Search
Content type: Case Study
Over the past decade targeted advertisement has become exponentially more invasive. To enable targeted advertisement, massive amounts of data about individuals are collected, shared and processed often without their knowledge or consent. This information about us is then used to profile us and micro-target us to sell us products or influence our views.
This is a significant intrusion to our privacy inevitably affects our perogative not to reveal our thoughts; not to have our thoughts…
Content type: Long Read
‘Let’s build an app for that’ has become the response to so many things. It’s no surprise it’s happening now.
Apps are notorious for their lack of security and privacy safeguards, exploiting people’s data and devices. Now we’re being asked to trust governments with their proposed apps -- of which there are many. These are the very same governments who have been keen to exploit data in the past. For instance, PI currently has four outstanding legal cases arising from the last times governments…
Content type: Advocacy
To the Members of the European Parliament and to the Committee on Budgets of the European Parliament
The EU urgently needs to step up and provide assistance to protect the health and safety of people trapped in camps on the Greek islands - not just to protect their welfare, but to contain the virus itself as a matter of global public health.
However, as we detail in the briefing below, the current European Commission proposal for funds allocation is insufficient to ensure the safety of…
Content type: Examples
The government has issued a substantial rewrite of a controversial proposal to track people using their phones and other devices in the bid to contain Covid-19. AmaBhungane, an investigative journalism newsroom, said the first “directions” – issued last week by the minister of communications – raised "serious concerns for their vagueness and lack of privacy protections”. The new regulations provide more judicial oversight, restrict the purpose to contact tracing, and aim to ensure that…
Content type: Examples
The US Department of Health and Human Services has announced it will waive penalties for violations of the Health Insurance Portability and Accountability Act, which protects patient data privacy. HHS argued that in the nationwide emergency caused by the COVID-19 pandemic, greater latitude is needed to allow doctors to provide telehealth services and use new technologies such as one-on-one video conferencing apps to communicate with patients. However, the agency said that public-facing…
Content type: Examples
The US Centers for Disease Control and Prevention, in conjunction with local and state governments, are using location data collected by the mobile advertising industry from millions of cellphones in order to better understand how Americans are moving during the COVID-19 pandemic and how those movements affect the spread of the disease. The goal is to create a portal that federal, state, and local officials can use to study geolocation from up to 500 US cities and see which retail…
Content type: Examples
An official directive from the Pakistani provincial government of Sindh titled "COVID-19 Mobile Registration System for Needy People" describes its use of multiple databases to identify those in need of welfare funds and disburse cash to them by combining taxpayers' data from the Federal Board of Revenue, travel histories from the Federal Investigation Agency, and financial information from the State Bank of Pakistan. Recipients need to create cellphone accounts via the service provider Jazz in…
Content type: News & Analysis
This week International Health Day was marked amidst a global pandemic which has impacted every region in the world. And it gives us a chance to reflect on how tech companies, governments, and international agencies are responding to Covid-19 through the use of data and tech.
All of them have been announcing measures to help contain or respond to the spread of the virus; but too many allow for unprecedented levels of data exploitation with unclear benefits, and raising so many red flags…
Content type: Examples
The World Health Organization will partner with major blockchain and technology companies to launch a distributed ledger-based platform to be dubbed "MiPasa" that it says will facilitate "fully private information sharing between individuals, state authorities, and health institutions" by cross-referencing siloed location and health data to create global insights. The WHO believes the system can ensure patient privacy. MiPasa also expects to host an array of publicly accessible analytics tools…
Content type: News & Analysis
These are difficult and challenging times around the world.
In this global crisis, businesses are stepping in to support efforts by Governments and public health authorities to seek to control the impact of the virus.
This is important, as help of all kinds is sorely needed. However, we must also be wary that industry initatives and public-private partnerships are not used as an opportunity to profit from this crisis or to exploit data without legal safeguards.
Companies all over the world…
Content type: Press release
Efforts to contain the virus has led to a wave of surveillance initiatives unprecedented on its global scale. Now, a global coalition of civil society organisations is calling on such initiatives to respect human rights by adhering to eight recommendations.
