Search
Content type: Long Read
Modern day government surveillance is based on the simple concept of “more is more” and “bigger is better”. More emails, more text messages, more phone calls, more screenshots from Skype calls. The bigger the haystack, the more needles we can find.
Thanks to Edward Snowden, we know that this fundamental idea drives intelligence agencies like the NSA and GCHQ - the desire to collect it all, to generate gigantic haystacks through which to trawl. In the almost two years since the first of Snowden…
Content type: News & Analysis
UPDATE: Argentina's President Cristina Fernandez de Kirchner has announced plans to disband Argentina's intelligence agency. Go here for more, and keep reading below.
This post was originally published on 20 January 2015 by Privacy International's partner in Argentina, the Asociación por los Derechos Civiles (ADC). To read the original post, please go here.
In view of the serious incidents that took place on 18 January 2015, the Asociación por los Derechos Civiles (ADC)…
Content type: News & Analysis
Intelligence sharing agreements can be open and transparent. In fact, the Five Eyes have already disclosed information sharing agreements that relate to key international law enforcement and national security measures.
They’re called mutual legal assistance treaties, or MLATs, and they’ve existed between the Five Eyes, excluding New Zealand, for decades. MLATs define the scope of cooperation between States in criminal investigations: States share sensitive information in criminal…
Content type: News & Analysis
The following was written by Mike Rispoli, Communications Manager at Privacy International, and appeared in the 'Journalism in Europe' discussion series, hosted by Central European University:
"The response by world leaders to the horrific terrorist attacks in France earlier this month has been all too familiar. As officials rallied for freedom of expression, they called for increased vigilance against extremists by expanding government surveillance powers.
Leading the way is UK Prime…
Content type: Report
In societies that are in the process of transition towards democracy, democratic control of intelligence organisations is both an indispensable requirement and a pressing need. In many cases, the most serious human rights violations committed by dictatorial governments were intrinsically linked to draconian surveillance and control systems. Systematic spying on trade unions, students and dissident groups was a common feature of 20th-century dictatorships. The persistent violation of citizens’…
Content type: News & Analysis
To read Privacy International's take on the ruling, go here.
What does the decision actually say?
The primary question that the Court was asked to consider was whether Google Search has obligations under the Data Protection Directive 1995, the EU legal framework regulating how public bodies and businesses deal with individuals’ personal data.
There were three primary issues at hand: the first was whether Google Inc., the international entity which operates Google Search, was under the…
Content type: News & Analysis
Since the European Court of Justice in May ruled in the “right to be forgotten” case, there has been a dizzying amount of debate about the decision, and its implications for privacy and free expression.
A main thread within these discussions is an old story that US Industry loves to tell and has told for some time: Europeans love privacy law, and Americans love free speech, and the twain shall never meet.
The Google Search case at the European Court of Justice has fuelled this view…
Content type: Press release
Privacy International, Reporters Without Borders, Digitale Gesellschaft, FIDH, and Human Rights Watch welcome news that the European Commission will move ahead and add specific forms of surveillance technology to the EU control list on dual use items, thus taking steps to finally hold companies to account who sell spy equipment and enable human rights abuses.
These important steps demonstrate that policymakers are beginning to wake up to the real harm that exists…
Content type: Press release
The ruling today from the European Court of Justice, invalidating the European Union’s 2006 Data Retention Directive policy, was strong and unequivocal: the right to privacy provides a fundamental barrier between the individual and powerful institutions, and laws allowing for indiscriminate, blanket retention on this scale are completely unacceptable.
As the Court states, it is not, and never was, proportionate to spy on the entire population of Europe. The types of data retained under this…
Content type: Press release
World leaders must commit to keeping invasive surveillance systems and technologies out of the hands of dictators and oppressive regimes, said a new global coalition of human rights organizations as it launched today in Brussels.
The Coalition Against Unlawful Surveillance Exports (CAUSE) – which includes Amnesty International, Digitale Gesellschaft, FIDH, Human Rights Watch, the New America Foundation’s Open Technology Institute, Privacy International, and Reporters without Borders – aims to…
Content type: News & Analysis
Facing intense scrutiny from a Swiss government inquiry into the human rights impact of the commercial surveillance trade, companies have packed up and are no longer attempting to export their spying technology from Switzerland.
