Search
Content type: Press release
An internal Liberal Democrat briefing on Home Office plans to massively expand government surveillance was today passed to Privacy International. The document contains significant evasions and distortions about the proposed 'Communications Capabilities Development Programme' (CCDP), and is clearly intended to persuade unconvinced Lib Dem MPs to vote in favour of the proposal.
The document contains a section entitled 'Remember, under Labour' consisting of a list of the previous government's…
Content type: Report
The US does not have a general overarching privacy law like European Data Directive or the sweeping privacy protections contained in the European declarations of rights. The EU-US accord cites several laws, which it claims, give privacy rights to non-US persons. None of the cited laws offer any real substantive or procedural protections for Europeans. As explained below, the one law – the Privacy Act 5 U.S.C 552a – that could offer some modest protections is tellingly not even mentioned.
But…
Content type: Report
This is a memo prepared by Barry Steinhardt of Friends of Privacy USA for Members of the European Parliament regarding the proposed EU-US Agreement PNR.
The proposed agreement regarding Passenger Name Records (PNR) between the United States and the European Union is riddled with faulty assertions and assumptions about US law and the actual operations of the US government.
These faulty assertions and assumptions go to the heart of the agreement and undercut the claims of protections for…
Content type: Press release
PI, Genewatch and the Council for Responsible Genetics launch the Forensic Genetic Policy Initiative
Today, 60 countries worldwide operate national DNA databases, and at least 34 more are considering putting them in place. The use of DNA evidence in criminal investigations can bring great benefits to society, helping to solve crimes, convict the guilty and exonerate the innocent. However, the mass storage of DNA samples and computerized profiles in databases raises important human rights concerns. Your DNA profile can be used to track you or your relatives. Your DNA sample has the…
Content type: News & Analysis
Last month, within thirty seconds of the BBC publishing a quotation from me on the latest round of the nymwars and Google+, my phone rang. Caller ID indicated that it was someone I know who works at Google. "Had I said something wrong?" was my first thought. I quickly retraced in my mind what it was that I had said to the journalist; I had responded in the article that Google's recent announcement could be seen as positive but really it was a sidestepping of the larger challenge of identity…
Content type: Press release
The Council of the European Union today reinforced restrictive measures on EU exports to Iran, banning "exports of equipment and software intended for use in the monitoring or interception of internet and telephone communications by the Iranian authorities".
The Council also added 17 people responsible for grave human rights violations to the list of those subject to a travel ban and asset freeze. An existing ban on equipment for use in internal repression was transferred from the sanctions…
Content type: Press release
In an advertisement placed in national newspapers yesterday (23rd February), the National ICT R&D Fund of Pakistan (which operates under the auspices of the Ministry of Information Technology) requested proposals for "the development, deployment and operation of a national level URL Filtering and Blocking System". Further information provided on the Fund's website stated:
"Internet access in Pakistan is mostly unrestricted and unfiltered...Many countries have deployed web…
Content type: News & Analysis
An astonishing 13-page investigation by Osman Kibar at Dagens Næringsliv has revealed that Norway has invested over $2 billion in 15 companies that manufacture and sell surveillance technologies - and that the government has no plans to divest investments in companies that are complicit in human rights abuses abroad.
