Search
Content type: Advocacy
Last week, Privacy International joined more than 30 UK charities in a letter addressed to the British Prime Minister Boris Johnson, following his recent declaration, asking him to lift No Recourse to Public Funds (NRPF) restrictions.
Since 2012, a ‘NRPF condition’ has been imposed on all migrants granted the legal right to live and work in the UK. They are required to pay taxes, but they are not permitted to access the public safety net funded by those taxes.
This is not a topic we are known…
Content type: Long Read
It is common for families with no recourse to public funds who attempt to access support from local authorities to have their social media monitored as part of a ‘Child in Need’ assessment.
This practice appears to be part of a proactive strategy on the part of local authorities to discredit vulnerable families in order to refuse support. In our experience, information on social media accounts is often wildly misinterpreted by local authorities who make serious and unfounded allegations…
Content type: Report
It is common for families with no recourse to public funds who attempt to access support from local authorities to have their social media monitored as part of a 'Child in Need' assessment. This practice appears to be part of a proactive strategy on the part of local authorities to discredit vulnerable families in order to refuse support. In our experience, information on social media accounts is often wildly misinterpreted by local authorities who make serious and unfounded allegations…
Content type: Long Read
Dear Sir/Madam,
Freedom of information act request
RE: Social media monitoring / social media intelligence
FOIA REQUEST
For definition of social media intelligence please see background explanation below. We further note the comments of the Office of Surveillance Commissioners Annual Report 2016 cited below.
1. In 2016 the Rt Hon Lord Judge, then Chief Surveillance Commissioner, wrote to all Local Authorities regarding use of social media in investigations. Please confirm whether you are…
Content type: Report
SUMMARY
In the UK, local authorities* are looking at people’s social media accounts, such as Facebook, as part of their intelligence gathering and investigation tactics in areas such as council tax payments, children’s services, benefits and monitoring protests and demonstrations.
In some cases, local authorities will go so far as to use such information to make accusations of fraud and withhold urgently needed support from families who are living in extreme poverty.
THE PROBLEM
Since 2011…
Content type: Long Read
The Chief Surveillance Commissioner, The Rt Hon Sir Christopher Rose’s Annual Report 2011 - 12 did not refer to social networks but to overt investigations using the internet as a surveillance tool, stating that:
“5.17 A frequent response to my Inspectors’ enquiries regarding a reduction in directed surveillance is that ‘overt’ investigations using the Internet suffice. My Commissioners have expressed concern that some research using the Internet may meet the criteria of directed…
Content type: News & Analysis
GDPR was hard won. PI, together with other civil society actors, fought from the beginning for a version of the law that offers the strongest rights and protections in the face of intense industry lobbying.
Holding the hidden data ecosystem to account
Two years ago, we committed to using GDPR to seek to hold to account the hidden data ecosystem - those companies that amass and exploit large amounts of our data for profit.
Here’s some of the action we’ve taken:
In Nov 2018,…
Content type: Examples
The state of Utah gave the AI company Banjo real time access to state traffic cameras, CCTV, and public safety cameras, 911 emergency systems, location data for state-owned vehicles, and other data that the company says it's combining with information collected from social media, satellites, and various apps in order to detect anomalies in the real world and alert law enforcement to crimes as they are happening. The company claims its algorithm can do all this while stripping all personal data…
Content type: Examples
Our partners from IPANDETEC in Panamá wrote about privacy and personal data in the context of the COVID-19 response, stating that throughout Central America, data protection laws and patient privacy lean towards respecting their privacy before the scientific interest of their cases.
Link: https://www.ipandetec.org/2020/03/18/coronavirus-privacidad-datos/
Content type: Long Read
This research was commissioned as part of Privacy International’s global research into data exploitative technologies used to curtail women’s access to reproductive rights. Reproductive Rights and Privacy Project. Read about Privacy International’s Reproductive Rights and Privacy Project here and our research findings here.
