Search
Content type: Advocacy
8th November 2018
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more stringent…
Content type: News & Analysis
9th January 2018
This post was written by Chair Emeritus of PI’s Board of Trustees, Anna Fielder.
The UK Data Protection Bill is currently making its way through the genteel debates of the House of Lords. We at Privacy International welcome its stated intent to provide a holistic regime for the protection of personal information and to set the “gold standard on data protection”. To make that promise a reality, one of the commitments in this government’s ‘statement of intent’ was to enhance people’s enforcement…
Content type: Long Read
25th May 2018
Privacy and data protection are fundamental rights. When respected they help improve trust and reduce power imbalances. Individuals should have rights over their personal data, regardless of who holds or processes it, and effective ways to enforce those rights, through independent bodies.
While not an ideal solution, GDPR gives individuals more control over their personal data. Rather than burdening individuals with managing and protecting their data, the onus will be on the companies to do so…
Content type: Long Read
25th May 2018
The European Union's new data privacy law (General Data Protection Regulation, better known as GDPR) takes effect today May 25th, 2018, after a two-year transition period. Despite some companies appearing to believe otherwise, and many articles misrepresenting its contents, the GDPR will have a significative impact beyond the European Union, and it will extend many of its data privacy safeguards to users’ data globally.
There are a number of reasons that explain this impact:
Obligations for…
Content type: News & Analysis
6th February 2019
Dear will.i.am,
We saw your piece in the Economist and were very excited to learn that you care about privacy as much as we do. At PI we expose government and corporate bad behaviours, we disrupt their plans, and identify a hopeful path forward.
That’s why we very much agree with you that people need much more protection, transparency and control over their personal data. Cheers for: “I want to have it clearly explained in plain language who has access to my camera, to my photos, who’s…
Content type: Examples
12th April 2020
On March 20, the UK's Department of Health and Social Care published a notice providing legal backing for the NHS to set aside the duty of patient confidentiality as part of its response to the COVID-19 pandemic. As long as it is to fight the coronavirus, NHS organisations and GPs may share whatever patient data they deem necessary.
Source: https://twitter.com/halhod/status/1245297265054367744/photo/1
Writer: Hal Hodson
Publication: Twitter
Content type: Examples
12th August 2019
The Home Office Christmas 2018 announcement of the post-Brexit registration scheme for EU citizens resident in the UK included the note that the data applicants supplied might be shared with other public and private organisations "in the UK and overseas". Basing the refusal on Section 31 of the Freedom of Information Act, the Home Office refused to answer The3Million's FOI request for the identity of those organisations. A clause in the Data Protection Act 2018 exempts the Home Office from…
Content type: News & Analysis
27th October 2020
Privacy International (PI) welcomes today's report from the UK Information Commissioner's Office (ICO) into three credit reference agencies (CRAs) which also operate as data brokers for direct marketing purposes. As a result, the ICO has ordered the credit reference agency Experian to make fundamental changes to how it handles people's personal data within its offline direct marketing services.
It is a long overdue enforcement action against Experian.
Read our Q&A on the report here.…
Content type: News & Analysis
8th November 2018
Email addresses
Acxiom: dataprotection@acxiom.com
Criteo: dpo@criteo.com
Equifax: complaints@equifax.com
Experian: customerservices@uk.experian.com
Oracle: https://oracle.ethicspointvp.com/custom/oracle/dp/en/form_data.asp
Quantcast: privacy.qil@quantcast.com cc: dpo@quantcast.com
Tapad: privacy@tapad.com
Letter for Acxiom and Oracle
subject line: Right to Erasure Request
I am concerned your company exploits my data.
In accordance with my right[s] under the General Data…
Content type: News & Analysis
28th January 2013
Today is Data Privacy Day, which commemorates the 1981 signing of the Coucil of Europe's Convention 108, the first legally binding international treaty dealing with privacy and data protection. It is celebrated all over Europe, as well as in Canada and the United States since 2008. To mark the occasion, Privacy International, together with other prominent privacy and digital rights organisations, is launching the Brussels Declaration. It urges Brussels parliamentarians and European governments…
Content type: Long Read
22nd May 2019
Like millions of other people, you use messaging apps, social media, share, read and watch content on your phone or computer. If that’s the case then hundreds of AdTech companies collect and exchange your data every single day. AdTech, a short form of advertisement technology, is a catch-all term that describes tools and services that connect advertisers with target audiences and publishers. It’s also a multi-billion-dollar industry that is facing investigations by Data Protection Authorities…
Content type: News & Analysis
13th March 2019
We found this image here.
Today, a panel of competition experts, headed by Professor Jason Furman, the former chief economic adviser of in the Obama administration, confirmed that tech giants, like Facebook, Amazon, Google, Apple and Microsoft, do not face enough competition.
Significantly, the report finds that control over personal data by tech giants is one of the main causes preventing competition and ultimately innovation.
Privacy International's research has shown clear examples of…
Content type: News & Analysis
2nd September 2019
This article is part of a research led by Privacy International on mental health websites and tracking. Read our full report.
