Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Stream: Blog

Blog
Anna Fielder's picture

On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of its proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC).

Blog
Anna Fielder's picture

On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of the proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive (the “Proposed Directive”), would set out new rules on “the protection of individuals with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data”.2 The attached paper summarises the key elements of the Proposed Directive.

Blog
Sam Smith's picture

A year ago this week, the UK government published a report entitled 'Transparent Government, Not Transparent Citizens', authored by Dr Kieron O’Hara. It made fourteen recommendations, the most important of which seem not to have been implemented. Meanwhile, the government continues to release data on citizens, and is accelerating these disclosures with some ambitious new policies.

This inaction on privacy and open data is particularly worrying given the UK’s leading role in open data and the international 'Open Government Partnership'. Where the UK leads, other countries often follow, and we are failing dangerously.

The O’Hara report recommends that the government:

Blog
Privacy International's picture

As part of the government’s ambitious Open Data programme, the Cabinet Office announced last year that data from the National Pupil Database (NPD) will be made freely available and accessible to all. The NPD, previously only available to researchers on an academic licence, contains a record for every single state school pupil in the country, covering educational attainment from reception to sixth form, as well as characteristics such as attendance, ethnic background and free school meal eligibility. According to the Cabinet Office, the data will be ‘anonymised’: names and other information that directly identifies individuals will be removed from the version of the NPD that is open to the public. But this in itself is not a safeguard of pupils’ privacy rights.

Blog
Sam Smith's picture

We welcome the Informational Commissioner's intention to produce guidance for data controllers around the production of Open Data. Rigorous guidance is sorely needed in this area, with even large Government departments getting it dangerously wrong. Some data can be released safely in some circumstances; depending on the type and there has been sufficient consideration of the nuance of the situation. Adequate anonymisation is exceptionally difficult, and reidentification is possibly using subtle clues.  Accurate advice is vital.

However, the draft ICO guidance published for consultation is fundamentally problematic. It includes some superficial detail on anonymising spatial data, while ignoring almost every other type that needs consideration. Such flaws (and there were several) will lead to misguided confidence, the release of inadequately protected data, and all of the real problems that can cause. 

Blog
Carly Nyst's picture

Privacy International has urged the Australian Parliament to ensure that rigorous legal and judicial safeguards are at the heart of future reforms to national security legislation. In a submission to the Joint Parliamentary Committee on Intelligence and Security, Privacy International gave its full support to the objections raised by the Australian Privacy Foundation in its submission to the Inquiry into Potential Reforms of National Security. The Inquiry is considering a discussion paper published by the Australian Attorney-General's Department which envisages a number of draconian reforms to Australian national security and communication policies, including increased powers to monitor and intercept communications. 

Blog
Sam Smith's picture

Privacy Internationally has submitted two documents to the UK Parliament's Joint Committee reviewing the draft Communications Data Bill. The first submission is an implementation briefing based on our work for the Big Brother Incorporated project, establishing the capabilities and defects of existing surveillance technologies. The second submission focuses on the the majority of the Joint Committee's 21 questions about the social and ethical implications of increased communications data surveillance capabilities. Our two submissions:

Blog
Sam Smith's picture

The Home Office constantly insists that trafffic data is not about the content of the pages you look at, but about the sites you visit.

This would have made some sense in 1999 when RIPA was first being debated, but technology has moved on and new open data sources are now available. This allows for vastly more invasive tracking in 2012 than was envisaged in 2000. We’ve done a little bit of work on how…

The English Wikipedia contains 4 million articles, which contain 18 million links out to other websites.

We’ve run an analysis on those articles and links, and looked at how many of the outbound hostnames uniquely identify the page that you were looking at (a hostname is the www.privacyinternational.org part of a web address). Of the 4 million articles on Wikipedia, 1.3m of them - i.e. one in three - contain a link that is enough to identify the wikipedia page you were looking at, simply because only one page on wikipedia contains a link to that domain.

Blog
Carly Nyst's picture

Last week the Rwandan government tightened its grip on citizens when the parliament's lower house adopted legislation that sanctions the widespread monitoring of email and telephone communications.1 The bill is now awaiting Senate approval. 

Blog
Sam Smith's picture

Modern communications surveillance policy is about gaining access to modern communications. The problem is that the discourse around communications policy today is almost the same as it was when it was simply a question of gaining access to telephone communications. "Police need access to social network activity just as they have access to phone calls" is the politician's line. We use Facebook as an example here, but most internet services will be similar in complexity and legality.

The reality is much more complicated, and modern communications surveillance policy hides far greater ambitions. Telcos usually have physical offices in the countries in which they operate and will comply with the law of the jurisidiction in responding to law enforcement requests. Social networking service providers tend to be based in just a few countires, despite having users all over the world, and are not therefore necessarily obliged to comply with domestic legal regimes.

Pages

Subscribe to Privacy International - blog