Search
Content type: Examples
FullScreen Research claims that in the competitive German food delivery market, Lieferando uses automation to monitor its employees and that Wolt violates labour laws by paying couriers in cash and employing them illegally A former supervisor with Lieferando says that the system flags up abnormalities for a team of watching agents, who see each courier's exact location and are supposed to ask drivers the reason for delays. Lieferando denies that it illegally controls drivers'…
Content type: Examples
Data-driven wellbeing audits are becoming common in classrooms in Denmark, which has long invested heavily in digital teaching aids and interactive learning. In the last few decades, depression among Danish children has sextupled, and a quarter of ninth-graders report having attempted self-harm. Platforms such as Woof offer teachers regular feedback based on anonymous self-reports. Similar systems in the US extend to surveilling students' emails, chat, and searches.Experts are concerned that…
Content type: Examples
German data protection authorities have ruled that the use of Microsoft Office 365 in schools is not compliant with GDPR, citing a lack of transparency around how and where Microsoft processes and stores student data as well as the potential for third-party access. German federal and state data protection authorities have been looking at how to improve Office 365 for two years but deems changes Microsoft has made insufficient to bring the software into compliance.
https://www.computerweekly.…
Content type: Examples
Germany’s contact tracing system is thought to have been critical in controlling the COVID-19 outbreak, especially given superspreader events such as infections in meat packing plants. Each of Germany’s 16 federal states is responsible for health, and together with the national Robert Koch Institute they support authorities at city or council level, who are responsible for outbreak investigation and management, including contact tracing.
The country dubbed COVID-19 a notifiable disease early,…
Content type: Examples
A study describes the data transmitted to backend servers by the Google/Apple based contact tracing (GAEN) apps in use in Germany, Italy, Switzerland, Austria, and Denmark and finds that the health authority client apps are generally well-behaved from a privacy point of view, although the Irish, Polish, Danish, and Latvian apps could be improved in this respect. However, the study also finds that the Google Play Services component of the apps contacts Google servers as often as every 20 minutes…
Content type: Examples
The German health minister, Jens Spahn, said the country required advice from the country’s ethics council before it could use the millions of antibody tests it had procured from the Swiss pharmaceutical company Roche to help determine how freely people could move around the country. Spahn cited the risk that people would try to get themselves infected if immunity passports appeared to promise greater freedom.
https://www.reuters.com/article/health-coronavirus-germany-antibodies/armed-with-…
Content type: Examples
At the end of March, jointly organised by the Robert Koch Institute (Germany’s public health body), the German Centre for Infection Research, the Institute for Virology at Berlin’s Charite hospital, and blood donation services, researchers planned to begin conducting blood tests among the general public in order to determine how many people test positive for antibodies to the coronavirus. Gerard Krause, head of epidemiology at the Helmholtz Centre for Infection Research, and Brauinschweig,…
Content type: Examples
Germany’s “Corona-Warn” contact tracing app amassed 6.5 million users (7.8% of the German population) in the first 24 hours after its June 16 launch despite setbacks that included disputes over data privacy and functionality. The app was developed in six weeks by a team of developers and engineers from Deutcsche Telekom and SAP and is built on the Apple-Google notification framework. In a poll conducted by ARD around the time of the app’s launch, 42% of Germans said they would use the app,…
Content type: Examples
Local health authorities in Germany have relied on human contact tracers since the country confirmed its first COVID-19 cases early in 2020, and say that doing so has helped the country keep its death rate comparatively low even with a less restrictive lockdown than many other countries. Germany aims to have 16,000 contract tracers overall, or five for every 25,000 people. Tracing involves phoning each newly-diagnosed patient and asking their movements; those who have been in close contact for…
Content type: Examples
Three days after announcing Germany would adopt the centralised Pan-European Privacy-Preserving Proximity Tracing (PEPP-PT) standard for contact tracing, the country's chancellery minister Helge Braun and health minister Jens Spahn announced they would instead use the decentralised approach backed by Apple, Google, and other European countries. While both standards rely on Bluetooth connections between nearby phones, PEPP-PT would have required Apple's cooperation to implement, and the company…
