Search
Content type: News & Analysis
Sometimes it takes an unexpected stranger to remind you what you have, and what you are at risk of losing. Roman Zakharov, a Russian publisher who challenged Russia’s surveillance legislation, is that stranger for many Brits and Europeans. The Grand Chamber of the European Court of Human Rights judgement on Friday 4 December 2015 was remarkable, not because it tore up the rule book on the jurisprudence surrounding state surveillance in the Council of Europe, but because it followed…
Content type: News & Analysis
Today the Grand Chamber of the Court of Justice of the European Union ruled that mass surveillance is in violation of the right to privacy and that a legal system that provides no legal redress against interference with someone's privacy falls short of EU human rights standards.
The Court was seized following a complaint initiated by Mr Schrems to the Irish Data Protection Commissioner about the transfer of his Facebook data from Ireland to the US under the now defunct “…
Content type: Advocacy
This stakeholder report is a submission by Privacy International (PI). PI is a human rights organisation that works to advance and promote the right to privacy and fight surveillance around the world. PI wishes to bring concerns about the protection and promotion of the right to privacy in Estonia before the Human Rights Council for consideration in Estonia's upcoming Universal Periodic Review.
Content type: News & Analysis
The Coalition Against Unlawful Surveillance Exports (CAUSE) has today released a new policy paper calling on the EU to take the opportunity to update its Dual Use Regulation to ensure that surveillance technologies are not exported from Europe and used for human rights violations.
The proposals have been developed by the international secretariat of CAUSE, a coalition of NGOs consisting of Access, Amnesty International, Digitale Gesellschaft, Human Rights Watch, the…
Content type: Advocacy
Following today's Justice Ministers Council meeting in Luxembourg where an agreement was reached on the proposal for a General Data Protection Regulation (GDPR), Privacy International and European Digital Rights (EDRi) issued the following statement:
In January 2012, the European Commission, following extensive consultations, published a draft Regulation. The initiative had three priorities - modernisation of the legal framework for the protection of personal data,…
Content type: News & Analysis
Privacy laws around the world are under threat by ambitious governments and voracious industry. Sixty-six privacy, digital rights and consumer rights organisations from around the world have joined forces to push back against attempts to weaken European privacy legislation. The coalition today wrote to the President of the European Commission (the civil service of the European Union) to demand that high levels of privacy protections must be respected in Europe's ongoing revision of its data…
Content type: News & Analysis
After remaining in the shadows for decades, the right to privacy is finally having its day in the sun at the United Nations.
And rightfully so, given how seriously the right has been uniquely threatened in the past few years. Technology continues to rapidly evolve in the digital age, Western intelligence agencies are undertaking mass and indiscriminate surveillance of the world's communications, and countries around the world are continually adopting heavy-handed policies that imperil privacy…
Content type: News & Analysis
To read Privacy International's take on the ruling, go here.
What does the decision actually say?
The primary question that the Court was asked to consider was whether Google Search has obligations under the Data Protection Directive 1995, the EU legal framework regulating how public bodies and businesses deal with individuals’ personal data.
There were three primary issues at hand: the first was whether Google Inc., the international entity which operates Google Search, was under the…
Content type: News & Analysis
Since the European Court of Justice in May ruled in the “right to be forgotten” case, there has been a dizzying amount of debate about the decision, and its implications for privacy and free expression.
A main thread within these discussions is an old story that US Industry loves to tell and has told for some time: Europeans love privacy law, and Americans love free speech, and the twain shall never meet.
The Google Search case at the European Court of Justice has fuelled this view…
Content type: Press release
Privacy International, Reporters Without Borders, Digitale Gesellschaft, FIDH, and Human Rights Watch welcome news that the European Commission will move ahead and add specific forms of surveillance technology to the EU control list on dual use items, thus taking steps to finally hold companies to account who sell spy equipment and enable human rights abuses.
These important steps demonstrate that policymakers are beginning to wake up to the real harm that exists…
Content type: News & Analysis
The past year has been an important one for the right to privacy. Privacy was Dictionary.com’s word of the year in 2013. Human Rights Watch called it “The Right Whose Time Has Come (again).”
However, privacy has not received enough attention in the international bodies that are meant to ensure our human rights are protected: there has been no major statement on privacy by a United Nations human rights body since 1988.
One crucial step to protect privacy, and address how the…
Content type: News & Analysis
The European Union’s privacy and data protection laws are some of the strongest in the world. And the privacy-related activities of the last European Parliament (2009-2014) have been the most intense in its history. For half of its term it steered the highly-debated data protection law reforms, with a first plenary vote cast in the nick of time before it dissolved last April. And for the last year it dealt with the fallout of the mass surveillance revelations by Edward Snowden, which…
Content type: Press release
The ruling today from the European Court of Justice, invalidating the European Union’s 2006 Data Retention Directive policy, was strong and unequivocal: the right to privacy provides a fundamental barrier between the individual and powerful institutions, and laws allowing for indiscriminate, blanket retention on this scale are completely unacceptable.
As the Court states, it is not, and never was, proportionate to spy on the entire population of Europe. The types of data retained under this…
Content type: News & Analysis
What is the Wassenaar Arrangement?
The Wassenaar Arrangement on Export Controls for Conventional Arms and Dual-Use Goods and Technologies (the "Wassenaar Arrangement") is a multilateral export control regime in which 41 states participate.
