Search
Content type: Report
In the months following the beginning of the Covid-19 pandemic, more than half the world’s countries enacted emergency measures. With these measures came an increase in executive powers, a suspension of the rule of law, and an upsurge in security protocols – with subsequent impacts on fundamental human rights. Within this broader context, we have seen a rapid and unprecedented scaling up of governments’ use of technologies to enable widespread surveillance. Surveillance technologies exacerbated…
Content type: Report
End-to-end encryption (E2EE) contributes significantly to security and privacy. For that reason, PI has long been in favour of the deployment of robust E2EE.
Encryption is a way of securing digital communications using mathematical algorithms that protect the content of a communication while in transmission or storage. It has become essential to our modern digital communications, from personal emails to bank transactions. End-to-end encryption is a form of encryption that is even more private…
Content type: Long Read
This is based on UK data protection legislation. The UK’s General Data Protection Regulation (UK GDPR) does not apply to processing of personal data for law enforcement purposes by relevant authorities.
What can happen to my personal data at a peaceful protest?
The most common personal data processed at a protest are notes and photographs taken by police officers, along with voice and video recordings taken from body-worn cameras or drones.
Data processing can also happen with…
Content type: Long Read
Photographing or filming incidents involving police and protestors is an important way of holding the police to account for their actions. Members of the public and the media do not need a permit to film or photograph in public places and police have no power to stop them filming or photographing incidents or police personnel.[1]
Can the police stop and search me for filming or taking photographs?
The police have the discretion to ask you to move back if they think you are interfering with…
Content type: Explainer
What is social media monitoring?
Social media monitoring refers to the monitoring, gathering and analysis of information shared on social media platforms, such as Facebook, Twitter, Instagram and Reddit.
It may include snooping on content posted to public or private groups or pages. It may also involve “scraping” – grabbing all the data from a social media platform, including content you post and data about your behaviour (such as what you like and share).
Through scraping and other tools…
Content type: Explainer
What are my 'unique identifiers' and where are they stored?
Your phone and your SIM card contain unique identifiers about you, which can be accessed by the police to identify you.
The IMSI (International Mobile Subscriber Identity) is a unique number associated with your SIM card. It doesn't change, even if you put the SIM card into a different phone.
If you have a mobile phone subscription, the IMSI will be associated with personal information such as your name and address.
The IMEI (…
Content type: Explainer
Where are my communications stored?
Text messages/phone calls: Traditional cellphone communications happen over the cellular network. You usually access those with the text message and phone call apps that are provided as standard on your phone. While phone calls aren’t stored anywhere, text messages are stored locally on your and the recipient’s devices. They might also be temporarily stored by the network provider.
Messaging apps: Messaging platforms enable fairly secure communication…
Content type: Explainer
What is predictive policing?
Predictive policing programs are used by the police to estimate where and when crimes are likely to be committed – or who is likely to commit them. These programs work by feeding historic policing data through computer algorithms.
For example, a program might evaluate data about past crimes to predict where future crimes will happen – identifying ‘hot spots’ or ‘boxes’ on a map. But the data these programs use can be incomplete or biased, leading to a ‘feedback…
Content type: Explainer
What is LEDS?
LEDS is a new mega-database currently being developed by the UK Home Office.
LEDS will replace and combine the existing Police National Database (PND) and the Police National Computer (PNC). The aim is to provide police and others with a super-database, with on-demand, at the point of need access, containing up-to-date and linked information about individuals’ lives.
Once your details are in LEDS, numerous agencies will have access to that information (e.g. HMRC and DVLA),…
Content type: Explainer
What are police drones?
Drones are remotely controlled Unmanned Aerial Vehicles (UAVs) of varying sizes.
They usually come equipped with cameras and might be enabled with Facial Recognition Technology.
Drones can be equipped with speakers, surveillance equipment, radar and communications interception tools, such as ‘IMSI catchers’.
