Search
Content type: Long Read
Written by: Centre for Internet and Society
This guest piece was written by representatives of the Centre for Internet and Society (CIS). It does not necessarily reflect the views or position of Privacy International.
Introduction
As part of the State of the Surveillance project, CIS conducted a review of surveillance law, policy, projects, and trends in India. Below we provide a snap shot of key legal provisions governing surveillance in India and touch on…
Content type: News & Analysis
We are on the verge of a revolution in government surveillance powers.
Previously it was simple. Governments demanded access to our homes. Then our communications. Then they demanded access to whatever companies held on us. Then they complained that technology was making this harder, and demanded that technology be designed for them. With every step, safeguards were reduced.
Next governments will demand that companies betray their users and use our technologies to compromise us.
In…
Content type: Press release
Today’s report by the Joint Committee on the Investigatory Powers Bill is the third committee report that concludes that the Home Office has failed to provide a coherent surveillance framework.
The Joint Committee on the Investigatory Powers Bill today published a 198 page report following a short consultation period between November and January. Their key findings are that:
- the definitions in the bill need much work, including a meaningful and comprehensible…
Content type: News & Analysis
How not to do data-driven due diligence
A powerful new VICE News investigation has blown open the secretive world of risk management and the most influential database you've never heard of: World-Check.
Over 300 government and intelligence agencies, 49 of the 50 biggest banks, and 9 of the top 10 global law firms use World-Check to conduct due diligence, including checking compliance with anti-terrorism financing and sanctions laws. World-Check gathers and analyses open source…
Content type: News & Analysis
Internet Connection Records are a new form of communications data created by the Investigatory Powers Bill at Parts 3 and 4. They constitute an unlawful interference with privacy with the ability to provide a highly detailed record of the activities of individuals, profiling their internet habits.
Clause 62 of the Investigatory Powers Bill (“IP Bill”) permits a wide range of public authorities to collect Internet Connection Records, however throughout debates on this highly controversial new…
Content type: News & Analysis
The relationship between users and companies is based primarily on trust. However, many recent developments have the potential to undermine this trust and to question companies loyalties to their users. From excessive data collection and transmission to the failure to guard against basic security risks, one could be forgiven for thinking that the privacy and security interests of users and devices have taken a back seat. Governments of the world are unilaterally endeavouring to…
Content type: Long Read
Written by Eva Blum-Dumontet
A recent case of lèse-majesté in Thailand (speaking ill of the monarchy) is a worrying example of how Western companies do not just work with governments that fall short of international human rights standards, but can actually facilitate abuses of human rights.
Our investigation on the trial of Katha Pachachirayapong — accused of spreading rumours on the ill-health of the King Bhumibol Adulyadej, thereby causing sharp falls in the Thai stock market — reveal the…
Content type: News & Analysis
According to Snowden documents analysed by Privacy International, the Australian Signals Directorate had access to and used PRISM, a secret US National Security Agency program which provides access to user data held by Google, Facebook and Microsoft.
This is the third spy agency of the 'Five Eyes' alliance confirmed to have had secret access to Silicon Valley company data - an alliance whose rules and policies remain classified. Earlier this year, a British court ruled that GCHQ access to…
Content type: Advocacy
Following today's Justice Ministers Council meeting in Luxembourg where an agreement was reached on the proposal for a General Data Protection Regulation (GDPR), Privacy International and European Digital Rights (EDRi) issued the following statement:
In January 2012, the European Commission, following extensive consultations, published a draft Regulation. The initiative had three priorities - modernisation of the legal framework for the protection of personal data,…
Content type: Press release
Governments must accept they have lost the debate over the legitimacy of mass surveillance and reform their oversight of intelligence gathering, Privacy International and Amnesty International said today in a briefing published two years after Edward Snowden blew the lid on US and UK intelligence agencies’ international spying network.
