Educational

Examples, Explainer, Educational Case Study, Course, Guide

Frequently Asked Questions

The UK data protection regulator took action against three credit reference agencies. Here we explain why it's important and what's next.

Long Read
As more and more of us feel compelled to cover our faces with masks, companies that work on facial recognition are confronted with a new challenge: how to make their products relevant in an era where masks have gone from being seen as the attribute of those trying to hide to the accessory of good
Video

This satirical video is a critique of the UK government's reliance on 'technological solutionism' in the fight against Coronavirus and increasingly across public services more widely, and their willingness to then scapegoat ‘mutant algorithms’ when their hopes for technological panaceas inevitably fail.

Guide step

The HTTP referrer header can be very revealing in the context of online tracking. Learn how you can change the policy in Vivaldi to force the browser to include the minimum information in this header or even block it entierely.

Guide step

The HTTP referrer header can be very revealing in the context of online tracking. Learn how you can change the policy in Opera to force the browser to include the minimum information in this header or even block it entierely.

Guide step

The HTTP referrer header can be very revealing in the context of online tracking. Learn how you can change the policy in Chrome to force the browser to include the minimum information in this header or even block it entierely.

Guide step

The HTTP referrer header can be very revealing in the context of online tracking. Learn how you can change the policy in Firefox to force the browser to include the minimum information in this header or even block it entierely.

Video

PI's Reproductive Rights and Privacy Project speaks with Maite Karstanje and Nadia Ferrari from Equipo Latinoamericano de Justicia y Género (ELA) in Argentina, which works with Latin American feminist institutions to promote and defend human rights and gender justice in the region, about reproductive rights in the country.

Explainer

Interoperability: what does it mean and why should we care?

Case Study

Privacy protects our freedom to be human - to live, learn, and develop.

Explainer

Thermal imaging cameras are presented as an effective way to detect if someone has one of the symptoms of the coronavirus - a temperature - but it's not that simple.

Video

PI's Reproductive Rights and Privacy Project speaks with Dr. Subasri Narasimhan and Dr. Dabney Evans from the Rollins School of Public Health at Emory University in the US about their paper which documents how misleading health information about reproductive health can flow into policy and legislative debates.

Explainer

Everything you wanted to know about immunity passports for Covid-19.

Video

This week we talk to PI's Tech Co-ordination Group to bring you tips and tricks about how to start cleaning up and securing your phone or computer.

Long Read

This article presents some of the tools and techniques deployed as part surveillance practices and data-driven immigration policies routinely leading to discriminatory treatment of peoplee and undermining peoples’ dignity, with a particular focus on the UK.

Video

PI spoke to partner Asociación por los Derechos Civiles to learn more about their political ads tool, PubliElectoral.

News & Analysis
At a time where the mass surveillance of protests has been at the forefront, the UN High Commissioner for Human Rights released a timely report on the impact of new technologies on the promotion and protection of human rights in the context of assemblies, including peaceful protests. The new report
Report

We analyse how the intrusive and unregulated use of IMSI catchers infringes on our right to privacy, freedom of expression, and freedom of assembly and association.

News & Analysis

Google knows so much about you, and now it wants your health data too. Read our ‘Pass Notes’ for a quick summary of the issues and then please join our campaign to stop them!

Video

Immediately after the UK general election in December 2019, we worked with ORG to poll people about ‘data-driven political campaigning’. We found that most people oppose the use of targeted ads during elections, and oppose election spending when the source of funding is unknown.

Video

PI's Reproductive Rights and Privacy Project speaks with Ruth Taylor, the CEO of the UK-based charity Abortion Support Network about how opposition groups are using misinformation to delay people from accessing safe abortion care.

Call to Action

Ask advertisers why they have your data!

Some advertisers upload our personal data to target us on Facebook. Find the ones doing this for you and hold them into account!

Explainer

Here are a few suggested tips, based on our own experience with Data Subject Access Requests (DSARs). This is based on DSARs under the EU General Data Protection Regulation (GDPR), but we hope our tips may be useful in other jurisdictions too.

Frequently Asked Questions

Some frequently asked questions about the right to access your personal data.

Explainer

In the UK, Local Authorities (Councils) are looking at people’s social media accounts, such as Facebook, as part of their intelligence gathering and investigation tactics in areas such as council tax payments, children’s services, benefits and monitoring protests and demonstrations.

This has particular consequences and a disproportionate negative impact on certain individuals and communities.

Long Read

As Governments, Apple and Google compete in proximity tracing, here’s our take on building tech in times of crisis. 

Long Read

This country case-study was informed by research carried out by Hiperderecho.

Explainer

How does satellite navigation work, and how can it be used for tracking?

Long Read

Throughout these updates, we will do our best to avoid technical terms, obscure references or abstract discussions. We want you to be aware of how data power has grown and why we need to act. This post focuses on data and competition law developments in the UK.

Guide step

The screenshots below outline some steps you can take to minimise the data you share on WhatsApp. The company announced changes to group privacy (details here) but we are not currently (as of 14/05/19) able to see these changes (PI is UK-based).

It’s tough to minimise targeted ads on phones

Guide step

Uber appears to offer few options to limit data collection and it’s unclear how the data the company has about users is shared with third parties including advertisers, although there have been numerous reports about Uber’s data sharing activities. These screenshots show a few things you can do.

Guide step

Twitter plays an increasingly important role as a space facilitating democratic engagement, debate and dissent. However, Twitter's track record in relation to protecting people's data has in some instances fallen short of expectations. In August 2019, for example, Twitter revealed that it had shared

Guide step

TikTok is a short-form video app (owned by ByteDance) which allows advertising and sponsored content. Two thirds of TikTok’s over 113 million users (are reportedly aged 16-24) and it was the second most downloaded app in 2019, beaten only by WhatsApp’s 849 million). Like other tech platforms

Guide step

While Telegram says in its privacy policy that the company doesn’t “use your data for ad targeting or other commercial purposes”, the company says that “no third party bot developers are affiliated with Telegram” and that developers “should ask [users] for [their] permission before they access

Guide step

It’s tough to minimise targeted ads on phones because ads can be delivered based on data from the device level (such as what operating system your phone is using or based on unique numbers that identify your phone), browser level (what you search for within a browser), and within the apps you use

Guide step

Facebook has been in the news over the past few years for failing to protect users’ data (here are some examples). Facebook can be an important tool in facilitating democracy and provides the potential to spread messages and ideas around the globe. For these reasons, it’s not possible for some

Guide step

Google dominates online search. The company also owns YouTube and Android, with the latter reportedly making up nearly 75% of the global smart phone market share. PI has written about the numerous problems that come from corporate concentration and the use of data by monopolistic companies, and

Long Read

Following Margaret Atwood's comments that the response to Covid-19 does not amount to "deliberate totalitarianism” we wrote an open letter to her in response, agreeing with her but noting that we may be sleepwalking into a dystopia created by accident rather than design.

Explainer

In a scramble to track, and thereby stem the flow of, new cases of the Coronavirus, Governments around the world are rushing to track the locations of their populace. One way to do this is to write a smartphone app which uses Bluetooth technology, and encourage (or mandate) that individuals download and use the app. The aim of this piece is to provide more detail on the technology itself, rather than a deep dive into the risks and whether or not Bluetooth technology should be used.

Guide step

uBlock Origin (do not mistake with uBlock which a completely different project) is an independant and open-source ad-blocker relying on a currated list of servers. It prevents your browser from connecting to these servers to serve you ads. We recommand it over AdBlock Plus which authorise certain

Long Read

Valentine’s Day is traditionally a day to celebrate relationships, but many relationships that begin romantically can quickly become controlling, with partners reading emails, checking texts and locations of social media posts. This can be just the beginning.

Today, Friday 14th February, Privacy International and Women’s Aid are launching a series of digital social media cards giving women practical information on how to help stay safe digitally from control and abuse.

Explainer

Targeted advertising is becoming ever more pervasive.  We examine changes to TV advertising, from broadcast, to video on demand, to streaming and smart TVs - how our data may be exploited, including for political gain.

Video

How an anti-abortion organisation uses data and tech.

Long Read

The EU gives millions to surveillance companies, universities, and government agencies to develop cutting-edge surveillance technologies.

01 Nov 2019
A woman was killed by a spear to the chest at her home in Hallandale Beache, Florida, north of Miami, in July. Witness "Alexa" has been called yet another time to give evidence and solve the mystery. The police is hoping that the smart assistance Amazon Echo, known as Alexa, was accidentally
Explainer
Abstract Over the past few years, smart phones have become incredibly inexpensive, connecting millions of people to the internet for the first time. While growing connectivity is undeniably positive, some device vendors have recently come under scrutiny for harvesting user data and invasive private
A new investigative report from Sharona Coutts at Rewire exposed how anti-choice groups, including at least one adoption agency, were resorting to using a technology called "geofencing" to find and then target individuals they believe are considering abortion, with targeted ads. Two groups, a
16 Sep 2019
Ahead of the Irish referendum to amend the Constitutions of Ireland to allow the parliament to legislative for abortion which took place in May 2018, Google decided to stop all advertising relating to the referendum on all of its advertising platforms, including AdWords and YouTube. This followed
16 Sep 2019
Bethany Christian Services, an international pregnancy support and adoption agency, is launching a programme with Copley Advertising to send targeted ads to individuals visiting Planned Parenthood clinics, abortion clinics, methadone clinics and high-risk areas (AHPA). The targeting will be done
12 Sep 2019
Denmark released 32 prisoners as part of an ongoing review of 10,700 criminal cases, after serious questions arose regarding the reliability of geolocation data obtained from mobile phone operators. Among the various problems with the software used to convert the phone data into usable evidence, it
15 Jul 2019
US campaigners supported by the Catholic church are promoting the app Femm, which collects sensitive data about women's sexual lives and aim to scare women from using hormonal birth control, in rural Nigeria. Femm received a $100,000 from the Papal Foundation to promote their app. https://www
08 May 2018
Following pressure from civil society and pro-abortion groups, Facebook announced on May 8th 208 a ban on foreign ads related to the Irish referendum on abortion. Facebook said they were being consistent with Irish electoral law. https://www.irishtimes.com/business/technology/facebook-bans-foreign
07 May 2018
Una Mullally writes about the online campaign led by the anti-abortion groups Protect the 8th and Undecided8 and their targeting of undecided voters in Ireland. She spoke to Facebook about their role in the spreading of those campaign and to campaigner Gavin Sheridan, who has demanded transparency
13 May 2018
In this piece Gavin Sheridan, transparency campaigner and CEO of legal intelligence company Vizlegal, argues for the need for a regulatory oversight to control the impact big tech companies and force them to be more transparent. https://www.theguardian.com/commentisfree/2018/may/13/ireland-abortion
A 17-year-old Palestinian resident of Lebanon, Ismail B. Ajjawi, was deported shortly after he arrived at Boston Airport, where he was due to start attending Harvard University the following week. Immigration officers subjected him to hours of questioning — at one point leaving to search his phone
Explainer
In 2000, the Government told Parliament that the Regulation of Investigatory Powers Act 2000 (RIPA) was the total extent of surveillance powers that were needed. However, within weeks of RIPA receiving Royal Assent, a report from UK law enforcement was leaked, stating that the power the Government
A February 2019 study of facial recognition systems found that these systems are not designed with transgender and nonbinary people in mind. Researcher Os Keyes studied 30 years of facial recognition research, including 58 separate research papers, and found that more than 90% of the time
In 2018, Brian Hofer, the chair of Oakland's Privacy Advisory Commission, filed suit after police wrongfully stopped him at gunpoint because their automated license plate recognition system, supplied by Vigilant Solutions, indicated that the rental car he was driving had been stolen. The car had in
In 2018, to prove how easily soldiers' real-world actions can be manipulated via social media, researchers at NATO's Strategic Communications Center of Excellence (StratCom) conducted a red-team exercise in which they "catfished" members of the armed forces. Using information collected from Facebook
In February 2019, after investigative journalists used social media posts to investigate the country's hidden role in conflicts such as those in Ukraine and Syria, Russia began moving to ban its soldiers from posting any information that would expose their whereabouts or their role in the military
In 2018, repossession services in the US were experiencing a boom in business as the number of Americans failing to keep up with their car payments reached its highest point since 2012. One of these, Ohio-based Relentless Recovery, was increasing its hit rate by equipping its agents' vehicles with
In February 2019, the UK Home Office told the Independent Chief of Borders and Immigration that it was planning to build a system that could check and confirm an individual's immigration status in real time to outside organisation such as employers, landlords, and health and benefits services
In February 2019 Gemalto announced it would supply the Uganda Police Force with its Cogent Automated Biometric Identification System and LiveScan technology in order to improve crime-solving. LiveScan enables police to capture biometric data alongside mugshots and biographical data. CABIS speeds up
In November 2018, Italy's Data Protection Authority advised against a proposal from the country's Interior Minister, Matteo Salvini, to replace "parent 1 and parent 2" on children's national ID cards with "mother and father". Salvini, who campaigned for election earlier in 2018 on a socially
In February 2019 BuzzFeed News reported that one of the largest home DNA testing companies, FamilyTreeDNA, had formed an agreement with the FBI to grant the agency access to its database of more than 1 million genetic profiles, most of which were supplied by consumers with no thought that they would
In January 2019 the UK Home Office announced it would collaborate with France to overhaul its regime for suspicious activity reports in order to fight money laundering. In 2018, the number of SARs filed with the National Crime Agency rose by 10% to nearly 464,000. Banks, financial services, lawyers
In February 2019, the city of Rio de Janeiro announced that its police security operation for the annual five-day Carnival would include facial recognition and vehicle license plate cameras to identify wanted individuals and cars. Municipal officials said the system would help reduce thefts and
In 2018, the UK Department of Education began collecting data for the schools census, a collection of children's data recorded in the national pupil database and including details such as age, address, and academic achievements. The DfE had collected data on 6 million English children when, in June
The US Department of Homeland Security awarded a $113 million contract to General Dynamics to carry out the Visa Lifecycle Vetting Initiative (VLVI), a renamed version of the Extreme Vetting Initiative and part of a larger effort called the National Vetting Enterprise. In May 2018, public outrage
VeriPol, a system developed at the UK's Cardiff University, analyses the wording of victim statements in order to help police identify fake reports. By January 2019, VeriPol was in use by Spanish police, who said it helped them identify 64 false reports in one week and was successful in more than 80
New workplace technologies are generating mountains of data on workers despite a lack of clarity over how the data is used and who owns it. In offices, smart badges track interactions and sensors track fitness and health; in trucks sensors monitor drivers' performance in the name of safety. In the
30 Aug 2018
After four years of negotiation, in 2017 Google began paying Mastercard millions of dollars for access to the latter's piles of transaction data as part of its "Stores Sales Measurement" service. Google, which claimed to have access to 70% of US credit and debit cards through partners, said that
In September 2018, at least five local English councils had developed or implemented a predictive analytics system incorporating the data of at least 377,000 people with the intention of preventing child abuse. Advocates of these systems argue that they help councils struggling under budget cuts to
By 2018, the Danish municipality of Gladsaxe, in Copenhagen, began identifying children at risk of abuse so that flagged families could be targeted for early intervention by applying a set of specially designed algorithms to information already gathered by the centralised Udbetaling Danmark
In October 2018, the Singapore-based startup LenddoEFL was one of a group of microfinance startups aimed at the developing world that used non-traditional types of data such as behavioural traits and smartphone habits for credit scoring. Lenddo's algorithm uses numerous data points, including the
In late 2017, the residents of the small town of Santa Maria Tonantzintla, about three-hours away from Mexico City, discovered their town was intended to become a pilot smart city in a collaboration between the state of Puebla and the organisation Alianza Smart Latam. The town's residents, who had
In October 2018, the answers to a FOIA request filed by the Project on Government Oversight revealed that in June 2018 Amazon pitched its Rekognition facial recognition system to US Immigration and Customs Enforcement officials as a way to help them target or identify immigrants. Amazon has also
In October 2018, in response to questions from a committee of MPs, the UK-based Student Loans Company defended its practice of using "public" sources such as Facebook posts and other social media activity as part of the process of approving loans. In one case earlier in the year, a student was told
In November 2018, tests began of the €4.5 million iBorderCtrl project, which saw AI-powered lie detectors installed at airports in Hungary, Latvia, and Greece to question passengers travelling from outside the EU. The AI questioner was set to ask each passenger to confirm their name, age, and date
In November 2018, 112 civil liberties, immigrant rights groups, child welfare advocates, and privacy activists wrote a letter to the heads of the US Department of Health and Human Services and the Department of Homeland Security demanding an immediate halt to the HHS Office for Refugee Resettlement
In November 2018 the UK's Equality and Human Rights Commission warned that asylum seekers have been deterred from seeking medical help in Scotland and Wales since the UK government began forcing the English NHS to charge upfront in 2017 and by fears that medical personnel will comply with Home
The Home Office Christmas 2018 announcement of the post-Brexit registration scheme for EU citizens resident in the UK included the note that the data applicants supplied might be shared with other public and private organisations "in the UK and overseas". Basing the refusal on Section 31 of the
In December 2018, a report, "Access to Cash", written by the former financial ombusdsman Natalie Ceeney and independent from but paid for by the cash machine network operator Link, warned that the UK was at risk of sleepwalking into a cashless society and needed to protect an estimated 8 million
In October 2018, British home secretary Sajid Javid apologised to more than 400 migrants, who included Gurkha soldiers and Afghans who had worked for the British armed forces, who were forced to provide DNA samples when applying to live and work in the UK. DNA samples are sometimes provided by
In December 2018, Florida citizen Peter Sean Brown filed a federal lawsuit against the Monroe County Sheriff's offices for arresting and detaining him for three weeks claiming he was an illegal alien from Jamaica. Even though Brown offered to show the sheriff his birth certificate and explained he
In December 2018, in the wake of the Windrush scandal, the National Police Council, which represents police chiefs across England and Wales agreed to cease passing on to deportation authorities information about people suspected of being in the country illegally. The measures also ban officers from
In a report released in December 2018, the UK's National Audit Office examined the management of information and immigrant casework at the Home Office that led to the refusal of services, detention, and removal of Commonwealth citizens who came to the UK and were granted indefinite leave to remain
In a November 2018 report based on a year's study of the use of data scores, Data Justice Lab provided a comprehensive look at the use of data-driven citizen scoring in government, particularly focusing on six case studies drawn from local councils in the UK. The report noted there is no systematic
In November 2018, worried American parents wishing to check out prospective babysitters and dissatisfied with criminal background checks began paying $24.99 for a scan from the online service Predictim, which claimed to use "advanced artificial intelligence" to offer an automated risk rating
In November 2018 reports emerged that immigrants heading north from Central America to the US border are more and more often ensuring they are accompanied by children because "family units" are known to be less likely to be deported, at least temporarily, and smugglers charge less than half as much
In November 2018, researchers at Sweden's University of Lund, the US's Worcester Polytechnic Institute, and the UK's Oxford University announced that in August the US State Department had begun using a software program they had designed that uses AI to find the best match for a refugee's needs
In November 2016 the UK Information Commissioner's Office issued an enforcement notice against London's Metropolitan Police, finding that there had been multiple and serious breaches of data protection law in the organisation's use of the Gangs Violence Matrix, which it had operated since 2012. The
As early as 2008, the Chinese telecommunications giant ZTE began helping Venezuela develop a system similar to the identity system used in China to track social, political, and economic behaviour. By 2018, Venezuela was rolling out its "carnet de la patria", a smart-card "fatherland" ID card that
After an 18-month investigation involving interviews with 160 life insurance companies, in January 2019 New York Financial Services, the state's top financial regulator, announced it would allow life insurers to use data from social media and other non-traditional sources to set premium rates for
A study published in February 2019 found that 95% of the predictive accuracy for an individual can be achieved solely by analysing their social ties; the person's data is not needed. Given as few as eight or nine of an individual's contacts, it should be possible to profile the individual even if
A study published in January 2019 found that a form of facial recognition technology that interprets emotions in facial expressions assigns more negative emotions to black men's faces than white men's faces. The problem is the latest in a series of ways that facial recognition has failed for non
In 2018, technology companies and medical providers were experimenting with machine learning and AI to mine health records and online posts to identify patterns linked to suicide, hoping to be able to predict, and therefore prevent, such attempts. On the academic side, a pilot programme conducted by
In December 2018, Facebook provided an update on the civil rights audit it asked civil rights leader Laura Murphy to undertake in May. Based on advice Murphy culled from 90 civil society organisations, Facebook said it had expanded its policy prohibiting voter suppression, updated its policy to ban
In December 2018 Walmart was granted a patent for a new listening system for capturing and analysing sounds in shopping facilities. The system would be able to compare rustling shopping bags and cash register beeps to detect theft, monitor employee interactions with customers, and even listen to
The pregnancy apps many women were using in December 2018 proved to be incapable of handling miscarriages, even though up to 20% of all known pregnancies end this way. There are only two choices: allow the apps to continue sending alerts celebrating the pregnancy's progress or delete the pregnancy
13 Feb 2019
In February 2019, the World Food Programme, a United Nations aid agency, announced a five-year, $45 million partnership with the data analytics company Palantir. WFP, the world's largest humanitarian organisation focusing on hunger and food security, hoped that Palantir, better known for partnering
Explainer

Companies like Facebook, Google, and Twitter are not doing enough to provide their users with ads transparency.