Measures imposed so far range from the use of informants, police monitors, hand stamping, and public naming of individuals, to the high-tech use of tracking apps and mass surveillance tools. An analysis by PI has found telecommunications…
Content type: Report
On 12 December 2018 a member of Lancashire Police Department UK told viewers of a Cellebrite webinar that they were using Cellebrite's Cloud Analyser to obtain cloud based 'evidence'. In response to a Freedom of Information request Hampshire Constabulary told Privacy International they were using Cellebrite Cloud Analyser.
They are not alone. In Cellebrite's 2019 Annual Trend Survey, Cellebrite found that law enforcement is increasingly using 'cloud extraction.' But the…
Content type: Examples
An engineering and computer science professor and his team from The Ohio State University discovered a design flaw in low-powered Bluetooth devices that leaves them susceptible to hacking.
Zhiqiang Lin, associate professor of computer science and engineering at the university, found the commonly used Bluetooth Low Energy devices, such as fitness trackers and smart speakers, are vulnerable when they communicate with their associated apps on the owner’s mobile phone.
"There is a fundamental…
Content type: Case Study
The right to privacy is crucial to protect a couple’s equal rights within marriage.
The recent rise of spyware as an “off-the-shelf” product that anyone can purchase has been extremely worrying, as installing spyware on someone else’s phone means getting access to their contacts, their messages, their google searches, their location and more - all without them knowing.
Spyware is, increasingly, becoming another way for abusive spouses to control and monitor their partners. Nearly a third of…
Content type: Case Study
Having a right to a nationality isn’t predicated on giving up your right to privacy - and allowing whichever government runs that country to have as much information as they want. It is about having a fundamental right to government protection.
For the first time since 1951, Assam - a state in the north east of India - has been updating its national register of citizens (NRC), a list of everyone in Assam that the government considers to be an Indian citizen. The final version, published in…
Content type: Examples
As governments look into surveillance, geolocation and biometric facial recognition to contain the coronavirus, even if they violate user data privacy, the controversial facial recognition company Clearview AI is allegedly negotiating a partnership with state agencies to monitor infected people and the individuals with whom they have interacted. The data mining company Palantir is already collaborating with the Centers for Disease Control and Prevention and National Institutes of Health, while…
Content type: Examples
As governments look into surveillance, geolocation and biometric facial recognition to contain the coronavirus, even if they violate user data privacy, the controversial facial recognition company Clearview AI is allegedly negotiating a partnership with state agencies to monitor infected people and the individuals with whom they have interacted. The data mining company Palantir is already collaborating with the CDC and NIH, while the White House convened a task force of technology companies to…
Content type: News & Analysis
Unless this is the first time you’ve come to our website, you will notice that it looks very different today. We have a new logo and new brighter colours (read more about our new visual identity here). But our rebrand isn’t just a new visual identity, it’s a new way of talking about our work, and a new way of working with you. We asked ourselves two questions - ’What does PI stand for?’ and 'What kind of future is PI campaigning for?’ Our rebrand is the culmination of a year of critical…
Content type: Case Study
The increasing deployment of highly intrusive technologies in public and private spaces such as facial recognition technologies (FRT) threaten to impair our freedom of movement. These systems track and monitor millions of people without any regulation or oversight.
Tens of thousands of people pass through the Kings Cross Estate in London every day. Since 2015, Argent - the group that runs the Kings Cross Estate - were using FRT to track all of those people.
Police authorities rushed in secret…
Content type: News & Analysis
Unlikely as it may seem, the UN institution that has one of the greatest potential to impact upon people’s rights around the world is now the UN Statistics Division. And why is that?
Last week, they had a crucial meeting where they endorsed the UN’s Legal Identity Agenda and the UN’s Legal Identity Task Force. The stakes could hardly be higher. One of the UN’s Sustainable Development Goals, SDG 16.9, states that “by 2030 provide legal identity for all including free birth…
Content type: Long Read
Commercial interests seem to often overshadow the EU’s stance as a global privacy leader. After looking at Europes's shady funds to border forces in the Sahel area, Niger's new biometric voting system, and attempts to dismantle smugglers networks powered by Europe's gifts of surveillance, freelance journalist Giacomo Zandonini looks at the battle for data protection and digital rights in the continent.
