Search
Content type: News & Analysis
PI has today written to Google, Instagram, Snapchat, TicTok, Twitter, YouTube, and WhatsApp to ask for more information about their steps to tell people why they are seeing ads. Facebook recently announced expanding the company's ad transparency measures to include more information about why an ad or content appears in a user's newsfeed. While Facebook has a lot more to do, it is important that all technology companies provide advertising transparency.
Recently, we have seen how platforms…
Content type: News & Analysis
We found this image here.
Today, a panel of competition experts, headed by Professor Jason Furman, the former chief economic adviser of in the Obama administration, confirmed that tech giants, like Facebook, Amazon, Google, Apple and Microsoft, do not face enough competition.
Significantly, the report finds that control over personal data by tech giants is one of the main causes preventing competition and ultimately innovation.
Privacy International's research has shown clear examples of…
Content type: Long Read
(In order to click the hyperlinks in the explainer below, please download the pdf version at the bottom of the page).
Content type: Virtual Machine
The documentation below is a copy of the documentation found on Github: Interception environment on Github
Privacy International's data interception environment
Version: 2.1.2-20190730
Privacy International's data interception environment
Quick Start Guide
Step 0 - Prerequisites
Step 1 - Download
Step 2 - Importation
Step 3 - Initialising
Step 4 - Setup
Step 5 - Capture
Step 6 - Notes for Android Nougat or Later
Background
Theory
Implementation
Virtualbox (6.0.4)
Debian 10 (Buster)…
Content type: News & Analysis
In December 2018, we revealed how some of the most widely used apps in the Google Play Store automatically send personal data to Facebook the moment they are launched. That happens even if you don't have a Facebook account or are logged out of the Facebook platform (watch our talk at the Chaos Communication Congress (CCC) in Leipzig or read our full legal analysis here).
Today, we have some good news for you: we retested all the apps from our report and it seems as if we…
Content type: Examples
In June 2018, a panel set up to examine the partnerships between Alphabet's DeepMind and the UK's NHS express concern that the revenue-less AI subsidiary would eventually have to prove its value to its parent. Panel chair Julian Huppert said DeepMind should commit to a business model, either non-profit or reasonable profit, and noted the risk that otherwise Alphabet would push the company to use its access to data to drive monopolistic profits. In that case, DeepMind would either have to…
Content type: News & Analysis
Privacy International welcomes the focus on data and privacy contained in the final report by the UK House of Commons Digital, Culture, Media and Sport Committee (DCMS) on Disinformation and ‘fake news’. Beyond our control, companies and political parties have banded together to exploit our data. This report establishes essential steps to remedying this downward spiral. An important part of the democratic process is freedom of expression and right to political participation, including the right…
Content type: Examples
In September 2018, Google was discovered to be prototyping a search engine, codenamed Dragonfly, designed to comply with China's censorship regime. Among other features, Dragonfly would tie users' searches to their personal phone numbers, ensuring the government could track their queries. Among the terms on Google's Mandarin-language blacklist: "human rights", "student protest", and "Nobel prize". One Google source suggested Dragonfly would also force on users potentially manipulated Chinese-…
Content type: Examples
In September 2018, the attorney general of the US state of New Mexico filed suit against Lithuania-based Tiny Lab Productions claiming that the maker of the children's app Fun Kid Racing had violated the Children's Online Privacy Protection Act (1998) by collecting location and other data about the children playing the game. The suit also included online ad businesses run by Google, Twitter, and three other companies, arguing that Google's inclusion of the app in the family section of its Play…
Content type: Examples
In 2017, Alphabet's Sidewalk Labs began a collaboration with Waterfront Toronto intended to turn a 12-acre lakeside area into a "smart city" equipped with sensors and responsive infrastructure. Frustration that Torontonians' data privacy concerns were not being addressed led Saadia Muzaffar, founder of TechGirls Canada, to resign from Waterfront Toronto's Digital Strategy Advisory Panel in October 2018. In a lengthy resignation letter, she called attention to the risk that embedding poorly…
Content type: Long Read
During the last World Economic Forum in Davos, the CEO of Microsoft joined the chorus of voices calling for new global privacy rules, saying the following in regard to the new European General Data Protection Regulation (GDPR):
“My own point of view is that it's a fantastic start in treating privacy as a human right. I hope that in the United States we do something similar, and that the world converges on a common standard."
We have come a long way. From tech companies fighting and…
Content type: Long Read
The Privacy International Network is celebrating Data Privacy Week, where we’ll be talking about how trends in surveillance and data exploitation are increasingly affecting our right to privacy. Join the conversation on Twitter using #dataprivacyweek.
It is no mystery that data exploitation is part of most consumer-oriented tech companies’ business models. A big part of our lives is recorded and exploited, from our web searches, to our personal communications, location, and our shopping habits…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgment
The State of Privacy in Lebanon is the result of an ongoing collaboration between Privacy International and SMEX.
Key privacy facts
1. Constitutional privacy protection: The Lebanon constitution does not explicitly mention the right to privacy.
2. Data protection law: The Electronic Transactions and…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgement
The State of Privacy in Colombia is the result of an ongoing collaboration by Privacy International and Fundación Karisma and Dejusticia.
Key Privacy Facts
1. Constitutional privacy protection: The constitution contains an explicit protection of the right to privacy (Article 15 of the 1991 constitution).
2…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgement
The State of Privacy in the Philippines is the result of an ongoing collaboration by Privacy International and Foundation for Media Alternatives.
