Search
Content type: News & Analysis
Freedom of Information (FOI) requests have revealed the rapidly increasing scale of police mass facial recognition searches against the passport and immigration databases. New figures reveal that the number of searches of the passport database has “skyrocketed” from 2 in 2020 to 417 in 2023, and an almost sevenfold increase from 16 searches of the immigration database in 2023, to 102 in 2024. The Home Office and police forces are conducting these searches against over 150 million photos of the…
Content type: News & Analysis
We’ve been warning for a while now about the risks of AI Assistants. Are these assistants designed for us or to exploit us?The answer to that question hinges on whether the firms building these tools are considering security and privacy from the outset. The initial launches over the last couple of years were not promising.Now with OpenAI’s agent launch, users deserve to know whether these firms are considering these risks and designing their service for people in the real world. The OpenAI…
Content type: Video
LinksLearn more about Repro uncensoredRepro Uncensored incident report formAdriana Smith's caseMore about Adriana's casePrivacy International's Menstruation apps researchResearch on Bing's Typo-searchingMSI on the Global impact of Roe V. Wade being overturnedReport by Fòs Feminista on the Global Impact of the Dobbs DecisionMeta getting rid of factchecking functionAmazon USA report called Obstacles to Autonomy, which includes info on advertising account restrictionsAn report by the Independent…
Content type: Guide step
If you use Viber on your day-to-day it's worth reviewing some of your current settings and how you are making use of the platform.
This guide includes:
Chat backup settings
Visibility settings
App permissions
Managing sessions
Good Practices
Deactivating your account
Chat backup settings
This is a key setting to look into. Viber states that is is end to end encrypted, which means that messages are only accessible by both the sender and the receiver, not being stored anywhere along the way.…
Content type: Video
Links:Read more from Defend Digital MePI's work on Securitising Education25 Years old - The Database State report5 safes principlesUK Government's publication on Genomics in EducationTips and Tricks for submitting a Data Subject Access RequestRequest your information from the Department for Education
Content type: Long Read
We continue producing real change by challenging governments and corporations that use data and technology to exploit us.Since the beginning of the year, we’ve achieved some wins and would like to share them with you.Creating change is hard, and takes time. We have to uncover problems, draw attention to them, and pressure for change. In the first quarter of the year, we’ve been able to challenge secret surveillance powers, research the data practices of the menstruation apps, contribute to…
Content type: Long Read
Period tracking apps and the rollback of reproductive rightsThe aftermath of the overturning of Roe v. Wade in the United States (US) sparked widespread debate and concern that data from period tracking apps could be use to criminalise those seeking abortion care.While the surveillance and criminalisation of reproductive choices are neither new nor unique to the US, the scale and intensity of today’s crisis continue to grow. To put it into perspective, 22 million women and girls of reproductive…
Content type: Explainer
The Free to Protest Guide (Türkiye) has been created by adapting Privacy International's (PI) Free to Protest Guide UK according to the laws and policies of Türkiye, in collaboration with PI and local activists in Türkiye.The Guide has been published in English and Türkçe.DISCLAIMER: This guide forms part of PI's global work to highlight the range of surveillance tools that law enforcement can use in the protest context, and how data protection laws can help guarantee individuals' data privacy…
Content type: Long Read
Go back to the full report page Flo, headquartered in London, UK, is one of the most popular period-tracking apps on the market with over 380 million downloads. The app was previously accused of sharing data with Facebook, such as informing Facebook whenever a Flo user was on their period or if they intended to get pregnant. In 2021, the U.S. Federal Trade Commission (FTC) reached a settlement with Flo to undergo an audit of their privacy policy and to obtain user permissions before…
Content type: Long Read
Go back to the full report pagePeriod Tracker by Simple Design is another popular period tracking app that has over 150 million users. To begin using this app the user answers a set of three onboarding questions for about their cycle pattern. The user has the option to answer 'I'm not sure' for each question. After answering 'I'm not sure' for these three questions, we were able to proceed on the app without having to create an account. Throughout our experience inputting our cycle…
Content type: Long Read
