Search
Content type: News & Analysis
Just over a year ago, vitally important reforms to European privacy and data protection laws were proposed. Now these reforms, which will affect the rights of half a billion Europeans, are being watered down in their passage through various European parliamentary committees as MEPs succumb to an unprecedented industry lobbying onslaught. There is now irrefutable evidence of the impact of this lobbying, thanks to a technology-powered research method comparing corporate lobby documents…
Content type: Press release
A European privacy group claimed today that dozens of amendments to the new Data Protection Regulation being proposed by Members of the European Parliament (MEPs) are being copied word-for-word from corporate lobby papers, with MEPs frequently failing to even remember their own amendments. Max Schrems, of the website and campaign Europe v Facebook, noticed striking similarities between proposed amendments and lobby papers written by representatives of Amazon, eBay, the American Chamber of…
Content type: News & Analysis
The social news website MiroirSocial.com confirmed yesterday that the prominent French technology firm Bull SA has sold its controversial mass surveillance "Eagle" system to Stéphane Salies, one of its chief designers and an ex-director of Bull. The surveillance software was previously manufactured and supplied by Bull’s subsidiary, Amesys, a company that is currently the subject of a judicial enquiry in Paris following a legal complaint filed by two human rights organisations, the…
Content type: News & Analysis
The Home Office constantly insists that trafffic data is not about the content of the pages you look at, but about the sites you visit.
This would have made some sense in 1999 when RIPA was first being debated, but technology has moved on and new open data sources are now available. This allows for vastly more invasive tracking in 2012 than was envisaged in 2000. We’ve done a little bit of work on how…
The English Wikipedia contains 4 million articles, which contain 18 million links out…
Content type: News & Analysis
By now, UK internet users are probably familiar with major sites asking them to consent to the use of website cookies. This is prompted by the 'cookie law' (aka "Directive 2002/58 on Privacy and Electronic Communications", otherwise known as the E-Privacy Directive), which is proving a privacy trainwreck. Theoretically, the Directive was a good idea - a method of preventing companies secretly following a user from site to site across the web. However, ill-executed law can be worse than no law…
Content type: News & Analysis
Earlier this year, Privacy International began research into the corporate social responsibility policies of companies that sell communications surveillance technology. Given that this technology is known to facilitate human rights abuses in repressive regimes around the world, surveillance tech companies that claims corporate responsibility might be expected to address such concerns in their CSR policy documents.
Of the 246 companies known to partake in the communications surveillance…
Content type: News & Analysis
The APEC Data Privacy Subgroup (DPS) commenced a new five year work programme at a meeting in Moscow in February 2012. This follows the commitment by APEC Leaders in late 2011 to the Cross Border Privacy Rules (CBPR) system as one way implementing the APEC Data Privacy Framework.
The Joint Oversight Panel was formed at the DPS meeting in Moscow and comprises members from the US (chair), Chinese Taipei and Mexico, with the chair of the DPS (from Canada) as alternate – who will…
Content type: News & Analysis
The second 2011 meeting of the APEC Privacy Subgroup took place in San Francisco in mid September, and finalised the package of documents that comprise the Cross Border Privacy Rules (CBPR) system. Endorsed by the parent Electronic Commerce Steering Group (ECSG), these will now go forward for ratification by Ministers in Hawaii in November, and subsequent implementation. The Subgroup’s 2012 Work Plan envisages establishment of the Joint Oversight Panel (JoP), commencement of…
Content type: News & Analysis
An international alliance of organisations and individuals from 27 countries has lodged a petition calling on the Council of Europe to start an indepth survey on the collection and storage of biometric data by member states.
European governments are increasingly demanding storage of biometric data (fingerprints and facial scans) from individuals. These include storage on contactless 'RFID' chips in passports and/or ID cards. Some are going even further by implementing…
Content type: News & Analysis
2011 is supposed to be the year that the APEC pathfinder projects on Cross Border Privacy Rules (CBPR) deliver a functional system for businesses to be certified for transfer of personal information between participating APEC economies.
After the last round of APEC privacy meetings in Washington DC on 1-3 March, this prospect is looking increasingly remote. Even the basic set of documentation and processes required for the process of self-certification and assessment of businesses has yet to…
Content type: News & Analysis
Skype has consistently assured that it protects its users and their communications. Having reviewed the company's technology and policies we have grounds for concern about Skype's overall level of security, and we believe there are a number of questions to which the company must respond. Skype's misleading security assurances continue to expose users around the world to unnecessary and dangerous risk. It's time for Skype to own up to the reality of its security and to take a leadership…
Content type: News & Analysis
Not since the 1990s has the internet been so exciting. With its use by political activists and journalists around the world, we can now again entertain the discussions that the internet brings freedom. Digital data traverses routers with little regard to national boundaries and so traditional constraints not longer apply. So it is no surprise that protestors on the streets of Tehran or Cairo are using the internet to organise. We like to believe in the freedom of the internet again, after…
Content type: News & Analysis
Privacy International and EPIC praised a vote today in the European Parliament today that rejected the transfer of finacial records to the United States under an interim agreement. A resolution to reject the deal passed 378-16, with 31 abstentions. Members of the parliament stated the proposed agreement lacked adequate privacy safeguards, and was a disproportionat response to US concerns about terrorism that also lacked reciprocity.
