The demise of the UK ID card
December 2010 saw the repeal of the Identity Cards Act by the newly elected Coalition government. This was the culmination of over five years’ work by PI and partners. In 2005, we led research at the London School of Economics that resulted in a 300-page study of the Home Office’s plans for ID cards and underlying identity databases in the UK. This research introduced several new points of debate, including the costs and technical effectiveness of the proposed scheme and an analysis of how it compared internationally – it was subsequently cited hundreds of times in Parliamentary debates. Before the publication of the report, polls had put public support for the ID card at around 80%; three months after publication, support had dropped to 45%. Over the next few years, we engaged in a regular programme of public and stakeholder meetings, briefings and conferences, as well as extensive media work. We also co-founded the NGO NO2ID, an organization specifically dedicated to combating ID cards in the UK. Ultimately, public opinion turned so vehemently against the ID card scheme that every political party participating in the 2010 general election, with the exception of Labour, campaigned on a platform that included promises to scrap the scheme.
Privacy, surveillance and the international development community
For the past five years, we have worked on surveillance and privacy issues arising specifically from well-meaning but misguided efforts in international development. In our early engagement with the UN Refugee Agency on better protections for refugees’ personal information, we saw that development aid was increasingly being used to advance surveillance practices like biometric databases and e-health registers. We therefore began working with health professionals, policy-makers, technology developers and international organizations in Haiti, Pakistan, South Africa, Namibia and Rwanda to identify the most important privacy and information security problems in the developing world, with a particular focus on medical privacy concerns – for example, the treatment of people with HIV/AIDS and the handling of sensitive obstetrics and gynaecology issues in the treatment of women. Our recent key achievements in this field have been (a) persuading the UN Refugee Agency to commit to developing a privacy and security policy, and to comprehensive training for its staff members (which we have run for the past two years) and (b) the fact that the World Health Organisation has now begun to raise privacy and security issues with respect to e-health programmes, and based their February 2012 study ‘Legal Frameworks for eHealth’ heavily on our previous work.
The SWIFT scandal
In 2006 it came to light that United States officials were routinely accessing – without appropriate legal authority – the financial records of European citizens as part of an agreement with the Society for Worldwide Interbank Financial Telecommunication (SWIFT). PI filed legal complaints in 40 jurisdictions and conducted a high-profile media campaign, which resulted in the European Parliament adopting a resolution demanding explanations from EU governments and institutions regarding their complicity in SWIFT data transfers. This resolution directly referred to PI’s advocacy. Following the resolution, over 30 countries took regulatory action, restricting the transfer of data to the US and putting in place the safeguards we had recommended.
PI played a major role in exposing the spying activities of the US National Security Agency (NSA), which had over the decades established several secret communications bases in the UK. Neither the American nor the British governments had ever admitted the existence of this nationwide interception operation. PI instigated a press and political campaign and wrote an exposé in the Daily Telegraph that eventually gave rise to a European Parliament inquiry into the activities.