Advanced Search
Content Type: Frequently Asked Questions
Tuesday, October 27, 2020
On 27 October 2020, the UK Information Commissioner's Office (ICO) issued a report into three credit reference agencies (CRAs) - Experian, Equifax and TransUnion - which also operate as data brokers for direct marketing purposes.
After our initial reaction, below we answer some of the main questions regarding this report.
Content Type: News & Analysis
Tuesday, October 27, 2020
Privacy International (PI) welcomes today's report from the UK Information Commissioner's Office (ICO) into three credit reference agencies (CRAs) which also operate as data brokers for direct marketing purposes. As a result, the ICO has ordered the credit reference agency Experian to make fundamental changes to how it handles people's personal data within its offline direct marketing services.
It is a long overdue enforcement action against Experian.
Read our Q&A on the report here.…
Content Type: Long Read
Q&A: EU's top court rules that UK, French and Belgian mass surveillance regimes must respect privacy
Tuesday, October 6, 2020
Content Type: Press release
Monday, July 27, 2020
MI6 has been forced to apologise to the Investigatory Powers Tribunal after two of its officers asked court staff to return documents relating to MI6’s use of agents and not show them to judges. The Tribunal suggested MI6’s actions were “inappropriate interference”.
The revelation emerged in an ongoing legal case considering what crimes intelligence informants are allowed to commit, after it was revealed that MI5 maintains a secret policy under which agents can be “authorised” to commit…
Content Type: News & Analysis
Wednesday, June 24, 2020
Name: Google/Fitbit mergerAge: GestatingAppearance: A bit dodgy. One of the world’s biggest tech giants, trying to purchase a company that makes fitness tracking devices, and therefore has huge amounts of our health data.I don’t get it. Basically Google is trying to buy Fitbit. As if Google doesn’t already have enough data about us, it now wants huge amounts of health data too.Oh, Fitbit, that’s that weird little watch-type-thing that people get for Christmas, wear for about a month while they…
Content Type: News & Analysis
Friday, June 19, 2020
IMSI catchers (or stingrays as they are known in the US) are one of the surveillance technologies that has come to the forefront again in the protests against police brutality and systemic racism that have been sparked by the murder of George Floyd on 25 May 2020.
An International Mobile Subscriber Identity catcher – in short an “IMSI catcher” – is an intrusive piece of technology that can be used to locate and track all mobile phones that are switched on in a certain area. It does so by…
Content Type: Press release
Thursday, June 18, 2020
Today, the ICO has issued a long-awaited and critical report on Police practices regarding extraction of data from people's phones, including phones belonging to the victims of crime.
The report highlights numerous risks and failures by the police in terms of data protection and privacy rights. The report comes as a result of PI’s complaint, dating back to 2018, where we outlined our concerns about this intrusive practice, which involves extraction of data from devices of victims, witnesses…
Content Type: Report
Tuesday, June 16, 2020
Back in October 2019, PI started investigating advertisers who uploaded personal data to Facebook for targeted advertising purposes. We decided to take a look at "Advertisers Who Uploaded a Contact List With Your Information", a set of information that Facebook provides to users about advertisers who upload files containing their personal data (including unique identifier such as phone numbers, emails etc...). Looking at the limited and often inaccurate information provided by…
Content Type: News & Analysis
Tuesday, June 9, 2020
Traduction réalisée par Nadine Blum.
Le 29 mai, le Congrès nigérien a voté une loi permettant au gouvernement d’intercepter largement certaines communications électroniques. La loi rend légale l’interception de communications, autorisée par le gouvernement, sans protections appropriées ni mécanismes de contrôle.
La loi a été adoptée avec 104 votes pour – le Parlement nigérien compte 171 membres – et sans la participation de l’opposition qui a boycotté la loi. L’opposition a affirmé que la loi…
Content Type: News & Analysis
Tuesday, June 2, 2020
On 29 May, Niger’s Congress voted on a law allowing for broad interception powers of certain electronic communications by the government. The bill makes it lawful for the government to approve the interception of communications without appropriate safeguards or oversight mechanisms.
The law passed with 104 votes – the Nigerien parliament has 171 members – without the participation of the opposition that boycotted the law. The opposition claimed that
the law will allow those, for whose…
Content Type: News & Analysis
Friday, March 13, 2020
Almost a year and a half ago we complained about seven companies to three data protection authorities in Europe. These companies, ranging from AdTech to data brokers and credit rating agencies, thrive on the collection, exploitation and processing of personal data. They profile and categorise people - without our knowledge and infringing multiple legal requirements.
