Search
Content type: Case Study
As society heads toward an ever more connected world, the ability for individuals to protect and manage the invisible data that companies and third parties hold about them, becomes increasingly difficult. This is further complicated by events like data breaches, hacks, and covert information gathering techniques, which are hard, if not impossible, to consent to. One area where this most pressing is in transportation, and by extension the so-called ‘connected car’.
When discussing connected…
Content type: Case Study
Political campaigns around the world have turned into sophisticated data operations. In the US, Evangelical Christians candidates reach out to unregistered Christians and use a scoring system to predict how seriously millions these of voters take their faith. As early as 2008, the Obama campaign conducted a data operation which assigned every voter in the US a pair of scores that predicted how likely they would cast a ballot, and whether or not they supported him. The campaign was so confident…
Content type: Case Study
Financial services are collecting and exploiting increasing amounts of data about our behaviour, interests, networks, and personalities to make financial judgements about us, like our creditworthiness.
Increasingly, financial services such as insurers, lenders, banks, and financial mobile app startups, are collecting and exploiting a broad breadth of data to make decisions about people. This is particularly affecting the poorest and most excluded in societies.
For example, the decisions…
Content type: Case Study
Introduction
Online, and increasingly offline, companies gather data about us that determine what advertisements we see; this, in turn, affects the opportunities in our lives. The ads we see online, whether we are invited for a job interview, or whether we qualify for benefits is decided by opaque systems that rely on highly granular data. More often than not, such exploitation of data facilitates and exacerbates already existing inequalities in societies – without us knowing that it occurs.…
Content type: News & Analysis
Creative Commons Photo Credit: Source
The financial services industry is eager to gather more and more data about our lives. Apart from mining the data they have historically collected such as credit history, they are looking to use our social media profiles to reach into our friendships and social interactions. They are using these data in new and unexpected ways, including personality profiling to determine the risk of lending to you, and thus the price you will pay.
Firstcarquote, a…
Content type: Long Read
Disclaimer: This piece was written in April 2017. Since publishing, further information has come out about Cambridge Analytica and the company's involvement in elections.
Recently, the data mining firm Cambridge Analytica has been the centre of tons of debate around the use of profiling and micro-targeting in political elections. We’ve written this analysis to explain what it all means, and the consequences of becoming predictable to companies and political campaigns.
What does…
Content type: State of Privacy
Introduction
Acknowledgment
The State of Surveillance in Thailand is the result of a collaboration by Privacy International and Thai Netizen Network.
Right to Privacy
The constitution
Thailand experienced a coup d'etat in May 2014. According to Mishari Muqbil and Arthit Suriyawongkul, “their [the junta's] modus operandi seems to be the direct command of ministries and semi-governmental organisations to carry out tasks irrespective of existing legislation.”
Following…
Content type: News & Analysis
Technologists hoped the “Crypto Wars” of the 1990s – which ended with cryptographers gaining the right to legally develop strong encryption that governments could not break – was behind them once and for all. Encryption is a fundamental part of our modern life, heavily relied on by everything from online banking and online shopping services to the security our energy infrastructure.
However, from comments by the French and German governments about creating a European initiative to circumvent…
Content type: News & Analysis
In our latest report “Who’s that knocking at my door? Understanding surveillance in Thailand”, we highlighted various methods of surveillance that the Thai Government employs. Included in these methods was the finding that Microsoft was the only technology company which by default trusts the Thai Government’s root certificate. Root certificates ensure the validity of a website, and protect users from being tricked into visiting a fake, insecure website. Most technology companies including Apple…
Content type: News & Analysis
An investigation released by Privacy International this week reveals the Facebook shut-down Thailand experienced in May 2014, at the height of the military coup, may have had more to do with attempting to surveil online communications, rather than censoring Facebook users. This revelation indicates there could be more to other previous internet shutdowns that have happened during times of political unrest.
