is led by known entrepreneur Martín Varsavsky. The priority is to lessen the load on emergency numbers through the combination of users' health status and the places…
Content type: Examples
After the Iranian government produced the AC19 Android app, intended to help people self-diagnose rather than going to a hospital, Google pulled it from the Play Store apparently suspecting that the app made the misleading claim that it could detect COVID-19 infections although it is also true that developer accounts from Iran are not allowed on Google Play. The app, which is still available through the web, initially faced complaints that the Iranian government was using it as a means of…
Content type: Examples
Three years ago, the Alphabet subsidiary Verily developed a software platform, Project Baseline, to run clinical trials on a group of volunteers who agree to share their medical data with a group of researchers at pharmaceutical companies and research hospitals. In early March, Verily began considering whether and how the software could be used to help detect COVID-19. To date, the site is in beta mode, and consists of a questionnaire that links local Bay Area residents to three testing sites.…
Content type: Examples
Technology companies are struggling to cope with the flood of misinformation spreading across the internet, both on social media sites and on the open web, where 4,000 new websites have been created since the beginning of the year that include "coronavirus" in their title and 3% of which are considered malicious. The problem appears to be less coordinated misinformation campaigns than speculation and rumours that are organically spread. As part of the efforts to combat the problem, Google…
Content type: Video
You’re a witness or a victim or a suspect of a crime; or even just travelling going on holiday. Officials demand your phone, then disappear with it. What happened to your phone? What happened to your data? What will happen to you?
We all generate vast amounts of data using our mobile phones - more than most of us are aware of - and that data has become increasingly attractive to law enforcement agencies around the world, enabled by ‘extraction technologies’ supplied by companies like…
Content type: Long Read
This piece was written by Aayush Rathi and Ambika Tandon, who are policy officers at the Centre for Internet and Society (CIS) in India. The piece was originally published on the website Economic Policy Weekly India here.
In order to bring out certain conceptual and procedural problems with health monitoring in the Indian context, this article posits health monitoring as surveillance and not merely as a “data problem.” Casting a critical feminist lens, the historicity of surveillance practices…
Content type: Video
Find out why 53 organisations from all over the world are telling Google it's time they take action on pre-installed apps (bloatware).
You can listen and subscribe to the podcast where ever you normally find your podcasts:
Spotify
Apple podcasts
Google podcasts
Castbox
Overcast
Pocket Casts
Peertube
Youtube
Music by Glass Boy, find more of their work here: glassboy.bandcamp.com/album/enjoy
(creativecommons.org/licenses/by-nd/3.0/)
Content type: Long Read
This piece was written by PI Partner Hiperderecho's Executive Director Miguel Morachimo and originally appeared here. Image from here.
The recent congressional elections in Peru have been different in many ways. This is primarily because the rules that prohibit parties and candidates from advertising on radio and television through paid ads have been applied for the first time. That has led the effort and expenditure on electoral advertising to be focused on alternative platforms, from printed…
Content type: Report
The changes discussed in this article are based on a second analysis performed in late November, 3 months after the original study Your Mental Health is for Sale and following the exact same methodology. All data collected can be found at the bottom of this page.
Change is possible
Back in September 2019 we published the report Your Mental Health is for Sale exposing how a majority of the top websites related to mental health in France, Germany and the UK share data for advertising purposes.…
Content type: Key Resources
From Google's acquisition of the Usenet archive in 2001 to walkouts in 2018 over Google's lack of respect for people's privacy in attempting to transform part of Toronto in to a so-called 'smart' city - Google has a long history of abusing people's privacy. This is a timeline of all of those abuses.
Content type: Examples
Recent study shows that Americans are wary of data from smart speakers being used in criminal investigations, the Pew Research Center reported. A recent study showed that 49% of Americans answered that it is unacceptable for smart speakers companies to share audio recordings of their customers with law enforcement in order to help with criminal investigations. Only 25% said it is acceptable. Aparently, this result contrasts with some other data use practices measured in the same survey. For…
Content type: News & Analysis
Maddie Stone, formally a Senior reverse engineer and tech lead on the Android security team, shockingly revealed a number of examples of how pre-installed apps on Android devices can undermine users privacy and security in her BlackHat USA talk in August 2019. The video of the talk only recently became available to the public in late December 2019.
