Search
Content type: Advocacy
BackgroundThe Snowden revelations and subsequent litigation have repeatedly identified unlawful state surveillance by UK agencies. In response, the UK Parliament passed the highly controversial Investigatory Powers Act 2016 (IPA), which authorised massive, suspicionless surveillance on a scale never seen before, with insufficient safeguards or independent oversight.Privacy International led legal challenges to this mass surveillance regime both before and after the Act became law. The Act…
Content type: Long Read
IntroductionData about our health reveals some of the most sensitive, intimate - and potentially embarrassing - information about who we are. Confidentiality is, and has always been, at the very heart of medical ethics. People need to be able to trust their doctors, nurses and other healthcare providers so that they are not afraid to tell them something important about their health for fear of shame, judgement or social exclusion.It’s no surprise then that data protection regimes around…
Content type: Long Read
We won our case against the UK’s Security Service (MI5) and the Secretary of State for the Home Department (SSHD). The Investigatory Powers Tribunal (IPT) – the judicial body responsible for monitoring UK’s intelligence and security agencies – held that MI5 acted unlawfully by knowingly holding people’s personal data in systems that were in breach of core legal requirements. MI5 unlawfully retained huge amounts of personal data between 2014 and 2019. During that period, and as a result of these…
Content type: Press release
In a landmark judgment, handed down today (Monday 30 January 2023), the Investigatory Powers Tribunal have found that there were “very serious failings” at the highest levels of MI5 to comply with privacy safeguards from as early as 2014, and that successive Home Secretaries did not to enquire into or resolve these long-standing rule-breaking despite obvious red flags.
Human rights organisations Liberty and Privacy International, who brought this significant legal case in January 2020, have…
Content type: Long Read
Since early 2021, PI have been investigating and challenging the latest stride in the UK’s cruel migration policies: the roll-out of GPS ankle tags to monitor migrants released on immigration bail, a dehumanising, invasive method of control that monitors and records people’s precise location 24/7.
More recently, we found out through Freedom of Information Requests that the Home Office is working to roll out "smartwatches" - devices that also record 24/7 location data, but instead of being…
Content type: Report
End-to-end encryption (E2EE) contributes significantly to security and privacy. For that reason, PI has long been in favour of the deployment of robust E2EE.Encryption is a way of securing digital communications using mathematical algorithms that protect the content of a communication while in transmission or storage. It has become essential to our modern digital communications, from personal emails to bank transactions. End-to-end encryption is a form of encryption that is even more private.…
Content type: News & Analysis
After almost 20 years of presence of the Allied Forces in Afghanistan, the United States and the Taliban signed an agreement in February 2020 on the withdrawal of international forces from Afghanistan by May 2021. A few weeks before the final US troops were due to leave Afghanistan, the Taliban had already taken control of various main cities. They took over the capital, Kabul, on 15 August 2021, and on the same day the President of Afghanistan left the country.
As seen before with regime…
Content type: Long Read
Additionally, in January 2020 Privacy International and UK-based NGO Liberty filed a new claim against MI5 and the Secretary of State for the Home Department in the Investigatory Powers Tribunal (the “Ungoverned Spaces Case”, this time, the case sought to hold MI5 and the SSHD accountable for systemic, long-term failures in the way they handle and retain millions of people’s personal data. As part of this claim, PI requested that the IPT re-opens parts of the original BPD/BCD. This aspect of…
Content type: Long Read
The Grand Chamber of the European Court of Human Rights ruled that the UK government’s historical mass interception program violates the rights to privacy and freedom of expression. The Court held that the program “did not contain sufficient “end-to-end” safeguards to provide adequate and effective guarantees against arbitrariness and the risk of abuse.” As a result the Court ruled that UK law "did not meet the “quality of law” requirement and was therefore incapable of keeping the “…
Content type: News & Analysis
Today, the Constitutional Court of South Africa in a historic judgment declared that bulk interception by the South African National Communications Centre is unlawful and invalid.
The judgment is a confirmation of the High Court of South Africa in Pretoria’s powerful rejection of years of secret and unchecked surveillance by South African authorities against millions of people - irrespective of whether they reside in South Africa.