In May 2014, following months of protest, the Thai military overthrew the…
Content type: Long Read
In July 2015, representatives of a private company met in a parking lot in Pretoria, South Africa to sell phone tapping technology to an interested private buyer. What they did not know was that this buyer was a police officer. The police had been tipped off that the company was looking to offload the surveillance technology, an IMSI catcher, to anyone who would buy it. It is illegal to operate such surveillance technology as a private citizen in South Africa, and illegal to buy…
Content type: Long Read
This piece was written by Ashley Gorski, who is an attorney at the American Civil Liberties Union, and PI legal officer Scarlet Kim and originally appeared in The Guardian here.
In recent weeks, the Hollywood film about Edward Snowden and the movement to pardon the NSA whistleblower have renewed worldwide attention on the scope and substance of government surveillance programs. In the United States, however, the debate has often been a narrow one, focused on the…
Content type: Long Read
This week, Privacy International, together with nine other international human rights NGOs, filed submissions with the European Court of Human Rights. Our case challenges the UK government’s bulk interception of internet traffic transiting fiber optic cables landing in the UK and its access to information similarly intercepted in bulk by the US government, which were revealed by the Snowden disclosures. To accompany our filing, we have produced two infographics to illustrate the…
Content type: Press release
Key points
Privacy International, Liberty, Amnesty International, and seven other human rights organizations challenge UK mass surveillance and UK access to US mass surveillance at the European Court of Human Rights
This is the first case before the European Court of Human Rights to directly challenge UK and US mass surveillance revealed by the Snowden disclosures
National courts and oversight bodies have failed to rein in mass surveillance practices that impact hundreds of millions of…
Content type: Long Read
This piece originally appeared here.
On both sides of the Atlantic, we are witnessing the dramatic expansion of government hacking powers. In the United States, a proposed amendment to Rule 41 of the Federal Rules of Criminal Procedure would permit the government to obtain a warrant, in certain circumstances, to hack unspecified numbers of electronic devices anywhere in the world. Meanwhile, across the pond, the British Parliament is currently debating the Investigatory…
Content type: News & Analysis
Remember when the world didn't know what Prism was? Those were the days. While privacy advocates, civil libertarians, and technologists had suspected or posited the existence of an extensive surveillance regime operated by the U.S. government, few knew the details and the extent of the operation.
Undoubtedly, we know more now than we did a week ago about the National Security Agency's covert operations and how the agency routinely spies on nearly anyone in the world. The public, many…
Content type: News & Analysis
Thank you to those of you who joined our campaign, 'Did GCHQ Illegally Spy on You?'. If you made a claim to the Investigatory Powers Tribunal (IPT) - the court that hears claims about surveillance by public bodies, including the intelligence agencies - to find out if GCHQ has illegally obtained your communications, you will have probably received a letter or email from the IPT by now. We've written a 'Frequently Asked Questions' (FAQ) to help clarify what the ruling means and how you can now…
Content type: News & Analysis
Image source
This is a guest post by Zoë Blackler.
If you want to know how the UK came to be the most watched nation in the world, with CCTV on every corner, you need to go back to 1942: the now ubiquitous policing aid was first developed for use in missile testing by the German military.
Tear gas, GPS trackers, pain rays, and surveillance drones - technologies developed by the military for use against foreign enemies have a habit of finding their way into the hands…
Content type: News & Analysis
Should the European Union agree to legitimise trade with a country that refuses to adhere to European legal standards? This is the fundamental question that will be addressed at tomorrow’s meeting among European privacy regulators when they publish their opinion on the data-sharing agreement known as the ‘Privacy Shield’, the replacement to the failed ‘Safe Harbour’ agreement.
Background
Many of the world’s largest companies, such as Google and Facebook, store their customers’ data in…
Content type: News & Analysis
Section 217 and the Draft Code of Practice on Interception of Communications
Tech giants including Apple Inc, Facebook Inc, Google Inc, Microsoft Corp, Twitter Inc and Yahoo Inc have been openly critical of the UK Government’s Investigatory Power Bill (IPBill). However, what has not been highlighted is a deeply concerning Draft Code of Practice on Interception on Communications, which will not only affect telecommunications companies small and large, but result in costs to the…
Content type: News & Analysis
We already know that in some countries, like the UK, governments are drafting laws to legalise and legitimise their incredible surveillance powers. In the U.S. we are seeing legislation that is using remarkably similar language on encryption and surveillance. The next phase of the cryptowars has openly begun.
