Advanced Search
Content Type: Press release
La CNIL a aujourd'hui prononcé une sévère sanction contre Criteo, une des plus grandes sociétés françaises de pistage et publicité en ligne. Le montant de l'amende a été réduit de 60 à 40 millions d'euros depuis l'audience qui s'est tenue à la CNIL en Mars 2023, durant laquelle Criteo avait mis en avant son bénéfice net de 10 millions d'euros en 2022 pour plaider en faveur d'une réduction de sa peine. La CNIL semble avoir entendu ces arguments, mais a heureusement maintenu une amende…
Content Type: Press release
French data regulator CNIL announced today a strong sanction against Criteo, one of the world's largest AdTech companies. Although close to the maximum GDPR fine, the amount of the fine was reduced from 60 to 40 million following a hearing at CNIL's offices in March 2023, during which Criteo pleaded for a reduced fine in light of its 10 million euros profit in 2022. CNIL seems to have acknowledged this argument but maintained a significant fine. This sanction follows a Privacy International…
Content Type: News & Analysis
We have been fighting for transparency and stronger regulation of the use of IMSI catchers by law enforcement in the UK since 2016. The UK police forces have been very secretive about the use of IMSI catchers – maintaining a strict “neither confirm nor deny” (NCND) policy. In our efforts to seek greater clarity we wrote to the UK body which monitors the use of covert investigatory powers, the Investigatory Powers Commissioner’s Office (IPCO), asking the Commissioner to revisit this…
Content Type: Frequently Asked Questions
On 27 October 2020, the UK Information Commissioner's Office (ICO) issued a report into three credit reference agencies (CRAs) - Experian, Equifax and TransUnion - which also operate as data brokers for direct marketing purposes.
After our initial reaction, below we answer some of the main questions regarding this report.
Content Type: News & Analysis
Privacy International (PI) welcomes today's report from the UK Information Commissioner's Office (ICO) into three credit reference agencies (CRAs) which also operate as data brokers for direct marketing purposes. As a result, the ICO has ordered the credit reference agency Experian to make fundamental changes to how it handles people's personal data within its offline direct marketing services.
It is a long overdue enforcement action against Experian.…
Content Type: Report
The majority of people today carry a mobile phone with them wherever they go, which they use to stay connected to the world. Yet an intrusive tool, known as an International Mobile Subscriber Identity catcher, or “IMSI catcher” is a form of surveillance equipment that enables governments and state authorities to conduct indiscriminate surveillance of mobile devices, and by extension, on users.
IMSI catchers can do much more than monitor and intercept mobile communications. Designed to imitate…
Content Type: News & Analysis
IMSI catchers (or stingrays as they are known in the US) are one of the surveillance technologies that has come to the forefront again in the protests against police brutality and systemic racism that have been sparked by the murder of George Floyd on 25 May 2020.
An International Mobile Subscriber Identity catcher – in short an “IMSI catcher” – is an intrusive piece of technology that can be used to locate and track all mobile phones that are switched on in a certain area. It does so by…
Content Type: Long Read
In December 2019, the Information Rights Tribunal issued two disappointing decisions refusing appeals brought by Privacy International (PI) against the UK Information Commissioner.
The appeals related to decisions by the Information Commissioner (IC), who is responsible for the UK’s Freedom of Information regime, concerning responses by the Police and Crime Commissioner for Warwickshire and the Commissioner of Police for the Metropolis (The Metropolitan Police) to PI’s freedom of information…
Content Type: News & Analysis
Almost a year and a half ago we complained about seven companies to three data protection authorities in Europe. These companies, ranging from AdTech to data brokers and credit rating agencies, thrive on the collection, exploitation and processing of personal data. They profile and categorise people - without our knowledge and infringing multiple legal requirements.
Now, the French Data Protection Authority CNIL has informed us that they are following the same route and …
Content Type: Advocacy
Privacy International provided comments to the UK Financial Conduct Authority on the Terms of Reference to its Credit Information Market Study.
We highlighted that:
Credit data (whether ‘traditional’ credit data; data from Open Banking sources, or other sources of data like social media) are hugely revealing of people’s lives far beyond the state of their financial affairs.
The affects upon consumer behaviour of this use of data in the credit sector extends beyond the choices they…
Content Type: Advocacy
Dear Chair and Committee colleagues,
Privacy International is an international NGO, based in London, which works with partners around the world to challenge state and corporate surveillance and data exploitation. As part of our work, we have a dedicated programme “Defending Democracy and Dissent” where we advocate for limits on data exploitation throughout the electoral cycle.
We have been closely following the important work of the Committee. Prompted by the additional evidence provided…
Content Type: Press release
The Irish Data Protection Commission has today launched an inquiry into the data practices of ad-tech company Quantcast, a major player in the online tracking industry. PI's 2018 investigation and subsequent submission to the Irish DPC showed how the company is systematically collecting and exploiting people's data in ways people are unaware of. PI also investigated and complained about Acxiom, Criteo, Experian, Equifax, Oracle, and Tapad.