31 Jul 2019
The Lumi by Pampers nappies will track a child's urine (not bowel movements) and comes with an app that helps you "Track just about everything". The activity sensor that is placed on the nappy also tracks a baby's sleep. Concerns over security and privacy have been raised, given baby monitors can be
Le Monde exposed anti-IVG (anti-abortion) advertising on Facebook as part of a borader campaign led by anti-abortion website IVG.net. The advertisement relied on stock photos and fake testimonies posted in public Facebook groups and promoted to young women. Most of the posts attempt to promote the
01 Feb 2016
French website IVG.net, first Google result when typing IVG (Interuption Volontaire de Grossesse or abortion in french), has been exposed as being anti-abortion website spreading misinformation. Offering an official looking "Numero vert" (free to call phone number number), IVG.net attempts to
17 Jul 2009
In 2009, Amazon Kindle readers were surprised to find that their copies of George Orwell’s 1984 was missing from their devices. Amazon had remotely deleted these copies after it found out from the publisher that the third-party vendor selling them did not own the rights to the books. Amazon refunded
10 Oct 2018
From 2014 to early 2017, Amazon used an artificial intelligence (AI) hiring tool to review prospective employees’ resumes and select qualified candidates, based on Amazon’s previous hiring decisions from a ten-year period; however, the tool was much more effective at simply selecting male candidates
26 Jul 2018
The American Civil Liberties Union (ACLU) used Rekognition, Amazon’s facial recognition software, to compare images of US lawmakers to a publicly available database of 25,000 mugshot photos. The ACLU’s study validated research that has shown that facial recognition technology is more likely to
16 Oct 2018
More than 450 Amazon employees delivered a letter to Jeff Bezos and other Amazon executives, demanding that the company immediately stop selling facial recognition software to law enforcement, sever connections to companies like Palantir that help immigration authorities track and deport immigrants
22 May 2019
Amazon shareholders rejected two non-binding proposals governing its facial recognition software, Rekognition: one would have limited sales of Rekognition to governments, unless a board determined that such sales would not violate peoples’ rights, and the other was to study the extent to which
20 Dec 2018
Millions of people own smart home devices like the Amazon Echo and Echo Dot—equipped with the Alex cloud-based artificial intelligence service—which have concerning implications for privacy rights. While, Amazon’s own policies promise that only the user and Amazon will listen to what those devices
11 Jan 2018
A 19-year-old medical student was raped and drowned in the River Dresiam in October 2016. The police identified the accused by a hair found at the scene of the crime. The data recorded by the health app on his phone helped identify his location and recorded his activities throughout the day. A
03 Apr 2018
The body of a 57-year-old was found in the laundry room of her home in Valley View, Adelaide, in September 2016. Her daughter-in-law who was in the house at the time of the murder claimed that she was tied up by a group of men who entered the house and managed to escape when they left. However, the
03 Oct 2018
The 90-year old suspect when to his stepdaughter's house at San Jose, California for a brief visit. Five days later, his stepdaugter's body, Karen was discovered by a co-worker in her house with fatal lacerations on her head and neck. The police used the data recorded by the victim's Fitbit fitness
16 Nov 2017
In 2017, US Immigration & Customs Enforcement (ICE) announced that it would seek to use artificial intelligence to automatically evaluate the probability of a prospective immigrant “becoming a positively contributing member of society.” In a letter to acting Department of Homeland Security Secretary
17 Aug 2018
US Immigrations & Customs Enforcement (ICE) used social media monitoring to track groups and people in New York City associated with public events opposing the Trump administration’s policies, including ones related to immigration and gun control. The investigative branch of ICE created and
09 Jan 2019
The US government created a database of more than 50 journalists and immigrant rights advocates, many of whom were American citizens, associated with the journey of migrants travelling from Central America to the Mexico-US border in late 2018. Officials from Customs and Border Protection (CBP)
05 Dec 2018
On 14 May 2018, the husband of the victim, a pharmacist living in Linthorpe in Middlesbrough, subdued his wife with insulin injection before straggling her. He then ransacked the house to make it appear as a burglary. The data recorded by the health app on the murder’s phone, showed him racing
29 Apr 2019
A private intelligence company, LookingGlass Cyber Solutions, used social media to monitor more than 600 “Family Separation Day Protests” held across the United States on June 30, 2018, to oppose the Trump administration’s policy family separation policy. The policy was part of a “zero tolerance”
06 May 2019
Absher, an online platform and mobile phone app created by the Saudi Arabian government, can allow men to restrict women’s ability to travel, live in Saudi Arabia, or access government services. This app, which is available in the Google and Apple app stores, supports and enables the discriminatory
29 Jul 2017
A man from Middletown, Ohio, was indicted in January 2017 for aggravated arson and insurance fraud for allegedly setting fire to his home in September 2016. Ohio authorities decided and succeeded to obtain a search warrant for the data recorded on the pacemaker after identifying inconsistencies in
03 Jun 2019
Bahrain has warned its citizens and residents could face legal action simply for following social media accounts it deems anti-government, which raises concerns about the ability of Bahraini citizens and residents to exercise their fundamental rights and freedoms. In May 2019, a state terrorism law
Explainer
We look at the recently published report on forensic science in the UK, highlight concerns about police not understanding new tech used to extract data from mobile phones; the risk of making incorrect inferences and the general lack of understanding about the capabilities of these tools. The
Guide step

uBlock Origin is an independant and open-source ad-blocker relying on a currated list of servers. It prevents your browser from connecting to these servers to serve you ads. We recommand it over AdBlock Plus which authorise certain ads to be displayed according to its "Acceptable Ads program". It is

Case Study

As part of our Our Data Future series, we explore a dark future of deepening gaps

Case Study

As part of our Our Data Future series, we explore a dark future with an illusion of control

Explainer
Could an app you have never even heard of put you at risk? This is what happened to Chloe (real name has been changed), an investigative journalist exposed by an app that her source was using. Her source was using TrueCaller, an app that aims to identify phone numbers so users can filter out calls
Case Study
  • The story of an investigative journalist highlights shows the concrete risks that call-blocking apps like TrueCaller present for people in vulnerable situations.
  • TrueCaller is an app particularly popular in India and Sub-Saharan Africa. TrueCaller identifies the numbers calling you, so you can filter out undesirable phone calls and make sure you pick up a call you have been expecting, even if you have not previously registered the number.
  • Every time a user makes or receives a phone call from a number not already in the TrueCaller database, TrueCaller offers the user the option to “tag” the number so it can be entered in the TrueCaller database, under the name entered by the user.
20 May 2019
GDPR complaints about Real-Time Bidding (RTB) in the online advertising industry were filed today with Data Protection Authorities in Spain, the Netherlands, Belgium, and Luxembourg. The complaints detail the vast scale of personal data leakage by Google and other major companies in the “Ad Tech”
18 May 2019
As a part of Facebook’s efforts to curb disinformation and misinformation on its platform, the company introduced new rules over how political content is marked. This has resulted in content that is educational, news articles, and otherwise seemingly non-political being marked incorrectly and taken
10 Apr 2019
In an effort to improve political advertising transparency, Canada drafted a Bill that requires companies to develop ad libraries, to which ads are added immediately in order for researchers, journalists, and other people to be able to search and understand how political actors are targeting ads. In
17 May 2019
Political ads on Facebook are meant to be marked with a disclaimer that says who paid for the ad, as well as be archived into the platform’s ad library, where users are able to see more information about how an ad was targeted. It’s important to note that the ‘who paid for the ad’ requirement is
17 Apr 2019
The two leading Presidential candidates in Ukraine's 2019 elections have expressed frustration at major social media platform's seemingly lack of assistance combatting disinformation and bots. Bots flood social media networks and can promote content or flood platforms with pull requests to have a
15 May 2019
Facebook's efforts to remove disinformation in the wake of the 2019 Ukrainian Presidential election have so far failed. Politico reports that "Among the Facebook pages that spread spurious claims during the election was one with more than 100,000 followers that ran a video claiming (the Presidential
18 Mar 2019
Volunteers for Presidential candidate Volodymyr Zelenskiy were tasked with pouring over social media sites to search for disinformation and combat bot armies that spread negative comments about the candidate. Facebook has been slow to take down 'fake news' and so the volunteers search social media
12 Sep 2018
Simultaneous complaints have been filed with European data protection authorities against Google and other ad tech firms. The complainants are being made by Dr Johnny Ryan of Brave, the private web browser, Jim Killock, Executive Director of the Open Rights Group, and Michael Veale of University
28 Jan 2019
Panoptykon Foundation, the Warsaw based digital rights organization, has joined in the complaints filed in the UK and Ireland in September by Jim Killock of the Open Rights Group, Michael Veale of University College London, and Dr Johnny Ryan of Brave, by filing a new complaint in Poland. Together
02 May 2019
The Irish Data Protection Commission has today launched an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry. PI's 2018 investigation and subsequent submission to the Irish DPC showed how the company is systematically collecting and
08 Nov 2018
Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. It’s been more than five months since the EU’s
01 Apr 2019
Dr Johnny Ryan filed a formal complaint with the Irish Data Protection Commission against IAB Europe, the tracking industry’s primary lobbying organization. The complaint was filed against IAB Europe’s use of an unlawful “cookie wall” on its website. Visitors to IAB Europe’s website, www.iabeurope
Key Resources

Ukraine held Presidential elections in April 2019. In the run up to the election, there was much debate on the role of Facebook.

25 Jan 2019
In January 2019 the UK's Information Commissioner's Office announced it was investigating an incident in which the food service company Deliveroo reported that some of its customers had complained they were charged up to £1,000 for orders they had not placed. Customers have used social media to
21 Feb 2019
In August 2018, Apple forced Facebook to remove its Onava VPN from the App Store because the Facebook had been using it to harvest data across multiple apps and track user activity. In January 2019, a TechCrunch investigation revealed that in a separate part of the same programme Facebook had been
Key Resources

In the lead up to the 2017 German federal elections, there was much debate about the benefits and dangers of data analytics for political purposes. There were some controversies concerning the use of data and the lack of information provided by political parties also raised concerns.

Key Resources

In the run up to the French presidential election of 2017,  political parties increasingly used data-driven targeting techniques and companies to manage their campaigns. Here are some examples.

06 Feb 2018
In 2019, after five years of acquisitions and billions of dollars in investment in advertising software and real-time tracking of web users, Oracle, facing questions about the practices of Data Cloud, its advertising software division, began laying off staff. The reason may have been partly
18 Jan 2018
In January 2018, internet users began complaining about a new wave of pop-up ads across the web: hard-to-close, misleading, and malicious, some of them making it impossible for people to read news. While many blamed reputable publishers like the New York Times and the Atlantic for being willing to
07 Feb 2018
In February 2019 Google engineers announced that they had created faster, more efficient encryption system that could function on less-expensive Android phones that were too low-powered to implement existing full-device encryption. The scheme, known as Adiantum, uses established and well-vetted
28 Nov 2018
In November 2018, Germany's Federal Cyberintelligence Agency (Bundesamt für Sicherheit in der Informationstechnik, or BSI) released a highly detailed analysis of the myriad ways that Windows 10 tracks users and showing that only enterprise versions of Windows have the ability to turn them off. BSI
01 Nov 2018
A November 2018 report from Data & Society discusses "data craft", the methods manipulators use to create disinformation with falsified metadata, specifically platform activity signals, which can be read by machine learning algorithms, platforms, and humans. Manipulators use platform features in
Key Resources

Political campaigns, debate and engagement has become increasingly digitalised in Italy. Here are some examples of concerns this has raised. 

