Search
Content type: News & Analysis
10th October 2019
The latest news of Twitter “inadvertently” sharing email addresses or phone numbers provided for safety or security purposes (for example, two-factor authentication) for advertising purposes is extremely concerning for several reasons.
First of all, it is not the first time for Twitter's used people's data in ways they wouldn't expect or that ignores their choices: in August, the company disclosed that it may have shared data on users with advertising partners, even if they had opted out from…
Content type: Examples
12th August 2019
In October 2018, British home secretary Sajid Javid apologised to more than 400 migrants, who included Gurkha soldiers and Afghans who had worked for the British armed forces, who were forced to provide DNA samples when applying to live and work in the UK. DNA samples are sometimes provided by applicants to prove their relationship to someone already in the UK, but are not supposed to be mandatory. An internal review indicated that more people than the initially estimated 449 had received DNA…
Content type: News & Analysis
7th August 2019
On Tuesday, Twitter disclosed that it may have shared data on users with advertising partners, even if they have opted out from personalised ads, and shown people ads based on inferences made about the devices they use without permission. According to Twitter, the issue was fixed on Monday, even though it is not yet clear how many users have been affected.
This is not the first time that Twitter had to admit that it leaked user data to advertisers. In May 2019, the social network disclosed a…
Content type: Long Read
22nd May 2019
Like millions of other people, you use messaging apps, social media, share, read and watch content on your phone or computer. If that’s the case then hundreds of AdTech companies collect and exchange your data every single day. AdTech, a short form of advertisement technology, is a catch-all term that describes tools and services that connect advertisers with target audiences and publishers. It’s also a multi-billion-dollar industry that is facing investigations by Data Protection Authorities…
Content type: News & Analysis
13th March 2019
We found this image here.
Today, a panel of competition experts, headed by Professor Jason Furman, the former chief economic adviser of in the Obama administration, confirmed that tech giants, like Facebook, Amazon, Google, Apple and Microsoft, do not face enough competition.
Significantly, the report finds that control over personal data by tech giants is one of the main causes preventing competition and ultimately innovation.
Privacy International's research has shown clear examples of…
Content type: News & Analysis
2nd September 2019
This article is part of a research led by Privacy International on mental health websites and tracking. Read our full report.
According to the World Health Organisation (WHO), 25 percent of the European population suffers from depression or anxiety each year, yet about 50% of major depressions remain untreated. This means that everyday thousands of people are looking for information about depression online. They take tests to find out how serious their symptoms are, they try to access…
Content type: Report
21st April 2019
Targeted advertisement is getting more and more attention since GDPR. Privacy International has filed complaints against seven companies in the hidden data economy for a mass violation of GDPR, but we are not the only taking action. This resource serve to identify all the different actors who have taken a stand against targeted advertisement or analysed the negative consequences it can bring. If you or your organisation have taken action against the AdTech ecosystem, please contact us and we…
Content type: Report
3rd September 2019
The full report of Privacy International's study on how popular websites about depression in France, Germany and the UK share user data with advertisers, data brokers and large tech companies, while some depression test websites leak answers and test results with third parties. The findings raise serious concerns about compliance with European data protection and privacy laws.
Content type: Examples
21st May 2019
Simultaneous complaints have been filed with European data protection authorities against Google and other ad tech firms. The complainants are being made by Dr Johnny Ryan of Brave, the private web browser, Jim Killock, Executive Director of the Open Rights Group, and Michael Veale of University College London. The complaint notifies European regulators of a massive and ongoing data breach that affects virtually every user on the web.
Content type: Long Read
3rd September 2019
A new study by Privacy International reveals how popular websites about depression in France, Germany and the UK share user data with advertisers, data brokers and large tech companies, while some depression test websites leak answers and test results with third parties. The findings raise serious concerns about compliance with European data protection and privacy laws.
This article is part of a research led by Privacy International on mental health websites and tracking. Read our full report…
Content type: News & Analysis
13th September 2019
Photo: The European Union
On 2 September 2019, Privacy International, together with 60 other organisations, signed an open letter to the European Parliament to express our deep concern about upcoming EU policy proposals which undermine the EU’s founding values of human rights, peace and disarmament.
Since 2017, the EU has diverted funds towards security research and security capacity-building in countries around the world. The proposal for the EU's next budget (2021-2027) will significantly…
Content type: Examples
21st May 2019
Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more stringent obligations on…
Content type: Advocacy
14th June 2019
In early June 2019, PI engaged in the UK's Centre for Data Ethics and Innovation consultation regarding online targeting. PI focused its submission on the use of targeting in online political and issue-based advertising, and the collection and use of data to target people online.