“The balance of power is beginning to shift,” said Edward Snowden in an article published today in newspapers around the world. “With each court victory,…
Content type: News & Analysis
Lebanon was part of the drafting committee for the Universal Declaration of Human Rights, and by co-sponsoring both UN General Assembly resolutions on the right to privacy in the digital age (December 2013 and December 2014), Lebanon has recently reaffirmed its commitment to its obligations to uphold the right to privacy.
And yet, Lebanon's progressive positions on the right to privacy at the UN could not be further away from the situation in the country itself.
Once seen as…
Content type: Press release
Privacy International and several other human rights organisations are taking the UK Government to the European Court of Human Rights over its mass surveillance practices, after a judgement last year found that collecting all internet traffic flowing in and out of the UK and bulk intelligence sharing with the United States was legal.
The appeal, filed last week by Privacy International, Bytes for All, Amnesty International, Liberty, and other partners, comes in response to a…
Content type: News & Analysis
FREAK, the latest security vulnerability to be exposed that has implications for millions of supposedly secure websites, is just the most recent example of something privacy and security advocates have been saying for some time: when governments meddle with our security technologies, it hurts us all.
When the State advocates for backdoors into our communications, they cannot secure them properly and malicious actors can get in. When our elected officials pontificate about spying on us to…
Content type: News & Analysis
Privacy International, Bytes for All and other human rights groups are celebrating a major victory against the Five Eyes today as the UK surveillance tribunal rules that GCHQ acted unlawfully in accessing millions of private communications collected by the NSA up until December 2014.
Today’s judgement represents a monumental leap forward in efforts to make intelligence agencies such as GCHQ and NSA accountable to the millions of individuals whose privacy they have violated.
The…
Content type: Press release
British intelligence services acted unlawfully in accessing millions of people’s personal communications collected by the NSA, the Investigatory Powers Tribunal ruled today. The decision marks the first time that the Tribunal, the only UK court empowered to oversee GHCQ, MI5 and MI6, has ever ruled against the intelligence and security services in its 15 year history.
The Tribunal declared that intelligence sharing between the United States and the…
Content type: News & Analysis
A year after the Eyes Wide Open program was launched here at Privacy International, we are just beginning to scratch the surface of the processes and justifications that agencies like GCHQ use to make their spying legally compliant. Tocqueville, a great philosopher of law stated:
“If they prize freedom much, they generally value legality still more. They are less afraid of tyranny than of arbitrary power, and provided the legislature undertakes of itself to deprive men of their independence,…
Content type: News & Analysis
In the wake of tragic attacks in France, politicians from across the world are calling for dramatically expanded surveillance powers, to spy on our phonecalls, ban encrypted communications such as WhatsApp and iMessage, and store details about our international travels for years on end.
If it feels like you've heard this story before, it's because you have. With each violent attempt by extremists to terrorise society, our political leaders dust off old, failed proposals such as the UK…
Content type: News & Analysis
Going into 2014, there were high hopes for advancing privacy protections and to finally have the debate around surveillance we've been clamouring for. Privacy was even Dictionary.com's word of the year in 2013. Europe was on the edge of passing new strong privacy laws, despite protests from industry and governments. Parliaments in Canada and the United Kingdom had pushed back against expanding surveillance laws. Transparency reports were beginning to shine a more comprehensive picture on…
Content type: Press release
The Investigatory Powers Tribunal (IPT) today followed its previous judgments in finding that UK security services may in principle carry out mass surveillance of all fibre optic cables entering or leaving the UK under RIPA, the 2000 law that pre-dates the modern internet.
In summary, the Tribunal in today's decision said the system of mass surveillance disclosed by Edward Snowden could in principle be lawful. But the Tribunal has asked for more submissions about whether…
Content type: News & Analysis
In a recent trip to Colombia, Privacy International learned that the Colombian mobile phone network does not use any form of encryption. In this sense, Colombian communications are stuck in the 1990s, where cryptography was not yet widespread, and was still tightly controlled by governments who feared its spread could threaten their capabilities to conduct surveillance.
The issue of encryption on mobile phones though is not unique to Colombia. The Director of the FBI has been on a media blitz…
Content type: News & Analysis
To read Privacy International's take on the ruling, go here.