What do a teenage labourer on a marijuana farm in Lesotho, a…
Content type: Long Read
The UK’s Metropolitan Police have began formally deploying Live Facial Recognition technology across London, claiming that it will only be used to identify serious criminals on “bespoke ‘watch lists’” and on “small, targeted” areas.
Yet, at the same time, the UK’s largest police force is also listed as a collaborator in a UK government-funded research programme explicitly intended to "develop unconstrained face recognition technology", aimed “at making face…
Content type: Case Study
In 2015, James Bates was charged with first-degree murder in the death of Victor Collins. Collins was found floating face down in Bates’ hot tub in November 2015. Bentonville police served two search warrants ordering Amazon to turn over the “electronic data in the form of audio recordings, transcribed records, text records and other data contained on the Amazon Echo device” in Bates’ home.
The reason for the warrants? According to the police, just because the device was in the house that…
Content type: News & Analysis
This piece was originally published by Unwanted Witness here.
Today marks exactly one year since Uganda passed its data protection law, becoming the first East African country to recognize privacy as a fundamental human right, as enshrined in Art 27 of the 1995 Uganda Constitution as well as in regional and International laws.
The Data Protection and Privacy Act, 2019 aims to protect individuals and their personal data by regulating processing of personal information by state and non-state…
Content type: Long Read
Background
Kenya’s National Integrated Identity Management Scheme (NIIMS) is a biometric database of the Kenyan population, that will eventually be used to give every person in the country a unique “Huduma Namba” for accessing services. This system has the aim of being the “single point of truth”, a biometric population register of every citizen and resident in the country, that then links to multiple databases across government and, potentially, the private sector.
NIIMS was introduced…
Content type: Long Read
In 2018, following the Cambridge Analytica scandal, Facebook announced the “Download Your Information” feature allowing users to download all the information that the company have on them since the creation of the account. All of it? It doesn’t seem so. Concerns were quickly raised when Facebook released the feature, that the information was inaccurate and incomplete.
Privacy International recently tested the feature to download all ‘Ads and Business’ related information (You can accessed it…
Content type: Case Study
In 2015, a man in Connecticut was charged with murdering his wife based on evidence from her Fitbit. Richard Dabate, the accused, told the police that a masked assailant came into the couple’s suburban home at around 9am on 23 December 2015, overpowering Dabate then shooting his wife as she returned through the garage.
However, the victim’s fitness tracker told a different story. According to data from the device, which uses a digital pedometer to track the wearer’s steps, Dabate’s wife was…
Content type: Long Read
This piece was written by Aayush Rathi and Ambika Tandon, who are policy officers at the Centre for Internet and Society (CIS) in India. The piece was originally published on the website Economic Policy Weekly India here.
In order to bring out certain conceptual and procedural problems with health monitoring in the Indian context, this article posits health monitoring as surveillance and not merely as a “data problem.” Casting a critical feminist lens, the historicity of surveillance practices…
Content type: Long Read
The UN Committee on the Elimination of Discrimination against Women (CEDAW) is meeting from 10-28 February to review the progress of women’s rights in Afghanistan, Bulgaria, Eritrea, Kiribati, Latvia, Pakistan, Republic of Moldova, and Zimbabwe. At forums like this, the attempts of Heartbeat International to curtail reproductive rights internationally must be highlighted. Heartbeat International is a US-based organisation that is developing and promoting a suite of data intensive technologies…
Content type: Advocacy
TEDIC, InternetLab, Derechos Digitales, Fundación Karisma, Dejusticia, Asociación por los Derechos Civiles and Privacy International welcome the call made by the Special Rapporteurship on Economic, Social, Cultural and Environmental Rights (ESCER) of the Inter-American Commission on Human Rights (IACHR) to inform the preparation of the Annual Report of the ESCER for the year 2019, which will be presented to the Organization of American States (OAS) during 2020.
This submission aims to outline…