Content type: Examples
Germany's federal agency responsible for disease control and prevention, the Robert Koch Institute, has teamed up with the health technology start-up Thryve to develop an app called Corona-Datenspende ("data donation") that works with a variety of smartwatches and fitness wristbands. The app is designed to use the device's sensors to collect user data, and includes algorithms to it to spot symptoms linked to COVID-19 and help predict the spread and containment of the virus. More than 50,000…
Content type: Examples
On March 24 the German Bundestag passed a comprehensive amendment to the Infection Protection Act that authorises the Federal Ministry of Health to implement measures for medical care without the consent of the Federal Council. These include the ability to impose curfews and travel restrictions, override patent protection for medical products, and issue ordinances creating other exceptions to the law. The Federal Data Protection Commissioner criticised the proposals because he doubted whether…
Content type: Examples
Researchers at Germany's Robert Koch Institute and Fraunhofer Heinrich Hertz Institute are working on an app that uses Bluetooth connections between smartphones and is compliant with GDPR to anonymously save the distance and duration of contact between people on the smartphone to make it possible to digitally reconstruct infection chains. The idea is being copied from Singapore's TraceTogether app, which detects other users who have also installed the app. If someone tests positive, they can…
Content type: Examples
The German mobile operator Deutsche Telekom announced in a press conference on RKI Live that it had passed on, anonymised, its users' movement data to the Robert-Koch Institute to study the extent to which the population would follow the government's restrictions. RKI president Lothar Wieler said this data is also available for purchase, but was given to RKI at no charge.
Source: https://frask.de/coronavirus-deutscher-mobilfunkbetreiber-gibt-bewegungsdaten-weiter/
Content type: Examples
A Hamburg geotracking startup called Ubilabs is working with the Hannover School of Medicine on a data analysis platform that could track people who have tested positive for the coronavirus and their contacts, Der Tagesspiegel reported on Tuesday; this type of tracking would require individuals' consent to have a legal basis for processing.
Source: https://www.nytimes.com/reuters/2020/03/11/technology/11reuters-health-coronavirus-privacy-explainer.html
Content type: Examples
A review of European privacy laws considers whether the tracking and monitoring methods China used to shut down the COVID-19 epidemic are in compliance with GDPR. The French data protection authority CNIL says employers are not allowed to take mandatory temperature readings from employees or visitors or require them to fill out compulsory medical questionnaires. Italy passed emergency legislation requiring anyone who has recently stayed in an at-risk area to notify health authorities. Germany…
Content type: Examples
Denmark released 32 prisoners as part of an ongoing review of 10,700 criminal cases, after serious questions arose regarding the reliability of geolocation data obtained from mobile phone operators. Among the various problems with the software used to convert the phone data into usable evidence, it was found that the system connected the phones to several towers at once, sometimes hundreds of kilometres apart, recorded the origins of text messages incorrectly and got the location of specific…
Content type: Examples
By 2018, the Danish municipality of Gladsaxe, in Copenhagen, began identifying children at risk of abuse so that flagged families could be targeted for early intervention by applying a set of specially designed algorithms to information already gathered by the centralised Udbetaling Danmark government agency, including health records and employment information, all linked to the personal identification number issued to each Dane at birth. The system raised concerns about mission creep; both the…
Content type: Examples
A 19-year-old medical student was raped and drowned in the River Dresiam in October 2016. The police identified the accused by a hair found at the scene of the crime. The data recorded by the health app on his phone helped identify his location and recorded his activities throughout the day. A portion of his activity was recorded as “climbing stairs”, which authorities were able to correlate with the time he would have dragged his victim down the river embankment, and then climbed…
Content type: Key Resources
In the lead up to the 2017 German federal elections, there was much debate about the benefits and dangers of data analytics for political purposes. There were some controversies concerning the use of data and the lack of information provided by political parties also raised concerns.
