Search
Content type: Examples
20th December 2018
In 2018 a report from the Royal United Services Institute found that UK police were testing automated facial recognition, crime location prediction, and decision-making systems but offering little transparency in evaluating them. An automated facial recognition system trialled by the South Wales Police incorrectly identified 2,279 of 2,470 potential matches. In London, where the Metropolitan Police used facial recognition systems at the Notting Hill Carnival, in 2017 the system was wrong 98% of…
Content type: Examples
12th August 2019
In December 2018, in the wake of the Windrush scandal, the National Police Council, which represents police chiefs across England and Wales agreed to cease passing on to deportation authorities information about people suspected of being in the country illegally. The measures also ban officers from checking the police national computer solely to check on immigration status. Police said they believed that their too-close relationship with immigration authorities in aid of the government's "…
Content type: Examples
12th August 2019
The Home Office Christmas 2018 announcement of the post-Brexit registration scheme for EU citizens resident in the UK included the note that the data applicants supplied might be shared with other public and private organisations "in the UK and overseas". Basing the refusal on Section 31 of the Freedom of Information Act, the Home Office refused to answer The3Million's FOI request for the identity of those organisations. A clause in the Data Protection Act 2018 exempts the Home Office from…
Content type: Examples
3rd May 2018
In 2015, a small number of Silicon Valley start-ups began experimenting with assessing prospective borrowers in developing countries such as Kenya by inspecting their smartphones. Doing so, they claimed, enabled them to charge less in interest than more traditional microlenders, since many of their target customers lack traditional credit ratings. The amount of data on phones - GPS coordinates, texts, emails, app data, and more obscure details such as how often the user recharges the battery,…
Content type: Examples
12th July 2019
Absher, an online platform and mobile phone app created by the Saudi Arabian government, can allow men to restrict women’s ability to travel, live in Saudi Arabia, or access government services. This app, which is available in the Google and Apple app stores, supports and enables the discriminatory male guardianship system in Saudi Arabia and violations of womens’ rights, including the right to leave and return to one’s own country. Because women in Saudi Arabia are required to have a male…
Content type: Long Read
1st May 2020
Photo by Cade Roberts on Unsplash
For those of you who don't spend the most productive part of your day scanning the news for developments about data and competition, here's what has been going on in the UK since summer 2019.
Basically, the UK competition authority started an investigation into online platforms and digital advertising last summer, and issued their preliminary findings in December 2019, concluding that Facebook and Google are very powerful in the search engine and social media…
Content type: Frequently Asked Questions
27th October 2020
On 27 October 2020, the UK Information Commissioner's Office (ICO) issued a report into three credit reference agencies (CRAs) - Experian, Equifax and TransUnion - which also operate as data brokers for direct marketing purposes.
After our initial reaction, below we answer some of the main questions regarding this report.
Content type: Video
23rd June 2020
Immediately following the UK general election in December 2019, we worked with Open Rights Group to commission a YouGov poll about public understanding and public opinion about the use of data-driven campaigning in elections.
The poll used a representative sample of 1,664 adults across the UK population.
'Data-driven political campaigning' is about using specific data about you to target specific messages at you. So, for this might involve knowing that you are, for example, likely to have…
Content type: Examples
8th May 2019
The State is not always the only actor involved in the surveillance of benefits claimants. Often those practices are encouraged, facilitated or conducted by private companies. South Africa for instance mandated MasterCard to help distribute benefits through biometric debit cards.
https://www.finextra.com/newsarticle/23941/south-africa-enlists-mastercard-to-distribute-welfare-through-biometric-debit-cards
Publication: FinExtra
Content type: Examples
1st December 2017
A 2017 lawsuit filed by Chicagoan Kyle Zak against Bose Corp alleges that the company uses the Bose Connect app associated with its high-end Q35 wireless headphones to spy on its customers, tracking the music, podcasts, and other audio they listen to and then violates their privacy rights by selling the information without permission. The case reflects many of the concerns associated with Internet of Things devices, which frequently arrive with shoddy security or dubious data collection…
Content type: Explainer
30th July 2020
At first glance, infrared temperature checks would appear to provide much-needed reassurance for people concerned about their own health, as well as that of loved ones and colleagues, as the lockdown is lifted. More people are beginning to travel, and are re-entering offices, airports, and other contained public and private spaces. Thermal imaging cameras are presented as an effective way to detect if someone has one of the symptoms of the coronavirus - a temperature.
However, there is little…
Content type: Frequently Asked Questions
28th May 2020
The right to access your personal data (or access right) is just one of a number of data rights that may be found in data protection law, including the European Union's General Data Protection Regulation. Data Subject Access Requests, or DSARs, have helped us several times understand the extent of data companies and governments might hold on us, how this data might be shared among various recipients, or what other third parties a company might be using to obtain additional data and enrich their…
Content type: Examples
1st December 2017
The payday lender Wonga announced in April 2017 that a data breach at the company affected an estimated 270,000 customers, 245,000 of them in the UK and the rest in Poland. The company sent those it thought were affected messages warning that it believed there may have been illegal and unauthorised access to some of the data in their accounts. Wonga was already controversial because of the high rates of interest in charged, and findings by the UK's financial regulator that it had made loans to…
Content type: Examples
5th May 2018
In January 2018 the Cyberspace Administration of China summoned representatives of Ant Financial Services Group, a subsidiary of Alibaba, to rebuke them for automatically enrolling its 520 million users in its credit-scoring system. The main complaint was that people using Ant's Alipay service were not properly notified that enrolling in the credit-scoring system would also grant Ant the right to share their personal financial data, including information about their income, savings, and…
Content type: Examples
3rd May 2018
Because banks often decline to give loans to those whose "thin" credit histories make it hard to assess the associated risk, in 2015 some financial technology startups began looking at the possibility of instead performing such assessments by using metadata collected by mobile phones or logged from internet activity. The algorithm under development by Brown University economist Daniel Björkegren for the credit-scoring company Enterpreneurial Finance Lab was built by examining the phone records…
Content type: Explainer
16th June 2020
Hello friend,
You may have found your way here because you are thinking about, or have just submitted, a Data Subject Access Request, maybe to your Facebook advertisers like we did. Or maybe you are curious to see if Policing, Inc. has your personal data.
The right to access your personal data (or access right) is just one of a number of data rights that may be found in data protection law, including the European Union's General Data Protection Regulation, better known as "GDPR",…
