Advanced Search
Content Type: Press release
Friday, January 8, 2021
Today, the UK High Court has quashed a decision by the Investigatory Powers Tribunal (IPT), and ruled that section 5 of the Intelligence Services Act (ISA) 1994 does not permit the issuing of general warrants to authorise property interference and certain forms of computer hacking.
The Court referred to cases dating back to the 18th century, which demonstrate the common law’s insistence that the Government cannot search private premises without lawful authority even in the context of national…
Content Type: News & Analysis
Tuesday, August 7, 2018
Our intervention comes on the back of mounting evidence that the South African state’s surveillance powers have been abused, and so-called “checks & balances” in RICA have failed to protect citizens’ constitutional right to privacy.
Among our core arguments are:
That people have a right to be notified when their communications have been intercepted so that they can take action when they believe their privacy has been unlawfully breached. Currently RICA prevents such notification, unlike…
Content Type: Long Read
Friday, September 14, 2018
Yesterday, the European Court of Human Rights issued its judgement in Big Brother Watch & Others V. the UK. Below, we answer some of the main questions relating to the case.
What's the ruling all about?
In a nutshell, one of the world's most important courts, the European Court of Human Rights, yesterday found that certain UK laws about how intelligence agencies can spy on our internet communications breach our human rights. These surveillance laws have meant that the UK intelligence…
Content Type: Long Read
Q&A: EU's top court rules that UK, French and Belgian mass surveillance regimes must respect privacy
Tuesday, October 6, 2020
Content Type: Press release
Tuesday, October 6, 2020
By treating everyone as a suspect, the bulk data collection or retention regimes engage European fundamental rights to privacy, data protection, freedom of expression, as guaranteed respectively by Articles 7, 8, and 11 of the EU Charter of Fundamental Rights.
Caroline Wilson Palow, Legal Director of Privacy International, said:
"Today’s judgment reinforces the rule of law in the EU. In these turbulent times, it serves as a reminder that no government should be above the law. Democratic…
Content Type: Press release
Thursday, September 24, 2020
A joint press release from Privacy International, Reprieve, CAJ, and the Pat Finucane Centre.
Agents of MI5 and other Government bodies could be legally authorised to commit crimes under new legislation introduced today. There appear to be no express limits in the legislation on the types of crime which could be authorised.
The Covert Human Intelligence Sources (Criminal Conduct) Bill appears not to explicitly prohibit the authorisation of murder, torture, or sexual violence. Reprieve,…
Content Type: News & Analysis
Monday, February 24, 2020
In mid-2019, MI5 admitted, during a case brought by Liberty, that personal data was being held in “ungoverned spaces”. Much about these ‘ungoverned spaces’, and how they would effectively be “governed” in the future, remained unclear. At the moment, they are understood to be a ‘technical environment’ where personal data of unknown numbers of individuals was being ‘handled’. The use of ‘technical environment’ suggests something more than simply a compilation of a few datasets or databases.
The…
Content Type: Press release
Friday, October 21, 2016
Key points
Bulk Communications Data (BCD) collection, commenced in March 1998, unlawful until November 2015
Bulk Personal Datasets regime (BPD), commenced c.2006, unlawful until March 2015
Everyone’s communications data collected unlawfully, in secret and without adequate safeguards until November 2015
We maintain that even post 2015, bulk surveillance powers are not lawful
As the Investigatory Powers Bill is set to become law within weeks, we argue that the authorisation and oversight…
Content Type: News & Analysis
Wednesday, July 1, 2020
In September 2019, PI published the report Your Mental Health for Sale. Our investigation looked into popular mental health websites and their data sharing practices.
Our findings suggest that, at the time of the research, most websites we looked at were using third party tracking for advertising purposes, sometimes relying on programmatic advertising technologies such as Real Time Bidding (RTB), sharing personal data with potentially thousands of actors. Some websites were also found sharing…
Content Type: Long Read
Monday, February 24, 2020
Background
Kenya’s National Integrated Identity Management Scheme (NIIMS) is a biometric database of the Kenyan population, that will eventually be used to give every person in the country a unique “Huduma Namba” for accessing services. This system has the aim of being the “single point of truth”, a biometric population register of every citizen and resident in the country, that then links to multiple databases across government and, potentially, the private sector.
NIIMS was introduced as…
Content Type: News & Analysis
Friday, March 13, 2020
Almost a year and a half ago we complained about seven companies to three data protection authorities in Europe. These companies, ranging from AdTech to data brokers and credit rating agencies, thrive on the collection, exploitation and processing of personal data. They profile and categorise people - without our knowledge and infringing multiple legal requirements.
Now, the French Data Protection Authority CNIL has informed us that they are following the same route and launching an…
Content Type: Long Read
Wednesday, May 15, 2019
Details of case:
R (on the application of Privacy International) (Appellant) v Investigatory Powers Tribunal and others (Respondents)
[2019] UKSC 22
15 May 2019
The judgment
What two questions was the Supreme Court asked to answer?
Whether section 67(8) of RIPA 2000 “ousts” the supervisory jurisdiction of the High Court to quash a judgment of the Investigatory Powers Tribunal for error of law?
Whether, and, if so, in accordance with what principles, Parliament may by statute “oust”…
Content Type: News & Analysis
Monday, September 16, 2019
Today, the High Court of South Africa in Pretoria in a historic decision declared that bulk interception by the South African National Communications Centre is unlawful and invalid.
The judgment is a powerful rejection of years of secret and unchecked surveillance by South African authorities against millions of people - irrespective of whether they reside in South Africa.
The case was brought by two applicants, the amaBhungane Centre for Investigative Journalism and journalist Stephen…
Content Type: News & Analysis
Monday, August 19, 2019
The Watson/Tele2 decision of the CJEU concerned section 1 and 2 of DRIPA and the Data Retention Regulations 2014. This contained the legislative scheme concerning the power of the Secretary of State to require communications service providers to retain communications data. Part 3 of the Counter-Terrorism and Security Act 2015 amended DRIPA so that an additional category of data - that necessary to resolve Internet Protocol addresses - could be included in a requirement to retain data.
The…
Content Type: News & Analysis
Wednesday, January 15, 2020
Today Advocate General (AG) Campos Sánchez-Bordona of the Court of Justice of the European Union (CJEU), issued his opinions (C-623/17, C-511/18 and C-512/18 and C-520/18) on how he believes the Court should rule on vital questions relating to the conditions under which security and intelligence agencies in the UK, France and Belgium could have access to communications data retained by telecommunications providers.
The AG addressed two major questions:
(1) When states seek to impose…