Search
Content type: News & Analysis
Ask people around you if they live in a smart city, and more likely than not they will answer that they don’t. I can tell you that because I have tried.
When giving talks about this very topic in cities like Berlin, The Hague and Stockholm, I always ask this question at the start. The rough ratio I tend to get is that: 15 per cent hesitantly raise their hand to say they do, 60 per cent don’t, 20 per cent just look confused and 5 per cent are not listening.
And yet most people who live in cities…
Content type: Explainer
What is integrated policing?
Integrated policing is the collection and centralisation of data used for policing purposes. In the era of ‘big data’, companies – often the same companies offering infrastructures for smart cities – are offering interfaces that allow police easier access to datasets. Smart cities are cities where projects are deployed to use the collection and analysis of data to attempt to provide better targeted services to inhabitants.
With the proliferation of surveillance…
Content type: Case Study
Police and security services are increasingly outsourcing intelligence collection to third-party companies which are assigning threat scores and making predictions about who we are.
The rapid expansion of social media, connected devices, street cameras, autonomous cars, and other new technologies has resulted in a parallel boom of tools and software which aim to make sense of the vast amount of data generated from our increased connection. Police and security services see this data as an…
Content type: News & Analysis
Technologists hoped the “Crypto Wars” of the 1990s – which ended with cryptographers gaining the right to legally develop strong encryption that governments could not break – was behind them once and for all. Encryption is a fundamental part of our modern life, heavily relied on by everything from online banking and online shopping services to the security our energy infrastructure.
However, from comments by the French and German governments about creating a European initiative to circumvent…
Content type: News & Analysis
In our latest report “Who’s that knocking at my door? Understanding surveillance in Thailand”, we highlighted various methods of surveillance that the Thai Government employs. Included in these methods was the finding that Microsoft was the only technology company which by default trusts the Thai Government’s root certificate. Root certificates ensure the validity of a website, and protect users from being tricked into visiting a fake, insecure website. Most technology companies including Apple…
Content type: Long Read
This piece originally appeared here.
On both sides of the Atlantic, we are witnessing the dramatic expansion of government hacking powers. In the United States, a proposed amendment to Rule 41 of the Federal Rules of Criminal Procedure would permit the government to obtain a warrant, in certain circumstances, to hack unspecified numbers of electronic devices anywhere in the world. Meanwhile, across the pond, the British Parliament is currently debating the Investigatory…
Content type: News & Analysis
“It’s like 10,000 spoons when all you need is a knife”. Alanis Morissette thought that was ironic. I never thought so. I suggest a far more ironic lyric to you Alanis - "It’s like the Home Office not listening during a consultation about how it wants to listen to everything you do’. OK, it might not be the catchiest lyric, but you can’t say it’s not ironic.
Today the latest version of the Investigatory Powers Bill was published. The Government might want some credit…
Content type: News & Analysis
Section 217 and the Draft Code of Practice on Interception of Communications
Tech giants including Apple Inc, Facebook Inc, Google Inc, Microsoft Corp, Twitter Inc and Yahoo Inc have been openly critical of the UK Government’s Investigatory Power Bill (IPBill). However, what has not been highlighted is a deeply concerning Draft Code of Practice on Interception on Communications, which will not only affect telecommunications companies small and large, but result in costs to the…
Content type: News & Analysis
We already know that in some countries, like the UK, governments are drafting laws to legalise and legitimise their incredible surveillance powers. In the U.S. we are seeing legislation that is using remarkably similar language on encryption and surveillance. The next phase of the cryptowars has openly begun.
Yesterday what is being called the Feinstein-Burr decryption Bill was introduced into the US Senate and leaked online. Whilst the short title ‘Compliance with Court Orders…
Content type: Press release
Today’s report by the Joint Committee on the Investigatory Powers Bill is the third committee report that concludes that the Home Office has failed to provide a coherent surveillance framework.
