Search
Content type: Long Read
“Hey [enter AI assistant name here], can you book me a table at the nearest good tapas restaurant next week, and invite everyone from the book club?” Billions of dollars are invested in companies to deliver on this. While this is a dream that their marketing departments want to sell, this is a potential nightmare in the making.Major tech companies have all announced flavours of such assistants: Amazon’s Alexa+, Google’s Gemini inspired by Project Astra, Microsoft’s Copilot AI companion and…
Content type: Long Read
On 13 March 2025, we filed a complaint against the UK government challenging their use of dangerous, disproportionate and intrusive surveillance powers to undermine the privacy and security of people all over the world. Here, we answer some key questions about the case and the recent events that led to this development.Note: This post was last updated on 13 March 2025.What’s the fuss about?A month ago, it was reported that the UK government demanded Apple Inc – maker of the iPhone, iPads, Macs…
Content type: Long Read
What happened?On 19 July 2024, American cybersecurity company CrowdStrike released an update to its CrowdStrike Falcon software that ultimately caused 8.5 million computers running Microsoft Windows to crash. The damage done was both deep and wide: deep because the computers affected were unable to recover without direct user intervention. Wide because a whole range of companies - from airlines to healthcare to media - across a whole range of countries - from Sweden to India to New Zealand -…
Content type: Long Read
IntroductionHarnessing new digital technology to improve people’s health is now commonplace across the world. Countries and international organisations alike are devising digital health strategies and looking to emerging technology to help solve tricky problems within healthcare. At the same time, more and more start-ups and established tech companies are bringing out new, and at times innovative, digital tools aimed at health and wellbeing.
Content type: Long Read
The defense and protection of the environment continues to come at a high cost for activists and human rights defenders. In 2021, the murders of environment and land defenders hit a record high. This year, a report by Global Witness found that more than 1,700 environmental activists have been murdered in the past decade.
While the issue of surveillance of human rights defenders has received attention, evidence of the surveillance of environmental activists keeps mounting, with recent examples…
Content type: Explainer
Bluetooth
The majority of apps settled on using Bluetooth for proximity tracing.
Just what is Bluetooth?
Named after the 10th Century King Harald "Bluetooth" Gormsson who unified Scandinavia — and whose runic initials comprise the logo — Bluetooth is a wireless, low-power, and therefore short-distance, set of protocols used primarily to connect devices directly to each other in order to transfer data, such as video and audio.
Bluetooth for tracking?
Most of us who've encountered Bluetooth use…
Content type: Explainer
Introduction/Background
Electronic tags have been a key part of criminal justice offender management for over 20 years, being used in the United States since the mid 1980’s and in the UK and some other commonwealth countries since 2003. In 2021 the UK introduced GPS tagging for immigration bail.
The tag is predominantly used to curtail the liberties of individuals. For those on criminal bail its intended use includes managing return into communities while deterring reoffending.
As we explore…
Content type: News & Analysis
As Amnesty International and Forbidden Stories continue to publish crucial information about the potential targets of NSO Group’s spyware, we know this much already: something needs to be done.
But what exactly needs to be done is less obvious. Even though this is not the first time that the world has learned about major abuses by the surveillance industry (indeed, it’s not even the first time this month), it’s difficult to know what needs to change.
So how can the proliferation and use of…
Content type: Explainer
An array of digital technologies are being deployed in the context of border enforcement. Satellite and aerial surveillance are part of the surveillance toolkit and yet, they are also used by organisations seeking to hold government actions to account and improve efficacy of their own work. To effectively critique state use and delve into potential benefits of satellite and aerial surveillance, we must first understand it.
In this explainer we dig into a technology which many are aware of for…
Content type: Examples
The Irish Council for Civil Liberties (ICCL) has filed a lawsuit in Hamburg against three AdTech industry trade bodies including the Interactive Avertising Bureau (IAB). Members of the IAB include big tech companies (Google, Facebook, Amazon, Twitter...), data brokers (Equifax, Experian, Acxiom...) and advertising agencies (Groupm, Publicis, IPG...).
