Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Stream: Blog

Blog
Nigel Waters's picture

2011 is supposed to be the year that the APEC pathfinder projects on Cross Border Privacy Rules (CBPR) deliver a functional system for businesses to be certified for transfer of personal information between participating APEC economies.
After the last round of APEC privacy meetings in Washington DC on 1-3 March, this prospect is looking increasingly remote. Even the basic set of documentation and processes required for the process of self-certification and assessment of businesses has yet to be fully agreed and endorsed, while discussion of the all-important governance and funding arrangements has not progressed far beyond where it had reached in mid 2010,which is not very far at all. All the hard questions about how the CBPR system will work in practice, and deliver the necessary level of confidence, have been shunted into this critical component (Project 8), with only one further round of face to face meetings left in 2011, in September in San Francisco.

Blog
Eric King's picture

Skype has consistently assured that it protects its users and their communications. Having reviewed the company's technology and policies we have grounds for concern about Skype's overall level of security, and we believe there are a number of questions to which the company must respond. Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk. It's time for Skype to own up to the reality of its security and to take a leadership position in global communications.

Skype has always proclaimed that it provides a secure method of communication. Hundreds of millions of people have chosen to use Skype, often on the basis of this assurance.

Many of Skype's users live in troubled areas of the world, where such assurances may carry life or death consequences. Privacy International has a responsibility to ensure that Skype's claims are substantiated.

Among the many outstanding concerns relating to the security of Skype's services, we have identified a few which we believe the company urgently needs to address.

Blog
Dr Gus Hosein's picture

Last week in DC I had lunch with an old colleague of ours, a CPO of company. We had a wide ranging discussion, but the most fascinating discussion was the term 'personally identifiable information', or 'PII'.  In case you were wondering, privacy advocates do spend much of their time talking shop, and sometimes quite arcane issues arise -- but we're not entirely boring people.

I never liked the term 'PII' -- it is a very North American term, and it is laden with 1980s notions of identifiability.  That is, what is the difference between personal information (PI), personally identifiable information (PII), and sensitive personal information, personal health information (PHI); and how do all of these differ with de-identified personal information, and even just plain old identifiers that may not be personal, or information that may appear to have no personal information at all?

Blog
Nigel Waters's picture

Nigel Waters has previously represented Privacy International at APEC Data Privacy Subgroup meetings, on one occasion with PI having official guest status, otherwise indirectly through membership of the Australian delegation. On this occasion, expenses were paid by USAid for participation in the technical assistance seminar, and this allowed attendance at the other meetings.

Blog
Dr Gus Hosein's picture

Not since the 1990s has the internet been so exciting. With its use by political activists and journalists around the world, we can now again entertain the discussions that the internet brings freedom. Digital data traverses routers with little regard to national boundaries and so traditional constraints not longer apply. So it is no surprise that protestors on the streets of Tehran or Cairo are using the internet to organise. We like to believe in the freedom of the internet again, after the rush of "freedom" in the 1990s was replaced with "free downloads" provided by file-sharing and "free services" provided by internet companies.

Our dreamy thoughts of freedom are roughly awoken when these political activists and journalists are hunted down by their governments, imprisoned or worse. Could this wonderful internet actually make these political movements vulnerable? Indeed, it does and it is our fault. Our technologies are intentionally designed with vulnerabilities embedded within, as we design our technologies for ease of use rather than caution and protection.

Blog
Dr Gus Hosein's picture

For the past couple of months we have been discussing with Google their transparency plans regarding governments accessing data held by Google. Last week Google released initial data on how many requests for data were coming from which governments.

We congratulate Google on this first step, and we believe that by seeking answers to some additional questions, greater clarity may yet emerge. Of course we have many more questions. We hope that this is the first step in an ongoing dialogue with Google on these matters, and we hope that other companies disclose useful information to the public.

Q: Why are you doing this?

A: We have been thinking about doing this sort of reporting for some time. We believe that transparency will give people insight into these kinds of government requests. Historically, information like this has not been broadly available. We hope this tool will be helpful in discussions about the appropriate scope and authority of government requests and that other companies will make similar disclosures.

Blog
Privacy International's picture

Last week the German Federal Constitutional Court overturned a law on the retention of telecommunications data for law enforcement purposes, stating that it posed a "grave intrusion" to personal privacy and must be revised. In their ruling the judges found that the law stands in contradiction to the basic right of private correspondence and does not protect the principle of proportionality, as it fails to balance the need to provide security with the right to privacy. All data on telephone calls, email and internet traffic as well as on the location of mobile phones that have so far been stored by telecommunication providers have to be deleted immediately.

According to the Federal Constitutional Court the communications retention law does not provide adequate protection of personal data and it does not make sufficiently clear what it would be used for. The case was originally brought to the court in 2008, by a record number of almost 35.000 people, including the current Justice Minister Sabine Leutheusser –Schnarrenberger.

Blog
Privacy International's picture

Privacy International and EPIC praised a vote today in the European Parliament today that rejected the transfer of finacial records to the United States under an interim agreement. A resolution to reject the deal passed 378-16, with 31 abstentions. Members of the parliament stated the proposed agreement lacked adequate privacy safeguards, and was a disproportionat response to US concerns about terrorism that also lacked reciprocity.

Simon Davies, Director General of Privacy International in London, said that the vote offered hope that political insitutions could respond effectively to new privacy challanges.

"It has taken several years to gather the political will to stop this massive violation of privacy in Europe. But today is a very good day, a milestone in the long history of privacy campaigning.

Mr. Davies acknowledged the leading role of European Parliament Member and rapporteur Jeanine Hennis-Plasschaert. In recommending that the proposal negotiated by the European Council be rejected, Ms. Hennis-Plasschaert stated, "Council has not been tough enough on data protection."

Blog
Dr Gus Hosein's picture

The Active Millimeter Wave body scanners that airport security officials plan to use in greater numbers after a failed attempt to explode a bomb in a plane over Detroit raise troubling questions about passenger privacy, and ultimately the technology’s utility as a security measure.

While Privacy International supports the adoption of measures that will genuinely protect the security of passengers, we are deeply concerned that airport and security authorities increasingly deploy fashionable and unproven technology or intrusive measures on the basis of one-off security breaches. Allowing our security to be determined by knee-jerk responses is dangerous and counter-productive.

The jury is still out on whether this technology has any overall security value. A four-year trial at London’s Heathrow Airport that ended last year resulted in a decision to discontinue using the scanners.

Blog
Privacy International's picture

Following an extensive campaign by Privacy International and our network of groups in the United Kingdom, the UK Government has decided to abandon its current plans for data sharing legislation.

The government has announced that it will immediately abandon clause 152 of the Coroners and Justice Bill, following on from an open letter that Privacy International sent to the Justice Secretary earlier this week.

As the Sunday Telegraph observed, the eloquence of the letter together with the remarkable diversity of signatories was central to the government’s U-turn.

A number of organisations, including Privacy International, held discussions with senior advisers to Jack Straw in the latter half of last week, culminating in the government’s decision.

Of course the reversal is likely to be temporary as the Government considers how to consult and reintroduce its plans in future legislation.

Pages

Subscribe to Privacy International - blog