Search
Content type: Examples
The Israeli company Cellebrite, best known for providing hacking software to help law enforcement agencies get inside suspects' iPhones, is now pitching its technology to help authorities pull the location data and contacts off the phones of newly-diagnosed COVID-19 patients in order to "quarantine the right people", as the company emailed to the Delhi police force.
Cellebrite is one of at least eight surveillance and cyber-intelligence companies that are attempting to repurpose their…
Content type: Examples
Liechtenstein is the first European country to use biometric electronic bracelets to implement a real time coronavirus tracking programme. The bracelet, which sends skin temperature, breathing, and pulse, among other metrics, for analysis in a Swiss lab, is being offered to 5% of the population. The country, which acted early to prevent the epidemic, plans to roll the bracelets out to the entire population by autumn.
Source: https://inews.co.uk/news/health/coronavirus-testing-latest-…
Content type: Examples
India's COVID-19 tracker app, Aarogya Setu, was downloaded 50 million times in the first 13 days it was available. Developed by the National Informatics Centre a subsidiary of the Ministry of Electronics and IT, the app is available on both Android and iOS smartphones, and uses GPS and Bluetooth to provide information on whether the phone has been near an infected person. Users provide a mobile number, health status, and other credentials, and must keep both location services and Bluetooth…
Content type: Examples
GDPRHub is collecting a list of projects around the world that are using personal data to combat the novel coronavirus. The list is divided into categories such as decentralised contact tracing apps and frameworks; centralised contact tracing systems; lockdown enforcement; self-assessment apps; mapping projects; and statistical analysis. The site also tracks COVID-19-releated data protection issues.
Source: https://gdprhub.eu/index.php?title=Projects_using_personal_data_to_combat_SARS-…
Content type: Examples
The State Disaster Management Authority of the Indian state of Andhra Pradesh, in collaboration with other government agencies, is developing tools to track the travel history of people who have tested positive for the novel coronavirus and those who are under quarantine at home. The COVID alerting tracking system alerts the authorities if any of the more than 25,000 people who have been placed under home quarantine moves more than 100 metres from their base location. The system tracks their…
Content type: Examples
The Indian medical AI start-up Qure.ai has released qScout, an AI-powered "virtual care platform". Intended to help governments, hospitals, and clinics, the qScout app is meant to identify high-risk individuals, assist with contact tracing, facilitate remote triage, read chest X-rays to identify possible infections, use geomapping to estimate population risk, and use real time data to allocate critical resources. The company claims the app is also capable of reading chest x-rays to detect…
Content type: Examples
The computer science department at IIT-Bombay has sent two proposals for mobile applications that can track quarantine violators to a variety of Indian public authorities including officials in the Ministry of Human Resource and Development, the Maharashtra state government, and the Brihanmumbai Municipal Corporation. The first, Corentine, is intended to geofence suspects and asymptomatic carriers, and Safe, which was previously used by IIT-Bombay students to register classroom attendance,…
Content type: Examples
On the second day of India's nationwide shutdown due to the COVID-19 outbreak, the Karnataka government published the home addresses of quarantined residents, as a deterrent to breaking the rules. The list included individuals who had flown in from a foreign country and been asked to stay indoors for two weeks but who had not tested positive for the novel coronavirus. Although the government deleted a tweet announcing its intention, the list is still available on its website and is circulating…
Content type: Examples
Led by Germany's Fraunhofer Heinrich Hertz Institute for Telecoms, technologists and scientists from at least eight countries, are working on a proximity-based contact tracing technology that complies with GDPR. The Pan-European Privacy-Preserving Proximity Tracing project (PEPP-PT) is intended to leverage smartphones to help disrupt the spread of infection by notifying individuals when their smartphones are near enough to to that of another person to carry out a Bluetooth handshake - thereby…
Content type: Examples
Learning from countries like South Korea, government of the Indian state Karnataka has assigned its ten-member COVID-19 task force, which includes IAS officers with expertise in the fields of technology, medicine and healthcare, to develop a system to the approximately 40,000 people who visited foreign countries during the period of the Covid-19 outbreak as well as those who have tested positive and their contacts. The Corona Watch app, which gives details of the places visited by the 56 people…
Content type: Examples
The Mumbai police have been asked by the civic governing body to track the movements of people arriving at Mumbai airport through the GPS location of their phones. Arrivals at the airport in Mumbai are also being stamped with “Proud to protect Mumbaikars. Home quarantined” with the date until which they have to remain in home isolation.