11 Feb 2019
A couple who tried, in February 2018, to keep their unborn child a secret from the internet, in part so the child could create its own internet identity when it was ready. They had some success in avoiding being pursued by baby-related ads, but found themselves unable to exercise the control they
16 Feb 2019
In October 2018, Google developers announced Manifest V3, a new standard for developing extensions for its Chrome web browser. One of the modifications included replacing the API used by extensions that need to intercept and work with network requests. The new API, DeclarativeNetRequest, limits the
In a December 2018 update, Facebook so effectively disguised sponsored posts that it took AdBlocker Plus a month, instead of the more usual few days, to find a way to counter it. Facebook has responded to the threat posed to its business model by adblockers by both providing users with advertising
15 Nov 2018
In November 2018, a report by the consultancy Privacy Company, on behalf of the Dutch Ministry of Justice, found that Microsoft could be breaking European data collection rules because its Office software was collecting large amounts of personal data including email subject lines and snippets of
21 Nov 2018
In November 2018 the campaign group Freedom from Facebook used the social network's own advertising tools to promote a "safe space" website where they can submit whistleblower tips anonymously. Facebook declined to comment but did not appear to be blocking the ads nor keeping a log of who viewed
In November 2018, a UK Gambling Commission audit found that the number of problem gamblers aged 11 to 16 had quadrupled to 55,000 over two years, 70,000 children were at risk, and 450,000, or one in seven, children aged 11 to 16 bet regularly, spending, on average, £16 a week on fruit machines
15 Nov 2018
In November 2018 Bidooh announced it was developing an intelligent and automated digital billboard advertising platform that it said would leverage facial recognition and blockchain technology to track engagement. Billboard advertising is valued globally at almost $34.8 billion a year. Bidooh has
02 Dec 2018
Days after the 2018 shooting that killed 11 Jewish congregants in a Pittsburgh synagogue, The Intercept found that Facebook still allowed advertisers to choose "white genocide conspiracy theory" as a targeting criterion, capturing 168,000 members of the social network. The technique used was the
04 Feb 2019
In its February 2019 iOS release (12.2), Apple introduced a toggle enabling users to control whether websites received motion and orientation data collected by the gyroscope and accelerometer inside the iPhone, iPad, and iPod touch. The change is believed to be in response to a 2018 report that
20 Feb 2019
In February 2019, an anonymous tip-off to Computer Sweden revealed that a database containing recordings of 170,000 hours of calls made to the Vårdguiden 1177 non-emergency healthcare advice line was left without encryption or password protection on an open web server provided by Voice Integrate
31 Jan 2019
In January 2019, researchers reported finding two huge data dumps. Collection #1 contained passwords and usernames relating to nearly 773 million email addresses spread across about 2.7 spreadsheet rows in 12,000 files. Collection #2.5 contained 845GB of data and more than 25 billion records that
31 Jan 2019
In late 2018, researchers at SINTEF Digital Norway, ETH Zurich, and Berlin's Technical University discovered a new and serious vulnerability in several generations of the cellular mobile communications protocols: 3G, 4G, and the upcoming 5G. The flaw affected Authentication and Key Agreement, which
29 Jan 2019
In January 2019 Apple briefly disabled the group functionality in its FaceTime video calling application after bug was discovered that allowed users to listen on the people they were calling when they did not pick up the call and also allowed some callers to see video of the person they were calling
28 Jan 2019
As part of its planning for the 2020 Olympic Games, due to be held in Tokyo, Japan approved a law that would allow the government to conduct a survey to identify vulnerable Internet of Things devices. The National Institute of Information and Communications Technology staff who carry out the survey
27 Nov 2018
In November 2018 the UK Information Commissioner's Office fined Uber's European operation £385,000 for inadequate security that permitted a November 2016 data breach affecting nearly 3 million British users and 82,000 drivers. In the 2016 breach, attackers obtained credentials that allowed them to
17 Jan 2019
In January 2019 Twitter revealed that it had discovered a security flaw in that meant that Android users who updated the email address linked to their account between November 2014 and January 2019 had inadvertently turned off the "protected" setting on their accounts so that their tweets could have
08 Jan 2019
It was already known that law enforcement agencies can track phones to within 500 metres if they show service providers a warrant, but in January 2019, it became clear that the same real-time location data was being sold to a wide range of third parties, including car salesmen, property managers
21 Dec 2018
In November 2018, the criminal hacker group 3ve found a new way of exploiting security weaknesses in the Border Gateway Protocol that allowed them to take control of IP addresses belonging to the US Air Force and other reputable organisations; the result was to net them $29 million in fraudulent
28 Dec 2018
A November 2018 breach of a government-funded resettlement agency's database in South Korea allowed hackers, believed to be North Korean state security officials, to copy the personal information belonging to 997 North Koreans living in South Korea. Escaping to South Korea is considered an act of
15 Jan 2019
A vulnerability in Amadeus, the customer reservation system used by 144 of the world's airlines, was only superficially patched after a team reported the vulnerability in 2018. As a result, an attacker could alter online strangers' Passenger Name Records, which contain all the details of the
In January 2019, the security researcher Justin Paine discovered that the California-based voice over IP provider Voipo had left exposed an unprotected database containing tens of gigabytes of call logs, other internal documents, and customer text messages, including password resets and two-factor
14 Feb 2019
In 2016, Jamie Siminoff, the CEO of the miniature security camera company Ring, emailed his employees information them that the company would adopt a new mission to fight crime by using consumer electronics. The company, which Amazon acquired in 2018, sells its cameras with a social app, "Neighbors"
10 Jan 2019
The miniature security camera maker Ring, which was acquired by Amazon in 2017 for a reported $1 billion, has a history of inadequate oversight of the data collected by those cameras on behalf of its customers. In 2016, it reportedly granted virtually unlimited access to its Ukraine-based research
27 Dec 2018
In December 2018, the security researchers at 0DayAllDay discovered that the encryption keys hard-coded into the firmware inside the Guardzilla indoor wireless security system were protected by a ten-year-old, easily cracked algorithm. Because all the devices used the same keys, anyone could use the
14 Dec 2018
In December 2018 Facebook revealed that over a 12-day period in September a software bug may have wrongly allowed about 1,500 third-party apps to access 6.8 million users' photos, including some that people began uploading to the social network but didn't go on to finish posting. EPIC executive
01 Dec 2018
In December 2018, a hacker made more than 50,000 internet-connected printers worldwide print out flyers asking everyone to subscribe to the YouTube channel belonging to PewDiePie, whose real name is Felix Kjellberg. PewDiePie, who has had the most subscribers on YouTube since 2013, was in danger of
15 Nov 2018
In November 2018, a security researcher found that the location-tracking children's watch MiSafe's Kid Watcher Plus, originally released in 2015, neither encrypted nor secured the children's accounts, allowing him to track their movements, secretly listen in to their activities, and spoof calls to
21 Feb 2019
In February 2019, a faulty firmware update meant that Nike's latest $350 Adapt BB self-lacing shoes could not pair with the app that allows owners to adjust their tightness, customise the lights, and check remaining battery life. Because the shoes have no physical laces, the error effectively made
07 Feb 2019
In February 2019, publicity led the gay dating app Jack'd, which claimed to have more than 5 million users and was ranked among the top four gay social apps on both Apple and Android, to close a security flaw that meant that photos users uploaded to share in private chat sessions were accessible to
04 Feb 2019
In February 2019, the cybersecurity company Trend Micro found that at least 29 beauty and photo editing apps that had been downloaded more than 4 million times from Google's Play Store included code that pushed full-screen ads for fraudulent or pornography content or that directed users to phishing
24 Jan 2019
By January 2019, more than 100 million women worldwide were using smartphone apps that began as period-tracking apps but were beginning to branch out into tracking other types of health data - and also to broaden their use of the data they collect in search or profit. Unlike medical establishments
16 May 2019
Facebook has taken down 65 accounts, 161 pages, dozens of groups and four Instagram accounts, which were ran by Archimedes Group, an Israeli political consulting and lobbying firm that aimed at disrupting elections in various countries. Archimedes was mostly active in Sub-Saharan Africa but also
14 Feb 2019
Similar to the European Commission’s investigation and the stand-alone German and Italian investigations into Amazon’s anti-competitive behaviour, Austria is now investigating whether Amazon is exploiting its market dominance in relation to other retailers that use its website as a marketplace. The
01 Apr 2019
The European Commission, EU’s antitrust watchdog, is nearing a decision on its investigation into Amazon. According to a report in Seeking Alpha, EU Competition Chief Margrethe Vestager said the Commission gathered “a lot of data” in its investigation into Amazon. The report noted the EU sent out 1
16 Apr 2019
On April 16th 2019, Italy’s antitrust authority said that it had launched a probe into five Amazon companies for possible abuse of dominant market position in e-commerce and logistical services. The companies being looked into include Amazon Services Europe, Amazon Europe Core, Amazon EU, Amazon
30 Nov 2018
Following Ms. Vestager’s investigation into Amazon and its own sector enquiry into online price comparison services in October 2017, in June 2018 the German Federal Cartel Office (“Bundeskartellamt”) claimed that it “received a lot of complaints” and is said to be “looking at the role and market
21 Sep 2018
Reports that Amazon is planning on launching a free ad-supported music service caused Spotify’s (the Swedish audio streaming platform) shares to fall 4% on Monday, April 15th. And, on April 18th, Amazon published a blog post where it announced that launch of Amazon’s free music-streaming service in
19 Sep 2018
In September 2018, EU’s antitrust watchdog, the European Commission, launched a preliminary investigation into how the platform uses data about merchants. Margrethe Vestager, EU Competition Commissioner said that the informal probe concerns the e-commerce group’s dual role as a competitor while
31 May 2018
Amazon has been accused of treating its UK warehouse staff like robots. Between 2015 and 2018, ambulances were called out close to 600 times to Amazon’s UK warehouses. A Freedom of Information request to ambulance services from the GMB union revealed 115 call-outs to Amazon’s site in Rugeley, near
10 Apr 2019
An investigation by Bloomberg, disclosed that thousands of Amazon employees around the world are listening in on Amazon Echo users.
14 Nov 2018
In yet another murder case, a New Hampshire judge ordered Amazon to turn over two days of Amazon Echo recordings in a double murder case in November 2018. Prosecutors believe that recordings from an Amazon Echo in the Farmington home where two women were murdered in January 2017 may yield further
02 Dec 2017
In 2015, James Bates (of Arkansas, United States) was charged with first-degree murder in the death of Victor Collins. Collins was found floating face down in Bates’ hot tub in November 2015, police said. Amazon Echo entered the murder case because someone present on the night of Collins’ death
Explainer
It’s tough to minimise targeted ads on phones because ads can be delivered based on data from the device level (such as what operating system your phone is using or based on unique numbers that identify your phone), browser level (what you search for within a browser), and within the apps you use
Explainer
It’s tough to minimise targeted ads on phones because ads can be delivered based on data from the device level (such as what operating system your phone is using or based on unique numbers that identify your phone), browser level (what you search for within a browser), and within the apps you use
Explainer
It’s tough to minimise targeted ads on phones because ads can be delivered based on data from the device level (such as what operating system your phone is using or based on unique numbers that identify your phone), browser level (what you search for within a browser), and within the apps you use
Explainer
It’s tough to minimise targeted ads on phones because ads can be delivered based on data from the device level (such as what operating system your phone is using or based on unique numbers that identify your phone), browser level (what you search for within a browser), and within the apps you use
20 Oct 2015
For low-income Americans to receive public benefits they are legally entitled to, they must submit to widespread monitoring of their intimate and personal affairs. This monitoring includes sharing a trove of personal documents and information, unannounced home visits from caseworkers, mandatory face
14 Dec 2018
The New York City public benefits system has been criticized for its punitive design, how it too often disciplines, rather than helps, people who are legally entitled to benefits. According to Mariana Chilton, the public benefits system is designed to control, surveil, and penalize low-income people
02 Dec 2016
Private companies are not the only actors pushing for increased control of benefit claimants. The World Bank has also instrumental in funding programmes aiming at assisting government in administrating welfare programmes which has led to futher surveillance of benefits claimants, in December 2016
21 Jul 2012
The State is not always the only actor involved in the surveillance of benefits claimants. Often those practices are encouraged, facilitated or conducted by private companies. South Africa for instance mandated MasterCard to help distribute benefits through biometric debit cards. https://www
02 Nov 2013
In Israel, the National Insurance Institutes sends out anti-fraud officers to spy on benefits claimants. Among the cases reported, a woman had her benefits allowances halved after a man entered her house pretending to be interested in buying the flat next door. The man, who was in fact a NII
01 Feb 2011
The DWP relies on anti-fraud officers who go and spy on benefit claimants to verify their claims. For instance, claimants who declare that they are a lone parent may end up with an officer trying to verify there is no one else living in the house. And once they are confident that the alleged lone
31 May 2018
The surveillance of benefits claimants does not happen only online. In the UK, the Department of Work and Pensions (DWP) is known to be using CCTV footage of public buildings but also gyms and supermarkets to prove some benefits claimants are not actually disabled. Gym memberships are also being
04 Dec 2018
In Israel, the National Insurance Institute – in charge of granting benefits – eventually dropped a tender that had caused outrage in the country after being uncovered by Haaretz and Channel 13. The tender revealed the NII was trying to collect online data about benefits claimants – including from
08 Apr 2019
The rise of social media has also been a game changer in the tracking of benefits claimants. In the UK in 2019, a woman was jailed after she was jailed for five months after pictures of her partying in Ibiza emerged on social media. She had previously sued the NHS for £2.5 million, after surviving a
23 Nov 2009
The rise of social media has also been a game changer in the tracking of benefits claimants. Back in 2009, the case of Nathalie Blanchard a woman in Quebec who had lost her disability insurance benefits for depression because she looked “too happy” on her Facebook pictures had made the news. https:/
01 Mar 2019
In London, four boroughs have been trialling the London Counter Fraud Hub. The hub is designed to process huge quantities of data from millions of household to detect certain types of fraud involving the single person council tax discount (in London, a person living alone gets a reduced rate on
17 Feb 2019
The National Board of Scholarships and School Aid (Junaeb) in Chile was also heavily criticised for its use of facial recognition programmes to deliver meals at thirty schools in three cities across the country. After the Supreme Court requested in 2017 that the system must not be applied without
07 Sep 2015
In Mexico, people registered as beneficiaries of any programmes led by the Ministry of Social Development could obtain a TV set, as part of the transition from analogue to digital TV organised by the Ministry of Communications and Transportation. Yet, the Ministry of Communications and
02 May 2017
In Bangladesh, as part of the USAID and Bill and Melinda Gates Foundation supported programme “a2i” (Access to Information), the government has built a system to allow citizens to receive their welfare payment on a pre-paid debit card given to them at the Bangladesh Post Office after having been
16 Apr 2019
In Ireland benefits claimants are expected to register for a Public Services Card (PSC) in order to access benefits. PSC users are expected to have their photographs taken in department offices, which is then digitally captured along with their signature. While this card was originally created to
01 Nov 2017
Cases of people being denied healthcare as they fail to provide an Aadhaar number have already started emerging. A 28-year old domestic worker, for instance, had to be hospitalised for a blood transfusion after she had an abortion with an unqualified local physician. She had been denied an abortion
12 Jul 2018
While not currently mandatory to access healthcare services, Aadhaar is however increasingly used in the health sector as well. In 2018, the health ministry had to issue a statement to clarify that Aadhaar was “desirable” but not a must to access a 5 rupee insurance cover for hospitalisation under
01 May 2018
In India, one of the reasons the Aadhaar ID system has been increasingly widely used is that it is mandatory for much India’s benefits system. Government subsidies are now processed through under the Direct Benefit Transfer scheme, which requires citizens to have a bank account and to insure that
10 Jan 2018
In this review of Virginia Eubanks's book Automating Inequality, the author of the review looks at the three main case studies Eubanks explores in her book: the attempt to automate and privatise the welfare system elligibility management in the state of Indiana in 2006, the use of a coordinated
11 Dec 2013
In this 2013 piece, Virginia Eubanks discuss the move in Indiana from relying on caseworkers to automating the distribution of benefits and how through the use of performance metrics to speed up the decision-making process, the system ended up being incentivising the non-distribution of benefits
24 Jul 2018
In this interview (podcast and transcript) Virginia Eubanks discuss three case studies from her book Automating Inequality to illustrate how technology and data collection negatively impact people in vulnerable situation. The (failed) attempt to automate and privatise the welfare system elligibility
04 Apr 2018
In the United States, monitoring efforts to combat public benefits fraud are often part of a broader approach that focuses on stigmatizing people receiving benefits and reducing their number, rather than ensuring that the maximum number of people who are eligible receive benefits. However, fraud
21 Dec 2017
In the United States, while everyone is surveilled not every is equal when it comes to surveillance. Factors including poverty, race, religion, ethnicity, and immigration status will affect how much you end up being surveilled. This reality has a punitive effect on poor people and their families and
22 Jan 2019
The vast majority of public benefits programs in the United States—Supplemental Security Income, Temporary Assistance for Needy Families, Medicaid, Children’s Health Insurance Program, Supplemental Nutrition Assistance Programs, the Earned Income Tax Credit, and Housing Assistance—do not take the
The first conditional cash transfer program in a higher-income country was trialled in the United States by Mayor Bloomberg in New York City from April 2007 to August 2010. Known as Opportunity NYC-Family Rewards, the privately funded pilot program transferred cash rewards to families who were able
15 Jan 2014
Virginia Eubanks explains what we can draw from understanding the experience of surveillance of marginalised groups: it is a civil rights issue, technologies carry the bias of those who design them, people are resisting and why we need to move away from the privacy rights discourse. https://prospect
06 Feb 2018
In this interview with Virginia Eubanks, the author highlights how electronic benefit transfer cards have become tracking devices and how data exploitation used to restrict access to welfare. https://www.vox.com/2018/2/6/16874782/welfare-big-data-technology-poverty Author: Sean Illing Publication
21 Mar 2014
This article is an overview of some of the research documenting how people in vulnerable positions are the ones most affected by government surveillance. https://stateofopportunity.michiganradio.org/post/technology-opportunity-researcher-says-surveillance-separate-and-unequal Author: Kimberly
08 May 2018
For US citizens who can access benefits, many states use electronic benefit transfer (EBT) cards, which function like debit cards, to distribute benefits. As of 2015, at least 37 states issued Temporary Assistance to Needy Families benefits, also known as welfare, through EBT cards. http://www.ncsl
18 Jul 2012
Research from the Brennan Center shows minorities are primarily affected by new laws that restrict citizens access to voting through ID requirement, increased distance to polling station, inconvenient opening hours and hidden costs. https://www.theguardian.com/world/2012/jul/18/voter-id-poor-black
22 Aug 2017
In August 2017, it was reported that a researcher scraped videos of transgender Youtubers documenting their transition process without informing them or asking their permission, as part of an attempt to train artificial intelligence facial recognition software to be able to identify transgender
30 Apr 2019
The New York Times picked 16 categories (like registered Democrats or people trying to lose weight) and targeted ads at people in them. They used the ads to reveal the invisible information itself, noting that it is a "story of how our information is used not just to target us but to manipulate
29 Sep 2017
In the lead up to the 2017 German federal election (Bundestagswahl), all political parties used social media like Facebook, Twitter, Instagram, YouTube, and e-mails as platforms to reach voters. The far-right Alternative for Germany party (AfD) reportedly hired a Texas-based company for their
10 Aug 2017
In the lead up to the German elections, the conservative Christian Democratic Union (CDU) created a mobile app, Connect 17, which was designed to create a feedback loop between party headquarters and door-to-door volunteers (also known as canvassers). The app drew on data from the federal statistics
02 Apr 2018
The Sunday edition of the national newspaper Bild reported that Chancellor Angela Merkel's conservative Christian Democrats (CDU) party and the centre-right Free Democrats (FDP) party purchased "more than a billion" pieces of personal data about potential voters from a subsidiary of Deutsche Post
20 Dec 2017
According to research conducted by Ronan Chardonneau, a French associate professor of digital marketing at Angers University, none of the websites of the eleven candidates' in the 2017 French presidential elections, that he looked into respected CNIL's directives regarding information that should be
21 Nov 2017
Before and after the Italian election on 4 March 2018, concerns were raised about the spread of misinformation, disinformation and inflammatory content through a network of news sites and Facebook pages. In November 2017, in the run up to the election, Buzzfeed reported on links between a large
19 Jun 2018
In an experiment conducted by Fabio Chiusi and Claudio Agosti during the 2018 election season and set out in detail in their report for Tactical Tech, the duo sought to investigate the Facebook algorithm that powers users’ news feed and the algorithm’s treatment of political content. One of the
04 Apr 2019
The Five Star Movement, a populist party, which is currently in power along with the League in Italy initially grew out of Il Blog delle Stelle (formerly Beppe Grillo’s blog). The Five Star Movement was founded by comedian Beppe Grillo, along with Gianroberto Casaleggio, a web strategist in 2009. As