The Norwegian national pension fund (commonly referred to as the "oil fund") is the world's largest sovereign wealth fund. The author of the Dagens Næringsliv…
Content type: Press release
In collaboration with the Wall Street Journal and the Guardian, Privacy International today published a database of all attendees at six ISS World surveillance trade shows, held in Washington DC, Dubai and Prague between 2006 and 2009. ISS World is the biggest of the surveillance industry conferences, and attendance costs up to $1,295 per guest. Hundreds of attendees are listed, ranging from the Tucson Police Department, to the government of Pakistan, to the International…
Content type: News & Analysis
A widely-leaked version of the first legislative proposal for a General Data Protection Regulation is making its way through Brussels and beyond. The purpose of this 'Regulation' is to provide a new tool for harmonising the protection of personal data across the European Union, and one that takes into consideration the current legislative and technological environment. The key point is that Europe's rules on privacy are often taken as an example to the world -- and provide a rare…
Content type: News & Analysis
Gradually and almost imperceptibly, we have immersed ourselves in a global hypermedia environment. This environment increasingly contains everything we do: we work, we play, we organize within it. Our lives have been, in essence, turned inside out and dispersed in endless ethereal clouds - multi-verses - that follow us around in extra dimensionality. “Big Data” refers to the endless digital grains of sand we produce as we move, think and act. Internet Service Providers, web hosting companies,…
Content type: News & Analysis
Last year, Index on Censorship published an interview with Google’s chief legal officer and senior vice president David Drummond. The company was still reeling from the aftermath of the news that an attack had been launched on Gmail from China. Drummond proposed that free speech needed to be part of the international agenda at multilateral and bilateral trade discussions, just like piracy. 'Western governments whose economies certainly benefit from the internet sector should make this happen,'…
Content type: News & Analysis
Independent security researcher Trevor Eckhart revealed yesterday that a recent software update to some HTC smartphones has accidentally given third party applications access to huge amounts of private data, including call logs, geolocation history, SMS data and a whole lot more.
The update surreptitiously installs a suite of applications logging users' interactions with their devices. When a device is first switched on, the user ostensibly has the option not to allow HTC to…
Content type: News & Analysis
The second 2011 meeting of the APEC Privacy Subgroup took place in San Francisco in mid September, and finalised the package of documents that comprise the Cross Border Privacy Rules (CBPR) system. Endorsed by the parent Electronic Commerce Steering Group (ECSG), these will now go forward for ratification by Ministers in Hawaii in November, and subsequent implementation. The Subgroup’s 2012 Work Plan envisages establishment of the Joint Oversight Panel (JoP), commencement of…
Content type: News & Analysis
On the 2nd of August 2011 the Hamburg Commissioner for Data Protection and Freedom of Information has called on Facebook to delete the feature on the social networking site that automatically recognizes facial features and "tags" users when others upload photos of them. According to the local German data protection authority the feature is a violation of local and European data protection laws, and Facebook should adapt the feature to European data protection law or suspend the use of the…
Content type: News & Analysis
Few understand why we focus on refugee privacy. Funders don’t understand it so don’t fund it; the public see the plight of refugees as seen on TV, not as a privacy issue; and often times the international community does everything it can to increase scrutiny of refugees. In this blog, I highlight the privacy issues facing refugees and how these issues can jeopardize refugees’ safety as much as any of the environmental, social, or political risks refugees encounter.
Refugees are amongst…
Content type: News & Analysis
Other human rights organisations often ask us what they should to when it comes to their infosec needs. Should they run their own mail server, or trust Gmail? Should they merge their calendars by email (!), a local server, or use some cloud solution?
We honestly don't know what to tell them. In fact, we are unsure of what we ourselves should be doing. We know that there are risks of keeping things local (e.g. lack of redundancy), and there are risks of data being stored…
Content type: News & Analysis
PI just received a response from Secretary General Thorbjørn Jagland of the Council of Europe (CoE) stating that the CoE is refusing to start an investigation on the collection and storage of citizens biometric data by member states. On 31 March an international alliance of organisations and individuals lodged a petition calling on him to start such an indepth survey under Article 52 of the European Convention on Human Rights (ECHR).
In his answer, received this week, Secretary…
Content type: News & Analysis
An international alliance of organisations and individuals from 27 countries has lodged a petition calling on the Council of Europe to start an indepth survey on the collection and storage of biometric data by member states.
European governments are increasingly demanding storage of biometric data (fingerprints and facial scans) from individuals. These include storage on contactless 'RFID' chips in passports and/or ID cards. Some are going even further by implementing…
Content type: News & Analysis
2011 is supposed to be the year that the APEC pathfinder projects on Cross Border Privacy Rules (CBPR) deliver a functional system for businesses to be certified for transfer of personal information between participating APEC economies.
