Search
Content type: Long Read
Elections and political campaigns are increasingly mediated by digital technologies. These technologies rely on collecting, storing, and analysing personal information to operate. They have enabled the proliferation of tailor-made political advertising. The recent proliferation of AI technologies is enabling ever more sophisticated content creation and manipulation in the context of elections.In parallel, governments are continuing to invest in digital technologies for the running of elections…
Content type: Advocacy
Generative AI models cannot rely on untested technology to uphold people's rightsThe development of generative AI has been dependent on secretive scraping and processing of publicly available data, including personal data. However, AI companies have to date had an unacceptably poor approach towards transparency and have sought to rely on unproven ways to fulfill people's rights, such as to access, rectify, and request deletion of their dataOur view is that the ICO should adopt a stronger…
Content type: Advocacy
Background
In August 2022, Amazon announced that they had entered into a definitive merger agreement to acquire iRobot, a company that specialises in designing and building consumer robots. The transaction was formally notified to the European Commission on 1 June 2023, while the UK Competition and Markets Authority (CMA) has already launched an investigation into the transaction since April 2023.
We believe that this acquisition is likely to significantly impede effective competition in and…
Content type: Advocacy
Privacy International responded to the consultation on the proposed data protection bill (the "Bill") to reform the current law 25.326
We welcome the continued efforts by Argentina to provide protections for the right to privacy, already enshrined in the Constitution of Argentina. PI welcomes the main objective of the Bill, namely to regulate the processing of personal data in order to guarantee fully the exercise of data subjects’ rights in accordance with Article 43 of the Constitution (…
Content type: Advocacy
In our submission we outline our concerns with the industry as a result of extensive technical research and complaints taken to data protection authorities in Europe as a result.
Data brokers must specifically be included in "actors in scope."
We recommend that "data brokers" are specifically included in the list of "actors in scope". A data broker is a company that collects, buys and sells personal data and this is often how they earn their primary revenue. It is a term that is entering…
Content type: Advocacy
Now is the time to strengthen not weaken data protection to keep us all safe. Here we outline some edited areas of our consultation response that highlight the impact of the proposed loss or weakening of many important protections:
The proposal to broadening consent and further processing for research purposes:
PI urges caution with regard to provisions that seek to potentially undermine the strict conditions around obtaining consent. The GDPR placed stronger conditions on obtaining consent…
Content type: Advocacy
The role that personal data plays in political campaigns http://privacyinternational.org/learn/data-and-elections and the risks of data abuse and exploitation only entered into the public discourse a few years ago, when Cambridge Analytica became a household name thanks to several scandals over the course of 2017 and 2018.
Since then, we have seen a flurry of initiatives that have helped shed light on the otherwise very opaque practices of digital campaigning. There have been public…
Content type: Long Read
This piece is a part of a collection of research that demonstrates how data-intensive systems that are built to deliver reproductive and maternal healthcare are not adequately prioritising equality and privacy.
What are they?
Short Message Services (SMS) are being used in mobile health (MHealth) initiatives which aim to deliver crucial information to expecting and new mothers. These initiatives are being implemented in developing countries experiencing a large percentage of maternal and…
Content type: News & Analysis
The notorious Clearview AI first rose to prominence in January 2020, following a New York Times report. Put simply, Clearview AI is a facial recognition company that uses an “automated image scraper”, a tool that searches the web and collects any images that it detects as containing human faces. All these faces are then run through its proprietary facial recognition software, to build a gigantic biometrics database.
What this means is that without your knowledge, your face could be stored…
Content type: Advocacy
This report is presented by TEDIC (Technology and Community Association) and Privacy International (PI). TEDIC is a non-governmental, non-profit organization, based in Asunción, that promotes and defends human rights on the Internet and extends its networking to Latin America. PI is a London based human rights organization that works globally at the intersection of modern technologies and rights.
TEDIC and PI wish to express some concerns about the protection and promotion of the right to…
Content type: Advocacy
Background
Giphy is a searchable database for Graphic Interchange Format (‘GIF’) files, stickers, emojis, text, videos and Arcade (remixable video games). This database can be queried through the Giphy search engine, either via its main website (giphy.com), its API or its SDK. Content obtained can then be shared via their URL or be integrated in another service such as a website or an app. Well known integrations of Giphy include messaging services like Whatsapp, Slack,…
Content type: Long Read
Political parties depend on data to drive their campaigns, from deciding where to hold rallies, which campaign messages to focus on in which area, and how to target supporters, undecided voters and non-supporters, including with ads on social media. Political parties increasingly hire private companies to do the bulk of this work, and our primary concern is how these companies use personal data to “profile” people and drive election campaigning.
As part of PI’s programme of work on Defending…
Content type: Advocacy
Identification systems across the world increasingly rely on biometric data. In the context of border management, security and law enforcement, biometric data can play an important role in supporting the investigation and prevention of acts of terrorism.
This Briefing aims to map out some of the implications of the adoption of identification systems based on biometrics.
Content type: Video
Immediately following the UK general election in December 2019, we worked with Open Rights Group to commission a YouGov poll about public understanding and public opinion about the use of data-driven campaigning in elections.
The poll used a representative sample of 1,664 adults across the UK population.
'Data-driven political campaigning' is about using specific data about you to target specific messages at you. So, for this might involve knowing that you are, for example, likely to…
Content type: Call to Action
Google wants to know everything about you.
It already holds a massive trove of data about you, but by announcing its plans to acquire the health and fitness tracker company Fitbit, it now clearly wants to get its hands on your health too. We don’t think any company should be allowed to accumulate this much intimate information about you. This is why we’re trying to stop its merger with Fitbit.