20 Dec 2017
A company called Liegey Muller Pons (LMP) offers data analysis tools to help candidates and political parties improve their political campaign strategy. The three founders of the company were member's of former President François Hollande's 2012 campaign team. LMP was then hired by current President
20 Dec 2017
NationBuilder is an American political campaigning software company, which offers a fully integrated suite of tools for the organization of a campaign, and outreach through e-mail, telephone, social media, and traditional door-to-door campaigning. Many candidates in the 2017 French presidential
20 Dec 2017
During the primary elections in November 2016, the former French president, Nicolas Sarkozy, reportedly used an app, called Knockin, that made it possible to identify and geolocate supporters for door-to-door campaigning. Based on a report by the French Radio RMC, the app would harvest public data
Explainer
It’s tough to minimise targeted ads on phones because ads can be delivered based on data from the device level (such as what operating system your phone is using or based on unique numbers that identify your phone), browser level (what you search for within a browser), and within the apps you use
22 Feb 2019
In February 2019, an examination of Facebook's searchable database of Indian political ads showed that in India political ads on Facebook were viewed nine times more often by men than by women. Facebook's Indian user base was reported as 24% female in 2016. The reason for the disparity in ad viewing
20 Feb 2019
In February 2019, shortly after eight British Labour MPs quit the party and formed the "Independent Group", one of them was caught accessing data and campaigning tools belonging to their former party. In response, Labour shut down access to tools Contact Creator, used to collect campaign data and
19 Feb 2019
In February 2019, Twitter announced it would expand the political campaigning policy it launched in the US in May 2018 to all EU member states, Australia, and India, commencing March 11. Once the policy is live, only certified advertisers would be allowed to run political campaign ads on the service
18 Feb 2019
In February 2019, with a general election expected in May, the Australian government revealed that Australia's main political parties had been hacked by a "sophisticated state actor". The Australian Cyber Security Centre uncovered the hack while investigating a just-revealed hack of the Australian
06 Feb 2019
In January 2019, Facebook announced that as of February 28 the site would add more information to that displayed when users click on the "Why am I seeing this?" button that appears next to ads on the service. Along with the brand that paid for the ad, some of the biographical details they'd targeted
05 Feb 2019
In February 2019, Joke Schauvliege, an environment minister in Flanders, was forced to resign after she suggested that Belgian intelligence services had information showing that the schoolchildren's strikes to protest climate change were being directed by others. The largest march in Belgium to date
01 Feb 2019
In February 2019 the UK Information Commissioner's Office issued fines totalling £120,000 against the EU referendum campaign Leave.EU (£15,000 and £45,000) and Eldon Insurance (£60,000), trading as Go Skippy Insurance, for serious breaches of electronic marketing laws. The ICO also said it would
27 Jan 2019
In January 2019, the British transparency NGO WhoTargetsMe, Mozilla, and the US investigative journalism site Pro Publica reported that recent changes in the social network's code were restricting their ability to monitor political ads on Facebook. The company said the changes were part of a
13 Dec 2018
In December 2018 reports emerged that the Indian Electoral Commission would propose amendments to the Representation of the People Act 1951 that would require citizens to link their Electoral Photo ID Card to their Aadhaar number with the stated goal of improving the accuracy of the electoral rolls
09 Jan 2019
On January 9, 2019 the UK Information Commissioner's Office fined SCL Elections, also known as Cambridge Analytica, £15,000 for failure to comply with an enforcement notice the ICO issued in May 2018 ordering the company to respond in full to a subject access request submitted by US-based academic
16 Jan 2019
In January 2019, Facebook announced it would extend some of the rules and transparency tools it developed for political advertising for upcoming spring elections in Nigeria, Ukraine, India, and the EU. In Nigeria, the site will bar electoral ads from advertisers outside the country where the
14 Jan 2019
Despite Facebook's October 2018 rules intended to provide greater transparency about political ads, the sources of funding for UK political ads remained obscure in early 2019. when a network of hard-Brexit and people's vote campaigning groups spent more than £1 million on Facebook ads in the lead-up
28 Dec 2018
In December 2018, the Institute for Policy Research and Advocacy (ELSAM) warned that data misuse and voter behavioural targeting and micro-targeting could prove factors in the 2019 Indonesian general elections. Researcher Wahyudi Djafar cited examples from Kenya, where Cambridge Analytica had sent
17 Jan 2019
In January 2019, Facebook' announced it had removed multiple pages, groups, and accounts coordinating inauthentic behaviour on Facebook and Instagram that were set up by two unrelated operations originating in Russia. One of these operated 364 pages and accounts was active in the Baltics, Central
27 Apr 2017
In a November 2017 report, Facebook's security group outlined the steps it would take to combat new forms of misuse of the platform, including attempts to deceive people and manipulate civic discourse at low cost or risk to the organisers. Among the drivers, the group cited the global reach Facebook
05 Nov 2018
The results of a year-long review issued by the UK Information Commissioner's Office in November 2018 uncovered a "disturbing disregard for voters' personal privacy" on the part of 30 organisations, including social media platforms, political parties, data brokers, and credit reference agencies
05 Nov 2018
During the November 2018 US midterm elections, Moveon conducted an experiment to test whether it could cheaply and quickly maximise the effectiveness of digital persuasion. The project created a Facebook app called MO Research, and recruited people to answer survey questions about current issues via
26 Dec 2018
Shortly after the 2016 US presidential election, LinkedIn founder and billionaire Reid Hoffman made a series of multi-million-dollar donations to dozens of left-leaning groups. Among them was American Engagement Technologies, in which Hoffman invested $750,000. In 2018, Hoffman wound up apologising
17 Dec 2018
A December 2018 analysis of the use of Facebook by Matteo Salvini and Luigi Di Maio, Italy's two populist leaders, showed that the two exploited Facebook's streaming video and live broadcast services to bypass the mainstream media and foment discord during the March 2018 Italian general election
10 Oct 2015
In 2019, a prominent page on the Facebook Business site cited the British Conservative Party as a "success story" at the 2015 general election, which put the party into power with a narrow majority. The site boasted that via Facebook the Conservatives had an 80.6% reach in key constituencies, 3.5
27 Dec 2018
In 2014, when the the far-right party of French politician Marine Le Pen needed cash, the loan of €9.4 million came from First Czech-Russian Bank, which was founded in the early 2000s as a joint venture between a Czech state bank and a Russian lender and went on to come under the personal ownership
26 Dec 2018
A startling amount of the internet is fake in one way or another, studies found in 2018. Less than 60% of web traffic is human; a 2013 study found that at least half of YouTube traffic was bots masquerading as people; in November 2018 the US Justice Department revealed that eight people were accused
20 Dec 2018
In 2015, officials within the US Treasury Department Office of Terrorist Financing and Financial Crimes unit used a network of private Gmail and Hotmail accounts set up by the Russians with the stated goal of jointly defeating ISIS. Soon, however, instead the Russian financial crimes agency was
18 Nov 2018
As part of the digital campaign to win re-election, in mid-2018 the BJP, which controls the Indian national government as well as that of the state of Chhattisbarh, handed out $71 million worth of free phones and subsidised data plans to 2.9 million of the state's voters and then used the phones to
18 Dec 2018
A December 2018 report prepared by the Oxford Internet Institute's Computational propaganda Research Project and the network analysis firm Graphika for the US Senate Intelligence Committee found that the campaign conducted by Russia's Internet Research Agency during the 2016 US presidential election
09 Dec 2018
A December 2018 analysis found that Facebook's measures for improving election security and discouraging anonymous political messages were poorly executed and inconsistently applied, and placed an unfair burden on charitable organisations and small businesses while simultaneously being easy for
04 Dec 2018
During the campaign leading up to the 2018 US midterm elections, the email accounts of four senior aides at the National Republican Congressional Committee were surveilled for several months. The intrusion was detected in April 2018 by an NRCC vendor, who alerted the committee and its cybersecurity
22 Nov 2018
In November 2018, the Spanish senate approved 220-21 an online data protection law intended to ensure compliance with the General Data Protection Regulation with an added amendment that allowed political parties to use personal data obtained from web pages and other publicly accessible sources for
22 Nov 2018
In the run-up to the May 2019 European Parliament elections, Google announced it would launch a new set of transparency tools to combat voter manipulation. Before being allowed to buy advertising on Google platforms, campaigns will be required to verify their identity, and approved ads will be
21 Nov 2018
A 2018 study found that Twitter bots played a disproportionate role in spreading the false claim, made by US President Donald Trump shortly after winning the election but losing the popular vote in November 2016, that 3 million illegal immigrants had voted for Democratic opponent Hillary Clinton
02 Nov 2018
Facebook's latest tool for inspecting political ads showed that in the run-up to the US mid-term elections in November 2018, many of the same politicians who had been questioning Facebook about privacy and leaked user data were spending campaign funds on advertisements on the service. Between 2014
03 Nov 2018
In November 2018, the UK government announced that 11 local authorities across England would participate in Voter ID pilots in the interest of gaining "further insight into how best to ensure the security of the voting process and reduce the risk of voter fraud". Five local authorities participated
News & Analysis

Planning and participating in peaceful protests against governments or non-state actors’ policies and practices requires the capacity of individuals to communicate confidentially without unlawful interference. Surveillance technologies are affecting the right to peaceful assembly in new and often unregulated ways: in this article we focus on three technologies and practices deployed by public authorities in monitoring assemblies that raise particular concerns: IMSI catchers, facial recognition, and Social Media Intelligence (SOCMINT).

Explainer graphic
You can also read a more detailed explainer about social media intelligence (SOCMINT) here.
Explainer graphic
You can also read a more detailed explainer about facial recognition cameras here.
19 Apr 2018
By 2018, Palantir, founded in 2004 by Peter Thiel to supply tools for finding obscure connections by analysing a wide range of data streams to the Pentagon and the CIA for the War on Terror, was supplying its software to the US Department of Health and Human Services to detect Medicare fraud, to the
15 Jun 2018
In June 2018, a panel set up to examine the partnerships between Alphabet's DeepMind and the UK's NHS express concern that the revenue-less AI subsidiary would eventually have to prove its value to its parent. Panel chair Julian Huppert said DeepMind should commit to a business model, either non
13 Jun 2018
In June 2018 Apple updated its app store policies to bar developers from collecting information from users' address books and selling it on. While some apps have a legitimate need to access users' contacts, collecting information unnecessarily is a common money-making tactic. How many apps were
30 Jun 2018
In 2018, the Spanish La Liga app was found to be using the microphone and GPS to clamp down on bars infringing copyright by broadcasting matches without paying. Granting the app the permissions it requests at installation to access the mic and GPS location allows it to turn on the mic at any time
28 May 2018
In 2018, an investigation found that children as young as nine in Hong Kong were exposing their identities online via Tik Tok, the most-downloaded iPhone app for creating and sharing short videos. Both Tik Tok and its sibling app Musical.ly, which is popular in Europe, Australia, and the US and
11 May 2018
In 2018, the Brazil-based Coding Rights' feminist online cybersecurity guide Chupadados undertook a study of four popular period-tracking apps to find which best protected user privacy. Most, they found, rely on collecting and analysing data in order to be financially viable. The apps track more
19 Jul 2018
In November 2018 New York City's housing committee ruled that Airbnb must turn over the addresses and host names that use its service to the city's Office of Special Enforcement as part of a crackdown on illegal operators. The hotel industry contended in a report earlier in the year that around two
07 May 2018
A 2018 law passed in Egypt requires ride-hailing services such as Uber and local competitor Careem to supply passenger data to the security agencies when requested to do so. More than 4 million people in Egypt have used Uber since it debuted there in 2014. While human rights advocates expressed
05 May 2018
In May 2018, Slice Technologies, which provides the free Unroll.me email management service in return for data-mining individuals' email inboxes, announced it would discontinue offering its service in Europe rather than comply with the incoming General Data Protection Regulation. Unroll.me's privacy
01 Mar 2018
As part of efforts to tone down street fights at night Statumseind in Eindhoven, the Netherlands, the city has deployed technology: wifi trackers, cameras, and microphones attached to lamp posts detect aggressive behaviour and alert police. The data collected by these sensors is used to profile
23 Aug 2018
In August 2018, domestic abuse victims, their lawyers, shelter workers, and emergency responders began finding that the Internet of Things was becoming an alarming new tool for harassment, monitoring, revenge, and control. Smartphone apps enable abusers to remotely control everyday objects inside
23 Aug 2018
In 2018, changes to Apple's rules for data collection led Facebook to withdraw its Onavo Protect VPN app from the app store. The app's function was to warn users when they were visiting potentially harmful websites and protected their data when using public wifi. However, the app also collected data
20 Aug 2018
In August 2018 the US Food and Drug Administration approved the first over-the-counter digital contraceptive, an app called Natural Cycles. The app, which analyses basal body temperature readings and monthly menstruation data to determine whether unprotected sex is likely to lead to pregnancy
14 Aug 2018
Semi-autonomous cars with built-in internet connections are increasingly being delivered with location tracking in place. Marketed as a convenience, the app FordPass links to Ford's Sync Infotainment system and can log frequent and recently visited locations. Similarly, GM Onstar's Family Link
13 Aug 2018
In August 2018, banks and merchants had begun tracking the physical movements users make with input devices - keyboard, mouse, finger swipes - to aid in blocking automated attacks and suspicious transactions. In some cases, however, sites are amassing tens of millions of identifying "behavioural
15 Aug 2018
In 2018, Wells Fargo disclosed that due to a computer bug that remained undiscovered for nearly five years 600 customers were granted more expensive mortgage loans than they could have qualified for. About 400 of them went on to lose their homes. The announcement reignited the public anger and
Explainer graphic
You can also read a more detailed explainer about IMSI catchers here.
14 Aug 2018
In August 2018 Amazon rolled out a software update to Fire OS 5, the operating system used by older versions of its Fire TV and Fire TV Stick devices to counteract malware. At risk were versions of the devices before the company released Fire OS 6 whose owners had turned on Android Debug Bridge in
03 Aug 2018
Cookies and other tracking mechanisms are enabling advertisers to manipulate consumers in new ways. For $29, The Spinner will provide a seemingly innocent link containing an embedded cookie that will allow the buyer to deliver targeted content to their chosen recipient. The service advertises
14 Sep 2018
In September 2018, Google was discovered to be prototyping a search engine, codenamed Dragonfly, designed to comply with China's censorship regime. Among other features, Dragonfly would tie users' searches to their personal phone numbers, ensuring the government could track their queries. Among the
12 Sep 2018
In September 2018, the attorney general of the US state of New Mexico filed suit against Lithuania-based Tiny Lab Productions claiming that the maker of the children's app Fun Kid Racing had violated the Children's Online Privacy Protection Act (1998) by collecting location and other data about the
23 Oct 2018
In 2017, Alphabet's Sidewalk Labs began a collaboration with Waterfront Toronto intended to turn a 12-acre lakeside area into a "smart city" equipped with sensors and responsive infrastructure. Frustration that Torontonians' data privacy concerns were not being addressed led Saadia Muzaffar, founder
25 Aug 2018
By the time T-Mobile announced in August 2018 that a data breach had compromised customers' names, billing zip codes, email addresses, account numbers, account types, phone numbers, and some hashed passwords, the most crucial of these had become phone numbers. Never intended as identifiers, phone
27 Mar 2018
Affiliate marketers, who buy ad space in bulk, run campaigns, and earn commissions on the sales they generate, are behind some of the shady and misleading ads that pollute social media and the wider internet, despite also promoting some legitimate businesses such as Amazon and eBay. At one of
26 Sep 2018
In 2018, WhatsApp founder Brian Acton responded to the Cambridge Analytica scandal by tweeting "It is time. #deletefacebook." He also left the company, walking away from $850 million in unvested stock rather than accede to Facebook's plans to add advertising and commercial messaging, a purpose at
16 Oct 2018
In October 2018, researcher Johannes Eichstaedt led a project to study how the words people use on social media reflect their underlying psychological state. Working with 1,200 patients at a Philadelphia emergency department, 114 of whom had a depression diagnosis, Eichstaedt's group studied their
05 Sep 2018
After a series of scandals, in the year up to September 2018 54% of American Facebook users had changed their privacy settings and 42% had skipped visiting the platform for several weeks or more. About 26% said they had deleted the Facebook app from their smartphone. Some 74% of Facebook users had
08 Jun 2018
Even after 2015, when Facebook said it had walled off user records from third parties, inside sources and court documents showed that the company went on maintaining a whitelist of companies that were allowed customised access to information about users' Friends, phone numbers, and a "friend link"
21 Jul 2018
In July 2018, Facebook announced it was investigating whether the Boston-based company Crimson Hexagon had violated the company's policies on surveillance. Crimson Hexagon markets itself as offering "consumer insights". Its customers include a Russian non-profit with ties to the Kremlin, and
14 May 2018
In May 2018, Facebook said that as part of its investigation into how Cambridge Analytica had abused personal data on the social network, it had investigated thousands of apps on its platform and suspended about 200 of them. The company said it was investigating further to identify every app that
09 May 2018
In May 2018 Facebook announced it would partner with organisations in places such as Myanmar and South Sudan in order to develop more "context-specific" knowledge about how its platform is being abused to create real risks of harm and violence. In Myanmar, where telephone companies allowed Facebook
13 Jun 2018
In June 2018 Facebook announced it would install new controls to improve members' understanding of how companies targeted them with advertising, including letting them know if a data broker supplied the information. This was the second update to the company's policies in 2018; in March it attempted
27 Sep 2018
In 2018, experiments showed that despite the company's denials, ads could be targeted at specific Facebook users via information that the users had never given Facebook, such as phone numbers. The reason: Facebook allows advertisers to upload their own lists of phone numbers of email addresses, and
06 Nov 2018
In November 2018, HSBC announced a serious data breach in its US business between October 4 and 14, when fraudsters used credential stuffing to gain access to detailed account information relating to about 1% of its 1.4 million US customers. HSBC said that in response it had strengthened its login
17 Jul 2018
In July 2018 the three-year-old payment system Revolut notified the UK's National Crime Agency and the Financial Conduct Authority that it had found evidence of money laundering on its system. From its beginnings as a prepaid credit card operator, Revolut had branched out into small business
09 Jul 2018
In 2018, economists Marianne Bertrand and Emir Kamenica at the University of Chicago Booth School of Business showed that national divisions are so entrenched that details of what Americans buy, do, and watch can be used to predict, sometimes with more than 90% accuracy, their politics, race, income
17 Jul 2018
In 2018, the Berlin-based researcher Hang Do Thi Duc concluded after analysing more than 200 million public transactions made in 2017 that anyone can track the purchase history of a user of the peer-to-peer payment app Venmo. By accessing the data via an open API, Do Thi Duc was able to view the
08 May 2018
In 2018, based on an analysis of 270,000 purchases between October 2015 and December 2016 on a German ecommerce site that sells furniture on credit, researchers at the National Bureau of Economic Research found that variables such as the type of device could be used to estimate the likelihood that a
13 Dec 2017
In 2017, Britain's' two biggest supermarkets, Tesco and Sainsbury's, which jointly cover 45% of the UK's grocery market, announced they would offer discounts on car and home insurance based on customers' shopping habits. For example, based on data from its Nectar card loyalty scheme, Sainsbury's
01 Aug 2018
The common reporting standard brought in by the UK's HMRC in 2018 require tax authorities to automatically exchange information on millions of citizens living abroad. In response, an EU citizen domiciled in Italy who formerly lived in the UK and maintains a UK bank account, filed a complaint with
29 Sep 2018
A flaw in the official 2018 UK Conservative Party conference app granted both read and write access to the private data of senior party members, including cabinet ministers, to anyone who logged in by second-guessing the email address they used to sign into the app. Twitter users claimed that one
30 Sep 2018
In September 2017, the UN Capital Development Fund, the UN Development Programme, and the non-profit San Francisco-based startup Kiva, which has worked for 13 years as a crowd-funded microlending platform announced a joint initiative to open up financial services to the 20% of the Sierra Leone
Explainer
This is the third part of Understanding Identity Systems. Read Part 1: Why ID?, and Part 2: Discrimination and Identity. Biometrics Biometrics are the physiological and behavioural characteristics of individuals. This could be fingerprints, voice, face, retina and iris patterns, hand geometry, gait
Explainer
This is the second part of Understanding Identity Systems. Read Part 1: Why ID?, and Part 3: The Risks of ID. The existing identity landscape Every country has an existing landscape of ways in which people can identify themselves. This can include an existing ID card system, but also a range from
Explainer
Introduction Of all the data-intensive initiatives that a government can introduce, some of the largest are ID systems. They have implications across a broad range of human and civil rights. How do we begin to critique an ID system, to begin to understand its strengths and weaknesses? There are a
In January 2019, it was discovered that the HIV-positive status of 14,200 people in Singapore, as well as their identification numbers and contact details, had been leaked online. According to a statement of the Ministry of Health, records leaked include 5,400 Singaporeans diagnosed as HIV-positive
Explainer