Speaking with St. Galler Tagblatt, one of Switzerland’s largest German-language daily newspapers, government spokeswoman Marie Avet confirmed that the companies have cancelled export applications for surveillance technology - including all applications for…
Content type: News & Analysis
Only a few days after it was reported that intrusive surveillance technology developed and sold by Italian surveillance company Hacking Team was found in some of the most repressive countries in the world, Privacy International has uncovered evidence which suggests the company has received over €1 million in public financing.
It has come to Privacy International’s attention that Hacking Team appears to have received €1.5 million from two venture capital funds originating from the Region of…
Content type: News & Analysis
In the same week that the Advocate General of the European Court of Justice labelled the retention of electronic communications data throughout Europe as a “serious interference with the right to privacy”, the French National Assembly has codified into law a suite of invasive and unrestrained surveillance powers, allowing an expanded range of government bodies invasive access to citizens electronic communications data and content and threatening the privacy rights of the French people.…
Content type: News & Analysis
Just a few weeks ago, thousands of Argentinians had their privacy rights violated when the country’s electoral registration roll, which had been made available online, experienced a major leak of personal data following the presidential election.
Despite some early warnings on the weaknesses of the system, the government did nothing to fix the situation, allowing serious technical flaws in an online system to persist and refusing to respond to the crisis, further…
Content type: News & Analysis
Update:
After an initial discussion with technical and government experts involved in drafting and negotiating the new controls on “intrusion software”, some of our initial questions have been clarified. To read what they had to say, go here.
One of the major dangers of imposing export controls on surveillance systems is the risk of overreach. While you want the scope of the systems being controlled and the language to be wide enough to catch the targeted product and its variants, you also…
Content type: News & Analysis
The proliferation of private companies across the world developing, selling and exporting surveillance systems used to violate human rights and facilitate internal repression has been largely due to the lack of any meaningful regulation.
But a huge step toward finally regulating this billion-dollar industry was taken this week, when on Wednesday night the 41 countries that make up the Wassenaar Arrangement, the key international instrument that imposes controls on the export of…
Content type: News & Analysis
Through the Aiding Privacy project, Privacy International is promoting the development of international standards around data protection in the humanitarian and development fields and working with relevant organisations to make this happen.
A new contribution towards this goal, Protecting Beneficiary Privacy: Principles and operational standards for the secure use of personal data in cash and e-transfer programmes, was released last week by the Cash Learning Partnership (CaLP) and…
Content type: News & Analysis
In a move that echoes strong action taken in the past by European officials to protect privacy, the Belgian and Dutch data protection authorities on Wednesday announced that they will begin an investigation into the security of the SWIFT financial system.
The announcement comes on the heels of our letters to twenty-eight European DPAs last month, which sought answers regarding the NSA's reportedly unauthorized access to SWIFT's financial messaging system and asked for an…
Content type: News & Analysis
Today’s much-anticipated launch of the 2013 Aid Transparency Index, an industry standard for assessing transparency among major aid donors, shows that, despite progress, many aid agencies continue to maintain secrecy around what they are funding.
Further, for those agencies that achieved high rankings in the index, transparency alone does not prevent one of our larger concerns: aid which facilitates impermissible surveillance of communities and individuals in the developing world.…
Content type: News & Analysis
In an encouraging first response to our complaint against surveillance company Gamma International (Gamma), the UK National Contact Point (NCP) of the Organisation for Economic Cooperation and Development (OECD) announced that it will further investigate our claim against Gamma, as the evidence submitted appears to substantiate our allegations.
In February 2013, Privacy International, together with the European Center for Constitutional and Human Rights, Bahrain Watch, the Bahrain Center…
Content type: News & Analysis
A longer version of this article was previously published in Wired on 10 May 2013.
We all know surveillance is big in Putin’s Russia. What you may not know is that Russia’s surveillance tech is being used all over the world, even in the U.S.