The Joint Committee on the Investigatory Powers Bill today published a 198 page report following a short consultation period between November and January. Their key findings are that:
- the definitions in the bill need much work, including a meaningful and comprehensible…
Content type: News & Analysis
The relationship between users and companies is based primarily on trust. However, many recent developments have the potential to undermine this trust and to question companies loyalties to their users. From excessive data collection and transmission to the failure to guard against basic security risks, one could be forgiven for thinking that the privacy and security interests of users and devices have taken a back seat. Governments of the world are unilaterally endeavouring to…
Content type: Long Read
Written by Eva Blum-Dumontet
A recent case of lèse-majesté in Thailand (speaking ill of the monarchy) is a worrying example of how Western companies do not just work with governments that fall short of international human rights standards, but can actually facilitate abuses of human rights.
Our investigation on the trial of Katha Pachachirayapong — accused of spreading rumours on the ill-health of the King Bhumibol Adulyadej, thereby causing sharp falls in the Thai stock market — reveal the…
Content type: News & Analysis
According to Snowden documents analysed by Privacy International, the Australian Signals Directorate had access to and used PRISM, a secret US National Security Agency program which provides access to user data held by Google, Facebook and Microsoft.
This is the third spy agency of the 'Five Eyes' alliance confirmed to have had secret access to Silicon Valley company data - an alliance whose rules and policies remain classified. Earlier this year, a British court ruled that GCHQ access to…
Content type: Press release
Privacy International and several other human rights organisations are taking the UK Government to the European Court of Human Rights over its mass surveillance practices, after a judgement last year found that collecting all internet traffic flowing in and out of the UK and bulk intelligence sharing with the United States was legal.
The appeal, filed last week by Privacy International, Bytes for All, Amnesty International, Liberty, and other partners, comes in response to a…
Content type: News & Analysis
Privacy International, Bytes for All and other human rights groups are celebrating a major victory against the Five Eyes today as the UK surveillance tribunal rules that GCHQ acted unlawfully in accessing millions of private communications collected by the NSA up until December 2014.
Today’s judgement represents a monumental leap forward in efforts to make intelligence agencies such as GCHQ and NSA accountable to the millions of individuals whose privacy they have violated.
The…
Content type: Press release
British intelligence services acted unlawfully in accessing millions of people’s personal communications collected by the NSA, the Investigatory Powers Tribunal ruled today. The decision marks the first time that the Tribunal, the only UK court empowered to oversee GHCQ, MI5 and MI6, has ever ruled against the intelligence and security services in its 15 year history.
The Tribunal declared that intelligence sharing between the United States and the…
Content type: News & Analysis
While the initial disclosures by Edward Snowden revealed how US authorities are conducting mass surveillance on the world's communications, further reporting by the Guardian newspaper uncovered that UK intelligence services were just as involved in this global spying apparatus. Faced with the prospect of further public scrutiny and accountability, the UK Government gave the Guardian newspaper an ultimatum: hand over the classified documents or destroy them.
The Guardian decided that having the…
Content type: News & Analysis
A strong, unified voice from the tech industry is absolutely essential to reforming the mass and intrusive surveillance programs being run by the Five Eyes, so we welcome today's statement from AOL, Apple, Google, Facebook, LinkedIn, Microsoft, Twitter, and Yahoo.
Companies have obligations to respect human rights and not be complicit in mass surveillance. Given what has been publicly revealed over the past six months, we must know for certain that the companies we entrust with our information…
Content type: News & Analysis
It was a throwaway line in a Washington Post article, one of the many stories about government surveillance in the past few months.
By September 2004, a new NSA technique enabled the agency to find cellphones even when they were turned off. [Joint Special Operations Command] troops called this “The Find,” and it gave them thousands of new targets, including members of a burgeoning al-Qaeda-sponsored insurgency in Iraq, according to members of the unit."
Being able to track a mobile phone,…
Content type: Long Read
Privacy International filed formal complaints with the Organisation for Economic Cooperation and Development (OECD) in the UK against some of the world’s leading telecommunication companies, for providing assistance to British spy agency GCHQ in the mass interception of internet and telephone traffic passing through undersea fibre optic cables.