In considering the impact of online targeting, it is essential that the Centre for Data Ethics and Innovation have due regard for privacy as a fundamental right (as enshrined in UK, European, and International Law).…
Content type: Examples
21st May 2019
Panoptykon Foundation, the Warsaw based digital rights organization, has joined in the complaints filed in the UK and Ireland in September by Jim Killock of the Open Rights Group, Michael Veale of University College London, and Dr Johnny Ryan of Brave, by filing a new complaint in Poland. Together, the complainants in Ireland, Poland, and the UK, have also filed new evidence today with the national data protection authorities of Ireland, Poland, and the United Kingdom, that reveals how ad…
Content type: Long Read
17th July 2019
By Valentina Pavel, PI Mozilla-Ford Fellow, 2018-2019
Our digital environment is changing, fast. Nobody knows exactly what it’ll look like in five to ten years’ time, but we know that how we produce and share our data will change where we end up. We have to decide how to protect, enhance, and preserve our rights in a world where technology is everywhere and data is generated by every action. Key battles will be fought over who can access our data and how they may use it. It’s time to take…
Content type: News & Analysis
11th October 2019
On 11 October 2019, Privacy International together with EDRi, BEUC, AccessNow and Open Society European Policy Institute, sent an open letter to EU Member States, to urge them to conclude the negotiations on the ePrivacy Regulation.
The letter highlights the urgent need for a strong ePrivacy Regulation in order to tackle the problems created by the commercial surveillance business models, and expresses the deep concerns by the fact that the Member States, represented in the Council of the…
Content type: Examples
13th August 2019
In February 2019 BuzzFeed News reported that one of the largest home DNA testing companies, FamilyTreeDNA, had formed an agreement with the FBI to grant the agency access to its database of more than 1 million genetic profiles, most of which were supplied by consumers with no thought that they would be accessible to law enforcement. FamilyTreeDNA has also agreed to test DNA evidence and identify remains of victims of violent crimes for the FBI in its own laboratory. FamilyTreeDNA said…
Content type: Examples
17th May 2019
In November 2018, the criminal hacker group 3ve found a new way of exploiting security weaknesses in the Border Gateway Protocol that allowed them to take control of IP addresses belonging to the US Air Force and other reputable organisations; the result was to net them $29 million in fraudulent advertising revenue. The scheme involved a thousand servers that impersonated human beings viewing ads on bogus pages run by 3ve; to camouflage the origins of the traffic the page requests were…
Content type: News & Analysis
13th November 2019
The lead author of this piece is Elettra Bietti, a doctoral student at Harvard Law School and volunteer for Privacy International.
Yesterday, we found out that Google has been collecting a wide range of health data as part of a project it has named “Project Nightingale.” Google has purportedly been amassing data for about a year on patients in 21 U.S. states in the form of lab results, doctor diagnoses and hospitalization records, among other categories, and amounts to a complete health…
Content type: News & Analysis
13th November 2019
Yesterday, we found out that Google has been reported to collect health data records as part of a project it has named “Project Nightingale”. In a partnership with Ascension, Google has purportedly been amassing data for about a year on patients in 21 US states in the form of lab results, doctor diagnoses and hospitalization records, among other categories, which amount to a complete health history, including patient names and dates of birth.
This comes just days after the news of Google's…
Content type: Examples
21st May 2019
Dr Johnny Ryan filed a formal complaint with the Irish Data Protection Commission against IAB Europe, the tracking industry’s primary lobbying organization. The complaint was filed against IAB Europe’s use of an unlawful “cookie wall” on its website. Visitors to IAB Europe’s website, www.iabeurope.eu, are forced to accept tracking by Google, Facebook, and others, which may then monitor them.
Content type: Examples
14th April 2019
A startling amount of the internet is fake in one way or another, studies found in 2018. Less than 60% of web traffic is human; a 2013 study found that at least half of YouTube traffic was bots masquerading as people; in November 2018 the US Justice Department revealed that eight people were accused of stealing $36 million in digital advertising fraud that involved sending fake traffic to spoofed websites which were made to look to advertisers like premium publishers. Also fake in at least some…
Content type: Examples
21st May 2019
The Irish Data Protection Commission has today launched an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry. PI's 2018 investigation and subsequent submission to the Irish DPC showed how the company is systematically collecting and exploiting people's data in ways people are unaware of. PI also investigated and complained about Acxiom, Criteo, Experian, Equifax, Oracle, and Tapad.
Content type: Press release
2nd May 2019
The Irish Data Protection Commission has today launched an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry. PI's 2018 investigation and subsequent submission to the Irish DPC showed how the company is systematically collecting and exploiting people's data in ways people are unaware of. PI also investigated and complained about Acxiom, Criteo, Experian, Equifax, Oracle, and Tapad.
PI welcomes this announcement and its focus on…
Content type: Examples
22nd May 2019
GDPR complaints about Real-Time Bidding (RTB) in the online advertising industry were filed today with Data Protection Authorities in Spain, the Netherlands, Belgium, and Luxembourg. The complaints detail the vast scale of personal data leakage by Google and other major companies in the “Ad Tech” industry. This week marks one year since the introduction of the GDPR.
The new complaints have been filed by Gemma Galdon Clavell (Eticas Foundation) and Diego Fanjul (Finch), David Korteweg (Bits of…
Content type: Case Study
12th December 2019
In the Xingjiang region of Western China, surveillance is being used to facilitate the government’s persecution of 8.6million Uighur Muslims.
Nurjamal Atawula, a Uighur woman, described how, in early 2016, police began regularly searching her home and calling her husband into the police station, as a result of his WeChat activity.
WeChat is a Chinese multi-purpose messaging, social media and mobile payment app. As of 2013, it was being used by around 1million Uighurs, but in 2014 WeChat was…