The case was brought by two applicants, the amaBhungane Centre…
Content type: Long Read
Over the last two decades we have seen an array of digital technologies being deployed in the context of border controls and immigration enforcement, with surveillance practices and data-driven immigration policies routinely leading to discriminatory treatment of people and undermining peoples’ dignity.
And yet this is happening with little public scrutiny, often in a regulatory or legal void and without understanding and consideration to the impact on migrant communities at the border and…
Content type: Long Read
Covid Apps are on their way to a phone near you. Is it another case of tech-solutionism or a key tool in our healthcare response to the pandemic? It’s fair to say that nobody quite knows just yet.
We’ve been tracking these apps since the early days. We’ve been monitoring Apple and Google closely, have been involved in the UK’s app process, our partners in Chile and Peru have been tracking their governments’ apps, and more.
Of course privacy concerns arise. But only a simplistic analysis would…
Content type: News & Analysis
Lockdowns and quarantines are an extraordinary measure that help in slowing down the global COVID-19 pandemic, and protecting the population.
However, they come at an even higher cost to some individuals, such as victims of domestic violence, persons in a vulnerable situation, and human rights defenders, who face specific threats that are exacerbated by measures taken by governments to address the global pandemic.
In that context, states should adopt special measures to keep those people…
Content type: Examples
An engineering and computer science professor and his team from The Ohio State University discovered a design flaw in low-powered Bluetooth devices that leaves them susceptible to hacking.
Zhiqiang Lin, associate professor of computer science and engineering at the university, found the commonly used Bluetooth Low Energy devices, such as fitness trackers and smart speakers, are vulnerable when they communicate with their associated apps on the owner’s mobile phone.
"There is a fundamental…
Content type: Examples
The Belgian Minister of Public Health has approved a programme under which telephone companies Proximus and Telenet will transfer some of their their data to the private third-party company Dalberg Data Insights in order to help combat the coronavirus epidemic; Orange has also agreed "in principle". The details are still to be agreed pending a legal and technical analysis of the proposed project. So far it has been reported that location data and real-time tracking would be used to assess the…
Content type: Examples
The Israeli prime minister, Benjamin Netanyahu, has authorised the country's internal security agency to use a previously secret tranche of mobile phone geolocation data, gathered to combat terrorism, to retrace the movements of individuals with confirmed cases of the coronavirus and identify people they've interacted with who should be quarantined. After Parliament's Secret Services Subcommittee ended its discussions without approving the measure, Netanyahu said the government would approve…
Content type: Examples
A phone-tracking system used by SAPOL for criminal investigations was used to better understand where a coronavirus-infected 60-year-old couple, who had travelled from Wuhan to visit relatives, roamed in Adelaide in order to identify people who might have been exposed, according to the South Australian police commissioner. Police used a program that only requires a phone number to initiate a download of where the phone has been used; to use it they must meet a legislative threshold…
Content type: Examples
Hakob Arshakyan, Armenia's minister of the high technology industry, has convened a research group comprising experts in IT and AI has been convened to collect and analyse data on the spread of coronavirus, compare it with the data collected by international partners, and develop forecasts. The minister believes that the research group's work will help provide accurate and reliable information that will help coordinate and manage containment efforts. As of March 19, Armenia had confirmed 122…
Content type: Examples
The "safety guidance texts" sent by health authorities and district offices in South Korea are causing information overload and have included embarrassing revelations about infected people's private lives. A text may include, for example, a link to trace the movements of people who have recently been diagnosed with the virus. Clicking on the link takes the user to the website of a district office that lists the places the patient had visited before testing positive. In one case, a man in his…
Content type: News & Analysis
In mid-2019, MI5 admitted, during a case brought by Liberty, that personal data was being held in “ungoverned spaces”. Much about these ‘ungoverned spaces’, and how they would effectively be “governed” in the future, remained unclear. At the moment, they are understood to be a ‘technical environment’ where personal data of unknown numbers of individuals was being ‘handled’. The use of ‘technical environment’ suggests something more than simply a compilation of a few datasets or databases.