SIM card registration allows the state to know the identity of the owner of a SIM card, and thus who is most likely making a call or sending a message. As a condition for the purchase or activation of a SIM card, the user is asked to provide personal data as well as a valid ID.

 

05 Nov 2018
Shortly before the November 2018 US midterm elections, the Center for Media and Democracy uncovered documents showing that the multi-billionaire Koch brothers have developed detailed personality profiles on 89 percent of the US population with the goal of using them to launch a private propaganda
24 Jul 2018
In 2018, 17 US states and the District of Columbia filed suit to block the addition of a citizenship question to the 2020 census. Emails released as part of the lawsuit show that the administration began pushing to add the question as early as the beginning of 2017, claiming it was to improve
23 Jul 2018
"Buzzer teams" - teams employed to amplify messages and create a buzz on social media - were used by all candidates in the 2017 Indonesian general elections. Coordinated via WhatsApp groups, many of the teams opened fake accounts to spread both positive and negative messages, as well as hate speech
13 Jul 2018
In July 2018, Robert Mueller, the special prosecutor appointed to look into Russian interference in the 2016 US presidential election, charged 12 Russian intelligence officers with hacking Hillary Clinton's campaign and the Democratic National Committee by spearphishing staffers. The charges include
06 Jul 2018
The Tel-Aviv-based private intelligence firm Black Cube, which is largely staffed by former Israeli intelligence operatives, was involved in a campaign to attack NGOs and businessman-turned-philanthropist George Soros during Hungary's election campaign. Between December 2017 and March 2018, agents
29 Jun 2018
On the night of June 23, 2016, as the polls closed Britain's Sky News broadcast what sounded like a concession statement from Nigel Farage, the leader of the campaign to leave the EU, plus a YouGov exit poll indicating that the country had voted to remain; over an hour later, Farage reiterated his
12 May 2018
Facebook ads purchased in May 2016 by the Internet Research Agency, a notorious Russian troll farm, urged users to install the FaceMusic app. When installed, this Chrome extension gained wide access to the users' Facebook accounts and web browsing behaviour; in some cases it messaged all the user's
10 May 2018
In May 2018, a report form Strathmore University's Centre for Intellectual Property and Information Technology (CIPIT) found that some staff at Kenya's Independent Electoral and Boundaries Commission who were mandated to protect voter data made millions of Kenyan shillings by illegally selling
29 Mar 2018
In March 2018, Indian Congress president Rahul Gandhi tweeted that the Naramendra Modi app issued by India's ruling Bharatiya Janata Party was leaking user data. The app is intended to spearhead BJP's social media strategy in the run-up to the 2019 general elections; the party hopes to use it to
05 Nov 2018
In November 2018, the UK government announced it would pilot voter ID for in 11 local authorities during thte 2019 local elections in order to gain insight into ensuring voting security and lowering the risk of voter fraud. The Cabinet Office deemed the pilots conducted in five local authorities
22 Aug 2018
In August 2018, the US Democratic National Committee notified the FBI that the San Francisco-based security company Lookout and the cloud service provider DigitalOcean had detected an attempted hack targeted at the DNC voter database. The attack took the form of a fake DNC login page intended to
05 Nov 2018
Shortly before the 2018 US midterm elections, Georgia secretary of state and gubernatorial candidate Brian Kemp accused Georgia's Democratic Party of hacking into the state's voter registration database, though without providing any evidence to support the claim. The motives behind the claim were
17 Nov 2018
With only days to go before the 2018 US midterm elections, a federal judge ruled that the state of Georgia must change its "exact match" law that required voter registrations with even the tiniest variation from other official identifications to be flagged as potential non-citizens unless they could
08 Mar 2018
A 2018 study of the use of biometric technology for voter identification and verification in Ghana in 2012 called the effort a failure. It's not enough, the researchers argue, for biometrics to be technically sound; for the technology to function as intended registration centres must have real-time
09 Aug 2018
In 2018, the UK Information Commissioner's Office fined Emma's Diary, a site offering pregnancy and childcare advice owned by Lifecycle Marketing (Mother and Baby) Ltd, £140,000 for collecting and selling personal information belonging to more than 1 million people without disclosing in the site's
15 Oct 2018
A database compiled through investigations conducted in 2018 by the Guardian and the Undercover Research Group network of activists shows that undercover police officers spied on 124 left-wing activist groups between 1970 and 2007. The police infiltrated 24 officers over that time within the
05 Aug 2018
Under a clause in the country's computer crime act that criminalises uploading content that is false or causes "panic", in 2018, Thailand's ruling military junta pursued a criminal investigation into a live feed on the Facebook page belonging to the rising Future Forward Party. The postings claimed
15 Sep 2018
In September 2018, when Massachusetts state police tweeted a map of responses to fires and explosions during a gas emergency, they inadvertently revealed that they were closely monitoring several activist groups, including a Facebook group for Mass Action Against Police Brutality, the Coalition to
20 Sep 2018
In September 2018, Google warned a selection of US senators and their aides that their Gmail accounts were being targeted by foreign government hackers. Google has issued warnings of phishing attempts by state-sponsored actors since 2012, though getting a notice does not mean the account has been
17 Jul 2018
In July 2018, Election Systems and Software (ES&S), long the top US manufacturer of voter machines, admitted in a letter to Senator Ron Wyden (D-OR) that it had installed pcAnywhere remote access software and modems on a number of the election management systems it had sold between 2000 and 2006
26 Sep 2018
A combination of entrenched and litigious voting machine manufacturers with immense control over their proprietary software and a highly complex and fragmented voting infrastructure mean that even though concerns were raised as early as 2004 about the security of US voting machines, the 2018 midterm
25 Oct 2018
In the run-up to the November 2018 US midterm elections, Vice tested Facebook's new system of mandatory "Paid for" disclosure intended to bring greater transparency to the sources of ads relating to "issues of national importance". Placing political ads requires a valid ID and proof of residence
11 Oct 2018
In the run-up to the 2018 US mid-term elections, researchers found that the dissemination of fake news on Facebook was increasingly a domestic American phenomenon rather than, as in the 2016 presidential election, an effort driven by state-backed Russian operatives. Removing such accounts (Twitter)
01 May 2018
In 2018, after the UK Cabinet Office said a trial of compulsory voter ID was necessary because reports of voter fraud had more than doubled between the 2014 and 2016 elections - a claim immediately disputed by a voter and upheld by the UK Statistics Authority. While it was true that there were 21
13 Oct 2018
In the months leading up to the US 2018 midterm elections, Republican officials in Georgia, Texas, and North Carolina made moves they described as ensuring voting integrity but which critics saw as blocking voter access. In Georgia, where Secretary of State Brian Kemp is charged with enforcing
13 Oct 2018
A few months before the US 2018 midterm elections, the Trump campaign team signed a contract with the newly-formed Virginia-based company Excelsior Strategies to exploit the first-party data the campaign had collected. The contract was set up by Trump's campaign manager, Brad Parscale, who built the
27 Sep 2018
The proposed extension to the Trans Mountain pipeline, which would connect Alberta and British Columbia in parallel to the existing pipeline and triple its capacity, was controversial for years before Canada approved the project in 2016. In 2014, the British Columbia Civil Liberties Association
01 Oct 2018
A little over a month before the US 2018 midterm elections, Twitter updated its rules to reduce manipulation of its platform. Among the changes, the company outlined the factors it would use to determine whether an account is fake and should be removed, provided an update on its automated detection
08 Jul 2018
In July 2018, members of the Internal Security Organisation, Uganda's counterintelligence agency, raided South African telecommunications provider MTN's Uganda data centre in Mutundwe. In a letter to the police, MTN said the ISO kidnapped a data manager who worked for the contractor that ran the
12 Jul 2018
In 2018, British immigration officers demanded that the mothers of two children provide DNA samples in order to provide proof of paternity. The children both had British fathers and had previously been issued British passports, but their mothers were not UK citizens. In one case, the father had
22 May 2018
In May 2018, the ACLU of Northern California obtained documents under a FOIA request showing that Amazon was essentially giving away its two-year-old Rekognition facial recognition tools to law enforcement agencies in Oregon and Orlando, Florida. Amazon defended the move by saying the technology has
05 May 2018
At the 2017 Champions League Final, South Wales Police deployed an automated facial recognition system that wrongly identified more than 2,000 people in Cardiff as potential criminals. The system's cameras watched 170,000 people arrive in Cardiff for the football match between Real Madrid and
31 Aug 2018
In August 2018, two lawsuits, were filed against NSO Group, one brought in Israel by a Qatari citizen and the other in Cyprus by Mexican journalists and activists. All the plaintiffs had been targeted by the company's Pegasus spyware, which takes control of targets' phones when they click on links
30 Apr 2018
In 2018, the Chinese Communist Party's anti-corruption watchdog in southeastern Hefei in the Anhul province claimed in a social media post that its branch in a neighbouring city had retrieved deleted messages from a suspect's WeChat account. Tencent, WeChat's operator, denied that the company stored
10 Aug 2018
In what appears to be an extension of China's tracking of its Muslim citizens, 3,300 of the 11,500 Chinese pilgrims joining the 2018 hajj to Mecca were outfitted with GPS trackers. When photos were shown of the first group preparing to depart wearing trackers around their necks, the state-run
31 Jul 2018
In 2018 genetic testing companies such as Ancestry and 23andMe agreed on guidelines for sharing users' DNA data and handling police requests. The guidelines, which include easy-to-read privacy policies, were inspired by two incidents: one in which local investigators used the GEDmatch DNA comparison
21 Sep 2018
In 2018 a report from the Royal United Services Institute found that UK police were testing automated facial recognition, crime location prediction, and decision-making systems but offering little transparency in evaluating them. An automated facial recognition system trialled by the South Wales
21 Sep 2018
In September 2018 the UK's Information Commissioner found that it was likely that during 2017 a number of migrant rough sleepers were reported to the Home Office enforcement teams by the homelessness charity St. Mungo's. The finding followed a complaint from the Public Interest Law Unit. The charity
18 Sep 2018
In internet scans conducted between August 2016 and August 2018, Canada's Citizen Lab identified a total of 45 countries in which operators of Israel-based NSO Group's Pegasus spyware may be conducting surveillance operations. Pegasus is mobile phone spyware that targets are coerced into installing
21 Nov 2017
Following a 2016 hack including names, emails, adresses, and phone numbers of 57 millions Uber users and drivers, the company has paid 100,000 USD to hackers hoping that the data collected would be deleted. This decision was in line with Uber's strategy to try to keep the breach quiet while limiting
29 Sep 2018
At the end of September 2018, the sales intelligence company and data aggregator Apollo notified its customers that over the summer Vinny Troia, the founder of Night Lion Security, had discovered that Apollo's database of 212 million contact listings and 9 billion data points relating to companies
20 Jul 2018
In July 2018, attackers broke into the SingHealth Singaporean government health database and stole names, addresses, and various other details of 1.5 million people who visited clinics between May 1, 2015 and July 4, 2018; however, the attackers did not gain access to most medical records with the
16 Jul 2018
In July 2018, a hacker attack exposed the personal data of millions of Spanish subscribers Telefónica's Movistar service. The data included identity and payment information, phone and national ID numbers, banks, and calling data. The cause was a basic programming error known as an "enumeration bug"
12 Jul 2018
In July 2018, the leader of a private Facebook group for women with the BRCA gene, which is associated with high breast cancer risk, discovered that a Chrome plug-in was allowing marketers to harvest group members' names and other information. The group was concerned that exposure might lead to
27 Jun 2018
In June 2018, security researcher Vinny Troia discovered that the Florida-based data broker Exactis had exposed a comprehensive database containing nearly 340 million individual records on a publicly accessible server. The 2TB of data appeared to include detailed information on millions of
01 Jun 2018
In June 2018, security researchers found that Google's smart speaker and home assistant, Google Home, and its Chromecast streaming device could be made to leak highly accurate location information because they failed to require authentication from other machines on their local network. The attack
06 Jul 2018
Between May 18 and May 22, a bug in Facebook's system changed the settings on 14 million users' accounts so that newly posted updates they thought were private might have been made public instead. The company attributed the error to a mistake made in redesigning how the public parts of user profiles
20 May 2018
In May 2018, UK-based security researcher Robert Wiggins discovered that the mobile app TeenSafe, marketed as a secure app for iOS and Android, was storing data it collected on servers hosted on Amazon's cloud without a password and openly accessible. The app lets parents monitor their children's
05 Jul 2018
In July 2018, researchers at the London-based security and mobile commerce firm Upstream Systems found that millions of cheap smartphones sold in developing countries lacking privacy protections come with pre-installed apps that harvest users' data for the purpose of targeting advertising and that
05 Jan 2018
In November 2016, the security contractor Krytowire discovered that cheap Chinese Android phones often include pre-installed software that monitors users' locations, messaging, and contacts, and sends the gathered information to China every 72 hours. Shanghai Adups Technology Company, the Chinese
26 Jul 2018
By July 2018, ten-year-old Twitter had become such a frequent data resource for social scientists that estimates were that anyone who tweeted publicly on the service was part of a dataset somewhere. The ease and low cost of using Twitter have enabled studies such as analysing bot behaviour during
03 Jun 2018
In 2014, a team of four Swedish and Polish researchers began scraping every comment and interaction from 160 public Facebook pages. By two years later, they had collected one of the largest sets of user data ever assembled from the social network; it enabled them to track the behaviour of 368
24 Apr 2018
The US Securities and Exchange Commission announced in April 2018 that it would fine Altaba, formerly known as Yahoo, $35 million for failing to disclose its massive 2014 data breach. Yahoo did not notify the hundreds of millions of customers until the end of 2016, when it was closing its
09 Jul 2018
As part of an ongoing hacker vendetta against surveillance apps installed by abusive partners, in July 2018 a hacker targeted SpyHuman, an India-based company that offers software that monitors Android devices, claiming the software should be taken off the market. Once someone gains physical access
24 Jul 2018
In July 2018, a group of researchers at Northwestern University published the results of two years of studying the collaboration behaviour of tens of thousands of scientists. A controversy rapidly sprang up about the method they used: they had been given access to project folder-related data by the
02 Apr 2018
In April 2018, a researcher at Norway's SINTEF found that the gay-daring app Grindr was sending its 3.6 million users' HIV status and last tested date along with their GPS data, phone ID, and email to two app-optimising companies, Apptimize and Localytics. SINTEF also found that the company was
08 Mar 2018
In March 2018, Trever Feden, the CEO of a property management startup, exposed a flaw in the gay-dating app Grindr that opened access to the location data and other information about its more than 3 million daily users. A website Faden set up allowed Grindr users to see who was blocking them after
08 May 2018
In its May 2018 quarterly filing with the Securities and Exchange Commission, Equifax provided its most detailed analysis to date of the company's 2017 data breach. In the US, nearly 147 million people had their names, dates of birth, and/or Social Security numbers stolen; address information was
01 Sep 2018
In September 2018, security researcher Patrick Wardle found that Adware Doctor, the top-selling paid utilities app in the US Mac App Store, was exfiltrating the browser history of anyone who downloaded it and sending it to a developer. Adware Doctor is intended to protect browsers against adware. A
07 Sep 2018
In September 2018, the GuardianApp group of security researchers discovered that dozens of popular news, weather, and fitness iPhone apps that require access to location data sell the data they collect to companies engaged in businesses such as ad targeting. The group found apps such as ASKfm, NOAA
12 Oct 2018
In announcing a data breach in 2018, at first Facebook said 50 million people's data had been accessed, then 30 million - but the data accessed was more sensitive than they thought at first. After investigation, the company explained that it had identified four stages of attack with a different
01 Jul 2018
In July 2018 the UK's Information Commissioner's Office announced it would fine Facebook £500,000, the maximum under the 1998 data protection law, for failing to safeguard its users' information and lacking transparency about how the data was harvested and used by others, specifically Cambridge
21 Aug 2018
In August 2018, Facebook announced it would remove more than 5,000 ad targeting options in order to prevent discrimination. Options specifying the exclusion of people interested in "Passover", "Native American culture", or "Islam" could be used as proxies to allow advertisers to exclude ethnic and
08 Jul 2018
In July 2018, members of the Internal Security Organisation, Uganda's counterintelligence agency, raided South African telecommunications provider MTN's Uganda data centre in Mutundwe. In a letter to the police, MTN said the ISO kidnapped a data manager who worked for the contractor that ran the
21 Sep 2018
The internet provides employers with the opportunity to learn an unprecedented amount about prospective employees by searching social media feeds and other postings. By 2018, DeepSense was taking this a step further by analysing individual's Twitter feeds to predict their personality and employment
30 Apr 2018
In 2018 industry insiders revealed that the gambling industry was increasingly turning to data analytics and AI to personalise their services and predict and manipulate consumer response in order to keep gamblers hooked. Based on profiles assembled by examining every click, page view, and
08 May 2018
Although the US rejected a "National Data Center" approach in 1966, eventually instead passing the 1974 Privacy Act, in 2018 the House of Representatives proposed a national database of all 40 million recipients of benefits under the Supplemental Nutrition Assistance Program (SNAP, formerly known as
14 May 2018
Three months after the 2018 discovery that Google was working on Project Maven, a military pilot program intended to speed up analysis of drone footage by automating classification of images of people and objects, dozens of Google employees resigned in protest. Among their complaints: Google
31 May 2018
Rising suspicion of benefits claimants in the UK led by 2018 to the Department of Work and Pensions' adoption of numerous surveillance tactics, including using social media postings, gym memberships, airport footage, and surveillance video from public buildings including supermarkets, to build cases
24 Jun 2018
During 2018, when US president Donald Trump operated a policy under which immigration officers separated families arriving at the border without documentation, there were a number of suggestions for using genetic testing to verify family relationships in the interests of reuniting them. After
12 Jul 2018
In July 2018 Walmart filed a patent on a system of sensors that would gather conversations between cashiers and customers, the rattle of bags, and other audio data to monitor employee performance. Earlier in 2018, Amazon was awarded a patent on a wristaband that would monitor and guide workers in
22 Aug 2018
The 2017 hack of the shipping company A.P. Møller-Maersk, which manages 800 seafaring vessels and 76 ports that handle nearly a fifth of the world's shipping capacity, required an emergency shutdown of the company's entire IT system, including its phones. Maersk was a victim of NotPetya, the most
24 Sep 2018
In 2018, the Paris prosecutor's office opened a preliminary inquiry after the lawyer Pierre Farge accused a Bercy specialist intelligence branch of the tax authorities of hacking his firm's database to access information covered by professional confidentiality. The case serves to illustrate the
07 Apr 2018
In late 2018, after apps like Strava and Polar Flow exposed the movements of staff around military bases, the US Department of Defense banned military troops and other workers at sensitive sites from using fitness trackers and other apps that could reveal their users' location. Military leaders will
11 Aug 2018
At the 2018 DefCon security conference, a researcher from the security firm Nuix presented the discovery that body cameras from five different manufacturers shoe cameras are in use by US law enforcement are vulnerable to remote digital attacks, some of which could manipulate footage so it could not
28 Jul 2018
In 2018, documents filed in a court case showed that a few days before the 2017 inauguration of US president Donald Trump - timing that may have been a coincidence - two Romanian hackers took over 123 of the police department's 187 surveillance cameras in Washington, DC with the intention of using
16 Aug 2018
As the use of non-cash payment mechanisms continued to increase over the course of 2018, Europe's central banks began warning that phasing out cash poses a serious threat to the financial system, as too-heavy reliance on digital payments exposes countries to the potential for catastrophic failure
09 Apr 2018
A 2016 Privacy International report on Syrian state surveillance found that between 2007 and 2012 the Assad regime spent millions of dollars on building a nationwide communications monitoring system. By 2012, this surveillance capability helped the Syrian government target and murder journalists
25 Apr 2018
Police and blackmailers in Egypt are using gay dating apps like Grindr, Hornet, and Growlr to find targets tor arrest and imprisonment while the developers who can make changes are thousands of miles away and struggle to know what to change to protect their users. In a typical story, a target finds
21 Apr 2018
In December 2014 researchers at Malwarebytes discovered that for two months an Adobe Flash player zero-day exploit with a ransomware payload was embedded in online ads placed by a leading advertising network. The attack ended when Adobe patched Flash to close the vulnerability on February 2, 2015
15 Apr 2018
In a talk at the 2018 Wall Street Journal CEO Council Conference, Darktrace CEO Nicole Eagan gave as an example of the new opportunities afforded by the Internet of Things a case in which attackers used a thermometer in a lobby aquarium to gain a foothold in a casino's network and exfiltrate the
27 Apr 2018
For years, car manufacturers including Range Rover, BMW, and Volkswagen kept secret security risks in their vehicles' keyless entry systems that exposed hundreds of millions of car owners to the risk of theft from attackers using gadgets available online for £100. In March 2018, Range Rovers were
10 May 2018
The US company Securus provides a cellphone tracking service that can locate almost any cellphone in the US within seconds by obtaining data from major carriers via a system used by marketers and other companies. In 2018, former Mississippi County, Missouri, sheriff Cory Hutcheson was charged in
05 Jun 2018
In 2018, a South Carolina woman realised her FREDI video baby monitor had been hacked when the camera began panning across the room to the spot where she breastfed her son. A 2015 study conducted by Rapid7 found that baby monitors have a number of vulnerabilities that are both easily exploited and
05 Jun 2018
In June 2018, after privacy activists found security flaws in toys such as My Friend Cayla and others and the US Consumer Product Safety Commission opened an investigation into the problems of connected gadgets, Amazon, Walmart, and Target announced they would stop selling CloudPets. Made by Spiral
04 Jul 2018
In 2018, military security officers from the Israeli Defence Force accused Hamas of loading fake World Cup and dating apps with malware and making them available via the Israeli version of the Google Play store in order to hack the mobile phones of Israeli soldiers. The apps were capable of
Case Study

In September 2018, Privacy International interviewed people in Santiago, Chile who had faced problems from the Chilean ID system, known as the RUT.

