Search
Content type: Long Read
What’s the ruling all about?
The Constitutional Court of South Africa in a historic judgment declared that bulk interception by the South African National Communications Centre is unlawful and invalid. Furthermore, the Constitutional Court found that the Regulation of Interception of Communications and Provision of Communication-Related Information Act (RICA) 1) was deficient in failing to provide at least a post-notification procedure for subjects of interception; 2) failed to ensure the…
Content type: Report
Privacy International has released a report summarising the result of its research into the databases and surveillance tools used by authorities across the UK’s borders, immigration, and citizenship system.
The report uses procurement, contractual, and other open-source data and aims to inform the work of civil society organisations and increase understanding of a vast yet highly opaque system upon which millions of people rely.
It also describes and maps…
Content type: Long Read
Tucked away in a discrete side street in Hungary’s capital, the European Union Agency for Law Enforcement Training (CEPOL) has since 2006 operated as an official EU agency responsible for developing, implementing, and coordinating training for law enforcement officials from across EU and non-EU countries.
Providing training to some 29,000 officials in 2018 alone, it has seen its budget rocket from €5 million in 2006 to over €9.3 million in 2019, and offers courses in everything from…
Content type: Video
Find out more on our website: https://privacyinternational.org/long-read/4206/qa-eus-top-court-rules-uk-french-and-belgian-mass-surveillance-regimes-must-respect
And make sure we can keep taking these fights to court: support.privacyinternational.org
You can listen and subscribe to the podcast where ever you normally find your podcasts:
Spotify
Apple podcasts
Google podcasts
Castbox
Overcast
Pocket Casts
Peertube
Youtube
Stitcher
And more...
Content type: Long Read
Q&A: EU's top court rules that UK, French and Belgian mass surveillance regimes must respect privacy
Content type: Press release
Today, the ICO has issued a long-awaited and critical report on Police practices regarding extraction of data from people's phones, including phones belonging to the victims of crime.
The report highlights numerous risks and failures by the police in terms of data protection and privacy rights. The report comes as a result of PI’s complaint, dating back to 2018, where we outlined our concerns about this intrusive practice, which involves extraction of data from devices of victims, witnesses…
Content type: Advocacy
Privacy International (PI), Fundaciòn Datos Protegidos, Red en Defensa de los Derechos Digitales (R3D) and Statewatch responded to the call for submission of the UN Special Rapporteur on contemporary forms of racism, xenophobia and related intolerance on how digital technologies deployed in the context of border enforcement and administration reproduce, reinforce, and compound racial discrimination.
This submission provides information on specific digital technologies in service of border…
Content type: News & Analysis
Traduction réalisée par Nadine Blum.
Le 29 mai, le Congrès nigérien a voté une loi permettant au gouvernement d’intercepter largement certaines communications électroniques. La loi rend légale l’interception de communications, autorisée par le gouvernement, sans protections appropriées ni mécanismes de contrôle.
La loi a été adoptée avec 104 votes pour – le Parlement nigérien compte 171 membres – et sans la participation de l’opposition qui a boycotté la loi. L’opposition a affirmé…
Content type: News & Analysis
On 29 May, Niger’s Congress voted on a law allowing for broad interception powers of certain electronic communications by the government. The bill makes it lawful for the government to approve the interception of communications without appropriate safeguards or oversight mechanisms.
The law passed with 104 votes – the Nigerien parliament has 171 members – without the participation of the opposition that boycotted the law. The opposition claimed that
the law will allow those, for…
Content type: Advocacy
Privacy International responded to the call for submissions of the Working Group on the use of mercenaries as a means of violating human rights and impeding the exercise of the rights of peoples to self-determination on role of private military and security companies in immigration and border management and the impact on the protection of the rights of all migrants.
