Search
Content type: Case Study
The run up to Kenya’s 2017 elections was extremely tense. Kenya has a history of violently fought elections and there was fear this election would be no different. It was in this tense environment, that companies like Cambridge Analytica and Harris Media – and their digital offerings - got involved in the election campaigns.
Cambridge Analytica’s business model is by now familiar, they compiled a huge amount of data points, often through illegal means, to create profiles on individuals –…
Content type: Examples
The US Department of Health and Human Services has awarded a contract to build a database system, HHS Protect Now, to track the spread of the coronavirus across the US to the data-mining company Palantir. Palantir founder and investor Peter Thiel was US president Donald Trump's earliest and highest-profile Silicon Valley backer. The platform pulls data from across the federal, state, and local governments as well as health care facilities and colleges, and works with the Centers for Disease…
Content type: Examples
Drone manufacturer DJI has loaned five drones equipped with voice capabilities and sirens to the US town of Elizabeth, New Jersey for use to patrol public areas and warn violators of the state's lockdown rules. The drones' messages are recordings of the mayor telling people to stop gathering, disperse, and go home. Police have the power to fine violators up to $1,000.
Sources:
https://nypost.com/2020/04/08/nj-town-using-talking-drones-to-scold-people-for-gathering/
https://www.nbcnewyork.com/…
Content type: Examples
New versions of drones that currently issue audio warnings reminding people in Elizabeth, New Jersey to observe social distancing guidelines will incorporate sensors and fever-detecting cameras that will monitor if people are sick or failing to social distance on the trails and in the parks of Meriden, Connecticut, according to the commercial drone company Draganfly, which claims the cameras can also detect sneezing and heart and respiratory rates. The company expects to conduct pilot…
Content type: Examples
The Department of Health in the US state of Kansas is tracking residents' locations via a platform called Unacast, which compares aggregated GPS mobile phone data from before and after the implementation of social distancing and grades each county on its compliance. As of April 1, 45 of 105 Kansas counties had received an F rating, and the state as a whole had managed a C. Unacast says the data it has access to is updated every other day and publishes updated ratings on all 50 US states.…
Content type: Examples
In order to enforce mandatory 14-day quarantine orders, Kenyan authorities have been tracking mobile phones of people suspected to have COVID-19. Also in Kenya, police enforcement efforts have led to several deaths: three died of injuries from being beaten, one, a 13-year-old boy, was hit by a bullet.
Source: https://www.bbc.co.uk/news/world-africa-52214740
Writer: Dickens Olewe
Publication: BBC News
Content type: Examples
The US Department of Health and Human Services has announced it will waive penalties for violations of the Health Insurance Portability and Accountability Act, which protects patient data privacy. HHS argued that in the nationwide emergency caused by the COVID-19 pandemic, greater latitude is needed to allow doctors to provide telehealth services and use new technologies such as one-on-one video conferencing apps to communicate with patients. However, the agency said that public-facing…
Content type: Examples
After police in Bellevue, WA were inundated with calls from local residents reporting suspected violations of the state's week-old stay-at-home order, they asked the public to use the MyBellevue app instead, to keep 911 lines open for emergencies. The police added that they have no plans to charge or arrest violators, but will visit reported hot spots in order to educate the public about the rules. Residents are required to remain at home but there are exceptions for essential industries, trips…
Content type: Examples
The US Centers for Disease Control and Prevention, in conjunction with local and state governments, are using location data collected by the mobile advertising industry from millions of cellphones in order to better understand how Americans are moving during the COVID-19 pandemic and how those movements affect the spread of the disease. The goal is to create a portal that federal, state, and local officials can use to study geolocation from up to 500 US cities and see which retail…
Content type: Examples
As inmates are released from prison in order to mitigate the public health and humanitarian threat posed by the coronavirus poses to a confined population, Minneapolis-based Precision Kiosk Technologies is highlighting its AB Kiosks, which can be used to replace riskier face-to-face meetings with electronic check-ins for newly-released inmates and those on probation, who can use the kiosks to set schedules and trigger reminder texts and emails. The kiosks use fingerprint recognition to verify…
Content type: Examples
The consumer and market trends insight company StatSocial announced Crisis Insights, which it claims tracks rapidly changing consumer audience dynamics to help US brands and CMOs respond effectively to the ongoing coronavirus epidemic and economic slowdown. StatSocial's Silhouette social data platform monitors and analyses more than 1.3 billion social accounts covering more than 70% of US households. Crisis Insights is intended to identify the changing dynamics of customers and consumers who…
Content type: Examples
The whistleblower said they were unable to find any legitimate reason for the high volume of the requests for location information. “There is no other explanation, no other technical reason to do this. Saudi Arabia is weaponising mobile technologies,” the whistleblower claimed.