Content type: Case Study
From 2019 to 2020, citizens of economically disadvantaged neighborhoods in the Netherlands were subject to unlawful invasion of their privacy by the Dutch government’s automated welfare fraud detection system. The system is known as System Risk Indicator (SyRI), and the Dutch government used it to generate risk scores for individual citizens by combining personal data including “identity, labor, personal estates and property, education, pension, business, income and assets, pension and debts.…
Content type: Examples
Two million people downloaded Australia's COVIDSafe app in the first four days it was available; the government's goal is to reach 10 million, or about 40% of the population. Users are asked for a (not necessarily real) name, age, mobile number, and postal code. The app exchanges a Bluetooth handshake when it comes within 1.5 metres of another app user, then logs the handshake and encrypts the exchange.
The data is used to notify users if they have come within close contact for 15 or more…
Content type: Examples
The automated facial recognition company Clearview AI has suggested to US federal and state authorities that its facial biometrics could leverage cameras already in place at gyms and retailers in order to identify individuals in the interests of contact tracing.
Simultaneously, the company is asking for a stay in a privacy lawsuit in federal court in Illinois under the state's Biometric Information Privacy Act. The company wants the case to be moved to the Southern District of New York, where…
Content type: Long Read
This article has been written by our partner organisation InternetLab. Read this article in Portuguese here.
Over the last months, the organisation InternetLab has researched privacy, data protection, gender, and social protection, focusing on the beneficiaries of the Bolsa Familia Program (PBF). The PBF is the most extensive Brazilian cash transfer program, and its functioning is linked to CadÚnico, a database that comprises 40% of the country’s population. Moreover, it is a program whose…
Content type: Case Study
The run up to Kenya’s 2017 elections was extremely tense. Kenya has a history of violently fought elections and there was fear this election would be no different. It was in this tense environment, that companies like Cambridge Analytica and Harris Media – and their digital offerings - got involved in the election campaigns.
Cambridge Analytica’s business model is by now familiar, they compiled a huge amount of data points, often through illegal means, to create profiles on individuals –…
Content type: Long Read
This week saw the release of a coronavirus tracking app within the United Kingdom, initially to be trialled in the Isle of Wight. Privacy International has been following this closely, along with other ‘track and trace’ apps like those seen in over 30 other countries.
The UK’s app is no different. It is a small part of a public health response to this pandemic. As with all the other apps, it is vital that it be integrated with a comprehensive healthcare response, prioritise people, and…
Content type: Long Read
Coronavirus-related lockdown measures have impacted almost 2.7 billion workers, with some countries seeing unprecedented levels of applications for welfare benefits support.
In response, emergency relief legislation for welfare recipients has been fast-tracked worldwide, from the UK to Brazil. These measures, combined with the growing awareness of Covid-19's differentiated impact along the fault lines of class, race, gender and legal status, rightly seek to address the needs of…
Content type: Advocacy
For a long but fun analysis of the current competition and data state of play in the UK, click here.
Background
PI broadly welcomes the CMA’s interim findings, many of which correspond with issues of longstanding concern to PI and with the points raised in our response to the CMA’s Statement of Scope.
This includes the indication that Google and Facebook have a dominant or strategic position in major elements of the digital advertising market which can -at least, partially- be attributed to the…
Content type: Long Read
UPDATE 21/07/2020: On Monday July 20th, the Israeli parliament approved a new bill allowing the Ministry of Health to rely again on the Intelligence Services to track people who may have been exposed to Covid 19 when the number of new cases reaches 200 and above per day. The authorisation is then granted for three weeks and can be extended if the numbers have not decreased. The new law will be effective until January 2021. As of July 21st and for at least the next three weeks, the Intelligence…
Content type: Case Study
IMSI catchers – International Mobile Subscriber Identity catchers – are a particularly intrusive technology being used by police to monitor protesters and intercept their personal information and communications.