The apps in question come preloaded on a device when it is purchased and often can't be removed. Stone reveals a litany of abuses carried out by…
Content type: News & Analysis
Privacy shouldn’t be a luxury.
Google claim to agree with us - we know that because Sundar Pichai, their CEO, said so this May in the New York Times. And yet, Google are enabling an ecosystem that exploits people who own low-cost phones.
Today we, along with over 50 organisations including Amnesty International, DuckDuckGo, and the ACLU are asking Google to step up, and we’re asking you to join us in pressuring them to do the right thing.
Sign the petition
Google has the power to…
Content type: Advocacy
Puede encontrar la carta a continuación. Agregue su voz a esta campaña firmando nuestra petición si cree que es hora de que Google deje de permitir la explotación.
Nota: Esta carta también está disponible en francés e inglés.
Estimado Sr. Pichai,
Nosotros, los firmantes, estamos de acuerdo con usted: la privacidad no puede ser un lujo reservado para las personas que tienen la capacidad de pagar por ella.
Sin embargo, los socios de Android Partner –que utilizan la marca y la imagen de…
Content type: Advocacy
You can find the letter below. Add your voice to this campaign by signing our petition if you believe that its time Google stopped enabling exploitation.
Note: This letter is also available in French and Spanish
Dear Mr. Pichai,
We, the undersigned, agree with you: privacy cannot be a luxury offered only to those people who can afford it.
And yet, Android Partners - who use the Android trademark and branding - are manufacturing devices that contain pre-installed apps that cannot be deleted…
Content type: Advocacy
Vous pouvez trouver la lettre ci-dessous. Ajoutez votre voix à cette campagne en signant notre pétition si vous pensez qu'il est temps que Google cesse d'activer l'exploitation.
Ce contenu est également disponible en anglais et en espagnol.
Cher M. Pichai,
Nous, les organisations signataires, sommes d’accord avec vous :
la vie privée n’est pas un luxe, offert seulement à ceux qui en ont les moyens.
Pourtant, les « Android Partners » – qui utilisent la marque déposée…
Content type: News & Analysis
Cloud extraction allows law enforcement agencies to take huge amounts of your data from the Cloud via a legal back door. If law enforcement seize your phone or take it from a victim of crime, they can extract tokens or passwords from the device which lets them get access to data from apps such as Uber, Instagram, Slack, Gmail, Alexa and WhatsApp.
In so doing, law enforcement agencies can avoid official channels through cloud companies such as Google, Apple…
Content type: Long Read
Mobile phones remain the most frequently used and most important digital source for law enforcement investigations. Yet it is not just what is physically stored on the phone that law enforcement are after, but what can be accessed from it, primarily data stored in the Cloud.
Cellebrite, a prominent vendor of surveillance technology used to extract data from mobile phones, notes in its Annual Trend Survey that in approximately half of all investigations, cloud data ‘appears’ and that…
Content type: Press release
A large number of apps on smart phones store data in the cloud. Law enforcement can access these vast troves of data from devices and from popular apps with the push of a button using cloud extraction technology.
Mobile phones remain the most frequently used and most important digital source for law enforcement investigations. Yet it is not just what is physically stored on the phone that law enforcement are after, but what can be accessed from it, primarily data stored in the Cloud.…
Content type: Long Read
Following a series of FOI requests from Privacy International and other organisations, the Department of Health and Social Care has now released its contract with Amazon, regarding the use of NHS content by Alexa, Amazon’s virtual assistant. The content of the contract is to a big extent redacted, and we contest the Department of Health’s take on the notion of public interest.
Remember when in July this year the UK government announced a partnership with Amazon so that people would now…
Content type: Advocacy
As we come to the end of 2019, major weaknesses remain with the transparency that all major platforms have so far provided to users. This piece will overview these weaknesses and suggest steps to move forward in 2020.
Tying heightened transparency to "political" ads introduces a variety of problems. For a start, each platform has defined "political" differently, with some having wider definitions and some, incredibly narrow. When an ad is not designated as political, oftentimes it is provided…