Search
Content type: Examples
In 2017, a website run by the Jharkhand Directorate of Social Security leaked the personal details of over.1 million Aadhaar subscribers, most of them old age pensioners who had enabled automatic benefits payment into their bank accounts. Aadhaar is a 12-digit unique identification number issued to all Indian residents based on their biometric and demographic data. Both cyber security agencies and the Supreme Court have expressed concerns over its security,…
Content type: News & Analysis
Following the alarming evidence that EU-made electronic surveillance equipment is still being exported to authoritarian countries around the world, we strongly urge all EU member states and institutions to respect their human rights obligations and call on them to prioritise long overdue EU reforms.
We are extremely concerned that little has changed since civil society first recognised the need to modernise current EU rules governing the export of surveillance equipment as far back…
Content type: News & Analysis
7 July 2016
It has been said is that we pay for free services with our personal data. Now, the Privacy Shield exponentially expands this truth and we are paying for the cost of U.S. political dysfunction combined with EU complacency with our privacy. More than four months after the first EU-US Privacy Shield was published on 29 February 2016, a new version has been leaked. Remarkably, it is expected to be adopted.
Four months, two opinions by group of EU data protection…
Content type: News & Analysis
The Supreme Court has ruled that there is a fundamental right to privacy under the Indian constitution, establishing that “The right to privacy is protected as an intrinsic part of the right to life and personal liberty”. This was a unanimous ruling by a bench of nine supreme court justices, who heard the case following a decision in 2015 over whether the controversial Aadhaar biometric identity scheme was constitutional.
The judgment is clear: privacy and human dignity are intrinsically…
Content type: News & Analysis
This piece originally appeared in Open Democracy here.
As the UK Parliament returns from its summer break, everyone’s back to talking about Brexit. But there’s another policy of existential significance to our democracy that we really need to be talking about. I refer here to the innocuously named ‘Investigatory Powers Bill’. The House of Lords have been debating the ‘bulk powers’ — what we would call the mass surveillance measures — of the Bill over the recent days. We are literally…
Content type: Report
Financial services are changing, with technology being a key driver. It is affecting the nature of financial services, from credit and lending through to insurance, and even the future of money itself.
The field of fintech is where the attention and investment is flowing. Within it, new sources of data are being used by existing institutions and new entrants. They are using new forms of data analysis.
These changes are significant to this sector and the lives of people it serves. This…
Content type: Advocacy
Privacy International has responded to the European Commission’s consultation on the interoperability of EU information systems for borders and security.
The Commission is currently looking at ways in which various border control and policing EU databases and IT systems can be connected to share and exchange more data.
The plans raise a number of concerns as highlighted by Privacy International in our response. These relate to significant potential harms associated with…
Content type: Advocacy
On 23 October 2017, Privacy International contributed to the public consultation of the European Commission on improving cross border access to electronic evidence for criminal investigation. The consultation raises important questions, particularly in relation to preserving human rights protection and safeguards as national police forces seek digital evidence in other jurisdictions.
The EU is not the only inter-governmental organisation seeking to address the complex jurisdictional…
Content type: News & Analysis
We found this image here.
On 11 October, the LIBE Committee of the European Parliament votes on the draft e-privacy regulation. As the landscape of generation, collection, and other processing of data in the digital sphere evolves, the proposal seeks to update the rules on confidentiality and security of electronic communications and online activities.
Unsurprisingly, companies whose business models rely on tracking individuals online have been busy lobbying against the new regulation. The…
Content type: Press release
Key points
Privacy International surveyed 21 EU member states' legislation on data retention and examined their compliance with fundamental human rights standards
0 out of the 21 States examined by PI are currently in compliance with these standards (as interpreted in two landmark judgements by the Court of Justice of the European Union: Tele-2/Watson and Digital Rights Ireland)
Privacy International is calling for:
EU member states to review their legislation on data retention…
Content type: Advocacy
This report sheds light on the current state of affairs in data retention regulation across the EU post the Tele-2/Watson judgment. Privacy International has consulted with digital rights NGOs and industry from across the European Union to survey 21 national jurisdictions (Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, France, Germany, Hungary, Ireland, Italy, Luxembourg, the Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United…
Content type: Press release
Please find attached a copy of the briefing along with promotional photographs with the briefing.
