Search
Content type: Examples
16th April 2020
The Guangzhou Public Transportation Group has installed a biometric tablet next to bus drivers' seats so they can check the temperature and identity of every passenger who boards. The tablets will also photograph each passenger, allowing them to be identified by China's facial recognition network in the hope of helping control the spread of the novel coronavirus by enabling contact tracing for anyone displaying symptoms. The Group claims the data so gathered will only be used in the interests…
Content type: Examples
21st March 2020
Metrolinx, the public transport agency for the Canadian province of Ontario says that, on request, it gave Toronto Public Health contact information associated with registered Presto payment cards used on specific trips, after a 40-year-old man was diagnosed with coronavirus (COVID-19). The agency revealed the news on Twitter and said that compelling circumstances affecting the health and safety of individuals under the Ontario privacy act (FIPPA) permits the disclosure of personal information…
Content type: Examples
21st March 2020
India has begun stamping the hands of people arriving at airports in the states of Maharashtra and Karnataka to specify the date until which they must remain in quarantine. The government is also using airline and railway reservation data to track suspected infections and find hand-stamped people who had promised not to travel. Kerala authorities have used telephone call records, CCTV footage, and mobile phone GPS systems to trace contracts of COVID-19 patients, and published detailed time and…
Content type: Examples
13th August 2019
In February 2019, the city of Rio de Janeiro announced that its police security operation for the annual five-day Carnival would include facial recognition and vehicle license plate cameras to identify wanted individuals and cars. Municipal officials said the system would help reduce thefts and robberies; critics dissented on the basis that a period when people are wearing masks, heavy makeup, glitter, and costumes is a bad time to test the technology.
https://riotimesonline.com/brazil-news/…
Content type: News & Analysis
31st July 2018
Last year Privacy International conducted research into information left on rental cars after they are returned. Every car we rented contained readily apparent personal information about past drivers and other passengers, including information such as their past locations, smart phone identifier, and entered locations, including a school.
Off the back of the research, PI wrote to rental companies and car-share schemes in continental Europe, the UK, and the US to enquire about the companies’…
Content type: Examples
3rd May 2018
In 2014, NYC Planning Labs Chris Whong was sent and made public a complete a complete dump of historical trip and fare logs from New York City taxis in response to a Freedom of Information request. The more than 20GB of uncompressed data comprising more than 173 million individual trips included pickup and drop-off locations and times and other metadata - but also personally identifiable information about the driver. Careful analysis enabled researchers to deanonymise the entire dataset,…
Content type: Long Read
16th January 2018
The era where we were in control of the data on our own computers has been replaced with devices containing sensors we cannot control, storing data we cannot access, in operating systems we cannot monitor, in environments where our rights are rendered meaningless. Soon the default will shift from us interacting directly with our devices to interacting with devices we have no control over and no knowledge that we are generating data. Below we outline 10 ways in which this exploitation and…
Content type: Report
6th December 2017
When you rent a car at the airport, use a car-share for a family day trip, one of the first things you are likely to do before setting off on your journey, is to connect your phone to the car. You switch on the Bluetooth and see a list of other people’s phones that were previously connected - Mike’s iPhone, Samsung Galaxy, Bikerboy_Troi, Dee Dee. You input your journey into the navigation, perhaps noticing stored locations of previous drivers.
Seems fairly innocuous? Wrong. Your name and…
Content type: Press release
Press Release: New report shows how car rental companies are failing to protect drivers' information
5th December 2017
A new report by Privacy International shows how car rental companies and car-share schemes are failing to protect drivers' personal information, such as their location, smart phone contents, and place of residence.
The report is here: https://privacyinternational.org/node/987
Key points
Privacy International (PI) rented a series of internet-connected cars and examined the information which was collected and retained on the rental cars' infotainment system*. Every car PI rented contained…
Content type: Examples
1st December 2017
By 2017, facial recognition was developing quickly in China and was beginning to become embedded in payment and other systems. The Chinese startup Face++, valued at roughly $1 billion, supplies facial recognition software to Alipay, a mobile payment app used by more than 120 million people; the dominant Chinese ride-hailing service, Didi; and several other popular apps. The Chinese search engine Baidu is working with the government of popular tourist destination Wuzhen to enable visitors to…
Content type: Examples
1st December 2017
In 2017, Uber began a programme experimenting with using psychology and social science insights to influence when, where, and how long its drivers work. Among other techniques, Uber auto-loaded the next fare to encourage the driver equivalent of binge TV-watching; reminded drivers when they're close to their earnings targets to keep them from logging off; and used game-style graphics and small-value awards to keep drivers at the wheel. The company also had male managers adopt female personas…
Content type: Examples
1st December 2017
For some months in 2017, in one of a series of high-risk missteps, Uber violated Apple's privacy guidelines by tagging and identifying iPhones even after their users had deleted Uber's app. When Apple discovered the deception, CEO Tim Cook told Uber CEO Travis Kalanick to cease the practice or face having the Uber app barred from the App Store.
External Link to Story
https://www.nytimes.com/2017/04/23/technology/travis-kalabnick-pushes-uber-and-himself-to-the-precipice.html
Content type: Case Study
1st November 2017
As society heads toward an ever more connected world, the ability for individuals to protect and manage the invisible data that companies and third parties hold about them, becomes increasingly difficult. This is further complicated by events like data breaches, hacks, and covert information gathering techniques, which are hard, if not impossible, to consent to. One area where this most pressing is in transportation, and by extension the so-called ‘connected car’.
When discussing connected…
Content type: Case Study
30th August 2017
As society heads toward an ever more connected world, the ability for individuals to protect and manage the invisible data that companies and third parties hold about them, becomes increasingly difficult. This is further complicated by events like data breaches, hacks, and covert information gathering techniques, which are hard, if not impossible, to consent to. One area where this most pressing is in transportation, and by extension the so-called ‘connected car’.
When discussing connected…
Content type: News & Analysis
3rd April 2017
For as long as automobiles have been around, manufacturers have been trying to find ways of putting more technology inside of cars, oftentimes sold as value-added services for their customers, whether that be 8-tracks of the 1960s and 1970s, the enhancement to security of central locking of the 1980s and 1990s, or the introduction of satellite navigation in the 2000s.
Today, as our technologies become ‘smarter’, so do the risks to our personal privacy. This especially true as society is on the…
Content type: Report
9th March 2012
This is a memo prepared by Barry Steinhardt of Friends of Privacy USA for Members of the European Parliament regarding the proposed EU-US Agreement PNR.
The proposed agreement regarding Passenger Name Records (PNR) between the United States and the European Union is riddled with faulty assertions and assumptions about US law and the actual operations of the US government.
These faulty assertions and assumptions go to the heart of the agreement and undercut the claims of protections for…
Content type: News & Analysis
11th January 2007
Privacy International and the American Civil Liberties Union have appealed to the Council of the European Union, the European Commission, the European Parliament, and privacy commissioners in 31 countries across Europe to repeal the agreement between the EU and the US on passenger data transfers. We argue that, with the recent disclosure of the 'Automated Targeting System' being used by the US Department of Homeland Security, the US has violated both American law and the agreement with the EU…