The…
Content type: Examples
After an 18-month investigation involving interviews with 160 life insurance companies, in January 2019 New York Financial Services, the state's top financial regulator, announced it would allow life insurers to use data from social media and other non-traditional sources to set premium rates for its customers. Insurers will be required to demonstrate that their use of the information doesn't unfairly discriminate against specific customers. New York is the first state to issue specific…
Content type: Examples
A November 2018 report from Data & Society discusses "data craft", the methods manipulators use to create disinformation with falsified metadata, specifically platform activity signals, which can be read by machine learning algorithms, platforms, and humans. Manipulators use platform features in unexpected and skilful ways to evade moderation efforts, and their methods need to be understood. The report includes three case studies: politicians' accounts on Instagram, official US government…
Content type: News & Analysis
According to the International Organization for Migration, an estimated 258 million people are international migrants – that is, someone who changes their country of usual residence, That’s one in every 30 people on earth.
These unprecedented movements levels show no sign of slowing down. It is predicted that by 2050, there will be 450 million migrants across the world.
Nowadays, it is politically acceptable to demonise migrants, and countless leaders have spewed divisive and xenophobic…
Content type: News & Analysis
Why is a privacy organisation working with the humanitarian sector, and why does it matter? We may seem like strange bedfellows, but today's ever-growing digital world means that, more and more, people who receive humanitarian assistance are being exposed to unexpected threats.
According to the 2018 Global Humanitarian Overview, there are more than 134 million people across the world in need humanitarian assistance. Of these, about 90.1 million will receive aid of some form. It is…
Content type: Long Read
It’s 15:10 pm on April 18, 2018. I’m in the Privacy International office, reading a news story on the use of facial recognition in Thailand. On April 20, at 21:10, I clicked on a CNN Money Exclusive on my phone. At 11:45 on May 11, 2018, I read a story on USA Today about Facebook knowing when teen users are feeling insecure.
How do I know all of this? Because I asked an advertising company called Quantcast for all of the data they have about me.
Most people will have never heard of…
Content type: Examples
In 2013, Edward Snowden, working under contract to the US National Security Agency for the consultancy Booz Allen Hamilton, copied and leaked thousands of classified documents that revealed the inner workings of dozens of previously unknown surveillance programs. One of these was PRISM, launched in 2007, which let NSA use direct access to the systems of numerous giant US technology companies to carry out targeted surveillance of the companies' non-US users and Americans with foreign contacts by…
Content type: News & Analysis
This piece originally appeared here.
We are much more than our physical selves. We are also digital. Every moment we generate more data. Although sometimes this data is under our control, increasingly it is not. This uncontrolled data—this metadata—is often generated as a result of our interactions, movements, sentiments, and even our inaction. Despite being beyond our control, our metadata is still accessible to many. Hardly a day goes by without a news story or global event involving data: a…
Content type: Examples
Because banks often decline to give loans to those whose "thin" credit histories make it hard to assess the associated risk, in 2015 some financial technology startups began looking at the possibility of instead performing such assessments by using metadata collected by mobile phones or logged from internet activity. The algorithm under development by Brown University economist Daniel Björkegren for the credit-scoring company Enterpreneurial Finance Lab was built by examining the phone records…
Content type: Examples
A new examination of documents detailing the US National Security Agency's SKYNET programme shows that SKYNET carries out mass surveillance of Pakistan's mobile phone network and then uses a machine learning algorithm to score each of its 55 million users to rate their likelihood of being a terrorist. The documents were released as part of the Edward Snowden cache. The data scientist Patrick Ball, director of research at the Human Rights Data Analysis Group, which produces scientifically…
Content type: Report
Financial services are changing, with technology being a key driver. It is affecting the nature of financial services, from credit and lending through to insurance, and even the future of money itself.
The field of fintech is where the attention and investment is flowing. Within it, new sources of data are being used by existing institutions and new entrants. They are using new forms of data analysis.
These changes are significant to this sector and the lives of people it serves. This…