Go back to the full report pageThe Maya app is a period tracker app by Plackal Tech based in India. In our previous investigation, we revealed Maya was sharing a plethora of user input data to Facebook. However, in response to our 2019 research, the app claimed it had since ‘removed both the Facebook core SDK and Analytics SDK from Maya’ while ‘continu[ing] to use the Facebook Ad SDK, post opt-in to our terms and conditions and privacy policy’ for revenue purposes, the latter of which 'does not…
Content type: Long Read
Go back to the full report pagePeriod Tracker by GP Apps is another popularly downloaded app we previously looked at in 2019. In our original research, we determined that this app did not appear to share any user input data with Facebook. This time, we examined the third parties that the app appeared to integrate and what kind of data was being shared with these third parties, as well as what user data the app was storing on its own or external services. It’s worth noting that the…
Content type: Long Read
Go back to the full report pageThe WomanLog app, developed by Pro Active App SIA, is a Latvia-based period tracking app with over 10 million downloads that features an 'Intelligent Assistant' chatbot (more on this below). To get started on the app, we completed a short onboarding questionnaire about which app mode we intended to use (e.g., standard) and the length of our cycle and period. Our answers to these questions were sent across the web traffic to the app developer's API:
Content type: Long Read
Go back to the full report pageThe last app we looked at was Euki, which has been recognised among privacy advocates. The app is a U.S. non-profit privacy-by-default period tracker app founded by a group of social tech and sexual and reproductive health organisations like Digital Defense Fund and Ibis Reproductive Health. The app has recently become open-source. We ran the Euki app through the DIAAS environment to observe its web traffic as for the above apps. There were no onboarding…
Content type: Long Read
Go back to the full report pageLimitationsBefore our analysis, we note the technical limitations (and the scope of our research) meant we did not test certain features mentioned, such as Google Fit integrations offered by some apps. We also mention the limitations of our DIAS environment, which only allows us to see web (client-side) interactions, rather than server-side interactions, the latter of which are increasingly common among more advanced platforms that utilise cloud computing (e.…
Content type: Long Read
Our research has introduced questions about the right to privacy when apps have the potential to share a range of user-related data. This is a particular concern for people using apps in countries where there are restrictions on access to abortion. In the US, after the overturning of Roe v Wade, concerns around the privacy practices of period-tracking apps have been raised in states that have introduced restrictions and bans on access to abortion. It could be very possible for some period…
Content type: Long Read
The security of our devices, applications and infrastructure is paramount to the safe functioning of our digital lives. Good security enables trust in our systems, it is fundamental to protecting the critical information we store and exchange through networks and devices. Similar to how we physically secure our homes, offices and schools, securing devices and software allows us to operate in safe and trusted environments where our security is guaranteed and protected.Security for information…
Content type: Long Read
“Hey [enter AI assistant name here], can you book me a table at the nearest good tapas restaurant next week, and invite everyone from the book club?” Billions of dollars are invested in companies to deliver on this. While this is a dream that their marketing departments want to sell, this is a potential nightmare in the making.Major tech companies have all announced flavours of such assistants: Amazon’s Alexa+, Google’s Gemini inspired by Project Astra, Microsoft’s Copilot AI companion and…
Content type: Opportunities
Full time and permanent from London officeSalary: £40,500 full time and permanent from London officeBenefits: 26 days annual leave (plus bank holidays), generous workplace pension, wellbeing support, resources for learning & development, and we can offer a modest relocation fund.Join us: You’re curious about how technologies affect power and shape the future. You’re an advocate who wants to speak out for change with a voice that is both nuanced and engaging. You want to help build…
Content type: News & Analysis
We’ve been asked a lot lately about whether it is safe to travel, particularly to the US. And it’s not surprising why: the US Government is increasing their cruelty at borders.Border management today is fueled by our data, but government officials want more. They want as much data as they can get to catch you out. They’ve reportedly detained or deported people based on their free speech activities, denying entry on tenuous grounds like having the wrong photos on phones (including in in the ‘…
Content type: Long Read