The data leaked by the whistleblower was also seen by telecommunications and security experts, who confirmed they too believed it was indicative of a surveillance campaign by Saudi Arabia.
The data shows requests for…
Content type: Examples
In a widely circulated animated heat map, the geospatial visualisation company Tectonix GEO in partnership with the location technology company X-Mode used the secondary locations of anonymised mobile devices that were active on a single beach in in Ft Lauderdale, FL during spring break to show how the beach-goers fanned out across the US afterwards, potentially carrying infection with them. Although the visualisation was instructive in showing how contagion spreads, it was unclear whether any…
Content type: Examples
After 195 US citizens were repatriated from Wuhan, China in January they were placed in quarantine without warning in a cordoned-off section of the Air Force Research Base in California's Mojave Desert. The legal position of this and other similar quarantines is unclear, as the Centers for Disease Control and Prevention have tried avoid judicial review of their actions, which they claim fall under regulations issued in January 2017.
Source: https://papersplease.org/wp/2020/01/31/can-…
Content type: Examples
The US Department of Justice has asked Congress for the ability to ask chief judges to detain people indefinitely without trial during emergencies as one of a number of new powers the department is seeking during the coronavirus crisis. The DoJ also wants Congress to pause the statute of limitations for criminal investigations during national emergencies and for one year following their end, and wishes to change the Federal Rules of Criminal Procedure in some cases to expand the use of…
Content type: Examples
At the MIT Media lab, Ramesh Raskar is leading a team that includes software engineers at companies such as Facebook and Uber to develop the free and open source app Private Kit: Safe Paths. The app is intended to share encrypted information between phones in the network without going through a central authority so that individuals can see if they've come in contact with someone carrying the coronavirus. Anyone who tests positive can choose to share location data with health officials, who can…
Content type: Examples
Kinsa Health, which has sold or given away more than 1 million internet-connected thermometers to household covering 2 million people, finds that the maps it creates showing the difference between expected (based on years of data the company has collected) and reported levels of fever may act as an early warning system for spreading illness. Abut 90% of COVID-19 patients have fever. The company has posted its data and maps to medRxiv, and also to a new website it has built.
Source: https…
Content type: Examples
As governments look into surveillance, geolocation and biometric facial recognition to contain the coronavirus, even if they violate user data privacy, the controversial facial recognition company Clearview AI is allegedly negotiating a partnership with state agencies to monitor infected people and the individuals with whom they have interacted. The data mining company Palantir is already collaborating with the CDC and NIH, while the White House convened a task force of technology companies to…
Content type: Examples
US government agencies are considering a range of tracking and surveillance technologies as part of efforts to control the spread of the novel coronavirus. These include: geolocation tracking and facial recognition systems to analyse photos, both to enable contact tracing. Palantir is working with the Centers for Disease Control and Prevention to model the virus outbreak, and other companies that scrape public social media data have contracts in place with CDC and the National Institutes of…
Content type: Examples
Athena Security, which previously sold a system claiming to detect weapons in video feeds, is marketing "artificially intelligent thermal cameras" that the company claims can detect fevers and send an alert to the client that they may be carrying the coronavirus, and claims that its Fever Detection CPVID19 Screening System is being rolled out at customer locations including government agencies, airports, and Fortune 500 companies. The company claims that its software is accurate to within half…
Content type: Examples
In mid-February the Federal Register published new CDC rules, which came into interim effect on February 7, under which airlines are required to collect the name and contact information of all passengers and crew arriving in the United States on international flights, and to transmit this information to the U.S. Centers for Disease Control and Prevention within 24 hours of an order to do so. Written comments were accepted until March 13. In response, EFF asked CDC to explain what it will…
Content type: Examples
Despite warnings that airport screening will only delay but not stop disease outbreaks, in early March US vice-president Mike Pence pledged "100% screening" on direct flights from Italy and South Korea to the United States.