Key privacy facts
1. Constitutional privacy protection: The constitution contains an explicit protection of the right to privacy (Art. III, section 3).
2.…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgement
The State of Privacy in Mexico is the result of an ongoing collaboration by Privacy International and Red in Defensa de los Derechos Digitales (R3D) in Mexico.
Key Privacy Facts
1. Constitutional privacy protections: The right to privacy is enshrined in article 6 of the Mexican constitution.
2. Data…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgment
The State of Privacy in Indonesia is the result of an ongoing collaboration by Privacy International and The Institute for Policy Research and Advocacy (ELSAM).
Key privacy facts
Key privacy facts
1. Constitutional privacy protection: The constitution does not explicitly mention privacy.
2. Data protection…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgement
The State of Privacy in India is the result of an ongoing collaboration by Privacy International and the Centre for Internet & Society.
Key Privacy Facts
1. Constitutional privacy protections: In 2017, the Indian Supreme Court ruled that the Indian constitution guarantees a right to privacy.
2. Data…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgment
The State of Surveillance in Egypt is the result of an ongoing collaboration by Privacy International and its partners.
Key privacy facts
1. Constitutional privacy protection: The constitution contains an explicit protection of the right to privacy.
2. Data protection law: In August 2018, the Cabinet…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgement
The State of Privacy in Brazil is the result of an ongoing collaboration by Privacy International and Coding Rights.
Between 2014-2017, Privacy LatAm contributed to previous versions of this briefing.
Key privacy facts
1. Constitutional privacy protection: The constitution contains an explicit…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgement
The State of Privacy in Argentina is the result of an ongoing collaboration by Privacy International and Asociación por los Derechos Civiles (ADC).
Key Privacy Facts
1. Constitutional privacy protections: While Argentina's constitution does not mention the word 'privacy', Section 19 has been taken by the…
Content type: News & Analysis
On 22 January 2019 Google updated its Terms of Service and Privacy Policy for Europe.
The message is quite reassuring:
“Nothing about your experience in Google services will change. And nothing is changing in terms of your privacy settings, the way your data is processed, nor the purposes of its processing”.
Then it says: “However, if you don’t want to accept these changes in our terms and Privacy Policy, you can choose to stop using the applicable services.”
Simple. If you don’t like it,…
Content type: News & Analysis
We found this image here.
In order for GDPR to be effective at protecting people's data, it must be implemented and enforced. Therefore, we are pleased to see that CNIL has taken action and issued Google a fine of €50 million based on complaints by NOYB and La Quadrature Du Net in May 2018. Despite numerous statements by Google that it takes the protection of people's data seriously, the decision demonstrates that they have a long way to go and that regulators will take action to hold…
Content type: Report
A video presentation of the finding of this report can be found here, as presented at 35th Chaos Computer Congress (35C3)
Previous research has shown how 42.55 percent of free apps on the Google Play store could share data with Facebook, making Facebook the second most prevalent third-party tracker after Google’s parent company Alphabet. In this report, Privacy International illustrates what this data sharing looks like in practice, particularly for people who do not have a Facebook account.…
Content type: App Analysis
This documentation demonstrates actions taken by the test user and the apps subsequent responses.
Test user action 1: The user taps on the application icon, which opens the application
Response from app: The application is initialised and the following data is sent and received by the app:
Immediately after the app is opened, the following data is sent to graph.facebook.com (Graph)
The following HTTP GET request is made to graph.facebook.com
GET https://graph.facebook.…
Content type: App Analysis
This documentation demonstrates actions taken by the test user and the apps subsequent responses.
Test user action 1: The user taps on the application icon, which opens the application
Response from app: The application is initialised and the following data is sent and received by the app:
Immediately after the app is opened, the following data is sent to graph.facebook.com (Graph)
format: json
sdk: android
event…
Content type: App Analysis
This documentation demonstrates actions taken by the test user and the apps subsequent responses.
Test user action 1: The user taps on the application icon, which opens the application
Response from app: The application is initialised and the following data is sent and received by the app:
Immediately after the app is opened, the following data is sent to graph.facebook.com (Graph)
The following HTTP GET request is made to graph.facebook.com
GET https://graph.…
Content type: App Analysis
This documentation demonstrates actions taken by the test user and the apps subsequent responses.
Test user action 1: The user taps on the application icon, which opens the application
Response from app: The application is initialised and the following data is sent and received by the app:
Immediately after the app is opened, the following data is sent to graph.facebook.com (Graph)
The following HTTP GET request is made to graph.facebook.com
GET https://graph.facebook.…
Content type: Examples
In September 2018, Google warned a selection of US senators and their aides that their Gmail accounts were being targeted by foreign government hackers. Google has issued warnings of phishing attempts by state-sponsored actors since 2012, though getting a notice does not mean the account has been compromised.
https://www.cnet.com/news/google-warns-us-senators-of-foreign-hackers-targeting-their-gmail-accounts/
Writer: Richard Nieva
Publication: CNet
Content type: Impact Case Study
What Happened
On 5 June 2013, The Guardian published the first in a series of documents disclosed by Edward Snowden, a whistleblower who had worked with the NSA. The documents revealed wide-ranging mass surveillance programs conducted by the USA’s National Security Agency (NSA) and the UK’s Government Communications Headquarters (GCHQ), which capture the communications and data of hundreds of millions of people around the world. In addition to revealing the mass surveillance programs of the…