IMSI catchers have been used - officially or in secret - across the globe to monitor protests, including in the US and Germany; in the UK, police forces have refused to disclose any information on their use but documents obtained by the Bristol cable show that nine police forces have…
Content type: News & Analysis
Political campaigns around the world have turned into sophisticated data operations. They rely on data- your data- to facilitate a number of decisions: where to hold rallies, which States or constituencies to focus resources on, which campaign messages to focus on in which area, and how to target supporters, undecided voters, and non-supporters.
While data driven political campaigns are not new, the granularity of data available and the potential power to sway or suppress voters through that…
Content type: Long Read
This review is based on information in the public domain, primarily that of the platforms themselves. It is not exhaustive and this field moves with speed - however, it aims to offer a snapshot of approaches and practices.
TikTok
TikTok is a short-form video app (owned by ByteDance) which allows advertising and sponsored content. Two thirds of TikTok’s over 113 million users (are reportedly aged 16-24) and it was the second most downloaded app in 2019, beaten only by WhatsApp’s 849…
Content type: Press release
PI's new report documents 10 tactics that are being developed and deployed to delay or curtail access to reproductive healthcare globally. Especially given the current crisis, as digital services become even more important, we hope this report will highlight how those opposed to reproductive rights are actively developing technical tools to delay or curtail access. A downloadable multi-media asset is attached.
Examples of tech being developed:
Developing digital dossiers about those…
Content type: Long Read
The organised opposition to sexual and reproductive rights has gone digital. Data exploitative tech is being developed that is capable of obtaining vast amounts of intimate information about people’s reproductive health, and delaying or curtailing access to reproductive healthcare.
Technology provides incredible opportunities to democratise access to reproductive health information, services, and care. It can play a vital role in protecting the lives of those needing sexual and reproductive…
Content type: News & Analysis
A few weeks ago, its name would probably have been unknown to you. Amidst the covid-19 crisis and the lockdown it caused, Zoom has suddenly become the go-to tool for video chat and conference calling, whether it’s a business meeting, a drink with friends, or a much needed moment with your family. This intense rise in use has been financially good to the company, but it also came with a hefty toll on its image and serious scrutiny on its privacy and security practices.
While Zoom already had a…
Content type: Case Study
Over the past decade targeted advertisement has become exponentially more invasive. To enable targeted advertisement, massive amounts of data about individuals are collected, shared and processed often without their knowledge or consent. This information about us is then used to profile us and micro-target us to sell us products or influence our views.
This is a significant intrusion to our privacy inevitably affects our perogative not to reveal our thoughts; not to have our thoughts…
Content type: Long Read
‘Let’s build an app for that’ has become the response to so many things. It’s no surprise it’s happening now.
Apps are notorious for their lack of security and privacy safeguards, exploiting people’s data and devices. Now we’re being asked to trust governments with their proposed apps -- of which there are many. These are the very same governments who have been keen to exploit data in the past. For instance, PI currently has four outstanding legal cases arising from the last times governments…
Content type: Advocacy
To the Members of the European Parliament and to the Committee on Budgets of the European Parliament
The EU urgently needs to step up and provide assistance to protect the health and safety of people trapped in camps on the Greek islands - not just to protect their welfare, but to contain the virus itself as a matter of global public health.
However, as we detail in the briefing below, the current European Commission proposal for funds allocation is insufficient to ensure the safety of…
Content type: Examples
The government has issued a substantial rewrite of a controversial proposal to track people using their phones and other devices in the bid to contain Covid-19. AmaBhungane, an investigative journalism newsroom, said the first “directions” – issued last week by the minister of communications – raised "serious concerns for their vagueness and lack of privacy protections”. The new regulations provide more judicial oversight, restrict the purpose to contact tracing, and aim to ensure that…
Content type: Examples
The US Department of Health and Human Services has announced it will waive penalties for violations of the Health Insurance Portability and Accountability Act, which protects patient data privacy. HHS argued that in the nationwide emergency caused by the COVID-19 pandemic, greater latitude is needed to allow doctors to provide telehealth services and use new technologies such as one-on-one video conferencing apps to communicate with patients. However, the agency said that public-facing…