This submission builds on PI’s research and reporting highlighting examples of the involvement of private companies in…
Content type: Explainer
In a scramble to track, and thereby stem the flow of new cases of Covid-19, Governments around the world are rushing to track the locations of their populace. One way to do this is to leverage the metadata held by mobile service providers (telecommunications companies - "Telcos" - such as Hutchison 3 (Also known as Three), Telefonica (Also known as O2), Vodafone, and Orange) in order to track the movements of a population, as seen in Italy, Germany and Austria, and with the European Commission…
Content type: Examples
Mexico is one of the biggest buyers of next-generation surveillance technology. And now data leaked to Forbes indicates it's taken an unprecedented step in becoming the first-known buyer of surveillance technology that silently spies on calls, text messages and locations of any mobile phone user, via a long-vulnerable portion of global telecoms networks known as Signalling System No. 7 (SS7).
The revelation was contained in what an anonymous source close claimed was…
Content type: Examples
The whistleblower said they were unable to find any legitimate reason for the high volume of the requests for location information. “There is no other explanation, no other technical reason to do this. Saudi Arabia is weaponising mobile technologies,” the whistleblower claimed.
The data leaked by the whistleblower was also seen by telecommunications and security experts, who confirmed they too believed it was indicative of a surveillance campaign by Saudi Arabia.
The data shows requests for…
Content type: Examples
8 europeans telecoms providers (Vodafone, Deutsche Telekom, Orange,Telefonica, Telecom Italia , Telenor, Telia and A1 Telekom Austria) have agreed to share mobile phone location data with the European Commission to track the spread of the coronavirus.
The Commission said it would use anonymsed data and aggregated mobile phone location to coordinate the tracking of the virus spread. They also announced the data would be deleted after the crisis.
Source: https://www.reuters.com/article/us-…
Content type: Explainer
In a scramble to track, and thereby stem the flow of, new cases of Covid-19, Governments around the world are rushing to track the locations of their populace. One way to do this is to write a smartphone app which uses Bluetooth technology, and encourage (or mandate) that individuals download and use the app. We have seen such examples in Singapore and emerging plans in the UK.
Apps that use Bluetooth are just one way to track location. There are several different technologies in a smartphone…
Content type: Examples
UK: O2 shares aggregated location data with government to test compliance with distancing guidelines
Mobile network operator O2 is providing aggregated data to the UK government to analyse anonymous smartphone location data in order to show people are following the country's social distancing guidelines, particularly in London, which to date accounts for about 40% of the UK's confirmed cases and 30% of deaths. The project is not designed to monitor individuals. Lessons from the impact on London of travel restrictions could then be applied in the rest of the country. The government says it has…
Content type: Examples
BT, owner of UK mobile operator EE, is in talks with the government about using its phone location and usage data to monitor whether coronavirus limitation measures such as asking the public to stay at home are working. The information EE supplies would be delayed by 12 to 24 hours, and would provide the ability to create movement maps that show patterns. The data could also feed into health services' decisions, and make it possible to send health alerts to the public in specific locations.…
Content type: Examples
The coronavirus action plan announced on March 3, alongside many measures for managing the NHS in the crisis, will also allow the Investigatory Powers Commissioner to appoint judicial commissioners (JCs) on a temporary basis in the event that there are insufficient JCs available to operate the system under the Investigatory Powers Act 2016. The Home Secretary, at the request of the Investigatory Powers Commissioner, will also be allowed to vary the time allowed for urgent warrants to be…
Content type: News & Analysis
In mid-2019, MI5 admitted, during a case brought by Liberty, that personal data was being held in “ungoverned spaces”. Much about these ‘ungoverned spaces’, and how they would effectively be “governed” in the future, remained unclear. At the moment, they are understood to be a ‘technical environment’ where personal data of unknown numbers of individuals was being ‘handled’. The use of ‘technical environment’ suggests something more than simply a compilation of a few datasets or databases.
The…
Content type: News & Analysis
Today Advocate General (AG) Campos Sánchez-Bordona of the Court of Justice of the European Union (CJEU), issued his opinions (C-623/17, C-511/18 and C-512/18 and C-520/18) on how he believes the Court should rule on vital questions relating to the conditions under which security and intelligence agencies in the UK, France and Belgium could have access to communications data retained by telecommunications providers.