Simon Davies, Director General of Privacy International…
Content type: News & Analysis
Privacy International and the American Civil Liberties Union have appealed to the Council of the European Union, the European Commission, the European Parliament, and privacy commissioners in 31 countries across Europe to repeal the agreement between the EU and the US on passenger data transfers. We argue that, with the recent disclosure of the 'Automated Targeting System' being used by the US Department of Homeland Security, the US has violated both American law and the agreement with the EU…
Content type: News & Analysis
At its last session on November 21st and 22nd 2006, the Article 29 Working Party has again been dealing with the SWIFT case and has unanimously adopted Opinion 128 on its findings in this case.
In this Opinion, the Article 29 Working Party emphasizes that even in the fight against terrorism and crime fundamental rights must remain guaranteed. The Article 29 Working Party insists therefore on the respect of global data protection principles.
SWIFT is a worldwide financial messaging service…
Content type: Press release
Privacy International (PI) today filed additional complaints with authorities in Japan, Israel, Korea, Taiwan, Province of China, Thailand and Argentina. On June 27th PI filed simultaneous complaints with Data Protection and Privacy regulators in 32 countries concerning recent revelations of secret disclosures of records from SWIFT to US intelligence agencies.(1)
The disclosures involve the mass transfer of data from SWIFT in Europe to the United States, and possibly direct access by US…
Content type: News & Analysis
Dear Mr Schrank,
I am writing with regard to the current controversy over the private arrangement between SWIFT and the U.S. Government that facilitates the extradition of confidential financial transaction data from SWIFT to U.S. authorities. You will be aware that Privacy International contends that this arrangement breaches privacy and data protection law, and we have lodged complaints with regulatory authorities in 38 countries.
In my many discussions with SWIFT officials over the past…
Content type: News & Analysis
Privacy International has joined forces with dozens of other human rights and civil liberties organizations around the world to ask the European Parliament to reject a Directive that would seriously compromise personal freedom in the EU. Below is the text of the letter to Members of the European Parliament, and the pdf is also available.
To all Members of the European Parliament
We the undersigned are calling on you to reject the 'Directive of the European Parliament and the Council…
Content type: Report
Race relations across European states are usually far from ideal. However in law, European countries appear to grant Europeans ideal protections against discrimination. There are mounting tensions with ethnic and minority communities in countless European countries, with particular suspicion and aggression pointed towards the Roma people, Travellers, Northern Africans, Turks, Jehovah’s Witnesses, and people of Islamic and other faiths. Increasingly these groups are finding safe havens behind…
Content type: News & Analysis
The UK Presidency's first formal report, entitled 'Liberty and Security: Striking the Right Balance', was released today. It argues the case for new and expansive policies on communications surveillance, biometrics, travel surveillance, and CCTV. In fact, it promises to take UK policy failures to the European level.
Communications data retention
Despite having only a voluntary framework in UK law, the UK Presidency of the EU is pursuing mandatory data retention in a framework decision…
Content type: News & Analysis
The below letter was addresses to UK Prime Minister Tony Blair, Viviane Reding (Commissioner for Information Society and Media) and Franco Frattini (Vice President and Commissioner for Justice, Freedom and Security).
Your excellencies,
On behalf of European Digital Rights and Privacy International we would like to express our sadness and anger at the terrorist attacks in London on 7 July. We understand the difficulty of ensuring the daily safety of all citizens and residents…
Content type: News & Analysis
In a move that mimics the U.S. fingerprinting policy under the VISIT programme, the European Commission has adopted a proposal for a regulation that would create a central database for all visa applicants fingerprints and photos. Regulation available on the Europa website.
In a somewhat positive turn, it is important to note that the retention period of this data is only five years, compared to 100 years in the U.S. Relevant excerpts include:
To ensure exact verification and…
Content type: News & Analysis
We the undersigned are calling on you to reject the 'Draft Council Regulation on standards for security features and biometrics in passports and travel documents issued by Member States'. This is an unnecessary and rushed policy that will have hazardous effects on Europeans' right to privacy. This policy process requires additional oversight, and the eventual systems established will require significant controls and a strong legal framework to ensure that this is a proportionate response to the…
Content type: News & Analysis
For the attention of Members and staff of the European Parliament,
I am writing to you on behalf of Privacy International, a London-based human rights group, to call on you to stop the implementation of biometric travel documents.
We at PI have been monitoring the biometric passport developments for three years. Most recently we organized an open letter to the International Civil Aviation Organization (ICAO) calling for clarification and modification to the plans for the biometric passport…
Content type: News & Analysis
The Privacy Commissioner for British Columbia made a call for submissions on whether the USA PATRIOT Act could allow the U.S. authorities to gain access to Canadians' personal information, enabled through the outsourcing of Canadian public services to the United States. The Commission also called for comments on the implications for compliance with Canadian provincial privacy laws, and to see if anything could be done to eliminate or mitigate the risks.
In this submission to the BC…