Source: https://www.sciencemag.org/news/2020/03/why-airport-screening-wont-stop-spread-coronavirus
Content type: Examples
Frisco, TX-based MTX Group is collaborating with the New York State Department of Health in deploying a coronavirus-monitoring and messaging system enabling New York State to monitor travellers, physicians, and others who come into close contact with anyone with symptoms. The application asks users to check-in through a "digital quarantine", and then sends them a daily alert asking if they have any illness or symptoms. These can then be tracked and sent to health officials. MTX was in…
Content type: Examples
Three years ago, the Alphabet subsidiary Verily developed a software platform, Project Baseline, to run clinical trials on a group of volunteers who agree to share their medical data with a group of researchers at pharmaceutical companies and research hospitals. In early March, Verily began considering whether and how the software could be used to help detect COVID-19. To date, the site is in beta mode, and consists of a questionnaire that links local Bay Area residents to three testing sites.…
Content type: Long Read
Background
Kenya’s National Integrated Identity Management Scheme (NIIMS) is a biometric database of the Kenyan population, that will eventually be used to give every person in the country a unique “Huduma Namba” for accessing services. This system has the aim of being the “single point of truth”, a biometric population register of every citizen and resident in the country, that then links to multiple databases across government and, potentially, the private sector.
NIIMS was introduced…
Content type: Case Study
In 2015, a man in Connecticut was charged with murdering his wife based on evidence from her Fitbit. Richard Dabate, the accused, told the police that a masked assailant came into the couple’s suburban home at around 9am on 23 December 2015, overpowering Dabate then shooting his wife as she returned through the garage.
However, the victim’s fitness tracker told a different story. According to data from the device, which uses a digital pedometer to track the wearer’s steps, Dabate’s wife was…
Content type: Case Study
In early May 2019, it was revealed that a spyware, exploiting a vulnerability in Facebook’s WhatsApp messaging app, had been installed onto Android and iOS phones. The spyware could be used to turn on the camera and mic of the targeted phones and collect emails, messages, and location data. Citizen Lab, the organization that discovered the vulnerability, said that the spyware was being used to target journalists and human rights advocates in different countries around the world. The spyware…
Content type: News & Analysis
On 30 January 2020, Kenya’s High Court handed down its judgment on the validity of the implementation of the National Integrated Identity Management System (NIIMS), known as the Huduma Namba. Privacy International submitted an expert witness testimony in the case. We await the final text of the judgment, but the summaries presented by the judges in Court outline the key findings of the Court. Whilst there is much there that is disappointing, the Court found that the implementation of NIIMS…
Content type: Advocacy
We welcome the effort by the Government of Kenya to give life to and specify the right to privacy, already enshrined in Article 31(c) and (d) of the Constitution of Kenya by proposing a draft Data Protection Act. We particularly appreciate the direct reference to this Constitutional right in the purpose of the Act and the way it is referred to on several occasions in the Act.
While these efforts have positive intentions and we are pleased that Kenya has adopted a comprehensive data protection…
Content type: News & Analysis
Maddie Stone, formally a Senior reverse engineer and tech lead on the Android security team, shockingly revealed a number of examples of how pre-installed apps on Android devices can undermine users privacy and security in her BlackHat USA talk in August 2019. The video of the talk only recently became available to the public in late December 2019.
The apps in question come preloaded on a device when it is purchased and often can't be removed. Stone reveals a litany of abuses carried out by…