The lawsuit follows the filing in 2018 of complaints with the Irish Data Protection Commission (DPC) and UK Information Commissioner (ICO), which…
Content type: Examples
When Dallas police posted on Twitter asking for videos of the protests taking place after George Floyd's killing, a flood of videos and images of K-pop stars were uploaded to its anonymous iWatch Dallas tip-off app. Law enforcement can call on vast numbers of networked cameras - from cars, food and retail chains that are typically willing to share with police, law enforcement agencies' own networks of surveillance and body cameras as well as object and face recognition software, protesters and…
Content type: Long Read
The Grand Chamber of the European Court of Human Rights ruled that the UK government’s historical mass interception program violates the rights to privacy and freedom of expression. The Court held that the program “did not contain sufficient “end-to-end” safeguards to provide adequate and effective guarantees against arbitrariness and the risk of abuse.” As a result the Court ruled that UK law "did not meet the “quality of law” requirement and was therefore incapable of keeping the “…
Content type: Long Read
On 25 May 2021, the European Court of Human Rights issued its judgment in Big Brother Watch & Others v. the UK. Below, we answer some of the main questions relating to the case.
After our initial reaction, below we answer some of the main questions relating to the case.
NOTE: This post reflects our initial reaction to the judgment and may be updated.
What’s the ruling all about?
In a nutshell, one of the world’s most important courts, the Grand Chamber of the European Court of Human…
Content type: Long Read
Now more than ever with a global pandemic happening, our lives are being shaped by our interaction with the digital world. Work meetings on Zoom followed by Skype with family before a quick run with your favourite running app and a Google search for your next meal: technologies and services offer us a lot and greatly improve our daily lives. But what's the real cost of these tools we rely on so much?
A lot of these companies, especially those offering free services, collect data about you. It…
Content type: Video
In recent years, the use of online political campaigning has gained significant traction, with regulatory bodies often struggling to catch up. The unregulated use of political ads can pose threats to transparency, and all the more so when online platforms fail to play their part.
We at PI, together with ELSAM, are investigating the reach, effectiveness and impact of regulation by social media platforms and electoral authorities on online political advertising. Our research has shown…
Content type: Video
Nos últimos anos, o uso de campanhas políticas online ganhou força significativa, com os órgãos reguladores muitas vezes lutando para se atualizar. O uso não regulamentado da propaganda política pode representar ameaças à transparência, ainda mais quando as plataformas online deixam de cumprir a sua parte.
A PI, juntamente com o InternetLab, está investigando o alcance, a eficácia e o impacto da regulamentação por plataformas de mídia social e autoridades eleitorais na…
Content type: Video
In recent years, the use of online political campaigning has gained significant traction, with regulatory bodies often struggling to catch up. The unregulated use of political ads can pose threats to transparency, and all the more so when online platforms fail to play their part.
We at PI, together with InternetLab, are investigating the reach, effectiveness and impact of regulation by social media platforms and electoral authorities on online political advertising. Our research has…
Content type: Examples
Civil society organisations Civil Liberties union for Europe, Open Rights Group and Panoptykon Foundation have filed complaints against Google and Interactive Advertising Bureau (IAB) member companies in Croatia, Cyprus, Greece, Malta, Portugal and Romania.
The complaints address privacy abuses arising from real-time bidding processing, and call on data protection authorities to work together in investigation the real-time bidding industry.
Content type: Examples
French data protection regulator CNIL fined Google and Amazon €100 million and €35 million respectively for breaches of the French Data Protection Act. The CNIL found that the French websites of Google and Amazon had not sought the prior consent of visitors before advertising cookies were saved on computers, and failed to provide clear information to users as to how they intended to make use of online trackers and how to refuse any use of cookies.
In relation to Google, the CNIL made an…
Content type: Guide step
Content delivery networks (CDNs) are geographically distributed network of proxy servers that seek to provide features such as better availability and performances for websites. While the goal is commendable, it also means that these CDN providers receive metadata related to the websites you visit (where they are setup). With this is mind, you might want to sacrifice the added convenience and avoid large CDN providers (such as Google and Cloudflare) to prevent them from obtaining any data…
Content type: Guide step
Browser cookies allow websites to preserve session data such as your login credentials or items in your shopping basket so that you don't lose information when you close the page. Unfortunately, they are often abused to track your online activity across the web. Using a dedicated addon, you can clean your cookies regularily to ensure that no unwanted cookie is kept in your browser, limiting the efficienty of online trackers.
