Search
Content type: News & Analysis
Creative Commons Photo Credit: Source
In September 2018, a month after Argentina lawmakers voted against the legalisation of abortion, we spoke to Eduardo Ferreyra from the Buenos Aires-based Asociacion por los Derechos Civiles about the role of privacy in the abortion debate. Also joining us in this second episode of the Gender and Privacy Series is Ambika Tandon from the Centre for Internet and Society in India to discuss the intersection between privacy and bodily autonomy.…
Content type: News & Analysis
Photo Credit: Marion S. Trikosko
This month, the World Bank's Identity for Development (ID4D) initiative is launching its inaugural "Mission Billion Challenge", a competition designed to promote innovation in the identity space with the inaugural question: "How can digital identification systems in developing countries be designed to protect people’s privacy and provide them with greater control over their personal data?” But make no mistake: introducing "privacy by design" does…
Content type: Examples
Days before the US November 2018 midterm elections, ProPublica discovered that an organisation called Energy4US spent $20,000 to run ads on Facebook pushing conservatives to support the Trump administration's reversal of fuel emission standards. On closer scrutiny, Energy4US appeared to be a front organisation for the trade association American Fuel and Petrochemical Manufacturers, which numbers the world's largest oil companies among its members. Although Facebook's announced requirement that…
Content type: Examples
In 2018, a group of researchers from the Campaign for Accountability posed as Russian trolls and were able to purchase divisive online ads and target them at Americans using Google's advertising platform. The researchers constructed fake profiles using the name and identifying details of the Internet Research Agency, a known Kremlin-linked troll farm; the ads appeared on the YouTube channels and websites belonging to CNN, CBS, Huffington Post, and the Daily Beast. The ads were approved in less…
Content type: Examples
In a systematic campaign over more than five years, Myanmar military used Facebook to covertly spread propaganda, mostly against the Rohynga, via accounts that appeared to be dedicated to pop stars and entertainment, turning the social media site into a tool for ethnic cleansing. Having garnered a mass following, the military operatives then used the pages to distribute false news, and spread hostility and division. In one campaign in 2017, the military's intelligence group sought to convince…
Content type: Examples
For many Filipinos, Facebook is their only way online because subsidies have kept it free to use on mobile phones since its launch in the country in 2013, while the open web is expensive to access. The social media network is believed to have been an important engine behind the ascent to the presidency of Rodrigo Duterte. Beginning in 2016, faked photographs and videos spread alongside false news targeting Senator Leila de Lima, a noted critic of Duterte and his violent war on drugs, and others…
Content type: Examples
In the run-up to the US 2018 mid-term elections, Facebook announced it would broaden the company's policies against voter suppression by banning misrepresentations about how to vote and whether a vote will be counted. The company also introduced a reporting option to allow users to report incorrect information and dedicated reporting channels for state election authorities. The company noted it was getting better at detecting and removing fake accounts and increasing transparency about…
Content type: Examples
In October 2018, in the wake of the Cambridge Analytica scandal and questions over Facebook's influence on the UK's EU referendum, Facebook announced it would add Britain to the US and Brazil on the list of countries where the company will no longer allow political groups to publish "dark" ads on its network. Among the changes: all paid-for political content will be automatically published in a public library for up to seven years; individuals and organisations running ads with political…
Content type: Examples
In May 2018, researchers in the US and China demonstrated that they could send commands that activate Apple's Siri, Amazon's Alexa, and Google Assistant but that are inaudible to the human ear. The researchers were able to make smartphones and smart speakers dial phone numbers and open websites; the potential is there to make them operate Internet of Things devices, wire money, or execute retail transactions by hiding commands in music or other audio.
https://www.nytimes.com/2018/05/10/…
Content type: Examples
In June 2018, human rights and digital rights activists in Myanmar called on Facebook to raise its level of moderation of Burmese-language content in order to reduce hate speech, which they said was at high risk of sparking open violence. In Myanmar, decades of civil war and the end of military rule had led to a humanitarian crisis that sent 900,000 Rohynga fleeing the country and that United Nations investigators called "ethnic cleansing" and suspected genocide. Because Facebook is pre-…
Content type: Examples
In June 2018, Uber filed a US patent application for technology intended to help the company identify drunk riders by comparing data from new ride requests to past requests made by the same user. Conclusions drawn from data such as the number of typos or the angle at which the rider is holding the phone would determine which, if any, driver they were matched with. What plans the company may have for the technology is unknown; however, critics expressed concerns that it could deter prospective…
Content type: Examples
In May 2018, the UK's Information Commissioner's Office announced it would investigate Police Scotland after Privacy International filed a complaint that offers' use of "cyber kiosks", which when connected to a device can view all its data, violated the Data Protection Act. Trials of the technology in Stirling and Edinburgh helped officers access 375 phones and 262 SIM cards; police went on to spend £370,000 on 41 kiosks, to be distributed throughout Scotland.