Yesterday what is being called the Feinstein-Burr decryption Bill was introduced into the US Senate and leaked online. Whilst the short title ‘Compliance with Court Orders…
Content type: News & Analysis
This article originally appeared in Indepedent Voices here.
Since the horrific Brussels and Istanbul attacks we've all looked at our daily lives and saw vulnerability and risk. Where else could terrorists attack?
We begin to formulate security responses. CCTV, communication, surveillance, identity cards - they aren't panning out. Perhaps we need to take things to the next level? How about we build an uber anti-terrorism system that grinds all our data together and identifies the people…
Content type: Long Read
Written by: Centre for Internet and Society
This guest piece was written by representatives of the Centre for Internet and Society (CIS). It does not necessarily reflect the views or position of Privacy International.
Introduction
As part of the State of the Surveillance project, CIS conducted a review of surveillance law, policy, projects, and trends in India. Below we provide a snap shot of key legal provisions governing surveillance in India and touch on…
Content type: News & Analysis
We are on the verge of a revolution in government surveillance powers.
Previously it was simple. Governments demanded access to our homes. Then our communications. Then they demanded access to whatever companies held on us. Then they complained that technology was making this harder, and demanded that technology be designed for them. With every step, safeguards were reduced.
Next governments will demand that companies betray their users and use our technologies to compromise us.
In…
Content type: Press release
Today’s report by the Joint Committee on the Investigatory Powers Bill is the third committee report that concludes that the Home Office has failed to provide a coherent surveillance framework.
The Joint Committee on the Investigatory Powers Bill today published a 198 page report following a short consultation period between November and January. Their key findings are that:
- the definitions in the bill need much work, including a meaningful and comprehensible…
Content type: News & Analysis
How not to do data-driven due diligence
A powerful new VICE News investigation has blown open the secretive world of risk management and the most influential database you've never heard of: World-Check.
Over 300 government and intelligence agencies, 49 of the 50 biggest banks, and 9 of the top 10 global law firms use World-Check to conduct due diligence, including checking compliance with anti-terrorism financing and sanctions laws. World-Check gathers and analyses open source…
Content type: News & Analysis
Internet Connection Records are a new form of communications data created by the Investigatory Powers Bill at Parts 3 and 4. They constitute an unlawful interference with privacy with the ability to provide a highly detailed record of the activities of individuals, profiling their internet habits.
Clause 62 of the Investigatory Powers Bill (“IP Bill”) permits a wide range of public authorities to collect Internet Connection Records, however throughout debates on this highly controversial new…
Content type: News & Analysis
The relationship between users and companies is based primarily on trust. However, many recent developments have the potential to undermine this trust and to question companies loyalties to their users. From excessive data collection and transmission to the failure to guard against basic security risks, one could be forgiven for thinking that the privacy and security interests of users and devices have taken a back seat. Governments of the world are unilaterally endeavouring to…
Content type: Long Read
Written by Eva Blum-Dumontet
A recent case of lèse-majesté in Thailand (speaking ill of the monarchy) is a worrying example of how Western companies do not just work with governments that fall short of international human rights standards, but can actually facilitate abuses of human rights.
Our investigation on the trial of Katha Pachachirayapong — accused of spreading rumours on the ill-health of the King Bhumibol Adulyadej, thereby causing sharp falls in the Thai stock market — reveal the…
Content type: News & Analysis
According to Snowden documents analysed by Privacy International, the Australian Signals Directorate had access to and used PRISM, a secret US National Security Agency program which provides access to user data held by Google, Facebook and Microsoft.
This is the third spy agency of the 'Five Eyes' alliance confirmed to have had secret access to Silicon Valley company data - an alliance whose rules and policies remain classified. Earlier this year, a British court ruled that GCHQ access to…