The Wassenaar Arrangement was established on 12 July 1996 in Wassenaar, the Netherlands by 33 founding members to contribute to regional and international security and stability. It is the successor to COCOM, a NATO based…
Content type: News & Analysis
We, and other privacy advocates, havecriticised the poor provisions of the so-called Safe Harbour agreement, which allows free transfers of personal information from European countries to companies in the United States that have signed up and promise to abide by its Principles. Now the European Commission, prompted by the recent mass surveillance scandals, has published an investigation into this agreement which provides overwhelming evidence that it is not fit for purpose. It…
Content type: News & Analysis
In a move that echoes strong action taken in the past by European officials to protect privacy, the Belgian and Dutch data protection authorities on Wednesday announced that they will begin an investigation into the security of the SWIFT financial system.
The announcement comes on the heels of our letters to twenty-eight European DPAs last month, which sought answers regarding the NSA's reportedly unauthorized access to SWIFT's financial messaging system and asked for an…
Content type: News & Analysis
What a difference a few months, and some intelligence agency leaks, make.
In early June an important report warning of increasing State surveillance was submitted to the United Nations Human Rights Council. It was met with barely more than scant attention. Days later, Edward Snowden’s leaks hit the front page of the Guardian, and woke the world up to how intelligence agencies in the US and UK are using questionable legal justifications to spy on their own…
Content type: News & Analysis
The European Parliament Committee that deals with civil liberties and justice issues will have a first vote this week on the revised European data protection framework after months and months of deliberations and negotiations over more than 4,000 amendments. The vote is the first on the framework, which will decide the future of privacy and data protection in Europe. The recent revelations surrounding government surveillance involving some of the Internet's biggest companies have highlighted…
Content type: News & Analysis
Trade has often been a positive driver in encouraging countries to adopt data protection laws, to ensure compliance and ability to conduct business with the European Union and other privacy-respecting partners. However, when free trade agreements are negotiated in secret and influenced by powerful business interests, the result is a severe watering down of existing privacy protections.
There is a high risk of this happening in the free trade negotiations between the European Union…
Content type: Advocacy
Just over a year ago, vitally important reforms to European privacy and data protection laws were proposed. Now these reforms, which will affect the rights of half a billion Europeans, are being watered down in their passage through various European parliamentary committees as MEPs succumb to an unprecedented industry lobbying onslaught. There is now irrefutable evidence of the impact of this lobbying, thanks to a technology-powered research method comparing corporate lobby documents…
Content type: News & Analysis
Just over a year ago, vitally important reforms to European privacy and data protection laws were proposed. Now these reforms, which will affect the rights of half a billion Europeans, are being watered down in their passage through various European parliamentary committees as MEPs succumb to an unprecedented industry lobbying onslaught. There is now irrefutable evidence of the impact of this lobbying, thanks to a technology-powered research method comparing corporate lobby documents…
Content type: Press release
A European privacy group claimed today that dozens of amendments to the new Data Protection Regulation being proposed by Members of the European Parliament (MEPs) are being copied word-for-word from corporate lobby papers, with MEPs frequently failing to even remember their own amendments. Max Schrems, of the website and campaign Europe v Facebook, noticed striking similarities between proposed amendments and lobby papers written by representatives of Amazon, eBay, the American Chamber of…
Content type: News & Analysis
Today is Data Privacy Day, which commemorates the 1981 signing of the Coucil of Europe's Convention 108, the first legally binding international treaty dealing with privacy and data protection. It is celebrated all over Europe, as well as in Canada and the United States since 2008. To mark the occasion, Privacy International, together with other prominent privacy and digital rights organisations, is launching the Brussels Declaration. It urges Brussels parliamentarians and European…
Content type: Press release
Google's latest Transparency Report, released at 3pm GMT this afternoon, shows that requests by European governments for the browsing history, email communications, documents and IP addresses of Google's users have skyrocketed since the Transparency Report was launched three years ago. Countries in the European Union made 7,254 requests about 9,240 users or accounts between July and December 2012, averaging over 1,200 requests a month. This represents over a third of all requests made by…
Content type: News & Analysis
Next week, the European Parliament will make an important decision affecting one of the world’s most vulnerable and stigmatised groups of people: asylum seekers. This decision is part of a larger debate about privacy and function creep, about authorities breaking promises that were made when personal information was collected and using it for new purposes.
EURODAC, a transnational database containing the personal and biometric information of all asylum seekers and illegal immigrants found…
Content type: News & Analysis
Tuesday’s letter to Google CEO Larry Page, personally signed by 29 European data protection authorities, ordered the corporation (inter alia) to give users greater control over their personal information. The notions of trust and control are emphasised throughout the letter, and Google is urged to "…develop new tools to give users more control over their personal data" and "collect explicit consent for the combination of data for certain purposes". It is good news that the…
Content type: News & Analysis
APEC privacy activity has passed another milestone with the acceptance in July 2012 of the USA as the first economy to formally join the cross border privacy rules (CBPR) system. The CBPR Joint Oversight Panel (JOP), with the Canadian chair of the Data Privacy Subgroup (DPS) standing in for the US member in accordance with the ‘no conflict of interest’ provisions, accepted the US government application, which nominated the Federal Trade Commission (FTC) as the privacy enforcement authority…
Content type: News & Analysis
Privacy International welcomes the Select Committee Inquiry. We approach the proposed EU Data Protection Framework from the perspective of individual citizens and consumers.
We consider that this Inquiry and other consultations must take into account not just considerations of burdens to business and administrations, but also the fundamental rights of individuals to privacy and data protection that the UK has to comply with as a signatory to EU treaties and conventions.
The…
Content type: Advocacy
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of its proposal, a new Regulation (the “Proposed Regulation”),(1) would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive(2) (the “Proposed Directive”), would set out new rules on “the protection of individuals with…
Content type: News & Analysis
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of its proposal, a new Regulation (the “Proposed Regulation”),1 would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive2 (the “Proposed Directive”), would set out new rules on “the protection of individuals with…