https://www.heraldscotland.…
Content type: Examples
In July 2018, Dutch researcher Foeke Postma discovered that Polar, the manufacturer of the world's first wireless heart rate monitor manufacturer, was exposing the heart rates, routes, dates, times, duration, and pace of exercises performed by individuals at military sites and at their homes via its social platform, Polar Flow. Polar placed these individuals at particular risk by showing all the exercises a particular individual has completed since 2014 on a single global map. Postma was able…
Content type: Examples
In September 2018, researchers discovered that websites accessed via mobile phones could access an array of device sensors, unlike apps, which request permissions for such access. The researchers found that 3,695 of the top 100,000 websites incorporate scripts that tap into one or more sensors, including Wayfair, Priceline, and Kayak. Unlike location sensors, motion, lighting, and proximity sensors have no mechanism for notifying users and requesting permission. Ad blockers were not effective…
Content type: Examples
In April 2018, the Austrian cabinet agreed on legislation that required asylum seekers would be forced to hand over their mobile devices to allow authorities to check their identities and origins. If they have been found to have entered another EU country first, under the Dublin regulation, they can be sent back there. The number of asylum seekers has dropped substantially since 2016, when measures were taken to close the Balkan route. The bill, which must pass Parliament, also allows the…
Content type: Examples
In September 2018, a number of people whose Google Pixel phones, Essential Phone, OnePlus 6, Nokia handsets, and other devices running Android 9 Pie discovered that the devices had, apparently autonomously, activated the software's Battery Saver feature. Google later explained that an internal experiment to test battery-saving features had accidentally - and erroneously - been rolled out to more users than it had intended. The silent and invasive nature of the mistake made it particularly…
Content type: Examples
Britain's £11 billion plan to offer smart meters to all homes and businesses by the end of 2020 was based in part on claims that the meters would give consumers better information about the energy they were using and offer sophisticated variable rate charging as part of working to combat climate change and pollution. In October 2018, the British Infrastructure Group of Parliamentarians, which is made up of 92 MPs and peers, issued a critical report noting that delays and cost increases were…
Content type: Examples
In October 2018, the app that supports the burglar alarm functions of Yale's "smart" locks and burglar alarms was disabled for 24 hours after an "unforeseen issue while carrying out unplanned network maintenance". Customers complained that they were unable to open or lock doors or disarm alarms, and that the company failed to warn them of the problem. At the time, Yale had just announced a trial with the Waitrose supermarket chain for an in-home delivery service.
https://www.theinquirer.net/…
Content type: Examples
In September 2018, the 156-year-old US life insurance company John Hancock announced it would stop underwriting traditional life insurance policies, instead selling only interactive policies that track health and fitness through the data collected by wearable devices and smartphones. Interactive life insurance had already become well-established in South Africa and Britain, and was spreading in the US. The company argued that the change would promote both health and profits; however, privacy…
Content type: Examples
In October 2018, a transparency report from the smart home company Nest, which Google acquired for $3.2 billion in 2014, found that between 2015 and 2018 Nest had been told to hand over data on 300 separate occasions relating to up to 525 Nest account holders. Nest turned over data in fewer than 20% of the cases in the first half of 2018, down from the second half of 2015, when the company complied nearly 60% of the time. Nest is best known for its smart thermostats, but it also makes…
Content type: Examples
In 2014, Britain announced an infrastructure plan requiring all energy suppliers to offer smart meters to all homes and businesses by the end of 2020. With two years to go, at the end of 2018, the problems customers experienced after making the switch led to calls to halt the rollout, which had reached 13 million of Britain's 53 million homes and was already losing momentum. Among other problems, 940,000 of the meters lost their smart functionality when customers switched supplier. Many of the…
Content type: Examples
In September 2018, AI Now co-founder Meredith Whittaker sounded the alarm about the potential for abuse of the convergence of neuroscience, human enhancement, and AI in the form of brain-computer interfaces. Part of Whittaker's concern was that the only companies with the computational power necessary to develop these technologies are those already leading in AI: Google, Facebook, Microsoft, and equivalent. The result would be that the neural data collected from individuals' thoughts would be…
Content type: Examples
In March 2018 the Palo Alto startup Mindstrong Health, founded by three doctors, began clinical tests of an app that uses patients' interactions with their smartphones to monitor their mental state. The app, which is being tested on people with serious illness, measures the way patients swipe, tap, and type into their phones; the encrypted baseline and ongoing data is then analysed using machine learning to find patterns that indicate brain disorders such as a relapse into depression, substance…
Content type: Examples
In October 2018 Amazon patented a new version of its Alexa virtual assistant that would analyse speech to identify signs of illness or emotion and offer to sell remedies. The patent also envisions using the technology to target ads. Although the company may never exploit the patent, the NHS had previously announced it intended to make information from its online NHS Choices service available via Alexa.
https://www.telegraph.co.uk/technology/2018/10/09/amazon-patents-new-alexa-feature-knows-…
Content type: Advocacy
Este informe es presentado por Derechos Digitales, Ciudadano Inteligente, Fundación ProAcceso y Privacy International. Derechos Digitales es una organización no gubernamental de defensa, promoción y desarrollo de los derechos humanos en el entorno digital. Ciudadano Inteligente es una organización dedicada a fortalecer la democracia y reducir la desigualdad a través de la transparencia y la participación ciudadana. Fundación ProAcceso se dedica a la defensa del derecho de acceso a la…
Content type: Advocacy
Consumers benefit from the existence of competitive markets, in which they can freely choose among a wide range of products and services. Competition policy plays an important role in this regard by ensuring that competition is not disrupted in a way that can harm consumers directly (e.g. leading to price increases or less choice) or indirectly (e.g. weakening competition as a process by hampering the ability of firms to compete on the merits).
Content type: App Analysis
This documentation demonstrates actions taken by the test user and the apps subsequent responses.
Test user action 1: The user taps on the application icon, which opens the application
Response from app: The application is initialised and the following data is sent and received by the app:
Immediately after the app is opened, the following HTTP GET request is made to graph.facebook.com
GET https://graph.facebook.com/v3.0/115882278440564?fields=…
Content type: App Analysis
This documentation demonstrates actions taken by the test user and the apps subsequent responses.
Test user action 1: The user taps on the application icon, which opens the application
Response from app: The application is initialised and the following data is sent and received by the app:
Immediately after the app is opened, the following data is sent to graph.facebook.com (Graph)
The app sends the following HTTP GET request to graph.facebook.com
GET https://…