How might drones be used during protests?
Camera-enabled drones may be used to remotely monitor and track people’s movements in public spaces, including at…
Content type: Explainer
What do Body Worn Video cameras do?
Body worn video (BWV) cameras can be attached to a police officer’s clothing – often at chest, shoulder or head level – and record video, including sound, from the officer’s perspective.
BWV cameras will probably be visible to you, and when it’s recording, a flashing light should appear on the device.
How might body worn video cameras be used at a protest?
BWV cameras may be used at protests to monitor actions of protestors.
They do not usually…
Content type: Explainer
What is gait recognition technology?
Gait recognition technology (GRT) can analyse the shape of an individual’s body and the unique way in which that body moves when walking or running, which can then be used to identify them.
GRT works in a similar way to facial recognition technology. But the two main differences are:
GRT may be used at a fairly long range (at the time of writing, about 165 feet / 50 metres), unlike FRT which generally requires more close up, detailed facial images…
Content type: Explainer
What is Facial Recognition Technology?Facial recognition technology (FRT) collects and processes data about people’s faces, and can be used to identify people. FRT matches captured images with images stored in existing databases or ‘watchlists’.How might it be used in relation to a protest?FRT may be used to monitor, track and identify people’s faces in public spaces, including at protests. This may be done openly or surreptitiously, without people knowing or consenting.FRT-enabled cameras can…
Content type: Explainer
What is hacking?
Hacking refers to finding vulnerabilities in electronic systems, either to report and repair them, or to exploit them.
Hacking can help to identify and fix security flaws in devices, networks and services that millions of people may use. But it can also be used to access our devices, collect information about us, and manipulate us and our devices in other ways.
Hacking comprises a range of ever-evolving techniques. It can be done remotely, but it can also include physical…
Content type: Explainer
What is an IMSI catcher?
‘IMSI’ stands for ‘international mobile subscriber identity’, a number unique to your SIM card. IMSI catchers are also known as ‘Stingrays’.
An ‘IMSI catcher’ is a device that locates and then tracks all mobile phones that are connected to a phone network in its vicinity, by ‘catching’ the unique IMSI number.
It does this by pretending to be a mobile phone tower, tricking mobile phones nearby to connect to it, enabling it to then intercept the data from that phone…
Content type: News & Analysis
Cloud extraction allows law enforcement agencies to take huge amounts of your data from the Cloud via a legal back door. If law enforcement seize your phone or take it from a victim of crime, they can extract tokens or passwords from the device which lets them get access to data from apps such as Uber, Instagram, Slack, Gmail, Alexa and WhatsApp.
In so doing, law enforcement agencies can avoid official channels through cloud companies such as Google, Apple…
Content type: Long Read
Miguel Morachimo, Executive Director of Hiperderecho. Hiperderecho is a non-profit Peruvian organisation dedicated to facilitating public understanding and promoting respect for rights and freedoms in digital environments.
The original version of this article was published in Spanish on Hiperderecho's website.
Where does our feeling of insecurity come from? As we walk around our cities, we are being observed by security cameras most of the time. Our daily movement, call logs, and internet…
Content type: Report
“...a mobile device is now a huge repository of sensitive data, which could provide a wealth of information about its owner. This has in turn led to the evolution of mobile device forensics, a branch of digital forensics, which deals with retrieving data from a mobile device.”
The situation in Scotland regarding the use of mobile phone extraction has come a long way since the secret trials were exposed. The inquiry by the Justice Sub-Committee, commenced on 10 May 2018, has brought much…
Content type: Report
This investigation focuses on the techniques, tools and culture of Kenyan police and intelligence agencies’ communications surveillance practices. It focuses primarily on the use of surveillance for counterterrorism operations. It contrasts the fiction and reality of how communications content and data is intercepted and how communications data is fed into the cycle of arrests, torture and disappearances.
Communications surveillance is being carried out by Kenyan state actors, essentially…