Source: https://indianexpress.com/article/india/coronavirus-mumbai-civic-body-turns-to-phone-gps-to-enforce-home-quarantine-rules-6321098/
Writer:…
Content type: Case Study
Having a right to a nationality isn’t predicated on giving up your right to privacy - and allowing whichever government runs that country to have as much information as they want. It is about having a fundamental right to government protection.
For the first time since 1951, Assam - a state in the north east of India - has been updating its national register of citizens (NRC), a list of everyone in Assam that the government considers to be an Indian citizen. The final version, published in…
Content type: Examples
India has begun stamping the hands of people arriving at airports in the states of Maharashtra and Karnataka to specify the date until which they must remain in quarantine. The government is also using airline and railway reservation data to track suspected infections and find hand-stamped people who had promised not to travel. Kerala authorities have used telephone call records, CCTV footage, and mobile phone GPS systems to trace contracts of COVID-19 patients, and published detailed time and…
Content type: Long Read
This piece was written by Aayush Rathi and Ambika Tandon, who are policy officers at the Centre for Internet and Society (CIS) in India. The piece was originally published on the website Economic Policy Weekly India here.
In order to bring out certain conceptual and procedural problems with health monitoring in the Indian context, this article posits health monitoring as surveillance and not merely as a “data problem.” Casting a critical feminist lens, the historicity of surveillance practices…
Content type: News & Analysis
Today, Privacy International, along with nine other NGOs including Liberty and Amnesty International, attended a hearing before the Grand Chamber of the European Court of Human Rights (ECtHR) to revisit the Court's first ruling on our case challenging UK mass surveillance and intelligence sharing. In September 2018, the First Section of the ECtHR ruled that the UK government's mass interception program violates the rights to privacy and freedom of expression. Notwithstanding the positve aspects…
Content type: Case Study
Photo by Roger H. Goun
Chloe is an investigative journalist working for an international broadcast service; we will call the TV show she works for The Inquirer. She travels around the world to work with local journalists on uncovering stories that make the headlines: from human trafficking to drug cartels and government corruption. While her documentaries are watched by many and inspire change in the countries she works in, you would not know who Chloe is if we were to tell you her real name.…
Content type: Examples
Cases of people being denied healthcare as they fail to provide an Aadhaar number have already started emerging. A 28-year old domestic worker, for instance, had to be hospitalised for a blood transfusion after she had an abortion with an unqualified local physician. She had been denied an abortion, to which she was legally entitled, from a reputable government hospital, as she did not have an Aadhaar card. Following this case, 52 public health organisations and individuals issued a statement…
Content type: Examples
While not currently mandatory to access healthcare services, Aadhaar is however increasingly used in the health sector as well. In 2018, the health ministry had to issue a statement to clarify that Aadhaar was “desirable” but not a must to access a 5 rupee insurance cover for hospitalisation under the Ayushman Bharat scheme.
https://www.hindustantimes.com/india-news/aadhaar-desirable-not-must-for-rs-5-lakh-healthcare-scheme-says-centre/story-mvQwqSKzDFYE0rhxqLFbLO.html
Author: Rhythma Kaul…
Content type: Examples
In India, one of the reasons the Aadhaar ID system has been increasingly widely used is that it is mandatory for much India’s benefits system. Government subsidies are now processed through under the Direct Benefit Transfer scheme, which requires citizens to have a bank account and to insure that their Aadhaar number is linked to their bank account so they can receive subsidies.
