Search
Content type: Report
In December 2018, the National Coalition of Human Rights Defenders-Kenya published a report analysing the needs and concerns of human rights defenders (HRD) in relation to privacy, data protection and communications surveillance.
A summary of their findings is below. Access the full report on their website.
Content type: App Analysis
This documentation demonstrates actions taken by the test user and the apps subsequent responses.
Test user action 1: The user taps on the application icon, which opens the application
Response from app: The application is initialised and the following data is sent and received by the app:
Immediately after the app is opened, the following data is sent to graph.facebook.com (Graph)
The following GET request was made:
GET https://graph.facebook.com/v3.1/97534753161…
Content type: Examples
Following the 9/11 attacks in 2001, the New York City Police Department installed thousands of CCTV cameras and by 2008 in partnership with Microsoft had built the Lower Manhattan Security Coordination Center to consolidate its video surveillance operations into a single command centre that also incorporated other sensors such as licence plate readers and radiation detectors. In 2010 as part of its Domain Awareness System, the NYPD began integrating cutting-edge video analytics software into…
Content type: Examples
In 2011, the US Department of Homeland Security funded research into a virtual border agent kiosk called AVATAR, for Automated Virtual Agent for Truth Assessments in Real-Time, and tested it at the US-Mexico border on low-risk travellers who volunteered to participate. In the following years, the system was also tested by Canada's Border Services Agency in 2016 and the EU border agency Frontex in 2014. The research team behind the system, which included the University of Arizona, claimed the…
Content type: Examples
In 2018, at least five British local authorities began developing systems intended to use predictive analytics to identify families needing attention from child services on the basis that algorithmic profiling could help them target their scarce resources more efficiently. Data about at least 377,000 people were incorporated into predictive systems managed by a variety of private companies: Xantura (used by Hackney and Thurrock) or by systems they developed internally (Newham and Bristol). IBM…
Content type: Examples
In 2018, the EU announced iBorderCtrl, a six-month pilot led by the Hungarian National Police to install an automated lie detection test at four border crossing points in Hungary, Latvia, and Greece. The system uses an animated AI border agent that records travellers' faces while asking questions such as "What's in your suitcase?". The AI then analyses the video, scoring each response for 38 microexpressions. Travellers who pass will be issued QR codes to let them through; those who don't will…
Content type: Advocacy
In response to the consultation on ‘Gender perspectives on Privacy’ by the UN Special Rapporteur on the right to privacy, Privacy International presented a submission with its observations.
Content type: News & Analysis
We found this here.
The European Union’s new privacy law, the General Data Protection Regulation, or GDPR, is being tested across Europe. The first GDPR privacy case in Romania began with an investigation that was published on November 5 about a corruption scandal involving a politician and his close relationships to a company being investigated for fraud. The Romanian data protection authority (ANSPDCP) sent a series of questions to the journalists who authored the article and asked for…
Content type: Advocacy
Privacy International, European Digital Rights, and the Association for Technology and Internet (ApTI) together with 15 other digital rights organisations sent a letter on Monday 21 November 2018, to the European Data Protection Board (EDPB), with copies to the Romanian Data Protection Authority (ANSPDCP), and the European Commission, asking for the General Data Protection Regulation (GDPR) not to be misused in order to threaten media freedom in Romania.
Shortly after a journalistic…
Content type: News & Analysis
Data sharing among states is gaining prominence, particularly in light of the need to coordinate counter-terrorism activities across borders. The President of the European Commission put it in stark terms just a couple of months ago: “Terrorists know no borders. We cannot allow ourselves to become unwitting accomplices because of our inability to cooperate.” And several UN Security Council resolutions have emphasized the need for international cooperation in counter-terrorism.
Privacy…
Content type: Examples
Police in the German state of Hesse are using a bespoke version of Palantir's Gotham software system, specially adapted for the police force. Palantir CEO Alex Karp sits on the board of the German mega publisher Axel Springer.
Publication: WorldCrunch, Jannis Brühl
Date: 20 November 2018
Content type: Video
We filed complaints against seven companies, including the ones mentioned in this video, for wide-scale and systematic infringements of data protection law. Demand these companies delete your data!
Content type: Video
We filed complaints against seven companies, including the ones mentioned in this video, for wide-scale and systematic infringements of data protection law. Demand these companies delete your data!
Content type: News & Analysis
We've put together this short FAQ about some of the legal details of our campaign to ask companies to delete our data.
1.What is the right to erasure?
The right to erasure (or deletion) is just one of a number of data rights that may be found in data protection law, including the European Union's new law, the General Data Protection Regulation, better known as "GDPR".
You have the right to ask that your data be deleted and, in most cases, the data controller (which in your letter is the data…
Content type: News & Analysis
Email addresses
Acxiom: [email protected]
Criteo: [email protected]
Equifax: [email protected]
Experian: [email protected]
Oracle: https://oracle.ethicspointvp.com/custom/oracle/dp/en/form_data.asp
Quantcast: [email protected] cc: [email protected]
Tapad: [email protected]
Letter for Acxiom and Oracle
subject line: Right to Erasure Request
I am concerned your company exploits my data.
In accordance with my right[s] under the General Data…
Content type: News & Analysis
Our team wanted to see how data companies that are not used to being in the public spotlight would respond to people exercising their data rights. You have the right under the EU General Data Protection Regulation ("GDPR") to demand that companies operating in the European Union (either because they are based here or target their products or services to individuals in the EU) delete your data within one month. We wrote to seven companies and requested that they delete our data, and we've made…
Content type: Press release
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. Privacy International urges the data protection authorities to investigate these companies and to protect individuals from the mass exploitation of their data.
Our complaints target companies that, despite exploiting the data of millions of…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…
Content type: Long Read
It’s 15:10 pm on April 18, 2018. I’m in the Privacy International office, reading a news story on the use of facial recognition in Thailand. On April 20, at 21:10, I clicked on a CNN Money Exclusive on my phone. At 11:45 on May 11, 2018, I read a story on USA Today about Facebook knowing when teen users are feeling insecure.
How do I know all of this? Because I asked an advertising company called Quantcast for all of the data they have about me.
Most people will have never heard of…
Content type: News & Analysis
Privacy International notes a recent ruling issued by Italy’s Supreme Court (Corte di Cassazione) that addresses the need to limit government hacking powers for surveillance purposes and articulates required safeguards when hacking is conducted as part of a criminal investigation.
The ruling addresses the appeals of several individuals involved in a case of corruption; the appeals challenge irregularities in the collection of data as part of the criminal investigation, which resulted in the…
Content type: Examples
In 2016, Tapad launched a partnership with the location-based ad targeting firm Placed to provide a service measuring the impact of digital advertising on in-store sales. Tapad sends anonymous campaign data to Placed, which has a panel of more than 500,000 users who have opted in. Placed measures store visits among those who have been exposed to advertising on any combination of internet-connected devices, and compares the results to the store visits made by a control group that hasn't been…
Content type: Examples
In 2016, Tapad and Acxiom's LiveRamp announced an expanded partnership to make Tapad's proprietary Device Graph accessible to LiveRamp's more than 400 adtech and marketing technology platforms. Device Graph enables marketers to track customer engagement across all digital channels. LiveRamp will use it to reach consumers on digital channels and measure the performance of advertising campaigns; Tapad provides probabilistic matching for consumers LiveRamp can't match through deterministic methods…