Privacy International has today sent top EU and UK Brexit negotiators* a briefing on their vulnerability to potential surveillance by each other, and others. Brexit negotiations are to begin today.
The global privacy rights NGO has highlighted to the negotiators the risk of sophisticated surveillance capabilities being deployed against each other and by others, and provided…
Content type: Advocacy
Privacy International welcomes the willingness of the UK government to implement the EU General Data Protection Regulation (GDPR), which provides stronger standards of protection of personal data to those contained in the EU Directive 1995, whose provisions were implemented in the Data Protection Act 1998. Improved rights and enforcement measures will generate greater trust and therefore greater engagement in the digital environment, which will in turn benefit the economy. …
Content type: News & Analysis
This guest piece was written by Elonnai Hickok, Amber Sinha and Vanya Rakesh of the Centre for Internet and Society. It does not necessarily reflect the views or position of Privacy International.
In 2009, the Government of India set up the Unique Identification Authority of India (UIDAI) as an attached office of the erstwhile Planning Commission of India via an executive order. The mandate of the UIDAI was to assign a 12-digit unique identification (UID) number (…
Content type: Long Read
The move to digital payments, without an adequate legal framework, is a double-blow to privacy. India is proving to be the case study of how not to do the move to the cashless society. We are seeing in India the deeper drives to digital: linking financial transactions to identity. On the 8th November, Prime Minister Modi of India announced that 500 and 1,000 rupee notes – 86% of the money supply – would be removed from circulation. The initial justification for this was to tackle the…
Content type: News & Analysis
This guest piece was written by Elonnai Hickok and Vipul Kharbanda of the Centre for Internet and Society. It does not necessarily reflect the views or position of Privacy International.
In light of the complex challenges and threats posed to, and by, the field of information telecommunications in cyberspace, in 1998 the draft resolution in the First Committee of the UN General Assembly was introduced and adopted without a vote (A/RES/53/70)…
Content type: Advocacy
This stakeholder report is a submission by Centre for Internet and Society India (CIS India) and Privacy International (PI). CIS is a non-profit organisation that undertakes interdisciplinary research on internet and digital technologies from policy and academic perspectives. Through its diverse initiatives, CIS explores, intervenes in, and advances contemporary discourse and practices around internet, technology and society in India, and elsewhere. PI is a human rights organisation that…
Content type: Press release
PI Research Officer Edin Omanovic said:
“The European Commission has proposed sweeping updates [PDF] to trade regulations in an effort to modernise the EU’s export control system and to ensure that the trade in surveillance technology does not facilitate human rights abuses or internal repression.
Privacy International welcomes the intentions of the proposed changes in terms of protecting human rights as it does all such moves. More than half of the world’s surveillance…
Content type: Press release
Today, Privacy International, together with five internet and communications providers from around the world, have lodged an application before the European Court of Human Rights to challenge the British Government's use of bulk hacking abroad. Until we brought our original case at the Investigatory Powers Tribunal (IPT) in 2014, the Government had never admitted that it engaged in hacking. Now we are learning for the first time how far-reaching the Government's global hacking capabilities are…
Content type: Advocacy
After the adoption of the EU General Data Protection Regulation, the Data Protection Directive for Law Enforcement Agencies, the EU-US Privacy Shield, your understandable EU privacy policy fatigue is excused.
But when a coalition of tech and telecom industries calls for a relatively obscure EU directive to be repealed, it may unintentionally trigger an atypical Streisand effect: if companies, which often so cavalier to individuals’ privacy, want to get rid of the EU e-privacy…
Content type: News & Analysis
After the adoption of the EU General Data Protection Regulation, the Data Protection Directive for Law Enforcement Agencies, the EU-US Privacy Shield, your understandable EU privacy policy fatigue is excused.