Content type: Examples
Following Ms. Vestager’s investigation into Amazon and its own sector enquiry into online price comparison services in October 2017, in June 2018 the German Federal Cartel Office (“Bundeskartellamt”) claimed that it “received a lot of complaints” and is said to be “looking at the role and market power of Amazon” with regards to Amazon’s hybrid function. (Nicholas Hirst, MLEX, 27 June 2018, Amazon’s ‘hybrid function’ catches eye of German antitrust enforcers.) Germany is Amazon’s…
Content type: News & Analysis
The first half of 2018 saw two major privacy moments: in March, the Facebook/ Cambridge Analytica scandal broke, followed in May by the EU General Data Protection Regulation ("GDPR") taking effect. The Cambridge Analytica scandal, as it has become known, grabbed the attention and outrage of the media, the public, parliamentarians and regulators around the world - demonstrating that yes, people do care about violations of their privacy and abuse of power. This scandal has been one of…
Content type: Examples
In the lead up to the 2017 German federal election (Bundestagswahl), all political parties used social media like Facebook, Twitter, Instagram, YouTube, and e-mails as platforms to reach voters.
The far-right Alternative for Germany party (AfD) reportedly hired a Texas-based company for their campaign. Harris Media is known for their work with Republican, far-right and nationalist candidates in the US and worldwide. In 2017, Privacy International revealed that Harris Media was behind the…
Content type: Examples
In the lead up to the German elections, the conservative Christian Democratic Union (CDU) created a mobile app, Connect 17, which was designed to create a feedback loop between party headquarters and door-to-door volunteers (also known as canvassers).
The app drew on data from the federal statistics office and polling agencies. It let canvassers decide routes, record whether anyone was home, and whether a conversation had been successful. It also allowed canvassers to compare their…
Content type: Examples
The Sunday edition of the national newspaper Bild reported that Chancellor Angela Merkel's conservative Christian Democrats (CDU) party and the centre-right Free Democrats (FDP) party purchased "more than a billion" pieces of personal data about potential voters from a subsidiary of Deutsche Post, which offered target-mailing concepts to its clients. The Deutsche Post subsidiary, Deutsche Post Direkt, rejected these claims.
Instead, Deutsche Post is reported as insisting that it never…
Content type: Examples
Police in the German state of Hesse are using a bespoke version of Palantir's Gotham software system, specially adapted for the police force. Palantir CEO Alex Karp sits on the board of the German mega publisher Axel Springer.
Publication: WorldCrunch, Jannis Brühl
Date: 20 November 2018
Content type: News & Analysis
Private surveillance companies selling some of the most intrusive surveillance systems available today are in the business of purchasing security vulnerabilities of widely-used software, and bundling it together with their own intrusion products to provide their customers unprecedented access to a target’s computer and phone.
It's been known for some time that governments, usually at a pricey sum, purchase such exploits, known as zero- and one-day exploits, from security researchers to…
Content type: News & Analysis
Privacy International (PI) has today written to the Danish Ministry of Foreign Affairs following further concerning reports about the export of internet surveillance equipment from the country.
We are calling for the government to carry out a full re-assessment of the human rights risks associated with the export of such internet surveillance equipment, and to revoke all licenses where there is a risk to human rights or if the law governing surveillance in the destination country is…
Content type: News & Analysis
The reports of Universal Periodic Review (UPR) Working Group for the States under Review at the 24th session in January 2016 were adopted during the last Regular Session of the Human Rights Council, which took place from 13 June to 1 July 2016.
Of the 14 Member States being reviewed, Privacy International with co-submitters presented reports on the right to privacy in Denmark, Paraguay, Belgium, Estonia, Namibia, and Singapore.
The growing number of…
Content type: Advocacy
Privacy International has today written to Danish ministers and authorities seeking urgent assurances following a report published two days ago in Information showing that the government has approved the export of an internet surveillance system to China.
The report, which relies in part on documents obtained from the Danish Business Authority – the department which oversees exports of surveillance technology – shows that the government has authorised a company based in…