Google and Fitbit need the European Commission’s approval before they can merge. The merger would…
Content type: News & Analysis
GDPR was hard won. PI, together with other civil society actors, fought from the beginning for a version of the law that offers the strongest rights and protections in the face of intense industry lobbying.
Holding the hidden data ecosystem to account
Two years ago, we committed to using GDPR to seek to hold to account the hidden data ecosystem - those companies that amass and exploit large amounts of our data for profit.
Here’s some of the action we’ve taken:
In Nov 2018,…
Content type: Advocacy
Background
In February 2020, the Australian Competition and Consumer Commission (ACCC) commenced an investigation into the proposed acquisition of Fitbit by Google, which was originally announced in November 2019.
Google, whose parent company, Alphabet, in 2018, generated 85% of its $136.22 billion in revenue from delivering targeted advertisements, has a past of competition law infringements in the European Union. Fitbit is a company that produces and sells health tracking technologies and…
Content type: Advocacy
TEDIC, InternetLab, Derechos Digitales, la Fundación Karisma, Dejusticia, la Asociación por los Derechos Civiles y Privacy International acogen el llamado de la Relatoría Especial sobre Derechos Económicos, Sociales, Culturales y Ambientales (DESCA) de la Comisión Interamericana de Derechos Humanos (CIDH) de enviar información para la elaboración del Informe Anual sobre DESCA del año 2019, que se presentará ante la Organización de los Estados Americanos (OEA) en 2020.
El objeto de este…
Content type: Advocacy
Democratic engagement is increasingly mediated by digital technology. Whether through the use of social media platforms for political campaigning, biometric registration of voters and e-voting, police monitoring of political rallies and demonstrations using facial recognition, and other surveillance methods, technology is now infused into the political process.
These technologies rely on collecting, storing, and analysing personal information to operate. Much recent debate around…
Content type: Advocacy
In March 2019, Privacy International responded to a call for evidence for an inquiry by the UK Parliament's Joint Committee on Human Rights into "The Right to Privacy (Article 8) and the Digital Revolution".
Our suggestions included that, the human rights framework should support:
Increasing individuals’ control over their data to encourage the design of technologies that protect peoples’ autonomy and privacy.
Increasing security to result in more rights and protections for…
Content type: Advocacy
In April, the UK government published what it called "plans for a world-leading package of online safety measures that also supports innovation and a thriving digital economy".
The White Paper which sets out plans for establishing in law a new duty of care towards users, overseen by a new regulatory body, aimed at making companies more accountable when it comes to illegal activity and content deemed "harmful", but not illegal.
As part of the plans, a public consultation…
Content type: Advocacy
In early June 2019, PI engaged in the UK's Centre for Data Ethics and Innovation consultation regarding online targeting. PI focused its submission on the use of targeting in online political and issue-based advertising, and the collection and use of data to target people online.
In considering the impact of online targeting, it is essential that the Centre for Data Ethics and Innovation have due regard for privacy as a fundamental right (as enshrined in UK, European, and International Law).…
Content type: Advocacy
Consultation Submission
In March 2019, Privacy International submitted a response to a consultation on Disinformation in Electoral Contexts, led by the Office of the Special Rapporteur for Freedom of Expression of the Inter-American Commission on Human Rights together with the Department of Electoral Cooperation and Observation (DECO) and the Department of International Law (DIL) of the Organisation of American States (OAS).
In our submission we highlighted the importance of minmising data…
Content type: Advocacy
In December 2018, PI responded to the UK Information Commissioner's (ICO) Call for Views on a Code of Practice for the use of personal information in political campaigns.
The consultation followed on from the ICO's policy report Democracy Disrupted?, published in July 2018, which recommended that the Government should legislate at the earliest opportunity to introduce a statutory Code of Practice under the Data Protection Act 2018 for the use of personal information in campaigns.…
Content type: Advocacy
Since 2014 the Indonesian Ministry of Communication and Informatics (MOCI) has been proposing that the Parliament passes a comprehensive data protection law. A first draft data protection law was issued by the Government for public comment in 2015 but no progress was made, and then in early 2018, the Indonesian Government issued a new draft personal data protection law.
While these renewed efforts have positive intentions, a number of concerns ought to be addressed with the aim of…
Content type: Advocacy
In September 2018, the National Executive sent the proposed Data Protection Bill to the National Congress. The proposed law was directed to the Senate and it will be considered by two commissions: the Commission of Constitutional Affairs (Comision de Asuntos Constitucionales) and the Commission of Rights and Guarantees (Comision de Derechos y Garantías).
Privacy International welcomes the continued efforts by Argentina to provide protections for the right to privacy, already enshrined in the…
Content type: Advocacy
Este informe es presentado por Derechos Digitales, Ciudadano Inteligente, Fundación ProAcceso y Privacy International. Derechos Digitales es una organización no gubernamental de defensa, promoción y desarrollo de los derechos humanos en el entorno digital. Ciudadano Inteligente es una organización dedicada a fortalecer la democracia y reducir la desigualdad a través de la transparencia y la participación ciudadana. Fundación ProAcceso se dedica a la defensa del derecho de acceso a la…
Content type: Advocacy
Privacy International, European Digital Rights, and the Association for Technology and Internet (ApTI) together with 15 other digital rights organisations sent a letter on Monday 21 November 2018, to the European Data Protection Board (EDPB), with copies to the Romanian Data Protection Authority (ANSPDCP), and the European Commission, asking for the General Data Protection Regulation (GDPR) not to be misused in order to threaten media freedom in Romania.
Shortly after a journalistic…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…
Content type: Advocacy
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK.
It’s been more than five months since the EU’s General Data Protection Regulation (GDPR) came into effect. Fundamentally, the GDPR strengthens rights of individuals with regard to the protection of their data, imposes more…