But when a coalition of tech and telecom industries calls for a relatively obscure EU directive to be repealed, it may unintentionally trigger an atypical Streisand effect: if companies, which often so cavalier to individuals’ privacy, want to get rid of the EU e-privacy…
Content type: Press release
The committee of data protection regulators across Europe, the Working Party 29, announced today its opinion on the current “Privacy Shield”. The Opinion is expected shortly, and based on the statements made by the Working Party chair in a press conference, we understand that the Working Party, while noting improvements from the annulled “Safe Harbor” agreement, has serious concerns about a range of aspects of the current "Privacy Shield" agreement with the U.S.
Overall they note the…
Content type: News & Analysis
Should the European Union agree to legitimise trade with a country that refuses to adhere to European legal standards? This is the fundamental question that will be addressed at tomorrow’s meeting among European privacy regulators when they publish their opinion on the data-sharing agreement known as the ‘Privacy Shield’, the replacement to the failed ‘Safe Harbour’ agreement.
Background
Many of the world’s largest companies, such as Google and Facebook, store their customers’ data in…
Content type: News & Analysis
PI's full analysis can be read here
On 29 February 2016, the European Commission and the US government released the details of the proposed EU-U.S. “Privacy Shield”. The “Privacy Shield” replaces the now defunct so-called “Safe Harbor”.
The Privacy Shield is in fact a significant number of documents from various parts of the U.S. administration, which merely outline the existing, weak U.S. safeguards applicable to personal data of EU citizens. These documents are…
Content type: Advocacy
Introduction
On 29 February 2016, the European Commission and the US government released the details of the proposed EU-U.S. “Privacy Shield”. The “Privacy Shield” replaces the now defunct so-called “Safe Harbor”.
The Privacy Shield is in fact a significant number of documents from various parts of the U.S. administration, which merely outline the existing, weak U.S. safeguards applicable to personal data of EU citizens. These documents are meant to serve as the basis for an “adequacy”…
Content type: Long Read
Written by: Centre for Internet and Society
This guest piece was written by representatives of the Centre for Internet and Society (CIS). It does not necessarily reflect the views or position of Privacy International.
Introduction
As part of the State of the Surveillance project, CIS conducted a review of surveillance law, policy, projects, and trends in India. Below we provide a snap shot of key legal provisions governing surveillance in India and touch on…
Content type: Long Read
“This is my personal opinion,” concedes Branko, a taxi driver in Skopje, the Republic of Macedonia's capital. “It was done by America to stop Putin building his gas pipe line through Macedonia.”
“This is just politics,” he advises, skeptically.
It's a common reaction to the wiretapping scandal in Macedonia. Beginning in February last year when opposition leader Zoran Zaev posted a series of wiretaps online that he called 'bombs' – they seemingly showed that for years the phone calls of some…
Content type: News & Analysis
In 2015 the United Nations' human rights mechanisms significantly increased their capacity to monitor and assess states' compliance with their obligations around the right to privacy. Notably, the Human Rights Council established the mandate of the Special Rapporteur on the right to privacy, filling a significant gap in the international human rights protection system. Meanwhile, the Human Rights Committee put surveillance laws and practices in a range of countries under close scrutiny, making…
Content type: News & Analysis
The major overhaul of data protection laws in Europe is finally over, after three years of arduous and sustained political and lobbying activity by all those with a major stake and interest, including us at Privacy International (See our initial analysis of the two laws in 2012). We welcome this long overdue closure, but is this 91-articled, 200-paged piece of legislation been worth the enormous effort and no doubt millions of euros, dollars and pounds spent on it?
The legislative package…
Content type: Press release
Statement by European Digital Rights (EDRi), Bits of Freedom, Digitale Gesellschaft e.V, Digital Rights Ireland and Privacy International following the vote of the European Parliament’s Civil Liberties Committee on the Data Protection
In January 2012, the European Commission, following extensive consultations, published a draft Regulation and a Directive to create a strong framework for data protection in the EU. The initiative had three priorities – modernisation of the legal framework for…