Case Study

Photo credit: Douglas Fernandes

The exclusion caused by ID can have a devastating effect on people, limiting their opportunities and ability to survive. In September 2018, Privacy International interviewed people in Santiago, Chile who had faced problems from the Chilean ID system, known as the

01 Nov 2018
Days before the US November 2018 midterm elections, ProPublica discovered that an organisation called Energy4US spent $20,000 to run ads on Facebook pushing conservatives to support the Trump administration's reversal of fuel emission standards. On closer scrutiny, Energy4US appeared to be a front
04 Sep 2018
In 2018, a group of researchers from the Campaign for Accountability posed as Russian trolls and were able to purchase divisive online ads and target them at Americans using Google's advertising platform. The researchers constructed fake profiles using the name and identifying details of the
15 Oct 2018
In October 2018, in the wake of the Cambridge Analytica scandal and questions over Facebook's influence on the UK's EU referendum, Facebook announced it would add Britain to the US and Brazil on the list of countries where the company will no longer allow political groups to publish "dark" ads on
15 Oct 2018
In the run-up to the US 2018 mid-term elections, Facebook announced it would broaden the company's policies against voter suppression by banning misrepresentations about how to vote and whether a vote will be counted. The company also introduced a reporting option to allow users to report incorrect
04 Sep 2018
For many Filipinos, Facebook is their only way online because subsidies have kept it free to use on mobile phones since its launch in the country in 2013, while the open web is expensive to access. The social media network is believed to have been an important engine behind the ascent to the
14 Jun 2018
In a systematic campaign over more than five years, Myanmar military used Facebook to covertly spread propaganda, mostly against the Rohynga, via accounts that appeared to be dedicated to pop stars and entertainment, turning the social media site into a tool for ethnic cleansing. Having garnered a
10 May 2018
In May 2018, researchers in the US and China demonstrated that they could send commands that activate Apple's Siri, Amazon's Alexa, and Google Assistant but that are inaudible to the human ear. The researchers were able to make smartphones and smart speakers dial phone numbers and open websites; the
14 Jun 2018
In June 2018, human rights and digital rights activists in Myanmar called on Facebook to raise its level of moderation of Burmese-language content in order to reduce hate speech, which they said was at high risk of sparking open violence. In Myanmar, decades of civil war and the end of military rule
18 Jul 2018
In July 2018, Dutch researcher Foeke Postma discovered that Polar, the manufacturer of the world's first wireless heart rate monitor manufacturer, was exposing the heart rates, routes, dates, times, duration, and pace of exercises performed by individuals at military sites and at their homes via its
12 Jun 2018
In June 2018, Uber filed a US patent application for technology intended to help the company identify drunk riders by comparing data from new ride requests to past requests made by the same user. Conclusions drawn from data such as the number of typos or the angle at which the rider is holding the
06 May 2018
In May 2018, the UK's Information Commissioner's Office announced it would investigate Police Scotland after Privacy International filed a complaint that offers' use of "cyber kiosks", which when connected to a device can view all its data, violated the Data Protection Act. Trials of the technology
20 Apr 2018
In April 2018, the Austrian cabinet agreed on legislation that required asylum seekers would be forced to hand over their mobile devices to allow authorities to check their identities and origins. If they have been found to have entered another EU country first, under the Dublin regulation, they can
26 Sep 2018
In September 2018, researchers discovered that websites accessed via mobile phones could access an array of device sensors, unlike apps, which request permissions for such access. The researchers found that 3,695 of the top 100,000 websites incorporate scripts that tap into one or more sensors
14 Sep 2018
In September 2018, a number of people whose Google Pixel phones, Essential Phone, OnePlus 6, Nokia handsets, and other devices running Android 9 Pie discovered that the devices had, apparently autonomously, activated the software's Battery Saver feature. Google later explained that an internal
10 Sep 2018
In September 2018, AI Now co-founder Meredith Whittaker sounded the alarm about the potential for abuse of the convergence of neuroscience, human enhancement, and AI in the form of brain-computer interfaces. Part of Whittaker's concern was that the only companies with the computational power
19 Sep 2018
In September 2018, the 156-year-old US life insurance company John Hancock announced it would stop underwriting traditional life insurance policies, instead selling only interactive policies that track health and fitness through the data collected by wearable devices and smartphones. Interactive
20 Jul 2018
Britain's £11 billion plan to offer smart meters to all homes and businesses by the end of 2020 was based in part on claims that the meters would give consumers better information about the energy they were using and offer sophisticated variable rate charging as part of working to combat climate
15 Sep 2018
In 2014, Britain announced an infrastructure plan requiring all energy suppliers to offer smart meters to all homes and businesses by the end of 2020. With two years to go, at the end of 2018, the problems customers experienced after making the switch led to calls to halt the rollout, which had
13 Oct 2018
In October 2018, a transparency report from the smart home company Nest, which Google acquired for $3.2 billion in 2014, found that between 2015 and 2018 Nest had been told to hand over data on 300 separate occasions relating to up to 525 Nest account holders. Nest turned over data in fewer than 20%
12 Oct 2018
In October 2018, the app that supports the burglar alarm functions of Yale's "smart" locks and burglar alarms was disabled for 24 hours after an "unforeseen issue while carrying out unplanned network maintenance". Customers complained that they were unable to open or lock doors or disarm alarms, and
09 Oct 2018
In October 2018 Amazon patented a new version of its Alexa virtual assistant that would analyse speech to identify signs of illness or emotion and offer to sell remedies. The patent also envisions using the technology to target ads. Although the company may never exploit the patent, the NHS had
15 Oct 2018
In March 2018 the Palo Alto startup Mindstrong Health, founded by three doctors, began clinical tests of an app that uses patients' interactions with their smartphones to monitor their mental state. The app, which is being tested on people with serious illness, measures the way patients swipe, tap
26 Jul 2018
In 2018, the chair of the London Assembly's police and crime committee called on London's mayor to cut the budget of the Mayor's Office for Policing and Crime, which provides oversight, in order to pay for AI systems. The intention was that the efficiencies of adopting AI would free up officers'
07 Jul 2018
In a 2018 interview, the Stanford professor of organisational behaviour Michal Kosinski discussed his research, which included a controversial and widely debunked 2017 study claiming that his algorithms could distinguish gay and straight faces; a 2013 study of 58,000 people that explored the
29 May 2018
In 2018, a Duke University medical doctor who worked with Microsoft researchers to analyse millions of Bing user searches found links between some computer users' physical behaviours - tremors while using a mouse, repeated queries, and average scrolling speed - and Parkinson's disease. The hope was
08 Jun 2018
In 2018, the British army used paid Facebook messages to target 16-year-olds around the day GCSE results were announced to suggest that an army career might still be open to them if their grades were sub-par. The move was criticised for targeting teenagers at their most vulnerable and stressed
04 Apr 2017
In 2017, the Massachusetts attorney general's office reached an agreement under which Boston-based Copley Advertising agreed to eschew sending mobile ads to patients visiting Planned Parenthood and other health clinics. In 2015, Copley's geofencing technique used location information from
25 May 2018
In 2018, the digital marketing company Tell All Digital began marketing technology to personal injury law firms to enable them to send mobile ads to patients they know are waiting for treatment in an emergency room and for up to a month afterwards. The technology relies on geofencing, a technique
08 May 2018
In 2018, documents obtained by a public records request revealed that the Los Angeles Police Department required its analysts to maintain a minimum of a dozen ongoing surveillance targets identified using Palantir software and a "probable offender" formula based on an LAPD points-based predictive
21 Sep 2018
In 2017, the head of China’s security and intelligence systems, Meng Jianzhu, called on security forces to break down barriers to data sharing in order to use AI and cloud computing to find patterns that could predict and prevent terrorist attacks. Meng also called for increased integration of the
02 Apr 2018
By 2018, gene studies involving more than 200,000 test takers had found correlations between 500 human genes and academic success. Based on these results, the behavioural geneticist Robert Plomin claimed that parents would be able to use consumer tests to enable "precision education", built around
17 May 2018
In May 2018, US Immigration and Customs Enforcement abandoned the development of machine learning software intended to mine Facebook, Twitter, and the open Internet to identify terrorists. The software, announced in the summer of 2017, had been a key element of president Donald Trump's "extreme
01 Aug 2018
By August 2018, the UK government's "hostile environment" policy, as set out in the 2014 and 2016 Immigration Acts and other measures, was extending the national border into the heart of services such as banking, education, health, and housing where landlords and staff have been forced to implement
30 Sep 2018
In September 2018, the US Department of Homeland Security proposed to add credit scores and histories to the list of information immigrants are required to submit when applying for legal resident status. The stated purpose of the proposed rule is to bar those who might become a "public charge" from
27 Sep 2018
Canada began experiments introducing automated decision-making algorithms into its immigration systems to support evaluation of some of the country's immigrant and visitor applications in 2014. In a 2018 study, Citizen Lab and NewsDeeply found that AI's use was expanding despite concerns about bias
06 Sep 2018
Following the 9/11 attacks in 2001, the New York City Police Department installed thousands of CCTV cameras and by 2008 in partnership with Microsoft had built the Lower Manhattan Security Coordination Center to consolidate its video surveillance operations into a single command centre that also
15 May 2018
In 2011, the US Department of Homeland Security funded research into a virtual border agent kiosk called AVATAR, for Automated Virtual Agent for Truth Assessments in Real-Time, and tested it at the US-Mexico border on low-risk travellers who volunteered to participate. In the following years, the
17 Sep 2018
In 2018, at least five British local authorities began developing systems intended to use predictive analytics to identify families needing attention from child services on the basis that algorithmic profiling could help them target their scarce resources more efficiently. Data about at least 377
31 Oct 2018
In 2018, the EU announced iBorderCtrl, a six-month pilot led by the Hungarian National Police to install an automated lie detection test at four border crossing points in Hungary, Latvia, and Greece. The system uses an animated AI border agent that records travellers' faces while asking questions
20 Nov 2018
Police in the German state of Hesse are using a bespoke version of Palantir's Gotham software system, specially adapted for the police force. Palantir CEO Alex Karp sits on the board of the German mega publisher Axel Springer. Publication: WorldCrunch, Jannis Brühl Date: 20 November 2018
13 Apr 2015
In 2016, Tapad launched a partnership with the location-based ad targeting firm Placed to provide a service measuring the impact of digital advertising on in-store sales. Tapad sends anonymous campaign data to Placed, which has a panel of more than 500,000 users who have opted in. Placed measures
15 Nov 2016
In 2016, Tapad and Acxiom's LiveRamp announced an expanded partnership to make Tapad's proprietary Device Graph accessible to LiveRamp's more than 400 adtech and marketing technology platforms. Device Graph enables marketers to track customer engagement across all digital channels. LiveRamp will use
31 Jan 2018
In 2018, Tapad announced it would offload its media business to Brand Networks, refocusing instead on its data business and identity products, primarily its cross-device graph. A particular target for its new focus was the telecommunications industry, starting with Telenor, which acquired Tapad in
08 Feb 2018
In 2018, Tapad announced a partnership with Twine Data intended to integrate Tapad's probabilistic cross-device tracking capability with Twine's deterministic identity graph. The two companies intend to create one of the largest portable identity graph and customer relationship management onboarding
29 Apr 2013
In 2013, companies like Tapad developed new "cross-screen marketing" techniques to allow them to expand from tracking desktop computer users across the web to targeting them as they moved to smartphones and tablets. Cookies - small bits of code deposited on computers - do not work as well on mobile
13 Apr 2015
In 2014, Tapad claimed its system for matching consumers across multiple devices protected privacy because it relied on probabilistic matching rather than a deterministic approach that builds on personally identifiable information. The deterministic approach relies on logins - for example, an
18 Jun 2015
In 2015, the advertising startup Tapad launched TV Pulse, a measurement platform that added linear TV data to its existing cross-device platform. The company claimed that its technology could detect devices such as smartphones being used by the same consumer who had viewed the company's TV ads, to
18 Jun 2015
In 2013, the New York-based startup Tapad was growing fast based on its claim to be able to track and target individual consumers across many devices - desktop and laptop computers, TVs, smartphones, and tablets. The technique goes well beyond cookies, which enable sites to track individuals across
01 Feb 2016
In 2015, Norwegian telephone company Telenor announced it was acquiring Tapad, a five-year-old New York-based advertising startup for $360 million. Tapad focuses on cross-device "retargeting"; that is, it claims to track billions o dfata points across mobile devices, PCs, TV, and watches, and, going
01 Jan 2017
The key claim of retargeting, the business of companies like Paris-based Criteo, is that it can match long-tail advertisers with long-tail publishers and retailers. Ad exchanges enable these connections by identifying the specific group of people who need what smaller brands have - products such as
08 Sep 2016
In 2016, when data scientist Fred Benenson investigated why he had received an email from Sears asking if he was still interested in a product shortly after he had browsed for it on the Sears website, he discovered that Sears had contracted the French company Criteo to make this type of connection
12 Jul 2016
In 2016, the French company Criteo, which uses website tags to collect information about the products visitors see, noted that it keeps such data for 13 months. The company creates user profiles based on each visit to a website to view content or a product, and also uses the data for retargeting ads
08 Feb 2010
In 2010, customers of the online shoe retailer Zappos, which was acquired by Amazon in 2009, began noticing that recommendations for products they had viewed on the site were following them around the web. The culprit was a then-new practice known as "retargeting", which uses cookies to identify
02 May 2018
The French company Criteo is struggling to conform to the requirements of the EU's General Data Protection Regulation, which came into force in May 2018. Critics believed that Criteo's practice of opting visitors to European retail sites into first-party cookies and tracking even if they ignored the
11 Feb 2017
In 2017, the French retargeting company Criteo admitted that Apple's Intelligent Tracking Prrevention - changed default settings that prevent ad networks and other technology companies from tracking users - would cut its revenues by 8% to 10%. Although Safari had blocked such third-party cookies
08 Oct 2018
In 2018, the French company Criteo announced it would link up with the ecommerce company Shopify to enable retailers and merchants of all sizes to use its technology to target users across channels and devices and scale up their businesses. Retailers will not need to expand their IT resources. https
28 Jun 2018
In 2018, the French company Criteo unveiled its new €20 million AI lab, dedicated to researching and developing machine learning. The company intends the lab to shape industry standards for measurement and best practices in this area, and lead the international conversation on responsible data use
08 Oct 2018
In 2018, the French company Criteo formed a partnership with AgilOne to identify and link customer behaviour across multiple online and offline channels. The service is intended to make the ads consumers see more relevant, but also stop showing them ads for products they've already bought in offline
21 Sep 2013
In 2012, when the French company Criteo filed with the Securities and Exchange Commission to go public, it cited its data assets and the accuracy of its algorithms as a crucial part of its valuation. The company said that every day it was presented with billions of opportunities to connect
07 Dec 2010
In 2010, Quantcast and Clearspring agreed to settle class action lawsuits brought against them over their use of Flash cookies. Flash cookies are "Local Storage Objects" stored by Adobe's Flash player plug-in; unaffected by browser privacy settings, they can respawn HTTP cookies after a user finds
05 Nov 2015
In 2015, Quantcast CEO Konrad Feldman explained his purpose in starting up the company in 2006: "to manufacture data to make advertising more relevant for consumers". By 2015, as display advertising on the web was beginning to use the targeting techniques previously preserved for search advertising
15 May 2014
In 2013 and 2014, Quantcast's CEO, Konrad Feldman, claimed that real-time bidding, the latest trend in advertising technology, was providing a new way to game advertisers. RTB, also known as "programmatic" advertising, uses cookies to track what users have looked at and then retarget them through
22 May 2018
In 2018, a week before the General Data Protection Regulation came into force in the EU, Quantcast and several other publishing industry groups complained that Google in an open letter that Google was imposing GDPR risks on publishers and consumers. Under the system Google proposed for GDPR
10 Jul 2015
In 2015, Quantcast launched Audience Grid, an "open data marketing platform" to combine the data it collects from websites with data on audience habits collected by partners such as Tivo Research and Oracle's Datalogix. The combination is intended to give online advertisers greater insight into
11 Feb 2017
In 2017, Quantcast, which measures visitors to over 150 million web destinations, announced it would partner with Quantium, a company that collects purchase data and analytics, to bridge the gap between offline and online audiences and provide insight into the patterns of online consumer behaviour
23 Jan 2018
In 2018, Quantcast began expanding into Asia, opening operations in Hong Kong, Indonesia, Malaysia, Philippines, Singapore, Taiwan, and Thailand. The company explained the move was part of a market "tipping point", in which AI would transform every customer experience, company, and industry
16 Aug 2018
In August 2018, three months after the General Data Protection Regulation came into force in the EU, Quantcast reported that over 90% of visitors to websites using the company's Quantcast Choice consent management platform were giving consent to at least some use of cookies. About 81% were
12 May 2013
In 2013, Twitter announced it would partner with numerous advertising companies including Quantcast and Oracle's BlueKai to create "tailored audiences". Twitter claims the service anbles advertisers to define targeted groups of current and prospective customers who have "shown interest" in their
15 Dec 2015
In 2015, Oracle and the US Federal Trade Commission settled charges that Oracle had compromised users' security by failing to remove older versions of Java SE from their computers when the software was updated. The software was installed on more than 850 million computers as of August 2014; Oracle
23 Dec 2013
In August 2016, Oracle's MICROS division, one of the top three global point-of-sale vendors, was hacked by the Carbanak Gang, a Russian organised cybercrime group known for hacking into banks and retailers. In 2014 when Oracle acquired it, MICROS' systems were in use at more than 200,000 food and
07 Jan 2015
In 2015, Turner Broadcasting, a semi-autonomous division of AT&T's Warner Media announced it would integrate offerings from Episilon, Krux, and Oracle into its data management platform, which powers its ads. Oracle and Epsilon help bring in offline and multichannel consumer data, while Krux bridges
01 Jan 2016
In 2013, Oracle spent $1.5 billion to acquire the cross-channel marketer Responsys in a move analysts saw as an effort to compete with Salesforce, and also Adobe Systems. The acquisition was the beginning of a push into marketing that continued through 2015. Oracle, better known for enterprise
02 Jun 2015
In 2014, Oracle beat out Facebook, Adobe Systems, and TV ratings agency AC Nielsen to acquire Datalogix for an estimated $1.2 billion. At the time, DataLogix, which provides data on offline consumer spending to digital marketers to enable them to track the effectiveness of their ads, had estimated
16 Nov 2015
In 2015, Oracle rolled out "Validated Demographics", a service based on combining the capabilities it acquired with BlueKai, a data management platform that gathers data from publishers, and Datalogix, a tool that compiles offline demographic data. The combination of these complementary services
13 Apr 2017
In 2017, Oracle Data Cloud and Simulmedia entered into an agreement to enable purchase-based targeting on national television. In this system, advertisers are able to reach audiences that are targeted based on their in-store purchases. Simulmedia is a leader in data-optimised TV campaigns; its
13 Jul 2016
In 2016, PlaceIQ, which connected physical and digital activities across time, space, and mobile devices, announced a collaboration with Oracle that would make its audience data available through Data Cloud's BlueKai Marketplace. PlaceIQ uses data from 475 million location points, 100 million unique
01 May 2016
In 2016, Oracle, long known as an enterprise software company, acquired the audience tracking company AddThis as part of expanding its business into marketing technology. AddThis places buttons on web pages to enable visitors to share stories or follow accounts on social media sites such as Facebook
22 Oct 2018
In 2018, to enhance its AI capabilities Oracle acquired DataFox, which supplies business intelligence that can be used to help businesses plan a variety of customer relationship management services. The startup has a database covering 2.8 million public and private businesses and expecting to add 1
21 Sep 2017
In 2017 a free online service offered by Experian was found to be allowing anyone to request the PIN needed to unlock a previously-frozen consumer credit file. Freezing the file is intended to secure such accounts against tampering and fraud. To get an unlocking number, visitors needed to provide
13 Jan 2000
In 2000, Experian entered into a consent decree with the Federal Trade Commission and agreed to pay $1 million to settle charges that the company blocked and delayed incoming phone calls from consumers wishing to discuss the contents of and possible errors in their credit reports. Under the Fair
10 Feb 2015
In October 2015, Experian announced that a breach of its computer systems exposed the Social Security numbers and other data of approximately 15 million people who applied for financing from the mobile network operator T-Mobile USA, to which Experian supplied credit assessment services. Experian
13 Oct 2013
In 2013, detailed personal information being sold by the fraudster-friendly underground service Superget.info was found to have been bought from CourtVentures, a public records aggregator bought by Experian in 2012. In late 2013, Superget.info's operator, 24-year-old Vietnamese national Ngô Minh
01 Jan 2005
As early as 2005, Experian began suggesting that its Mosaic consumer classification system, used by retail chains to tailor their stock for local populations could be used by political parties for campaigning. Based on work by Richard Webber, a visiting professor at University College London, Mosaic
21 Feb 2007
In 2007, Experience agreed to pay $300,000 to settle a Federal Trade Commission complaint that the company's ads for a "free credit report" failed to explain clearly enough that consumers who signed up would be enrolled in a credit-monitoring programme costing $79.95 per year. The FTC alleged that
23 Mar 2017
In March 2017, Experian agreed to pay a $3 million fine to settle a complaint brought by the Consumer Financial Protection Bureau that until 2014 the company had provided consumers with "educational" credit scores that were different from the FICO scores actually provided to credit card issues
13 Oct 2017
On October 13, 2017, as a result of the massive data breach announced in September and the discovery that the company's website was infected with malware, the U.S. Internal Revenue Service suspended a $7.2 million contract with Equifax pending investigation. A week earlier, the IRS had announced
12 Oct 2017
In October 2017, the Equifax website was infected by malware that redirected visitors to a page that delivered fraudulent Adobe Flash updates that infected visitors' computers with adware. The company took down the affected pages after it was notified. Investigation showed that the malicious
15 Sep 2017
In September 2017, unrelated to the massive data breach the company simultaneously announced, Equifax withdrew its mobile apps from Apple's App Store and Google Play because of security flaws that meant that data transferred between users and Equifax was not encrypted in transmission. Given the
04 Jan 2017
In January 2017 two of the three largest US credit reporting bureaus, Equifax and TransUnion, were jointly fined $23 million in a settlement with the Consumer Financial Protection Bureau. CFPB held that the two companies marketed some of their products as free or costing $1 when in fact consumers
12 Sep 2017
A week after Equifax's massive 2017 data breach, researchers discovered that the company's Veraz online portal, designed to let Equifax's employees in Argentina manage credit report disputes mounted by that country's consumers, was left wide open, protected only by the user name and password
02 Aug 2013
In August 2013, a jury in the Portland, Oregon Federal District Court awarded Julie Miller $18.4 million in punitive damages when despite two years of complaints and filings Equifax failed to rectify errors in her credit report that blocked many aspects of her financial life. Miller had followed the
11 Aug 2017
In November 2017, an investigation of Equifax's Work Number database, owned by the company's TALX division, found that it contains over 296 million employment records including employees at all salary levels. Every week the database receives current payroll data on about a third of the working US
10 Aug 2017
In October 2017, researcher Brian Krebs discovered that a service provided by Equifax's TALX division, The Work Number, made it possible for anyone equipped with an individual's Social Security Number and date of birth to access that person's detailed salary and employment history. Because of the
18 May 2017
In May 2017, Equifax advised a number of customers that between April 2016 and March 2017 criminals had been able to steal income tax data from the service The Work Number provided by its TALX subsidiary. The Work Number provides online payroll, human resources, and tax services to companies for
30 Jul 2003
In 2000, and then again in 2003, the US Federal Trade Commission fined Equifax for blocking phone calls from consumers trying to get information about their credit or discuss their reports or making them wait for extended periods of time in violation of the Fair Credit Reporting Act. In 1996
10 Oct 2012
In October 2012, Equifax agreed to a settlement with the US Federal Trade Commission over charges that between January 2008 and early 2010 the company improperly sold lists of consumers who were late on their mortgage payments in violation of the FTC Act and the Fair Credit Reporting Act. Equifax
17 Sep 2018
In September 2017, soon after announcing the company had suffered a major data breach that exposed sensitive information pertaining to about 150 million people, Equifax set up a poorly secured website intended to help people determine whether they had been affected. The site was flagged by numerous
26 Oct 2017
In October 2017, an anonymous security researcher informed Equifax that in December 2016 they had found a vulnerability in one of its public-facing websites that allowed them to access the personal data of every American, including full names, birthdates, city and state of residence, and social
07 Sep 2017
Days after Equifax discovered its data breach in July 2017 but before the breach was announced publicly in September, three of its top executives including the chief financial officer sold nearly $2 million worth of shares. The company told the Securities and Exchange Commission that the sales
07 Sep 2017
On September 7, 2017, the credit scoring company Equifax announced that between mid-May and July 2017 its database of consumer records had been hacked. Eventually, in a filing with the Securities and Exchange Commission following demands from US senators, the company provided detailed statistics of
13 May 2017
In 2017, a group of data brokers led by Acxiom, AppNexus, and MediaMath, and including Index Exchange, LiveIntent, OpenX, and Rocket Fuel, launched a consortium to make targeted programmatic advertising more widely available. Part of the consortium's goal is to enable the companies involved to
12 Sep 2018
In September 2018, Acxiom introduced an open data framework intended to create an omnichannel view of the people in its database. The company claims this "unified data layer" will let customer companies connect their marketing technology and ad technology ecosystems and connect the online world to
18 Dec 2012
In December 2012, the US Federal Trade Commission opened an investigation into data brokers' privacy practices, requesting information from nine companies: Acxiom, Corelogic, Datalogix, eBureau, ID Analytics, Intelius, Peekyou, Rapleaf, and Recorded Future. The FTC sought information about: the
16 Jun 2012
In 2012, Acxiom's database was reported to be the largest commercial database on consumers in the world, containing approximately 1,500 data points, or "elements", for each of the 500 million active consumers worldwide and processing more than 50 trillion data transactions per year. Each of the
17 Nov 2003
In 2003, the for-profit privacy company Private Citizen, which helps paying consumers unsubscribe from telemarketers' lists and direct mailing offers, found that Acxiom had begun rejecting the batches of opt-out notices the service sent on behalf of its subscribers. Acxiom insisted that each person
23 Sep 2003
In 2003, the Electronic Privacy Information Center, Privacy Rights Clearinghouse, and PrivacyActivism filed complaints with the US Federal Trade Commission alleging that JetBlue Airways and Acxiom engaged in deceptive trade practices by supplying personal information about consumers to the Alabama
04 Sep 2013
In 2013, 44 years after Acxiom went into business selling consumer data, the company opened a website, aboutthedata.com, to allow Americans to see the data the company holds about them and make it easier to opt out of tracking. However, using the site requires visitors to input a substantial amount
12 Apr 2018
In April 2018, Facebook announced that in six months it would end a programme it called "Partner Categories", in which the social network acted as a bridge between data brokers like Acxiom, Epsilon, and TransUnion and the consumers their customers want to reach. In this deal, Facebook did not
12 May 2016
In 2016, Acxiom announced a deal with the media delivery company Valassis, a subsidiary of Harland Clarke Holdings Corp, intended to provide marketers with better post-campaign analytics. The linkage of the two companies was intended to "provide an integrated view of a consumer's purchase behaviour"
08 Jan 2014
In 2014, Acxiom's chief product and engineering officer, Phil Mui, described the system the company had been building to link individuals' activities across the many channels, devices, and applications they use. A single individual may accumulate four different personas via 24 cookies across six
21 Jul 2004
In 2004, the US Department of Justice investigated the theft of 8.2GB of personal data from File Transfer Protocol (FTP) servers belonging to Acxiom between 2002 and 2003. The case was thought to represent the largest case of data theft at the time. Scott Levine, the owner of the email spamming
08 Aug 2003
In 2003, Acxiom announced that law enforcement officials had notified the company that it had been hacked, and that the attacker had intercepted information in transit between the company and some of its clients via a File Transfer Protocol (FTP) server located outside the company's firewall. The
08 Oct 2018
Google announced on October 8 having discovered a vulnerability in the Google+ API which has been open since 2015. This vulnerability allowed third-party developers to access data for more than 500,000 users, including their usernames, email addresses, occupation, date of birth, profile photos, and
23 Aug 2018
Facebook-owned Onavo VPN (adertised as a way to block harmful websites, and keep a user's data safe) is pulled from the Apple App Store due to tracking, collecting, and analysing customers' usage data, including from other unrelated apps. https://arstechnica.com/tech-policy/2018/08/facebook-violates
28 Sep 2018
30 million users had their accounts breached, with a total of 90 million accounts reset after Facebook's "view as" feature leaked unique user account access tokens, allowing attackers to not only trivially impersonate any other user on the platform, but also to potentially automate the attack on a
Explainer
In the digital economy there is a trend towards corporate concentration. This is true for social media platforms, search engines, smart phone operating systems, digital entertainment, or online retailers. Meanwhile, the way in which market dominance is measured traditionally does not always capture
17 Nov 2017
There has been the spread of the linking of the patient identity cards of HIV positive patients, pushed for by the National Aids Control Organisation. While it is not compulsory, in November 2017 it was reported that some patients reported that they were denied treatment until they gave their
23 Mar 2018
In March 2018, a security researcher discovered that the state-owned utility company Indane had access to the Aadhaar database via an API, but they did not secure this way of entry. As a result, anybody was able to use this service to access details on the Aadhaar database about any Aadhaar number
16 Dec 2017
In December 2017, it was revealed that the large telco Bharti Airtel made use of Aadhaar-linked eKYC (electronic Know Your Customer) to open bank accounts for their customers without their knowledge or consent. eKYC is a way of using data in the UIDAI database as part of the verification process
04 Jan 2018
In January 2018, journalists found that, for 500 rupees (around $7USD), they were able to buy on WhatsApp access to a gateway that allowed them to access the personal details connected to any of the entries on the Aadhaar database - by entering any Aadhaar number, they could see details like the
11 Sep 2018
In September 2018, a software patch was found by journalists to be widely available, that disabled or weakened the security features in the software used to enroll people on the Aadhaar databse, potentially from anywhere in the world. The patch was reportedly widely-available in WhatsApp groups
09 Aug 2018
AirAsia engaged Palantir as a data science partner focused on “guest experience, inflight sales, route revenue, finance, security, flight operations, network planning, cargo, supply chain management, commercial and people development.” Publication: AirAsia newsroom Date: 8 August 2018
Explainer
What is an IMSI catcher? An IMSI catcher is an intrusive piece of technology that can be used to locate and track all mobile phones that are switched on in a certain area. An IMSI catcher does this by ‘pretending’ to be a mobile phone tower - tricking your phone into connecting to the IMSI-catcher
01 Apr 2007
DoubleClick was one of the first companies set up to sell display advertising on the web. Set up in 1996, it went public in 1998, and in 1999 merged with the data collection company Abacus Direct. In response to a 2001 US Federal Trade Commission investigation of the proposed merger, DoubleClick
18 May 2018
In May 2018, Google announced an AI system to carry out tasks such as scheduling appointments over the phone using natural language. A Duplex user wanting to make a restaurant booking, for example, could hand the task off to Duplex, which would make the phone call and negotiate times and numbers. In
31 Jul 2017
In 2017 the Electronic Privacy Information Center filed a complaint with the US Federal Trade Commission asking the agency to block Google's Store Sales Measurement service, which the company introduced in May at the 2017 Google Marketing Next event. Google's stated goal was to link offline sales to
07 Jun 2013
In 2013, Edward Snowden, working under contract to the US National Security Agency for the consultancy Booz Allen Hamilton, copied and leaked thousands of classified documents that revealed the inner workings of dozens of previously unknown surveillance programs. One of these was PRISM, launched in
13 May 2014
In 2009, Spanish citizen Mario Costeja González objected to the fact that an auction notice from 1998, when his home was repossessed, was still accessible on the website of the Spanish newspaper La Vanguardia and the first thing people saw when they searched for him on Google. When the courts
30 Aug 2012
In 2012 the US Consumer Watchdog advocacy group filed a complaint against Google alleging that the company had violated its 2011 consent decree with the US Federal Trade Commission in the case about Google Buzz. The complaint was based on February 2012 revelations that the site was failing to honour
25 Jan 2012
In 2012, Google announced it would condense 70 different privacy policies into a single one that would allow the company to merge the data collected across all its services, including Maps, search, Android, Books, Chrome, Wallet, Gmail, and the advertising service provided by its DoubleClick
30 Mar 2011
In 2010, increasing adoption of social media sites such as blogs, Facebook, Twitter, and Flickr led Google to develop Buzz, an attempt to incorporate status updates and media-sharing into its Gmail service. Users could link their various social media feeds, including Picasa (Google's photo-sharing
01 Jul 2011
In July 2011, the established writer GrrlScientist tried to log into her Google account and found that it was suspended, barring her access to Gmail, Google Docs, YouTube, Google Reader, and the newly launched social network Google+. It turned out that the reason was then when Google launched its
15 May 2010
In 2010, Google revealed that a data audit required by Germany's data protection authority had revealed that since 2007 the cars deployed to capture images for its Street View project had accidentally captured 600GB of data from local wifi networks, including personal web browsing histories. Google
30 May 2007
In May 2007, Google launched Street View, an add-on to its Maps service that allows users to see and "drive" through images of streets and buildings. Almost immediately, the service provoked controversy when users realised that these images included pictures looking through the windows of their
02 Apr 2009
Google launched its first version of Android in 2009. Based on a modified Linux kernel and other open source software, Android provides the operating system for mobile phones, tablets, televisions, cars, wrist watches, and many other devices including digital cameras, game consoles, PCs, and
15 Mar 2007
To personalise the services it offers, Google retains user data such as search histories and as well as the Internet Protocol (IP) addresses and other digital identifiers that enable the company to link search queries to the specific computer where they were generated. Until March 2007, the company
26 Jun 2017
When Google launched Gmail in 2004, the new service rapidly gained acceptance because it offered far more storage space than any other comparable service. From the beginning, however, Gmail scanned the contents of emails to help the company generate contextual ads. Scanning has never applied to the
30 May 2001
The first example of internet users being blindsided by the retention of information they had thought was ephemeral was Usenet, a worldwide collection of discussion groups ("newsgroups") created in 1979. At the beginning, computers called each other directly to swap and distribute new postings; as
30 May 2005
In 2005, Google launched its web analytics service, which tracks and reports website traffic. The most widely-used analytics service on the web, Google Analytics comes in three versions: free, the subscription enterprise service 360, and a mobile service that collects analytics from both iOS and
19 Dec 2017
In December 2017, the German cartel office presented preliminary findings in an investigation of Facebook, ruling that the company had abused its dominant position by requiring access to third-party data (including data from subsidiaries WhatsApp and Instagram) when an account is opened and tracking
11 Sep 2017
In September 2017, the Spanish national data protection regulator fined Facebook €1.2 million, alleging that the company collected personal information from Spanish users that could then be used for advertising. The investigation, which took place alongside others in Belgium, France, Germany, and
18 May 2017
In May 2017, the European Commission fined Facebook $122 million for providing incorrect or misleading information during its 2014 acquisition of WhatsApp. At the time of the acquisition, Facebook assured the EC that it would not be able to link its accounts database to that of WhatsApp. After the
30 May 2017
In May 2017, the French data protection regular, CNIL, fined Facebook €150,000 saying the company had failed to inform users properly about how their personal data is tracked and shared with advertisers. The regulator did not, however, order the company to change its practices. The decision was one
17 Mar 2018
In 2015, Facebook removed a feature that had been in place for some years that allowed developers to access information about Friends who had also signed up for their app. During that time, about 270,000 people downloaded and installed an app that was portrayed as part of an online personality quiz
30 Jun 2015
In June 2015, the Belgian data protection regulator, Commission for the Protection of Privacy, launched a complaint that Facebook indiscriminately tracked internet users when they visited Facebook pages or clicked Like or Share, even when they are not Facebook members. In November 2015, the Court of
31 Jan 2013
In January 2013, Facebook upgraded its search tool to enable the site to answer more complex questions. Called Graph Search, the new tool aimed to make it possible for users to find businesses and each other based on location, personal history, personal interests, and mutual friends. The site
30 Nov 2015
In 2015, Facebook created the "Free Basics" programme, in which the company partnered with telephone carriers in various countries to offer free access to Facebook - that is, using Facebook would not count against their data plan. While critics argued the plan is anti-competitive, violates the
25 Jul 2014
Nearly 700,000 Facebook users were subjects of a research study where researchers changed randomly selected users' newsfeeds to be more positive or negative to study whether those users then displayed a more positive or negative affect in response. The experiment showed the power of Facebook's control over the News Feed and the algorithms that determine which of the possible pieces of content shows up at the top at any given moment.
01 Jan 2012
In 2012, Facebook CEO Mark Zuckerberg's sister, Randi, tweeted to fellow Twitter user Callie Schweitzer that Schweitzer had violated her privacy by posting a picture taken in her kitchen. Randi Zuckerberg, the former head of Facebook's marketing department, had posted the picture, which was taken in
11 Nov 2011
In November 2011, the US Federal Trade Commission charged Facebook with repeatedly breaking the privacy promises it made to users. Among the list of deceptive practices and incidents in the FTC's complaint were December 2009 changes Facebook made to its site that publicly exposed information users
01 Jul 2011
In June 2011, Facebook enabled an automatic facial recognition called "Tag Suggestions" based on its research project DeepFace, requiring users who objected to opt out. The feature scanned the faces in newly uploaded photographs and compared them to those in the billions of images already on the
26 Jan 2011
In early 2011, Facebook launched "Sponsored Stories", an advertising product that used content from members' posts inside ads displayed on the service. Drawing on Likes, check-ins, and comments, a Sponsored Story might use a member's photograph and their comments from a coffee shop to create an ad
10 Oct 2010
In October 2010, the Wall Street Journal discovered that apps on Facebook were sending identifying information such as the names of users and their Friends to myriad third-party app advertising and internet tracking companies. All of the ten most popular Facebook apps, including Zynga's FarmVille
29 Jun 2016
When journalist Alex Hern needed to set up a Facebook account in order to manage the Guardian's technology page and other work-related things, he locked down its privacy settings so that the account's profile would not appear in searches and only Friends of Friends could add him as a friend. In
28 Apr 2010
In April 2010, Facebook launched a set of tools to enable websites to add a social layer by adding a Facebook frame to their pages. The company's three launch partners, Microsoft's Docs.com, Yelp, and Pandora, had access to a more comprehensive tool, Instant Personalization, which allowed them to
31 Jul 2009
In July 2009 after an in-depth study of the site spurred by complaints from the Canadian Internet Policy and Public Interest Clinic at the University of Ottawa, Canada's Privacy Commissioner issued a ruling that Facebook was in direct violation of the country's privacy laws. Among the regulator's
05 Sep 2007
In September 2007, Facebook, which from its 2004 founding had stressed the privacy of its user profiles and interactions, opened up its profiles to public search engines such as Google and Bing. Facebook's new "public listing search" allowed anyone to search for a particular person; such searches
20 May 2009
In May 2009, University of Cambridge computer science researcher Joseph Bonneau discovered as part of his research that many social network respond to user requests to delete photographs by hiding them while remaining them on their servers. Among the worst offenders were Facebook, MySpace, Bebo, and
28 Feb 2008
In February 2008, users discovered that deleting their account from Facebook does not entirely remove it. Instead, the company's servers retained copies of the information in those accounts indefinitely even after those users telephoned the company to request full removal. The company argued that
11 Nov 2007
In November 2007, Facebook launched Beacon, an advertising programme that allowed third-party sites to include a script that passed Facebook notifications about users' activities on their sites such as purchases, auction bids, reviews, and game-playing. The service as originally designed offered no
09 Sep 2006
In 2006, Facebook redesigned its system to add News Feed and Mini-Feed features, which the company said were intended to give users information about their social world. The News Feed was designed to provide a constantly updated stream of stories including updates from each user's Friends and
01 Jan 2011
Over the years from 2005, when Facebook was still known as "Thefacebook" and its membership was still limited to verifiable Harvard students, to 2010, Facebook changed its privacy policies many times. Over that time, the default circle of who could view users' data widened over time, first to
19 Nov 2003
The first iteration of Facebook, which then-student Mark Zuckerberg launched at Harvard University in 2003, was known as "Facemash", and was based on a popular website of the day, Am I Hot or Not? Using photographs of students scraped from those collected by the university's houses of residence, the
Video