The AG addressed two major questions:
(1) When states seek to impose…
Content type: Case Study
On 3 December 2015, four masked men in plainclothes arrested Isnina Musa Sheikh in broad daylight (at around 1 p.m.) as she served customers at her food kiosk in Mandera town, in the North East of Kenya, Human Rights Watch reported. The men didn’t identify themselves but they were carrying pistols and M16 assault rifles, commonly used by Kenyan defence forces and the cars that took her away had their insignia on the doors. Isnina’s body was discovered three days later in a shallow grave about…
Content type: Case Study
The prohibition against torture is absolute. There are no exceptional circumstances whatsoever which can be used to justify torture.
And yet, torture is still being carried out by state officials around the world, driven by states’ ability to surveil dissidents, and intercept their communications.
In 2007, French technology firm Amesys (a subsidiary of Bull) supplied sophisticated communications surveillance systems to the Libyan intelligence services. The systems allegedly permitted the…
Content type: News & Analysis
This creates a restraint on all people who merely seek to do as people everywhere do: to communicate freely.
This is a particularly worrying development as it builds an unreliable, pervasive, and unnecessary technology on top of an unnecessary and exclusionary SIM card registration policy. Forcing people to register to use communication technology eradicates the potential for anonymity of communications, enables pervasive tracking and communications surveillance.
Building facial recognition…
Content type: News & Analysis
Photo by Francesco Bellina
The wars on terror and migration have seen international funders sponsoring numerous border control missions across the Sahel region of Africa. Many of these rely on funds supposed to be reserved for development aid and lack vital transparency safeguards. In the first of a series, freelance journalist Giacomo Zandonini sets the scene from Niger.
Surrounded by a straw-yellow stretch of sand, the immense base of the border control mobile company of Maradi, in southern…
Content type: News & Analysis
Today, the High Court of South Africa in Pretoria in a historic decision declared that bulk interception by the South African National Communications Centre is unlawful and invalid.
The judgment is a powerful rejection of years of secret and unchecked surveillance by South African authorities against millions of people - irrespective of whether they reside in South Africa.
The case was brought by two applicants, the amaBhungane Centre for Investigative Journalism and journalist Stephen…
Content type: News & Analysis
Photo: The European Union
On 2 September 2019, Privacy International, together with 60 other organisations, signed an open letter to the European Parliament to express our deep concern about upcoming EU policy proposals which undermine the EU’s founding values of human rights, peace and disarmament.
Since 2017, the EU has diverted funds towards security research and security capacity-building in countries around the world. The proposal for the EU's next budget (2021-2027) will…
Content type: Report
“...a mobile device is now a huge repository of sensitive data, which could provide a wealth of information about its owner. This has in turn led to the evolution of mobile device forensics, a branch of digital forensics, which deals with retrieving data from a mobile device.”
The situation in Scotland regarding the use of mobile phone extraction has come a long way since the secret trials were exposed. The inquiry by the Justice Sub-Committee, commenced on 10 May 2018, has brought much…
Content type: Long Read
It is common ground that bulk collection of content would be a deprivation of the right to privacy. That is an inexcusable or unjustifiable step too far. Repeatedly the Government whether in litigation or legislating, has emphasised that they are not taking content in bulk. Content is the forbidden ground.
This has resulted in the Government seeking to explain, for example, what parts of an email would constitute content and meta data. Within the Investigatory Powers Act it has led to the…
Content type: Long Read
Six years after NSA contractor Edward Snowden leaked documents providing details about how states' mass surveillance programmes function, two states – the UK and South Africa – publicly admit using bulk interception capabilities.
Both governments have been conducting bulk interception of internet traffic by tapping undersea fibre optic cables landing in the UK and South Africa respectively in secret for years.
Both admissions came during and as a result of legal proceedings brought by…