What does the decision actually say?
The primary question that the Court was asked to consider was whether Google Search has obligations under the Data Protection Directive 1995, the EU legal framework regulating how public bodies and businesses deal with individuals’ personal data.
There were three primary issues at hand: the first was whether Google Inc., the international entity which operates Google Search, was under the…
Content type: News & Analysis
Since the European Court of Justice in May ruled in the “right to be forgotten” case, there has been a dizzying amount of debate about the decision, and its implications for privacy and free expression.
A main thread within these discussions is an old story that US Industry loves to tell and has told for some time: Europeans love privacy law, and Americans love free speech, and the twain shall never meet.
The Google Search case at the European Court of Justice has fuelled this view…
Content type: News & Analysis
Between 15th-19th of September, in the week leading up the first year aniversary of the 13 Necessary and Proportionate Principles, Privacy International and the coalition behind the 13 Principles will be conducting a Week of Action explaining some of the key guiding principles for surveillance law reform. Every day, we'll take on a different part of the principles, exploring what’s at stake and what we need to do to bring intelligence agencies and the police back under the rule of law. You can…
Content type: News & Analysis
We have learnt a lot in the last year about the dirty games GCHQ and NSA are playing to infiltrate the networks, tools and technologies we all use to communicate. This includes forcing companies to handover their customers’ data under secret orders, and secretly tapping fibre optic cablesbetween the same companies’ data centers.
Not content with that, we know now GCHQ are targeting companies systems administrators, exploiting the routers and switches in their networks to…
Content type: Press release
Britain’s top counter-terrorism official has been forced to reveal a secret Government policy justifying the mass surveillance of every Facebook, Twitter, Youtube and Google user in the UK.
This disturbing policy was made public due to a legal challenge brought by Privacy International, Liberty, Amnesty International, the American Civil Liberties Union, Pakistani organisation Bytes for All, and five other national civil liberties organisations[fn]Canadian Civil Liberties…
Content type: News & Analysis
Earlier this month, only a few days before the new president of Egypt was sworn in, leaked documents from the Ministry of Interior revealed that the government is trying to acquire mass surveillance equipment capable of monitoring social networks such as Facebook, Twitter, and YouTube.
While being billed as a way to monitor social media in order to “monitor security hazards in social networks” and “identify persons representing a danger on society” (sic), past and recent actions by…
Content type: News & Analysis
NETMundial – a global conference initiated by the Brazilian government – has produced ‘The Multi-stakeholder Statement of São Paulo’, a Roadmap and Principles on internet governance that could herald new respect for the right to privacy online. However, the outcome document fails to adequately recognise the relationship between internet governance and mass surveillance, reflecting a larger problem that was present throughout the two-day meeting.
By the end of the conference, both the…
Content type: News & Analysis
The latest Snowden document revelation, which shows how GCHQ and the NSA are conducting broad, real-time monitoring of YouTube, Facebook, and Blogger using a program called "Squeaky Dolphin," is the most recent demonstration of the immense interception capabilities of intelligence services.
Despite the program's cute name, "Squeaky Dolphin" is shocking in its ability to intercept raw data, which includes sensitive personal and location information, and keep tabs on people across the world who…
Content type: News & Analysis
Big data consists mainly of data that is openly available, created and stored. It includes public sector data such as national health statistics, procurement and budgetary information, and transport and infrastructure data. While big data may carry benefits for development initiatives, it also carries serious risks, which are often ignored. In pursuit of the promised social benefits that big data may bring, it is critical that fundamental human rights and ethical values are not cast aside.…
Content type: News & Analysis
A strong, unified voice from the tech industry is absolutely essential to reforming the mass and intrusive surveillance programs being run by the Five Eyes, so we welcome today's statement from AOL, Apple, Google, Facebook, LinkedIn, Microsoft, Twitter, and Yahoo.
Companies have obligations to respect human rights and not be complicit in mass surveillance. Given what has been publicly revealed over the past six months, we must know for certain that the companies we entrust with our information…