A short video explaining how governments compromise the security of our devices and infrastructure to feed their surveillance objectives.

01 Mar 2018
A data breach at the Internet Research Agency, the Russian troll farm at the centre of Russia's interference in the 2016 US presidential election, reveals that one way the IRA operated was to use identities stolen from Americans. Using these accounts and other fake ones, the troll farm interacted
17 Mar 2018
According to whistleblower Christopher Wylie, during the 2014 US midtern elections, Cambridge Analytica, needing data to complete the new products it had promised to political advisor Steve Bannon, harvested private information from the Facebook profiles of more than 50 million users without their
28 Mar 2018
In March 2018, Facebook announced it was scrapping plans to show off new home products at its developer conference in May, in part because revelations about the use of internal advertising tools by Cambridge Analytica have angered the public. The new products were expected to include connected
30 Mar 2018
Users downloading their Facebook histories have been startled to find that the company has been collecting call and SMS data. The company has responded by saying users are in control of what's uploaded to Facebook. However, the company also says it's a widely used practice when users first sign in
31 Mar 2018
Behind the colourful bicycles and games rooms, Silicon Valley tech giants operate a strict code of secrecy, relying on a combination of cultural pressure, digital and physical surveillance, legal threats, and restricted stock to prevent and detect not only criminal activity and intellectual property
28 Feb 2018
The Houston, Texas-based online dating startup Pheramor claims to use 11 "attraction genes" taken from DNA samples in its matchmaking algorithm. Launched in February 2018 in Houston with 3,000 users, Pheramor also encourages users to connect it to their social media profiles so it can datamine them
15 Mar 2018
The small, portable GrayKey box, costing $15,000 for an internet-connected version tied to a specific location or $30,000 for an offline version usable anywhere, takes two minutes to install proprietary software designed to guess an iPhone's passcode. Intended for use by law enforcement officials
28 Feb 2018
As part of its attempt to keep its 40,000 drivers operating on the streets of London after Transport for London ruled in October 2017 it was not "fit and proper" to run a taxi service, Uber has promised to share its anonymised data on travel conditions and journey times. TfL said in February 2018
The accuracy of Facebook's ad targeting sometimes leads users to believe that Facebook is spying on them by tapping the microphones in their phones. Facebook has denied the practice - and is likely telling the truth because uploading and scanning the amount of audio data such a system would involve
The CEO of MoviePass, an app that charges users $10 a month in return for allowing them to watch a movie every day in any of the 90% of US theatres included in its programme, said in March 2018 that the company was exploring the idea of monetising the location data it collects. MoviePass was always
In 2015, the University of Arizona began tracking freshman students’ ID card swipes as part of a project to try to lower the rate at which students drop out or leave for another university. The cards, which include an embedded sensor and are given to all students, can be read at almost 700 locations
The Danish company Blip Systems deploys sensors in cities, airports, and railway stations to help understand and analyse traffic flows and improve planning. In the UK's city of Portsmouth, a network of BlipTrack sensors was installed in 2013 by VAR Smart CCTV, and the data it has collected is used
Designed for use by border guards, Unisys' LineSight software uses advanced data analytics and machine learning to help border guards decide whether to inspect travellers more closely before admitting them into their country. Unisys says the software assesses each traveller's risk beginning with the
On August 1, 2017, Wisconsin company Three Square Market began offering its employees the option of implanting a tiny chip between their thumb and index finger. The chip enables employees to wave at hand at any of the company's RFID readers in order to enter the building, pay for food in the
Like other countries, the US began incorporating RFID chips into its passports in 2006. The chips, which store passport information including name, date of birth, passport number, photo, and biometric identifiers, enable machine-readable border controls like those now seen at an increasing number of
Car companies have long collected data about the consumers who buy their cars. Now, they hope to aggregate and sell customer preferences to outside vendors for marketing purposes much as online tech giants like Google and Facebook already do. The companies say that exploiting this data will help
Reporter Kashmir Hill tested life in a smart home by adding numerous connected devices. The self-heating bed gave her daily reports on whether she'd reached her "sleep goal". She liked the convenience of the voice-activated lights, coffee maker, and music, the ability to convey a message to a
In 2012, Durham Constabulary, in partnership with computer science academics at Cambridge University, began developing the Harm Assessment Risk Tool (HART), an artificial intelligence system designed to predict whether suspects are at low, moderate, or high risk of committing further crimes in the
27 Feb 2018
Under a secret deal beginning in 2012, the data mining company Palantir provided software to a New Orleans Police Department programme that used a variety of data such as ties to gang members, criminal histories, and social media to predict the likelihood that individuals would commit acts of
LinkNYC, a system of 1,000 public wifi kiosks across all five boroughs of New City administered by the private consortium CityBridge, offers free high-speed wifi, phone calls, a charging station for mobile devices, and a built-in tablet to access a variety of city services. Announced by the mayor's
In a draft January 2018 report obtained by Foreign Policy and produced at the request of US Customs and Border Protection Commissioner Kevin McAleenan, the Department of Homeland Security called for continuous vetting of Sunni Muslim immigrants deemed to have "at-risk" profiles. Based on studying 25
In 2016, Facebook and its photo-sharing subsidiary Instagram rolled out a new reporting tool that lets users anonymously flag posts that suggest friends are threatening self-harm or suicide. The act of flagging the post triggers a message from Instagram to the user in question offering support
28 Feb 2018
Recruiters are beginning to incorporate emotional recognition technology into the processes they use for assessing video-based job applications. Human, a London-based start-up, claims its algorithms can match the subliminal facial expressions of prospective candidates to personality traits. It then
23 Feb 2018
A former Facebook insider explains to Wired Magazine why it's almost certain that the Trump campaign's skill using the site's internal advertising infrastructure was more important in the 2016 US presidential election than Russia's troll farm was. The first was the ads auction; the second a little
20 Feb 2018
In 2018, pending agreement from its Institutional Review Board, the University of St Thomas in Minnesota will trial sentiment analysis software in the classroom in order to test the software, which relies on analysing the expressions on students' faces captured by a high-resolution webcam
In a report on mobile security updates, the US Federal Trade Commission finds that because of the complexity of the mobile ecosystem applying security updates to operating system software on some mobile devices is time-consuming and complicated. Based on information gathered from eight device
Two of the most notorious malware outbreaks of 2017 were the ransomware WannaCry and the wiper malware NotPetya. Both relied on the NSA's EternalBlue exploit of the Microsoft Server Message Block, which was leaked online by the hacker group The Shadow Brokers. Along with EternalBlue, The Shadow
In February 2018 the US Immigration and Customs Enforcement (ICE) signed a contract with Vigilant Solutions, giving it access to the company's giant database of billions of license plate records, which can be searched to produce every place a given license plate has been seen in the last five years
The story began with the free Bylock messaging app, which was used between 2014 and 2016 and which the Turkish government associated with treason and followers of Fethullah Gülen, the group they believe was behind the attempted 2016 coup. The app was downloaded roughly half a million times and had
The popular app Citymapper, which began in London and has since expanded to New York, Paris, and Amsterdam, is a live journey planning application that integrates all available modes of transport. Providing this service allows Citymapper to collect vast amounts of data: where, when, and by what
Security researcher Scott Helme found more than 4,000 websites, including many belonging to the UK government, were infected with Coinhive, code that mines the cryptocurrency Monero. Among the sites affected were those belonging to the Information Commissioner's Office, the Student Loans Company
In a study of COMPAS, an algorithmic tool used in the US criminal justice system , Dartmouth College researchers Julia Dressel and Hany Farid found that the algorithm did no better than volunteers recruited via a crowdsourcing site. COMPAS, a proprietary risk assessment algorithm developed by
12 Feb 2018
In February 2018 the Home Office gave the Yorkshire Police 250 scanners that use a smartphone app to run mobile fingerprint checks against the UK's criminal fingerprint and biometrics database (IDENT1) and the Immigration and Asylum Biometrics System (IABS). The app was simultaneously made available
01 Feb 2018
Amazon, which is already known for closely monitoring its warehouse workers has been granted two US patents on a wristband that could use ultrasonic sound pujlses and radio transmissions track a worker's every move, pause, or fidget, and vibrate to provide haptic feedback to nudge them when they
Princeton University's WebTap - Web Transparency and Accountability - project conducts a monthly automated census of 1 million websites to measure tracking and privacy. The census detects and measures many or most of the known privacy violations researchers have found in the past: circumvention of
21 Feb 2018
In 2017, Facebook introduced two mechanisms intended to give users greater transparency about its data practices: the "why am I seeing this?" button users can click to get an explanation of why they're being shown a particular ad, and an Ad Preferences page that shows users a list of attributes the
In January 2018 the Cyberspace Administration of China summoned representatives of Ant Financial Services Group, a subsidiary of Alibaba, to rebuke them for automatically enrolling its 520 million users in its credit-scoring system. The main complaint was that people using Ant's Alipay service were
15 Jan 2018
Modern vehicles are networks of sophisticated computers on wheels that can collect more intimate data about ourselves and our lives than smartphones do. The agreements covering nearly every new vehicle that is leased or sold in the US often now include a clause permitting the manufacturer to monitor
The first signs of the combination of AI and surveillance are beginning to emerge. In December 2017, the digital surveillance manufacturer IC Realtime, launched a web and app platform named Ella that uses AI to analyse video feeds and make them instantly searchable - like a Google for CCTV. Company
14 Jan 2018
Police investigating the 2016 rape and murder of a 19-year-old medical student were unable to search the iPhone of suspect Hussein Khavari, an Afghan refugee who declined to give them his password. The investigators gained access to the phone via a private company in Munich, and went through Apple's
28 Feb 2018
In February 2018 Uber and the city of Cincinnati, Ohio announced the Cincinnati Mobility Lab, a three-year-partnership that will allow the city and the surrounding area in northern Kentucky to use Uber data for transport planning. Cincinnati, like many cities, is anxious to identify the impact of
30 Oct 2017
In October 2017, the farm equipment manufacturer John Deere began requiring American farmers to sign an agreement forbidding almost all repair and modification of the equipment they buy and also preventing them from suiting for software-related problems. In response, the began hacking their John
30 Jan 2018
As a gift in 2012, the Chinese government built the African Union's $200 million Addis Ababa headquarters, where African ministers and heads of state meet twice a year to discuss major continental issues. In 2017, Le Monde Afrique discovered that the building's computer systems incorporated an
07 Feb 2018
In February 2018, police in China began using connected sunglasses equipped with facial recognition to scan crowds looking for suspected criminals. In a test at a busy train station in the city of Zhengzhou, police were able to identify and apprehend seven suspects accused of crimes ranging from hit
02 Jan 2018
In February 2018 the Canadian government announced a three-month pilot partnership with the artificial intelligence company Advanced Symbolics to monitor social media posts with a view to predicting rises in regional suicide risk. Advanced Symbolics will look for trends by analysing posts from 160
02 Jun 2010
In 2010, Apple's then-CEO Steve Jobs revealed that the reason his company changed the rules in the written agreement it requires iPhone app developers to sign was due to a report published by the vice-president of the app analytics company Flurry, Peter Farago. In one of its monthly reports on app
29 Jan 2018
In November 2017, San Francisco-based Strava, maker of a GPS-enabled fitness app, published a heat map showing the activity of all its 27 million users around the world. Upon outside examination, the data visualisation, which was built from 1 billion activities and 3 trillion data points covering 27
In 2014, the UK suicide prevention group The Samaritans launched Radar, a Twitter-based service intended to leverage the social graph to identify people showing signs of suicidal intent on social media and alert their friends to reach out to offer them help. The app was quickly taken offline after
11 Jan 2018
As of early 2018, Facebook's friends recommendations (People You May Know) are based on the address books users give them. However, Facebook has been filing patent applications for a new generation of technologies for collecting more information about its users and matching them more accurately. One
02 Jan 2018
EU antitrust regulators are studying how companies gather and use big data with a view to understanding how access to data may close off the market to smaller, newer competitors. Among the companies being scrutinised are the obvious technology companies, such as Google and Facebook, and less obvious
19 Dec 2014
In 2014, researchers at Princeton University outlined an attack that uses multiple third-party cookies to link traffic so that individual users can be identified and tracked from anywhere in the world. A nation-state wishing to surveil particular users outside its jurisdiction, for example, may have
02 Jan 2018
In a letter accompanying his annual report to the Prime Minister for 2017, the British Interception of Communications Commissioner, Stanley Burnton, has expressed concern about the increasingly unacceptable number of errors police are making in resolving Internet Protocol addresses. Because of the
The Chinese company Tencent has issued a statement denying that it stores or analyses communications sent over WeChat, the country's most popular messaging platform after Geely Automobile chairman Li Shufu claimed there was no data privacy in China at a business forum. Shufu also claimed that
28 Dec 2017
In 2016, the US Federal Trade Coimmission issued a warning to app developers that had installed Silverpush, software that uses device microphones to listen for audio signals inaudible to the human ear that identify the television programmes they are watching. Nonetheless, similar technology
30 Nov 2017
A report for the US National Academy of Sciences explains the methods used by a team of computer scientists to derive accurate, neighbourhood-level estimates of the racial, economic, and political characteristics of 200 US cities using the images collected by Google Street View in 2013 and 2014. The
Mothers of black, male teenagers in Chicago, fear their children will be added to the Chicago Police Department's gang database. As of the end of 2017, the database contains the names of 130,000 people, 90% of them black or Latino, who are suspected of being gang members. Most have never been
11 Jan 2018
In 2017, a study claimed to have shown that artificial intelligence can infer sexual orientation from facial images, reviving the kinds of claims made in the 19th century about inferring character from outer appearance. Despite widespread complaints and criticisms, the study, by Michal Kosinski and
20 Dec 2017
Research from ProPublica in December 2017 found that dozens of companies, including Verizon, Amazon, and Target are using Facebook to target job ads to exclude older workers. Excluding older workers is illegal under US law, but Facebook's system allows advertisers to specify precisely who should see
17 Dec 2017
"To the 53 people who’ve watched A Christmas Prince every day for the past 18 days: Who hurt you?" Netflix tweeted in December 2017. While the tweet did not contain any information that could have identified any of the 53 people, it still made many of those who saw it uncomfortable. A Christmas
Sidewalk Labs, a subsidiary of Alphabet (Google's owner), has signed a deal with the Canadian city of Toronto to redevelop the brownfield Quayside waterfront district and turn it into a technology hub. The deal raises three sets of issues. First (The Guardian) is the essential privatisation of
Researchers at Princeton University have shown that a vulnerability identified 11 years ago in the password managers built into web browsers can be exploited to allow third parties to track users across more than a thousand websites. The attack depends on the managers' autofill capability, and works
22 Jul 2017
Scientists at MIT have created an algorithm called "EQ Radio" that detects and measures individual heartbeats and therefore individuals' emotions by bouncing radio frequency signals - such as ordinary wifi- off of people. The algorithm works the same as an electrocardiogram but needs no leads to be
07 Aug 2017
A federal class-action lawsuit filed in California in July 2017 alleges that in violation of the Children's Online Privacy Protection Act (COPPA) and without parental permission, the Walt Disney Company secretly collects personal information about some of its youngest customers and shares it
24 Aug 2017
Every Tesla vehicle is a mobile data collector incorporating built-in sensors that constantly record information about the car's environment and the way the driver navigates through it. The result is to inspire established automakers such as General Motors, Volkswagen, and Nissan-Renault to follow
23 Oct 2017
After investigation, the UK's privacy regulatory, the Information Commissioner's Office has found that two small sections of the written scripts used by Blue Telecoms, a marketing firm that made calls on behalf of the Conservative Party during the 2017 general election, crossed the line from
04 Dec 2017
The French data protection regulator, the Commission Nationale de l'Informatique et des Libertés (CNIL), has issued a formal notice to Genesis Industries Limited, the maker of the connected toys My Friend Cayla and I-QUE. Genesis has two months to bring the toys into compliance with data protection
20 Apr 2017
Using anonymised data GPS data from mobile devices, primarily smart phones, SafeGraph concluded that the crowds attending the US presidential inauguration in January 2016 make significantly less money than attendees of the Women's March two months later. The income level estimates were made possible
28 Nov 2017
Facebook and Twitter have advised Damian Collins, the chair of the UK Parliament's digital, culture, media, and sport committee, that the companies will hand over some information relating to the rearch of Russia-backed posts during the EU referendum. Facebook has already given the US Senate similar
28 Nov 2017
In 2017, Grindr, which at the time was available in 192 countries, began implementing new privacyimplementing new privacy protection measures in order to help protect its users in anti-gay countries such as those in the Middle East and Africa. Among them: users will be able to to change the Grindr
24 Nov 2017
Recognising that many parents will be considering purchasing connected toys and other devices for their children, for Christmas 2017 the UK's Information Commissioner's Office issued a list of 12 guidelines for assessing products before purchasing. These include: research the product's security
25 Nov 2017
A recent study from the Yale Privacy lab and Exodus Privacy founds dozens of invasive trackers hidden in common Android apps. However, the method the researchers used, which involved writing code to expose the internal workings of the devices they tested, is legally barred under the US Digital
18 Oct 2017
Our usual image of online advertising is that we are one of millions whose data is being examined by a large, remote organisation - a government or major company. Research from the University of Washington has found that anyone equipped with time, determination, and a relatively small budget of $1
12 Oct 2017
Some of the Google Home Mini units distributed before release to the tech press and at "Made By Google" events had a defective touch panel. The devices were meant to turn on recording only when the owner woke it up with "OK, Google" or applied a long press to the centre of the touch panels. Instead
24 Apr 2017
Widespread controversy resulted when users discovered in April 2017 that the little-known data company Slice Intelligence was passing anonymised data derived from scanning users' email inboxes to the ride-hailing company Uber. The story illustrates both the power of anonymous data and the complex
Websites have long used third-party analytics scripts to collect information about how visitors use their sites. In November 2017, researchers at Princeton found that an increasing number of sites use "session replay" scripts that collect every action the user performs while on the site, including
Among the friends Facebook recommended to Kashmir Hill as people she might know was Rebecca Porter, to the best of her knowledge a total stranger. Because Hill was studying how the "black box" of Facebook recommendations worked, she contacted Porter to ask what the connection might be. To her
09 Nov 2017
Logitech's announcement that it would end service and support for its Harmony Link devices in 2018 sparked online outrage after consumers realised this meant the devices would be disabled and that only those with devices still under warranty would get free replacements. Logitech has since said it
15 Jun 2017
In 2017, Amazon was granted a patent has been granted a patent, first filed in 2012, on a mechanism that allows retailers to intercept network requests such as URLs and search terms on in-store wifi and either block shoppers from conducting online price comparisons or offer them discount coupons or
21 Aug 2017
Sonos, which makes connected home sound systems, has told its customers that they will not be able to opt out of a new privacy policy launched in August 2017 that allows the company to begin collecting audio settings, errors, and other account data. Customers can opt out of sending some types of
10 Nov 2017
Owners of the Hong Kong-based sex toy company Lovense's vibrators who installed the company's remote control app were surprised to discover that the app was recording user sessions without their knowledge. They had authorised the app to use the phone's built-in microphone and camera, but only for
11 Sep 2017
On September 11, 2017, while Florida residents were evacuating during the approach of Hurricane Irma, Tesla rolled out a real-time software update that increased the battery capacity of some of its Model S sedans and Model X SUVs. The update extended the vehicles' range, enabling drivers to travel
14 Nov 2017
The UK consumer watchdog Which? has called on retailers to stop selling popular connected toys it says have proven security issues. These include Hasbro's Furby Connect, Vivid Imagination's I-Que robot, and Spiral Toys' Cloudpets and Toy-fi Teddy. In its report, Which? found that these toys do not
04 Sep 2017
The UK Information Commissioner's Office has published policy guidelines for big data, artificial intelligence, machine learning and their interaction with data protection law. Applying data protection principles becomes more complex when using these techniques. The volume of data, the ways it's
17 Oct 2017
A mistake in Facebook's machine translation service led to the arrest and questioning of a Palestinian man by Israeli police. The man, a construction worker on the West Bank, posted a picture of himself leaning against a bulldozer like those that have been used in hit-and-run terrorist attacks, with
14 Nov 2017
A 2017 Freedom House survey of 65 countries found that 30 of them were using armies of "opinion-shapers" to manipulate elections, advance anti-democratic agendas, and repress their citizens. Although most of these countries direct these efforts to manipulate opinion domestically, the report finds
A paper by Michael Veale (UCL) and Reuben Binns (Oxford), "Fairer Machine Learning in the Real World: Mitigating Discrimination Without Collecting Sensitive Data", proposes three potential approaches to deal with hidden bias and unfairness in algorithmic machine learning systems. Often, the cause is
An investigation by the Irish Data Protection Commissioner has led Eir, a telecommunications company, to replace almost 20,000 modems supplied to customers with basic broadband packages without access to fibre services. The action follows an incident in 2016 in which nearly 2,000 customer routers
In the remote western city Xinjiang, the Chinese government is using new technology and humans to monitor every aspect of citizens' lives. China, which has gradually increased restrictions in the region over the last ten years in response to unrest and violent attacks, blames the need for these
30 Oct 2017
Cracked Labs examines the impact on individuals, groups, and wider society of the corporate use of personal information as it feeds into automated decision-making, personalisation, and data-driven manipulation. On the web, companies track us via hidden software that collects information about the
The Dutch data protection authority has found that Microsoft's Windows 10 operating system breaches Dutch law by processing personal data of the system's users without informing them clearly about what type of data the company uses and for what purpose. In addition, users cannot give valid consent
Privacy and child advocacy groups in the US, Denmark, Belgium, the Netherlands, Sweden, Germany, and the UK are filing complaints with regulators after a study by the Norwegian Consumer Council found critical security flaws and missing privacy protection in children's smartwatches. The watches
A report from the University of Washington studies parents' and children's interactions with general-purpose connected devices and connected toys. There are numerous privacy issues: toy companies may collect masses of children's intimate data; the toys may enable parents to spy on their children
04 Oct 2017
In 2017, after protests from children's health and privacy advocates, Mattel cancelled its planned child-focused "Aristotle" smart hub. Aristotle was designed to adapt to and learn about the child as they grew while controlling devices from night lights to homework aids. However, Aristotle was only
30 Aug 2016
In 2016, researchers at the University of Birmingham and the German engineering firm Kasper & Oswald discovered two vulnerabilities in the keyless entry systems affecting practically every car Volkswagen Group had sold since 1995, estimated at 100 million vehicles. Two separate attacks use cheap
04 Sep 2016
A pregnancy-tracking app collected basic information such as name, address, age, and date of last period from its users. A woman who miscarried found that although she had entered the miscarriage into the app to terminate its tracking, the information was not passed along to the marketers to which
In the wake of Tesla’s first recorded autopilot crash, automakers are reassessing the risk involved with rushing semi-autonomous driving technology into the hands of distractible drivers. But another aspect of autopilot—its ability to hoover up huge amounts of mapping and “fleet learning” data—is
02 Aug 2016
At the 2016 Usenix Workshop on Offensive Technologies, researchers from the University of Michigan presented the results of tests that showed that industrial vehicles - a 2006 semi-trailer and a 2001 school bus - were subject to the same security flaws as had already been found in domestic cars. Via
In 2013, in collaboration with the Illinois Institute of Technology, the Chicago Police Department set up the Strategic Subjects List, an effort to identify the most likely victims and perpetrators of gun violence. In 2016, a report published by the RAND Corporation found that the project, which had
The light surrounding you this very second may be used to expose how much money you make, where you live, when you're home, and much more. That's the big takeaway from A 2016 analysis of ambient light sensors by London-based security and privacy consultant and University College London researcher
03 Sep 2016
In May 2014 the Polish Ministry of Labor and Social Policy (MLSP) introduced a scoring system to distribute unemployment assistance. Citizens are divided into three categories by their “readiness” to work, the place they live, disabilities and other data. Assignment to a given category determines
18 Oct 2016
A 2016 report, "The Perpetual Lineup", from the Center for Privacy and Technology at Georgetown University's law school based on records from dozens of US police departments found that African-Americans are more likely to have their images captured, analysed, and reviewed during computerised
12 Jan 2016
In 2016 reports surfaced that bricks-and-mortar retailers were beginning to adopt physical-world analogues to the tracking techniques long used by their online counterparts. In a report, Computer Sciences Corporation claimed that about 30% of retailers were tracking customers in-store via facial
08 Sep 2016
The "couples vibrator" We-Vibe 4 Plus is controlled via a smartphone app connected to the device via Bluetooth. In 2016, researchers revealed at Defcon that the devices uses its internet connectivity to send information back to its manufacturer including the device's temperature, measured every
12 Feb 2016
Caucuses, which are used in some US states as a method of voting in presidential primaries, rely on voters indicating their support for a particulate candidate by travelling to the caucus location. In a 2016 Marketplace radio interview, Tom Phillips, the CEO of Dstillery, a big data intelligence
11 Dec 2015