After the last round of APEC privacy meetings in Washington DC on 1-3 March, this prospect is looking increasingly remote. Even the basic set of documentation and processes required for the process of self-certification and assessment of businesses has yet to…
Content type: News & Analysis
Skype has consistently assured that it protects its users and their communications. Having reviewed the company's technology and policies we have grounds for concern about Skype's overall level of security, and we believe there are a number of questions to which the company must respond. Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk. It's time for Skype to own up to the reality of its security and to take a leadership…
Content type: News & Analysis
Nigel Waters has previously represented Privacy International at APEC Data Privacy Subgroup meetings, on one occasion with PI having official guest status, otherwise indirectly through membership of the Australian delegation. On this occasion, expenses were paid by USAid for participation in the technical assistance seminar, and this allowed attendance at the other meetings.
Cross border privacy rules
As a reminder, or for newcomers, the cross border privacy rules (CBPR) system is one…
Content type: News & Analysis
Not since the 1990s has the internet been so exciting. With its use by political activists and journalists around the world, we can now again entertain the discussions that the internet brings freedom. Digital data traverses routers with little regard to national boundaries and so traditional constraints not longer apply. So it is no surprise that protestors on the streets of Tehran or Cairo are using the internet to organise. We like to believe in the freedom of the internet again, after…
Content type: News & Analysis
For the past couple of months we have been discussing with Google their transparency plans regarding governments accessing data held by Google. Last week Google released initial data on how many requests for data were coming from which governments.
We congratulate Google on this first step, and we believe that by seeking answers to some additional questions, greater clarity may yet emerge. Of course we have many more questions. We hope that this is the first step in an ongoing dialogue with…
Content type: News & Analysis
Last week the German Federal Constitutional Court overturned a law on the retention of telecommunications data for law enforcement purposes, stating that it posed a "grave intrusion" to personal privacy and must be revised. In their ruling the judges found that the law stands in contradiction to the basic right of private correspondence and does not protect the principle of proportionality, as it fails to balance the need to provide security with the right to privacy. All data on telephone…
Content type: News & Analysis
Privacy International and EPIC praised a vote today in the European Parliament today that rejected the transfer of finacial records to the United States under an interim agreement. A resolution to reject the deal passed 378-16, with 31 abstentions. Members of the parliament stated the proposed agreement lacked adequate privacy safeguards, and was a disproportionat response to US concerns about terrorism that also lacked reciprocity.
Simon Davies, Director General of Privacy International…
Content type: News & Analysis
The Active Millimeter Wave body scanners that airport security officials plan to use in greater numbers after a failed attempt to explode a bomb in a plane over Detroit raise troubling questions about passenger privacy, and ultimately the technology’s utility as a security measure.
While Privacy International supports the adoption of measures that will genuinely protect the security of passengers, we are deeply concerned that airport and security authorities increasingly deploy fashionable and…
Content type: News & Analysis
Following an extensive campaign by Privacy International and our network of groups in the United Kingdom, the UK Government has decided to abandon its current plans for data sharing legislation.
The government has announced that it will immediately abandon clause 152 of the Coroners and Justice Bill, following on from an open letter that Privacy International sent to the Justice Secretary earlier this week.
As the Sunday Telegraph observed, the eloquence of the letter together with the…
Content type: News & Analysis
Under the Terrorism Act 2000, police agencies in the UK have the power to stop and search within ‘security zones’ as established under order by the Home Secretary. Since February 2001, London has been designated as a security zone.
When this power was used in 2003 at a London protest against the arms trade, the protestors appealed to the courts on privacy grounds. The UK House of Lords ruled that although a stop and search in public was possibly an interference under Article 8(1) of the ECHR,…
Content type: News & Analysis
Privacy International has briefed the UK House of Commons Treasury subcommittee on the risks to UK census data if a company with a US data centre is called on to run the census. Under weak US laws on safeguarding personal information, the UK census data could be abused without any knowledge of the UK government.
We filed a letter with the subcommittee to respond to the government minister's claims to the Commons that the government had no concerns about the US government gaining access to the…