This guide explains how to install Cookie AutoDelete, a web-browser…
Content type: Guide step
Atención: Chrome es un producto de Google y, como tal, incorpora muchos mecanismos que posiblemente estén compartiendo datos con Google. Uno de estos mecanismos vincula automáticamente tu navegador a tu cuenta de Google cuando inicias una sesión en cualquier servicio de Google (por ejemplo, Gmail). Para evitar que esto suceda, considera usar Firefox o una alternativa basada en Chrome (por ejemplo, Vivaldi, Opera, Brave...). Otra posibilidad es seguir las indicaciones de esta guía para…
Content type: Guide step
Warning: Chrome is a Google product and as such embeds many mechanisms that might share data with Google. One such mechanism automatically links your browser to your Google account when you sign in on any Google service (e.g. Gmail). Consider using Firefox or a Chrome-based alternative (e.g. Vivaldi, Opera, Brave...) to avoid this. Alternatively you can disable some of these behaviours in the settings by following this guide.
Changing settings in Chrome menu
To access the settings, click on…
Content type: Guide step
Content delivery networks (CDNs) are geographically distributed network of proxy servers that seek to provide features such as better availability and performances for websites. While the goal is commendable, it also means that these CDN providers receive metadata related to the websites you visit (where they are setup). With this is mind, you might want to sacrifice the added convenience and avoid large CDN providers (such as Google and Cloudflare) to prevent them from obtaining any data…
Content type: Guide step
Las redes de distribución de contenidos (CDN) son redes geográficamente distribuidas de servidores proxy que buscan ofrecer funciones como mejorar la disponibilidad y el rendimiento de los sitios web. Aunque el objetivo es loable, también implica que los proveedores de CDN reciben metadatos vinculados con los sitios web que visitas (donde están configurados). Por ello, quizá sea conveniente sacrificar estas ventajas adicionales y prescindir de los grandes proveedores de CDN (como Google y…
Content type: Examples
A study describes the data transmitted to backend servers by the Google/Apple based contact tracing (GAEN) apps in use in Germany, Italy, Switzerland, Austria, and Denmark and finds that the health authority client apps are generally well-behaved from a privacy point of view, although the Irish, Polish, Danish, and Latvian apps could be improved in this respect. However, the study also finds that the Google Play Services component of the apps contacts Google servers as often as every 20 minutes…
Content type: Examples
When Google and Apple announced their joint platform for contact tracing, the companies said the system would not track users’ locations. By mid-July, the resulting apps had been downloaded more than 20 million times in companies such as Germany and Switzerland. However, in order for Bluetooth, which the app requires, to work on Android phones, users must enable location services, with the result that Google may be able to track their location. Governments and health officials in Germany,…
Content type: Examples
Several of the Chinese companies producing personal protective equipment such as face masks were shown via undercover video footage to be using Uighur labour under a government labour transfer programme that pays regional subsidies for each worker taken in. The equipment is being shipped all over the world, including to the US and Latin America. In the course of the pandemic, the number of companies producing PPE in Xinjiang has risen from four to 51. At Medwell, one such company, Uighurs are…
Content type: Examples
The French data protection authority, CNIL, has examined the French contact tracing app and ruled that it is not fully compliant with the provisions of GDPR and the French data protection law. CNIL’s primary complaint was that the app transferred the news that a user had been infected to all their contacts, not just those who had been in recent proximity, and the privacy policy was insufficiently specific about the categories of data that were being processed and its recipients. Finally, the…
Content type: Video
Find out more here: https://privacyinternational.org/long-read/3669/documentation-data-exploitation-sexual-and-reproductive-rights
You can listen and subscribe to the podcast where ever you normally find your podcasts:
Spotify
Apple podcasts
Google podcasts
Castbox
Overcast
Pocket Casts
Peertube
Youtube
Stitcher
And more...