In what proved to be the first of several years of scandals over the use of personal data in illegal, anti-democratic campaigning, in 2015 the Guardian discovered that Ted Cruz's campaign for the US presidency paid at least $750,000 that year to use tens of millions of profiles of Facebook users
06 Jun 2016
In 2016, security expert Ken Munro discovered security bugs in the onboard wifi in Mitsubishi's Outlander hybrid car that could be exploited to turn off the car's alarm. Some aspects of the Outlander can be controlled by a smartphone app that talks to the car via the onboard wifi. Security flaws in
18 Aug 2016
In a presentation given at the Knowledge Discovery and Data Mining conference in 2016, researchers discussed a method of using the data generated by smart card public transport tickets to catch pickpockets. In a study of 6 million passenger movements in Beijing, the researchers used a classifier to
20 May 2015
In 2015, a newly launched image recognition function built into Yahoo's Flickr image hosting site automatically tagged images of black people with tags such as "ape" and "animal", and also tagged images of concentration camps with "sport" or "jungle gym". The company responded to user complaints by
20 May 2015
Over the course of a few seconds in April 2013, a false tweet from a hacked account owned by the Associated Press is thought to have caused the Dow-Jones Industrial Average to drop 143.5 points and the Standard & Poor's 500 Index to lose more than $136 in value. The tweet was retweeted 4,000 times
In the early 2000s, "Agbogbloshie", a section of Old Fadama, a large slum on the outskirts of Accra, Ghana, became a dumping ground for unwanted electronic waste, recast as "donations", from the developed world, which found it cheaper to ship in bulk than to recycle: old computers, cameras, TV sets
29 May 2015
By 2015, the cost, invasiveness, and effort involved in conducting medical tests led to proposals for lightweight wearable sensors that could perform the same job. Several such efforts focus on making these sensors fashionably acceptable by making them out of skinlike substances with electronics
08 Nov 2016
In 2016, researchers at MIT developed a wristband device to automate tracking screen time based on an off-the-shelf colour sensor used to calibrate colour and brightness in TVs and other screens and a learning algorithm that could detect when a screen was nearby. The device was intended for use in a
22 May 2015
In 2015, the Carrefour supermarket in Lille installed a system of LED lights designed by Philips that send special offers and location data to customers' smartphones. Using the system, customers who install an app can use their smartphone camera to detect all the promotions around them or search for
04 Feb 2013
In 2013, Harvard professor Latanya Sweeney found that racial discrimination pervades online advertising delivery. In a study, she found that searches on black-identifying names such as Revon, Lakisha, and Darnell are 25% more likely to be served with an ad from Instant Checkmate offering a
30 Oct 2015
In 2015, plans to install smart electricity meters in 95% of Austrian homes by 2019 were in doubt because of legal uncertainty about data protection, with customers trying to prevent their deployment, according to Die Presse newspaper. The idea is that smart meters will allow customers to log on and
19 Mar 2013
The Satellite Sentinel Project, a constellation of high-powered satellites trained to find atrocities on the ground with a half-metre resolution, was set up in 2009 to find human rights abuses in the conflict in Sudan. Conceived by former Clinton administration State department staffer John
24 Jan 2014
In 2014, DataKind sent two volunteers to work with GiveDirectly, an organisation that makes cash donations to poor households in Kenya and Uganda. In order to better identify villages with households that are in need, the volunteers developed an algorithm that classified village roofs in satellite
15 Nov 2016
In 2015, security contractors at Kryptowire discovered that some cheap Android phones came with pre-installed software that monitors where users go, whom they communicate with and the contents of the text messages they write. Written by the China-based company Shanghai Adups Technology Company, the
27 Jun 2015
A 2015 study by The Learning Curve found that although 71% of parents believe technology has improved their child's education, 79% were worried about the privacy and security of their child's data, and 75% were worried that advertisers had access to that data. At issue is the privacy and security
03 May 2016
By 2020, digital ad spending on political campaigns, which was about $22 million in 2008, is projected to reach $3.3 billion. Broadcast audiences in 2016 were about a quarter the size they were in the 1980s, and they are continuing to shrink, while half of US broadcast radio stations are expected to
17 May 2016
FindFace compares photos to profile pictures on social network Vkontakte and works out identities with 70% reliability. Some have sounded the alarm about the potentially disturbing implications. Already the app has been used by a St Petersburg photographer to snap and identify people on the city’s
Explainer
“Smart city” is a marketing term used to define the use of technology – and in particular data collection – to improve the functioning of cities. The idea behind smart cities is that the more local governments know about city inhabitants the better the services they deliver will be. However, the
08 Aug 2016
Many people fail to recognise the sensitivity of the data collected by fitness tracking devices, focusing instead on the messages and photographs collected by mobile phone apps and social media. Increasingly, however, researchers are finding that the data collected by these trackers - seemingly
24 Apr 2016
As part of its Smart Nation programme, in 2016 Singapore launched the most extensive collection of data on everyday living ever attempted in a city. The programme involved deploying myriad sensors and cameras across the city-state to comprehensively monitor people, places, and things, including all
20 Jul 2015
On July 1, 2015 Kuwait's National Assembly passed a new counter-terrorism law that included the requirement that all 1.3 million Kuwaiti citizens and 2.9 million foreign residents provide DNA samples, which will be stored in a database maintained and operated by the Interior Ministry. The law, which
25 Dec 2015
In 2015, the Royal Parks conducted a covert study of visitors to London's Hyde Park using anonymised mobile phone signals provided by the network operator EE to analyse footfall. During the study, which was conducted via government-funded Future Cities Catapult, the Royal Parks also had access to
15 Oct 2016
The Japanese electronics giant NEC introduced one of its facial recognition systems for the first time in a sports arena in Colombia. The soccer stadium in Medellin has a capacity of 45,000 people and occasionally suffers from hooligans. The operator of the arena takes photos of such hooligans when
23 Feb 2016
A 2016 study from the French Institute for Research in Computer Science and Automation found that in 95% of cases it takes as few as four of the apps users have installed on their smartphones to reidentify them within a dataset. Based on a study of 54,893 Android users over seven months, the
12 May 2016
In 2016, Danish researchers Emil Kirkegaard and Julius Daugbjerg Bjerrekær released a dataset onto the Open Science Framework that included details of almost 70,000 users of the online dating site OkCupid. The researchers created the dataset themselves by using software to scrape information from
02 Oct 2015
In 2015, researchers at Harvard University found vulnerabilities in the anonymisation procedures used for health care data in South Korea that enabled them to de-anonymise patients with a 100% success rate and to decrypt the Resident Registration Numbers included with prescription data relating to
09 Jul 2015
In 2015, Chinese hackers stole sensitive information including social security numbers and residency, employment, educational, and medical histories concerning more than 21 million people from the US Office of Personnel Management. OPM houses this information about all federal employees along with
21 Jun 2016
In 2015, the DNA testing company 23andMe revealed it had sold access to the DNA information it had collected from the 1.2 million people who had paid for genetic testing to more than 13 drug companies. One of these was Genentech, which paid $10 million to look at the genes of people with Parkinson's
20 May 2016
In 2016, Nguyen Phong Hoang, a security researcher in Kyoto, Japan demonstrated that the location of users of gay dating apps such as Grindr, Hornet, and Jack'd can be pinpointed even when they have turned on features intended to obscure it - a dangerous problem for those have not come out publicly
11 Apr 2016
In March 2016, a hacker group identifying itself as Anonymous Philippines defaced the website of the Philippine Commission on the Elections (Comelec), leaving a message that accused Comelec of not doing enough to secure the voting machines due to be used in the general election the following month
10 Mar 2016
In 2016, Spanish Jose Carlos Norte, the chief technology officer at Telefonica subsidiary EyeOS, used the scanning software Shodan to find thousands of publicly exposed telematics gateway units. TGUs are small radio-enabled devices that are attached to industrial vehicles so their owners can track
10 Jan 2016
A new generation of technology has given local law enforcement officers in some parts of the US unprecedented power to peer into the lives of citizens. In Fresno, California, the police department's $600,000 Real Time Crime Center is providing a model for other such centres that have opened in New
30 Nov 2015
A 2015 study carried out in Rwanda and published in the journal Science used mobile phone records to study the distribution of wealth and poverty in an attempt to fill in the gap left by the difficulty of collecting accurate statistics. A rought idea of geographic location was derived from
01 Sep 2016
Automated systems such as the personality test developed by Massachusetts-based workforce management company Kronos are increasingly used by large companies to screen job applicants. To avoid falling foul of regulations prohibiting discrimination against those with mental illness, often the
31 May 2016
As speech recognition and language-processing software continue to improve, the potential exists for digital personal assistants - Apple's Siri, Amazon's Alexa, and Google Assistant - to amass deeper profiles of customers than has ever been possible before. A new level of competition arrived in 2016
01 Jun 2016
The price of using voice search is that Google records many of the conversations that take place in their presence. Users wishing to understand what Google has captured can do so by accessing the portal the company introduced in 2015. Their personal history pages on the site include both a page
30 Nov 2015
In 2015, a small number of Silicon Valley start-ups began experimenting with assessing prospective borrowers in developing countries such as Kenya by inspecting their smartphones. Doing so, they claimed, enabled them to charge less in interest than more traditional microlenders, since many of their
09 Oct 2015
In 2015, Ant Financial, a Chinese company affiliated with Alibaba, began deploying "Sesame Credit scores". Ant, which also runs the popular payment app Alipay, claims that it uses both online and offline purchasing and spending habits to calculate a credit worthiness score for each of its more than
21 Jul 2016
In the past, car insurers relied on drivers to report their annual mileage when renewing their policies. Increasingly, however, insurers are turning to other methods. In 2016, State Farm, a US insurance company, acknowledged that the company verifies the mileage driven by the cars it insures in a
24 Nov 2016
In 2016 researchers in China claimed an experimental algorithm could correctly identify criminals based on images of their faces 89% of the time. The research involved training an algorithm on 90% of a dataset of 1,856 photos of Chinese males between 18 and 55 with no facial hair or markings. Among
27 Sep 2016
In 2016 researchers at the University of Texas at Austin and Cornell University demonstrated that a neural network trained on image datasets can successfully identify faces and objects that have been blurred, pixellated, or obscured by the P3 privacy system. In some cases, the algorithm performed
22 Jun 2015
In 2015, Facebook's AI lab announced that its researchers had devised an experimental algorithm that could recognise people in photographs even when their faces are hidden or turned away. The researchers trained a sophisticated neural network on a dataset of 40,000 photographs taken from Flickr
28 Jun 2016
In 2016, Facebook gave conflicting accounts of whether the service uses location data in order to recommend prospective Friends in its "People You May Know" feature. When the company first admitted - for publication - that location data was indeed one of the signals it used, many users felt this
14 Jun 2016
In 2016, Facebook and Google began introducing ways to measure the effectiveness of online ads by linking them to offline sales and in-store visits. Facebook's measurement tools are intended to allow stores to see how many people visit in person after seeing a Facebook campaign, and the company
08 Apr 2016
In September 2016, the US Federal Trade Commission hosted a workshop to study the impact of big data analysis on poor people, whose efforts to escape poverty may be hindered by the extensive amounts of data being gathered about them. Among those who intensively surveil low-income communities are
07 Jul 2016
In 2016, supporters of Ted Cruz and Rand Paul for president were surprised to begin getting emails from the Trump campaign soon after their candidates dropped out of the race for the Republican nomination. In an investigation, CNNMoney found that nearly every failed 2016 presidential candidate sold
03 Mar 2016
In 2016, researchers affiliated with Verto Analytics and the Qatar Computing Research Institute published work in which they analysed the app usage and demographics of more than 3,700 people in order to find correlations. Based on the models they developed, they found they could predict a user's
18 May 2016
In 2016, Verbraucherzentrale NRW, a consumer protection organisation in the German state of North Rhine-Westphalia accused Samsung of harvesting data and sending it back to the company over the internet without informing users as soon as its smart televisions are connected to the internet. The
10 May 2016
In 2016, VICE News discovered that the confidential and "shadowy" World-Check database, which has wrongly linked individuals to terrorist activity, was being widely used by British police and intelligence. Also a customer is the Charity Commission, which uses it to screen charities and aid
04 Jan 2016
In 2016, the US's third-largest property and casualty insurer, Liberty Mutual, announced it would partner with Subaru to enable drivers who have bought Subaru's Starlink infotainment system to download a car app that will notify them if they are accelerating too aggressively or braking too hard. The
10 Feb 2017
In 2017 two Metropolitan police officers were jailed for five years for hacking into the force's intelligence database and leaking the identity of a protected witness to the defence lawyer in a 2011 murder trial that eventually saw the defendant, Leon De St Aubin, convicted. While the trial was in
11 Mar 2016
In 2016 Jonathan Evans, the former head of Britain's MI5 warned that private firms are analysing "open source" - that is, publicly posted - information to create profiles that are just as intrusive as anything Britain's intelligence agencies deploy and that the gap is closing between open
09 Apr 2017
In a 2017 study of patterns of postings on Chinese social media, three Harvard researchers disagreed with the widespread claim that the government's strategy is to post "50c party" posts that argue for the government's side in policy and political debates. Instead, the researchers estimated that the
02 Apr 2016
In early 2016 Libreville, the capital of Gabon, signed up for Microsoft's CityNext programme, which is intended to supply innovative "smart city" solutions in eight key areas: health, social services, infrastructure, water, electricity, justice, culture, and education. Applications in each area will
21 Mar 2016
By 2016, numerous examples had surfaced of bias in facial recognition systems that meant they failed to recognise non-white faces, labelled non-white people as "gorillas", "animals", or "apes" (Google, Flickr), told Asian users their eyes were closed when taking photographs (Nikon), or tracked white
15 Mar 2016
In 2016, when security expert Matthew Garrett stayed in a London hotel where the light switches had been replaced by Android tablets, it took him only a few hours to gain access to all of the room's electronics. The steps he followed: plug his laptop into a link in place of one of the tablets; set
30 Jan 2016
By 2016, a logical direction for data-driven personalisation efforts to go was toward the "Internet of Emotions": equipping devices with facial, vocal, and biometric sensors that use affective computing to analyse and influence the feelings of device owners. Of particular concern is the potential
02 Jun 2016
The discovery in 2016 of previous hacker break-ins such as the 2013 theft of 360 million old MySpace accounts and the 2012 hack of LinkedIn suggest that although websites come and go and "linkrot" means web pages have a short half-life, user data lives on for a deceptively long time. This is
14 May 2015
In 2015, Chinese authorities banned the 1.6 million members of the country's People's Liberation Army from using smartwatches and other wearable technology in order to prevent security breaches. Army leaders announced the decision after a soldier in the city of Nanjing was reported for trying to use
24 Nov 2015
In 2015, ABI Research discovered that the power light on the front of Alphabet's Nest Cam was deceptive: even when users had used the associated app to power down the camera and the power light went off, the device continued to monitor its surroundings, noting sound, movement, and other activities
10 Nov 2016
In 2016, researchers at Dalhousie University in Canada and the Weizman Institute of Science in Israel developed a proof-of-concept attack that allowed them to take control of LED light bulbs from a distance of up to 400 metres by exploiting a flaw in the Zigbee protocol implementation used in the
03 Apr 2016
At the 2016 Usenix conference, MIT's Computer Science and Artificial Intelligence Laboratory (CSAIL) presented a system called Chronos that could use wifi signals to detect the position of a person or object inside a room to within tens of centimetres. MIT claimed Chronos was 20 times more accurate
28 Jul 2016
In 2016, when Australia was planning to introduce a new welfare system based on data collection, experts from New Zealand, where a similar system was set up in 2012, warned that experience showed that the most vulnerable people were checking out of any relationship with the state. They warned, for
28 Oct 2016
In a presentation at London's 2016 Black Hat cybersecurity conference, researchers from UCL showed that it was possible to use ultrasound to track consumers across multiple devices. Marketers were already using beacons inaudible to the human ear to activate functions on devices via their microphones
05 Sep 2016
In September 2016, an algorithm assigned to pick the winners of a beauty contest examined selfies sent in by 600,000 entrants from India, China, the US, and all over Africa, and selected 44 finalists, almost all of whom were white. Of the six non-white finalists, all were Asian and only one had
10 Jun 2016
In June 2016, National Security Agency deputy director Richard Ledgett told a conference on military technology conference that the agency was researching whether internet-connected biomedical devices such as pacemakers could be used to collect foreign intelligence. Ledgett identified the complexity
06 Oct 2015
In 2015, the Canadian Department of National Defence issued a procurement request for a contractor who could find "vulnerabilities and security measures" in a 2015 pick-up truck whose model and make were not specified and "develop and demonstrate exploits" for the military. The contractor was to
07 Oct 2015
The news that connected TVs and set-top boxes were listening in on their owners' conversations led the state of California to pass legislation (AB1116) prohibiting companies from operating a voice recognition feature without prominently informing the user or installer during initial setup. In
08 Oct 2014
In the 2014 report "Networked Employment Discrimination", the Future of Work Project studied data-driven hiring systems, which often rely on data prospective employees have no idea may be used, such as the results of Google searches, and other stray personal data scattered online. In addition
16 Apr 2016
In 2016, 21-year-old Russian photographer Egor Tsvetkov launched the "Your Face is Big Data" project. He created the project by semi-secretly photographing passengers seated across from him on the St. Petersburg metro, then uploading the images to an online service called FindFace. FindFace's
25 Sep 2015
In a 2015 study of 79 apps listed in NHS England's Health Apps Library, which tests programs to ensure they meet standards of clinical and data safety, researchers at Imperial College London discovered that 70 of them sent personal data to associated online services and 23 sent that data without
05 Apr 2015
Because banks often decline to give loans to those whose "thin" credit histories make it hard to assess the associated risk, in 2015 some financial technology startups began looking at the possibility of instead performing such assessments by using metadata collected by mobile phones or logged from
A new generation of technology has given local law enforcement officers in some parts of the US unprecedented power to peer into the lives of citizens. The police department of Frenso California uses a cutting-edge Real Time Crime Center that relies on software like Beware. As officers respond to
15 Oct 2016
In 2016, the American Civil Liberties Union of Northern California published a report revealing that the social media monitoring service Geofeedia had suggested it could help police track protesters. The report's publication led Twitter and Facebook to restrict Geofeedia's access to their bulk data
14 Nov 2016
At the Sixth Annual Conference on Social Media Within the Defence and Military Sector, held in London in 2016, senior military and intelligence officials made it clear that governments increasingly view social media as a tool for the Armed Forces and a "new front in warfare". Social media are also
24 Nov 2015
Documents submitted as part of a 2015 US National Labor Relations Board investigation show that Walmart, long known to be hostile to unions, spied on and retaliated against a group of employees who sought higher wages, more full-time jobs, and predictable schedules. In combating the group, who
13 Oct 2015
In 2015, a data leak apparently linked to the new Uber partner app exposed the personal information of hundreds of drivers, including their Social Security numbers, scanned drivers' licences, tax forms, and other documents. The information was likely to have been available for at least a few hours
03 Mar 2016
In 2016, a group of criminologists intend on identifying the famous graffiti artist Banksy used a forensic technique known as geographical profiling. The technique is more commonly used to identify potential suspects in cases of serial rape, arson, and murder, and works by mapping crimes to see if
10 Sep 2015
In 2015, US director of national intelligence James Clapper, backed by National Security Agency director Admiral Michael Rogers, warned Congress that the next phase of escalating online data theft is likely to involve manipulating digital information. Clapper and Rogers viewed this type of attack as
23 May 2016
Computer programs that perform risk assessments of crime suspects are increasingly common in American courtrooms, and are used at every stage of the criminal justice systems to determine who may be set free or granted parole, and the size of the bond they must pay. By 2016, the results of these
21 Jun 2014
In 2014, NYC Planning Labs Chris Whong was sent and made public a complete a complete dump of historical trip and fare logs from New York City taxis in response to a Freedom of Information request. The more than 20GB of uncompressed data comprising more than 173 million individual trips included
10 Aug 2015
In May 2015, the US Department of Justice and the FBI submitted a declaration to an Oregon federal judge stating that the US government's no-fly lists and broader watchlisting system relied on predictive judgements of individuals rather than records of actual offences. The documents were filed as
27 Apr 2011
As GPS began being increasingly incorporated into smartphones, satnav manufacturers like the Dutch company TomTom were forced to search for new revenue streams. In 2011, TomTom was forced to apologise when the Dutch newspaper AD reported that the company had sold driving data collected from
07 May 2015
In 2014, India's newly elected prime minister, Narendra Modi, allocated INR70.6 billion (upwards of £750 million) to a plan called "100 Smart Cities". Although a year later the funding dropped to INR1.4 billion, smart city-themed conference continued to take place in Delhi and Mumbai, and urban
25 May 2016
In 2015, Boston advertising executive John Flynn, CEO of Copley Advertising, began developing a system that uses standard online advertising and tracking techniques, coupled with geofencing, to send advertisements to women's smartphones when they are sitting inside Planned Parenthood clinics and
In 2015, The Intercept obtained documents showing that the Mall of America in Bloomington, Minnesota used a fake Facebook account to friend and monitor local Black Lives Matter activists, and collect their personal information and photographs without their knowledge. The account was discovered in a
03 Mar 2003
In 2003, the New Hampshire Supreme Court ruled that information brokers and private investigators may be liable for the harms caused by selling information. In the case in question, Amy Boyer, a young woman, was murdered by Liam Youens, a stalker. Youens obtained her information from Docusearch
20 May 2016
Uber has closely studied how dynamic pricing functions and when it's acceptable to users. One discovery is that round numbers signal haste and sloppiness where riders appear to believe that more precise numbers (for example, 2.1 instead of 2) have been carefully worked out by an algorithm. The
19 Jun 2015
In 2015, a series of interviews with Moshe Greenshpan, the founder and CEO of the Israeli company Skakash, revealed the existence of the company's facial recognition software Churchix. The software is intended to help churches keep track of who attends services and other events by matching reference
10 Oct 2016
In 2016, rising awareness of the profits pharmaceutical and other medical companies make from personal data such as DNA samples and cell lines led to the rise of a "biorights" movement to ensure that patients retain greater control over their contributions. A federal complaint filed by the American
21 Sep 2016
In 2016, researchers at MIT's Computer Science and Artificial Intelligence Laboratory developed a new device that uses wireless signals that measure heartbeats by bouncing off a person's body. The researchers claim that this system is 87% accurate in recognising joy, pleasure, sadness, or anger
08 May 2016
Twitter requested one of its key B2B partners, Dataminr — a service that offers advanced social media analytics and early detection of major events like terrorist attacks or natural disasters — stop providing U.S. intelligence agencies with their tools and content. Dataminr isn’t ending its
23 Mar 2016
In 2016, the Big Data lab at the Chinese search engine company Baidu published a study of an algorithm it had developed that it claimed could predict crowd formation and suggested it could be used to warn authorities and individuals of public safety threats stemming from unusually large crowds. The
21 Apr 2016
According to the US security firm Statfor the Chinese government has been builsing a system to analyse the massive amounts of data it has been collecting over the past years. The company claims: "The new grid management system aims to help the Chinese government act early to contain social unrest
15 Apr 2016
Between 2010 and 2016, access control spyware implementing a remote "kill switch" was installed increasingly often in rent-to-buy laptops and cars financed by subprime loans. In a 2012 case the Federal Trade Commission settled with seven computer rental companies over their use of DesignerWare's
03 May 2016
In 2012, London Royal Free, Barnet, and Chase Farm hospitals agreed to provide Google's DeepMind subsidiary with access to an estimated 1.6 million NHS patient records, including full names and medical histories. The company claimed the information, which would remain encrypted so that employees
05 Apr 2016
In April 2016, Google's Nest subsidiary announced it would drop support for Revolv, a rival smart home start-up the company bought in 2014. After that, the company said, the thermostats would cease functioning entirely because they relied on connecting to a central server and had no local-only mode
09 Jun 2016
A new breed of market research companies are pioneering geoanalytics to find complex financial information. That is, they use machine learning algorithms to search for patterns in high-resolution satellite imagery that's refreshed daily and available at the scale of 1 meter per pixel. Much of the
A new examination of documents detailing the US National Security Agency's SKYNET programme shows that SKYNET carries out mass surveillance of Pakistan's mobile phone network and then uses a machine learning algorithm to score each of its 55 million users to rate their likelihood of being a
08 Mar 2016
In 2016 the Dutch Data Protection Authority (AP) ruled that the Personal Data Protection Act prohibits companies from monitoring their employees' health via wearables, even when employees have given their permission. The ruling concluded the AP's investigation into two companies; in one of them
Explainer
Phone networks are divided between two networks: the physical and the mobile. The physical runs on the Public Switched Telephone Network (PSTN) that serves your home phone. Mobile networks are dominant in the age of communication and are used to relay mobile communications to the PSTN. The most
Explainer
Video surveillance technologies are deployed in public and private areas for monitoring purposes. Closed-circuit television (CCTV)– a connected network of stationary and mobile video cameras– is increasingly used in public areas, private businesses and public institutions such as schools and
Explainer
What is the Global Surveillance Industry? Today, a global industry consisting of hundreds of companies develops and sells surveillance technology to government agencies around the world. Together, these companies sell a wide range of systems used to identify, track, and monitor individuals and their
Video

A video explainer on how companies and governments are extracting and exploiting our data.

Video

We explore in a short video how privacy is defined and needed today.

Video

Once rare, now governments have expansive capabilities to monitor communications.

Video

An explanatory video on a key legal protection for privacy, and yet poorly understood.

Video