Now, the French Data Protection Authority CNIL has informed us that they are following the same route and launching an…
Content Type: Long Read
Tuesday, January 28, 2020
It was a quiet evening in Agadez, a bustling Saharan city in the centre of Niger. Thirty-five year old Agali Ahmed was sipping tea at a friend’s place, as he often did, when he received a message: police were at his uncle’s house. When he got there, Ahmed saw men in plainclothes, standing around the building’s gate. Inside, more men were searching the apartment. Three white men, who Ahmed guessed were Spanish, asked for his phone and started taking pictures of him. They told him to follow them…
Content Type: News & Analysis
Wednesday, January 15, 2020
Today Advocate General (AG) Campos Sánchez-Bordona of the Court of Justice of the European Union (CJEU), issued his opinions (C-623/17, C-511/18 and C-512/18 and C-520/18) on how he believes the Court should rule on vital questions relating to the conditions under which security and intelligence agencies in the UK, France and Belgium could have access to communications data retained by telecommunications providers.
The AG addressed two major questions:
(1) When states seek to impose…
Content Type: News & Analysis
Monday, September 16, 2019
Today, the High Court of South Africa in Pretoria in a historic decision declared that bulk interception by the South African National Communications Centre is unlawful and invalid.
The judgment is a powerful rejection of years of secret and unchecked surveillance by South African authorities against millions of people - irrespective of whether they reside in South Africa.
The case was brought by two applicants, the amaBhungane Centre for Investigative Journalism and journalist Stephen…
Content Type: News & Analysis
Thursday, September 12, 2019
The global counter-terrorism agenda is driven by a group of powerful governments and industry with a vested political and economic interest in pushing for security solutions that increasingly rely on surveillance technologies at the expenses of human rights.
To facilitate the adoption of these measures, a plethora of bodies, groups and networks of governments and other interested private stakeholders develop norms, standards and ‘good practices’ which often end up becoming hard national laws…
Content Type: News & Analysis
Monday, August 19, 2019
The Watson/Tele2 decision of the CJEU concerned section 1 and 2 of DRIPA and the Data Retention Regulations 2014. This contained the legislative scheme concerning the power of the Secretary of State to require communications service providers to retain communications data. Part 3 of the Counter-Terrorism and Security Act 2015 amended DRIPA so that an additional category of data - that necessary to resolve Internet Protocol addresses - could be included in a requirement to retain data.
The…
Content Type: Long Read
Thursday, August 15, 2019
Six years after NSA contractor Edward Snowden leaked documents providing details about how states' mass surveillance programmes function, two states – the UK and South Africa – publicly admit using bulk interception capabilities.
Both governments have been conducting bulk interception of internet traffic by tapping undersea fibre optic cables landing in the UK and South Africa respectively in secret for years.
Both admissions came during and as a result of legal proceedings brought by Privacy…
Content Type: News & Analysis
Wednesday, July 10, 2019
Today, Privacy International, along with nine other NGOs including Liberty and Amnesty International, attended a hearing before the Grand Chamber of the European Court of Human Rights (ECtHR) to revisit the Court's first ruling on our case challenging UK mass surveillance and intelligence sharing. In September 2018, the First Section of the ECtHR ruled that the UK government's mass interception program violates the rights to privacy and freedom of expression. Notwithstanding the positve aspects…
Content Type: Long Read
Wednesday, May 15, 2019
Details of case:
R (on the application of Privacy International) (Appellant) v Investigatory Powers Tribunal and others (Respondents)
[2019] UKSC 22
15 May 2019
The judgment
What two questions was the Supreme Court asked to answer?
Whether section 67(8) of RIPA 2000 “ousts” the supervisory jurisdiction of the High Court to quash a judgment of the Investigatory Powers Tribunal for error of law?
Whether, and, if so, in accordance with what principles, Parliament may by statute “oust”…
Content Type: Press release
Thursday, May 2, 2019
The Irish Data Protection Commission has today launched an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry. PI's 2018 investigation and subsequent submission to the Irish DPC showed how the company is systematically collecting and exploiting people's data in ways people are unaware of. PI also investigated and complained about Acxiom, Criteo, Experian, Equifax, Oracle, and Tapad.
PI welcomes this announcement and its focus on…
Content Type: Long Read
Thursday, April 18, 2019
Last week, an investigation by Bloomberg revealed that thousands of Amazon employees around the world are listening in on Amazon Echo users.