According to the World Health Organisation (WHO), 25 percent of the European population suffers from depression or anxiety each year, yet about 50% of major depressions remain untreated. This means that everyday thousands of people are looking for information about depression online. They take tests to find out how serious their symptoms are, they try to access…
Content type: News & Analysis
9th April 2018
Today, the Transatlantic Consumer Dialogue (TACD) sent a letter to the CEO of Facebook, Mark Zuckerberg, urging Facebook to adopt the General Data Protection Regulation (GDPR) as a baseline standard, not just for EU consumers as it is required, but for all Facebook services.
The letter comes ahead of Facebook Chief Executive Officer, Mark Zuckerberg’s, appearance before congressional committee over Cambridge Analytica’s misuse of customer data to interfere in the U.S. presidential election.…
Content type: News & Analysis
24th April 2020
An estimated 90% of the world’s student population are affected by school closures in the Covid-19 pandemic. And, in the absence of physical space, education technology companies are stepping in to fill the gap. There are plenty of reasons to be excited about the potential of technology to provide support, but it’s important to consider the ongoing implications of which technology we choose, and the implications for those families who don’t have access to them in the first place.
That’s why we…
Content type: Report
3rd September 2019
The full report of Privacy International's study on how popular websites about depression in France, Germany and the UK share user data with advertisers, data brokers and large tech companies, while some depression test websites leak answers and test results with third parties. The findings raise serious concerns about compliance with European data protection and privacy laws.
Content type: Frequently Asked Questions
27th October 2020
On 27 October 2020, the UK Information Commissioner's Office (ICO) issued a report into three credit reference agencies (CRAs) - Experian, Equifax and TransUnion - which also operate as data brokers for direct marketing purposes.
After our initial reaction, below we answer some of the main questions regarding this report.
Content type: Advocacy
10th May 2017
Privacy International welcomes the willingness of the UK government to implement the EU General Data Protection Regulation (GDPR), which provides stronger standards of protection of personal data to those contained in the EU Directive 1995, whose provisions were implemented in the Data Protection Act 1998. Improved rights and enforcement measures will generate greater trust and therefore greater engagement in the digital environment, which will in turn benefit the economy. This briefing…
Content type: Advocacy
19th December 2017
Privacy International's comments to the Article 29 Working Party Guidelines on automated individual decision-making and profiling are here.
Content type: Advocacy
18th December 2017
This briefing consolidates Privacy International's concerns on the UK Data Protection Bill as it reached Report Stage in the House of Lords.
Content type: Long Read
3rd September 2019
A new study by Privacy International reveals how popular websites about depression in France, Germany and the UK share user data with advertisers, data brokers and large tech companies, while some depression test websites leak answers and test results with third parties. The findings raise serious concerns about compliance with European data protection and privacy laws.
This article is part of a research led by Privacy International on mental health websites and tracking. Read our full report…
Content type: Advocacy
15th June 2015
Following today's Justice Ministers Council meeting in Luxembourg where an agreement was reached on the proposal for a General Data Protection Regulation (GDPR), Privacy International and European Digital Rights (EDRi) issued the following statement:
In January 2012, the European Commission, following extensive consultations, published a draft Regulation. The initiative had three priorities - modernisation of the legal framework for the protection of personal data, harmonisation of the rules…
Content type: Press release
8th November 2018
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. Privacy International urges the data protection authorities to investigate these companies and to protect individuals from the mass exploitation of their data.
Our complaints target companies that, despite exploiting the data of millions of…
Content type: Advocacy
14th June 2019
In early June 2019, PI engaged in the UK's Centre for Data Ethics and Innovation consultation regarding online targeting. PI focused its submission on the use of targeting in online political and issue-based advertising, and the collection and use of data to target people online.
In considering the impact of online targeting, it is essential that the Centre for Data Ethics and Innovation have due regard for privacy as a fundamental right (as enshrined in UK, European, and International Law).…
Content type: Advocacy
30th April 2019
In December 2018, PI responded to the UK Information Commissioner's (ICO) Call for Views on a Code of Practice for the use of personal information in political campaigns.
The consultation followed on from the ICO's policy report Democracy Disrupted?, published in July 2018, which recommended that the Government should legislate at the earliest opportunity to introduce a statutory Code of Practice under the Data Protection Act 2018 for the use of personal information in campaigns.
Although not…
Content type: Examples
9th April 2020
Led by Germany's Fraunhofer Heinrich Hertz Institute for Telecoms, technologists and scientists from at least eight countries, are working on a proximity-based contact tracing technology that complies with GDPR. The Pan-European Privacy-Preserving Proximity Tracing project (PEPP-PT) is intended to leverage smartphones to help disrupt the spread of infection by notifying individuals when their smartphones are near enough to to that of another person to carry out a Bluetooth handshake - thereby…
Content type: Advocacy
8th November 2018
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more stringent…
Content type: Advocacy
19th September 2012
On 25th January 2012, the European Commission published a proposal that would comprehensively reform the European data protection legal regime. One aspect of its proposal, a new Regulation (the “Proposed Regulation”),(1) would modernise and further harmonise the data protection regime created by the Data Protection Directive (95/46/EC). Another aspect of the Commission’s proposal, a new Directive(2) (the “Proposed Directive”), would set out new rules on “the protection of individuals with…