https://www.paisabazaar.com/aadhar-card/want-to-avail-government-subsidies-provide-aadhaar-and-get-it-easily/…
Content type: Examples
In December 2018 reports emerged that the Indian Electoral Commission would propose amendments to the Representation of the People Act 1951 that would require citizens to link their Electoral Photo ID Card to their Aadhaar number with the stated goal of improving the accuracy of the electoral rolls. The legal change was needed because two months earlier the Indian Supreme Court had ruled that Aadhaar could only be made mandatory for welfare schemes, Permanent Account Number (PAN) cards, and…
Content type: Examples
In January 2019, Facebook announced it would extend some of the rules and transparency tools it developed for political advertising for upcoming spring elections in Nigeria, Ukraine, India, and the EU. In Nigeria, the site will bar electoral ads from advertisers outside the country where the election is being held, build a searchable library of electoral ads and retaining them for seven years, check the identity of individuals buying political ads against government-issued documents, and…
Content type: Examples
As part of the digital campaign to win re-election, in mid-2018 the BJP, which controls the Indian national government as well as that of the state of Chhattisbarh, handed out $71 million worth of free phones and subsidised data plans to 2.9 million of the state's voters and then used the phones to target prospective voters. The plan's stated purpose was to bridge the digital divide in the state, which has a population of 26 million; hundreds of cellphone towers are supposed to be added to…
Content type: News & Analysis
According to the International Organization for Migration, an estimated 258 million people are international migrants – that is, someone who changes their country of usual residence, That’s one in every 30 people on earth.
These unprecedented movements levels show no sign of slowing down. It is predicted that by 2050, there will be 450 million migrants across the world.
Nowadays, it is politically acceptable to demonise migrants, and countless leaders have spewed divisive and xenophobic…
Content type: Long Read
Cellebrite, a surveillance firm marketing itself as the “global leader in digital intelligence”, is marketing its digital extraction devices at a new target: authorities interrogating people seeking asylum.
Israel-based Cellebrite, a subsidiary of Japan’s Sun Corporation, markets forensic tools which empower authorities to bypass passwords on digital devices, allowing them to download, analyse, and visualise data.
Its products are in wide use across the world: a 2019 marketing…
Content type: Advocacy
UPDATE 13 February: Facebook announced that it would open up its Ad Archive API next month. Read Mozilla's statement about the response here.
On 11 February 2019, Privacy International joined Mozilla and 36 organisations in an open letter to Facebook call on Facebook to make good on its commitments to provide more transparency around political advertising ahead of the 2019 EU Parliamentary Elections.
Specifically, our open letter urges Facebook to:
Roll out a functional, open Ad…
Content type: State of Privacy
Table of contents
Introduction
Right to Privacy
Communication Surveillance
Data Protection
Identification Schemes
Policies and Sectoral Initiatives
Introduction
Acknowledgement
The State of Privacy in India is the result of an ongoing collaboration by Privacy International and the Centre for Internet & Society.
Key Privacy Facts
1. Constitutional privacy protections: In 2017, the Indian Supreme Court ruled that the Indian constitution guarantees a right to privacy.
2. Data…
Content type: News & Analysis
Privacy International welcomes the judgment of the European Court of Human Rights in Catt v the United Kingdom.The Court found that the UK violated the right to privacy (Article 8 of the European Convention on Human Rights) of Mr John Catt, a peace movement activist, who despite having never being convicted of any offence, had his name and other personal data included in a police database known as the “Extremism Database”. The Court found problematic "the variety of definitions of…
Content type: News & Analysis
On 22 January 2019 Google updated its Terms of Service and Privacy Policy for Europe.
The message is quite reassuring:
“Nothing about your experience in Google services will change. And nothing is changing in terms of your privacy settings, the way your data is processed, nor the purposes of its processing”.
Then it says: “However, if you don’t want to accept these changes in our terms and Privacy Policy, you can choose to stop using the applicable services.”
Simple. If you don’t like it,…
Content type: News & Analysis
We found this image here.
In order for GDPR to be effective at protecting people's data, it must be implemented and enforced. Therefore, we are pleased to see that CNIL has taken action and issued Google a fine of €50 million based on complaints by NOYB and La Quadrature Du Net in May 2018. Despite numerous statements by Google that it takes the protection of people's data seriously, the decision demonstrates that they have a long way to go and that regulators will take action to hold…
Content type: Examples
In March 2018, Indian Congress president Rahul Gandhi tweeted that the Naramendra Modi app issued by India's ruling Bharatiya Janata Party was leaking user data. The app is intended to spearhead BJP's social media strategy in the run-up to the 2019 general elections; the party hopes to use it to mobilise 100 million BJP members and has set a target of 100,000 downloads for each district. Both privacy activists and political rivals complained that the app asks for too many permissions, is…