As we have been explaining across media, we believe that by using default settings and vague privacy policies which allow Amazon employees to listen in on the recordings of users’ interactions with their devices, Amazon risks deliberately deceiving its customers.
Amazon has so far been dismissive, arguing that people had the options to opt out from the…
Content Type: Press release
Monday, January 14, 2019
FOR IMMEDIATE RELEASE
December 21, 2018
CONTACTS:
Alex Betschen, Civil Liberties & Transparency Clinic, alexbets@buffalo.edu, 716–531–6649
Colton Kells, Civil Liberties & Transparency Clinic, coltonke@buffalo.edu, 585–766–5119
Abdullah Hasan, ACLU, ahasan@aclu.org, 646–905–8879
NEW YORK — Privacy International, the American Civil Liberties Union, and the Civil Liberties & Transparency Clinic of the University at Buffalo School of Law filed a lawsuit today demanding federal law…
Content Type: Long Read
Friday, September 14, 2018
Yesterday, the European Court of Human Rights issued its judgement in Big Brother Watch & Others V. the UK. Below, we answer some of the main questions relating to the case.
What's the ruling all about?
In a nutshell, one of the world's most important courts, the European Court of Human Rights, yesterday found that certain UK laws about how intelligence agencies can spy on our internet communications breach our human rights. These surveillance laws have meant that the UK intelligence…
Content Type: News & Analysis
Tuesday, August 7, 2018
Our intervention comes on the back of mounting evidence that the South African state’s surveillance powers have been abused, and so-called “checks & balances” in RICA have failed to protect citizens’ constitutional right to privacy.
Among our core arguments are:
That people have a right to be notified when their communications have been intercepted so that they can take action when they believe their privacy has been unlawfully breached. Currently RICA prevents such notification, unlike…
Content Type: News & Analysis
Tuesday, August 7, 2018
Photo was found here
This essay was published in The Sur International Journal of Human Rights, Issue 27, July 2018.
Abstract:
This essay focuses on elections in Kenya and analyses the use of technology and the exploitation of personal data in both the electoral process and campaigning. We only need to look to Kenya’s election history to understand why it is important. The 2007/2008 election resulted in violence that killed over 1,000 people and displaced over 600,000. The 2013 election was…
Content Type: Press release
Friday, February 9, 2018
Below is a joint statement from Privacy International and Bytes for All.
This Friday, 27 September, marks the conclusion of the 24th session of the UN Human Rights Council, a session which has, for the first time, seen issues of internet surveillance in the spotlight. Privacy International and Bytes for All welcome the attention given at the Human Rights Council to this issue. However, we are concerned about developments which took place that threaten privacy rights and freedom of expression,…
Content Type: Press release
Wednesday, February 7, 2018
The Case
Privacy International v Secretary of State for Foreign and Commonwealth Affairs et al. (Bulk Personal Datasets & Bulk Communications Data challenge)
Date: 5-9 June 2017
Time: from 10:00 onwards
Location: Royal Courts of Justice, The Strand, London WC2A 2LL United Kingdom
Hearing overview
Next week’s hearing follows the Investigatory Powers Tribunal’s earlier judgment in October 2016, which ruled that three issues are to be determined:
a) the impact of EU law…
Content Type: News & Analysis
Tuesday, January 9, 2018
This post was written by Chair Emeritus of PI’s Board of Trustees, Anna Fielder.
The UK Data Protection Bill is currently making its way through the genteel debates of the House of Lords. We at Privacy International welcome its stated intent to provide a holistic regime for the protection of personal information and to set the “gold standard on data protection”. To make that promise a reality, one of the commitments in this government’s ‘statement of intent’ was to enhance people’s enforcement…
Content Type: News & Analysis
Tuesday, December 19, 2017
This post was written by PI Policy Officer Lucy Purdon.
In 1956, US Presidential hopeful Adlai Stevenson remarked that the hardest part of any political campaign is how to win without proving you are unworthy of winning. Political campaigning has always been a messy affair and now the online space is where elections are truly won and lost. Highly targeted campaign messages and adverts flood online searches and social media feeds. Click, share, repeat; this is what political engagement looks…
Content Type: News & Analysis
Friday, December 1, 2017
20 June 2016
Privacy International joins DRF and A19 in reiterating our serious concerns about the proposed Prevention of Electronic Crimes Bill which is currently being discussed in the Senate in Pakistan. While we note that the Bill adopted by the National Assembly in April 2016 includes some improvements compared to the earlier version, the Bill as currently drafted introduces a series of new provisions that pose a grave risk to freedom of expression and privacy in Pakistan.
In the context…