The Kremlin is up to its domes in spy technology. One reason is fear, provoked by the Arab Spring, of a growing and diffuse protest movement that uses social media to organize. Notably, the authorities have taken an interest in DPI (…
Content type: News & Analysis
The drive for accountability in aid spending has put humanitarian and development agencies under pressure to collect an ever-growing amount of data about those who receive their assistance. Donors also increasingly demand that new technologies are deployed to ensure aid reaches those it is targeted at; preventing people from fraudulently using refugees’ identities, for example, was a key motivation behind UNHCR’s recent introduction of biometric technology to register Syrian…
Content type: News & Analysis
Just over a year ago, vitally important reforms to European privacy and data protection laws were proposed. Now these reforms, which will affect the rights of half a billion Europeans, are being watered down in their passage through various European parliamentary committees as MEPs succumb to an unprecedented industry lobbying onslaught. There is now irrefutable evidence of the impact of this lobbying, thanks to a technology-powered research method comparing corporate lobby documents…
Content type: Press release
A European privacy group claimed today that dozens of amendments to the new Data Protection Regulation being proposed by Members of the European Parliament (MEPs) are being copied word-for-word from corporate lobby papers, with MEPs frequently failing to even remember their own amendments. Max Schrems, of the website and campaign Europe v Facebook, noticed striking similarities between proposed amendments and lobby papers written by representatives of Amazon, eBay, the American Chamber of…
Content type: News & Analysis
The social news website MiroirSocial.com confirmed yesterday that the prominent French technology firm Bull SA has sold its controversial mass surveillance "Eagle" system to Stéphane Salies, one of its chief designers and an ex-director of Bull. The surveillance software was previously manufactured and supplied by Bull’s subsidiary, Amesys, a company that is currently the subject of a judicial enquiry in Paris following a legal complaint filed by two human rights organisations, the…
Content type: News & Analysis
The Home Office constantly insists that trafffic data is not about the content of the pages you look at, but about the sites you visit.
This would have made some sense in 1999 when RIPA was first being debated, but technology has moved on and new open data sources are now available. This allows for vastly more invasive tracking in 2012 than was envisaged in 2000. We’ve done a little bit of work on how…
The English Wikipedia contains 4 million articles, which contain 18 million links out…
Content type: News & Analysis
By now, UK internet users are probably familiar with major sites asking them to consent to the use of website cookies. This is prompted by the 'cookie law' (aka "Directive 2002/58 on Privacy and Electronic Communications", otherwise known as the E-Privacy Directive), which is proving a privacy trainwreck. Theoretically, the Directive was a good idea - a method of preventing companies secretly following a user from site to site across the web. However, ill-executed law can be worse than no law…
Content type: News & Analysis
Earlier this year, Privacy International began research into the corporate social responsibility policies of companies that sell communications surveillance technology. Given that this technology is known to facilitate human rights abuses in repressive regimes around the world, surveillance tech companies that claims corporate responsibility might be expected to address such concerns in their CSR policy documents.
Of the 246 companies known to partake in the communications surveillance…
Content type: News & Analysis
The APEC Data Privacy Subgroup (DPS) commenced a new five year work programme at a meeting in Moscow in February 2012. This follows the commitment by APEC Leaders in late 2011 to the Cross Border Privacy Rules (CBPR) system as one way implementing the APEC Data Privacy Framework.
The Joint Oversight Panel was formed at the DPS meeting in Moscow and comprises members from the US (chair), Chinese Taipei and Mexico, with the chair of the DPS (from Canada) as alternate – who will…
Content type: News & Analysis
The second 2011 meeting of the APEC Privacy Subgroup took place in San Francisco in mid September, and finalised the package of documents that comprise the Cross Border Privacy Rules (CBPR) system. Endorsed by the parent Electronic Commerce Steering Group (ECSG), these will now go forward for ratification by Ministers in Hawaii in November, and subsequent implementation. The Subgroup’s 2012 Work Plan envisages establishment of the Joint Oversight Panel (JoP), commencement of…