It’s important to us at PI that we continue to create real change in the world. We want our work to matter, and we challenge ourselves continuously to verify that it does.In 2024 we made substantial progress towards concrete systemic change. We challenged governments and corporations that exploit data and technology, pushed for new national and international policy standards, drove standard-setting action by courts and regulators. We educated and campaigned with others.As a result, we produced…
Content type: Long Read
In 2024, Privacy International (PI) continued to produce real change by challenging governments and corporations that use data and technology to exploit us.Since the beginning of the year, we’ve achieved some wins and would like to share the most recent ones with you.Creating change is hard, and takes time. We have to uncover problems, draw attention to them, and pressure for change. In the latest quarter, we've been able to push regulators for stronger standards on generative AI systems, draw…
Content type: Long Read
On 13 March 2025, we filed a complaint against the UK government challenging their use of dangerous, disproportionate and intrusive surveillance powers to undermine the privacy and security of people all over the world. Here, we answer some key questions about the case and the recent events that led to this development.Note: This post was last updated on 13 March 2025.What’s the fuss about?A month ago, it was reported that the UK government demanded Apple Inc – maker of the iPhone, iPads, Macs…
Content type: Explainer
Imagine this: a power that secretly orders someone anywhere in the world to abide and the receiver can’t tell anyone, can’t even publicly say if they disagree, and can’t really question the power in open court because the secret order is, well, secret. Oh and that power affects billions of people’s security and their data. And despite being affected, we too can’t question the secret order.In this piece we will outline what’s ridiculous, the absurd, and the downright disturbing about what’s…
Content type: Long Read
Intrusive surveillance technology is increasingly used during protests around the world, and we’ve been tracking its use around the world for years.This technology is often being deployed in secret, without a clear legal basis and without the safeguards and oversight applied to other surveillance technologies under international human rights law.We’ve increasingly observed the use of unlawfully generated and collected data from these technologies being used in court against people exercising…
Content type: Long Read
What happened?On 19 July 2024, American cybersecurity company CrowdStrike released an update to its CrowdStrike Falcon software that ultimately caused 8.5 million computers running Microsoft Windows to crash. The damage done was both deep and wide: deep because the computers affected were unable to recover without direct user intervention. Wide because a whole range of companies - from airlines to healthcare to media - across a whole range of countries - from Sweden to India to New Zealand -…
Content type: Long Read
18th December is International Migrants Day, a day to recognize both the contributions and continued struggles of migrants across the world.Migrants continue to face an increased level of human rights violations through hostile immigration policies and practices. At borders and beyond, their fundamental human rights and dignity are being violated through old and new technologies. These systems in place reinforce the dehumanising rhetoric of migrants, who are merely seeking asylum and a better…
Content type: Long Read
In this new briefing, we identify the most significant concerns on the UN Countering Terrorist Travel Programme (CTTP), and put forward a range of recommendations to mitigate some of the human rights risks associated with the surveillance of travellers. We based our briefing on publicly available information and our own research, outlining the purposes and activities of this UN programme. We shared a draft of this briefing with the United Nations Office of Counter- Terrorism (OCT), which…
Content type: Advocacy
In the wake of Privacy International’s (PI) campaign against the unfettered use of Facial Recognition Technology in the UK, MPs gave inadequate responses to concerns raised by members of the public about the roll-out of this pernicious mass-surveillance technology in public spaces. Their responses also sidestep calls on them to take action.The UK is sleepwalking towards the end of privacy in public. The spread of insidious Facial Recognition Technology (FRT) in public spaces across the country…
Content type: Advocacy
The rapid expansion of educational technologies (EdTech) has introduced serious concerns about human rights protection in educational spaces. This briefing explores the impact of facial recognition technology (FRT) and heightened surveillance in these settings, highlighting many complex and multifaceted issues that demand careful consideration from a human rights perspective. From the erosion of privacy and the securitisation of educational spaces - that undermines the learning and growth…