According to recent reports, BT, Verizon Enterprise, Vodafone Cable, Viatel, Level 3, and Interoute granted access to their fibre optic…
Content type: Press release
Privacy International today has filed formal complaints with the Organisation for Economic Cooperation and Development (OECD) in the UK against some of the world’s leading telecommunication companies, for providing assistance to British spy agency GCHQ in the mass interception of internet and telephone traffic passing through undersea fibre optic cables.
According to recent reports, BT, Verizon Enterprise, Vodafone Cable, Viatel, Level 3, and Interoute granted access to their fibre optic…
Content type: Press release
Transparency reports have traditionally played a critical role in informing the public on the lawful access requests made by governments to companies like Facebook. These reports have provided a useful accountability mechanism for users to know what governments are asking for and how often. Transparency reports also inform users as to what intermediaries are doing to protect their privacy when it comes to sharing data with governments. Given Facebook's ever-growing presence in the lives of…
Content type: News & Analysis
Below is an excerpt of an article that recently appeared in Melbourne, Australia's The Age, written by Carly Nyst, Head of International Advocacy at Privacy International:
"Mass surveillance of a country's citizens by its government can no longer be said to be the preserve of authoritarian and dictatorial states.
The publication last week by The Guardian of classified National Security Agency documents has exposed the extent of surveillance by the US government, throwing into question…
Content type: News & Analysis
UPDATE: The Guardian has just reported that "The UK's electronic eavesdropping and security agency, GCHQ, has been secretly gathering intelligence from the world's biggest internet companies through a covertly run operation set up by America's top spy agency."
This recent news reveals a long-held suspicion that the GCHQ had the very powers they were seeking to place on a statutory footing with the Snooper Charter, a bill that was knocked back for being unnecessary and…
Content type: News & Analysis
The long-awaited release by Microsoft today of data about the number of law enforcement requests received and complied with by the company represents an important step forward in the ongoing challenge of understanding the scale of government access to communications information.
The data, the first set released by Microsoft, reveals that it received 70,665 requests for communications content and data in 2012, pertaining to 122,015 users or accounts. Communciations data was disclosed…
Content type: News & Analysis
Nigel Waters attended the APEC DPS meeting in Jakarta as an invited guest. He has previously either formally represented Privacy International or been a part of the Australian delegation. He continues to bring a critical civil society perspective to bear on the APEC privacy work.
The APEC Cross Border Privacy Rules (CBPR) system has moved one step closer to full operation with the acceptance in January 2013 of Mexico as the second participating economy. The United States was accepted in July…
Content type: News & Analysis
Tuesday’s letter to Google CEO Larry Page, personally signed by 29 European data protection authorities, ordered the corporation (inter alia) to give users greater control over their personal information. The notions of trust and control are emphasised throughout the letter, and Google is urged to "…develop new tools to give users more control over their personal data" and "collect explicit consent for the combination of data for certain purposes". It is good news that the…
Content type: News & Analysis
APEC privacy activity has passed another milestone with the acceptance in July 2012 of the USA as the first economy to formally join the cross border privacy rules (CBPR) system. The CBPR Joint Oversight Panel (JOP), with the Canadian chair of the Data Privacy Subgroup (DPS) standing in for the US member in accordance with the ‘no conflict of interest’ provisions, accepted the US government application, which nominated the Federal Trade Commission (FTC) as the privacy enforcement authority…
Content type: News & Analysis
In the PI office, we have daily debates about which platforms to use for our organizational operations. As a privacy charity, we are naturally concerned about the integrity of our own information services and resources, but we frequently receive queries about the best technologies to use from a variety of other organizations, some with very complex threat models.
The sad fact is that we are all poorly served by the range of services currently available. We worry that there is a significant…
Content type: News & Analysis
The recent acquisition of Skype by Microsoft, coupled with a series of infrastructural changes, has resulted in a flurry of responses, concerns and analysis of exactly what kind of assistance Skype can provide to law enforcement agencies. Under this heightened scrutiny, Skype released a statement on their blog on 26th July, purporting to re-affirm their commitment to the privacy of their users.
Privacy International are delighted to read that Skype believes that…