PI welcomes this announcement and its focus on…
Content Type: Long Read
The Privacy International Network is celebrating Data Privacy Week, where we’ll be talking about how trends in surveillance and data exploitation are increasingly affecting our right to privacy. Join the conversation on Twitter using #dataprivacyweek.
In the era of smart cities, the gap between the internet and the so-called physical world is closing. Gone are the days, when the internet was limited to your activities behind a desktop screen, when nobody knew you were a dog.
Today, the…
Content Type: Press release
Today, Privacy International has filed complaints against seven data brokers (Acxiom, Oracle), ad-tech companies (Criteo, Quantcast, Tapad), and credit referencing agencies (Equifax, Experian) with data protection authorities in France, Ireland, and the UK. Privacy International urges the data protection authorities to investigate these companies and to protect individuals from the mass exploitation of their data.
Our complaints target companies that, despite exploiting the data of millions of…
Content Type: Long Read
It’s 15:10 pm on April 18, 2018. I’m in the Privacy International office, reading a news story on the use of facial recognition in Thailand. On April 20, at 21:10, I clicked on a CNN Money Exclusive on my phone. At 11:45 on May 11, 2018, I read a story on USA Today about Facebook knowing when teen users are feeling insecure.
How do I know all of this? Because I asked an advertising company called Quantcast for all of the data they have about me.
Most people will have never heard of…
Content Type: Press release
Privacy International, represented by Liberty, is challenging court decision allowing police to ‘neither confirm nor deny’ they hold certain information on IMSI catchers
Privacy rights organisation has fought for almost two years for public disclosure of records on how UK police purchase and use mobile phone surveillance technology
Privacy International has today filed an appeal challenging police forces’ refusal to disclose information on their purchase and use of IMSI catchers.
IMSI…
Content Type: Report
The Information Commissioner’s Office (ICO) recently issued a series of decisions in Privacy International’s long-running battle for information about UK police forces' acquisition of IMSI catchers. This case study provides an in-depth summary and analysis of this process.
We hope it is useful to both campaigners seeking greater transparency from policing bodies, and more widely to Freedom of Information campaigners who are trying to challenge 'neither confirm nor deny' responses to FOI…
Content Type: News & Analysis
Create Commons Photo Credit: Source
Privacy International has achieved an important victory for government transparency and information access rights. This victory stems from a long-running battle with the government to obtain information about the UK police’s purchase and use of IMSI catchers. The Information Commissioner’s Office (ICO) recently issued a series of decisions, which agree with Privacy International that police forces cannot rely on a position of “neither confirm nor deny” (NCND…
Content Type: Explainer
What is an IMSI catcher?
An IMSI catcher is an intrusive piece of technology that can be used to locate and track all mobile phones that are switched on in a certain area.
An IMSI catcher does this by ‘pretending’ to be a mobile phone tower - tricking your phone into connecting to the IMSI-catcher, and then revealing your personal details without your knowledge.
IMSI catchers are indiscriminate surveillance tools that could be used to track who attends a political demonstration or a…
Content Type: Press release
We found this image here.
The National Police Chiefs’ Council (NPCC) will no longer be able to operate in secret after human rights campaign organisations Liberty and Privacy International demanded it be subject to Freedom of Information laws.
The Government has now informed the organisations that it has started a process to designate the law enforcement policy-making body as a public authority subject to the Freedom of Information Act (FOIA) – meaning it will be open to public scrutiny.…
Content Type: News & Analysis
In order to uphold the law and keep us safe, the police can seriously interfere with a range of fundamental human rights. And so transparency and public scrutiny of their actions are essential to protect against misconduct and abuse.
So why is the National Police Chiefs’ Council (NPCC) now permitted to operate in secret?
We all have the right to seek information from most public bodies – including the police – under the Freedom of Information Act (FOIA) 2000. When the law was first…
Content Type: Long Read
TO TAKE PART IN OUR CAMPAIGN, RIGHT CLICK ON THE PICTURES BELOW, SAVE THEM, AND SHARE THEM ON SOCIAL MEDIA TAGGED #SPYPOLICE
Have you ever been to a peaceful protest, demo or march? Did you assume that the police would only be identifying 'troublemakers'? How would you feel if just by turning up at a peaceful protest, the police automatically identified you, without your consent or knowledge, and stored personal information about you (including photographs of your face) in a secret database?…
Content Type: Long Read
Image: Eric Jones
The UK government last week hosted hundreds of surveillance companies as it continues to try and identify “technology-based solutions” able to reconcile the need for controls at the Irish border with the need to avoid them.
The annual showcase conference of 'Security and Policing' brings together some of the most advanced security equipment with government agencies from around the world. It is off limits to the public and media.
This year’s event came as EU and UK…