Privacy and data protection
Privacy and data protection are essential for us to live, connect, work, create, organise and more. Governments and companies have long used mass surveillance for control trying to legitimise snooping for health, security or other reasons. The near-total digitisation of our lives has made it easier to control, profile and profit from our attention, data, bodies and behaviours in ways that are very difficult for us to understand and challenge. European data protection standards such as the GDPR are a good step forward but we need more to effectively ensure enforcement and protection against unlawful surveillance practices.
Filter resources
-
Snowden revelations: ten years on
Ten years ago, the first revelations about US mass surveillance were published in the UK and USA. The revelations swiftly widened to encompass details about the role of the UK’s GCHQ (Government Communications Headquarters) in the global gathering of vast amounts of communications data.
Read more
-
Europol data deals with violent police forces need “strong data protection safeguards”
Proposed data-sharing deals between Europol and five states in Central and South America needs explicit safeguards if they are to uphold fundamental rights, the European Data Protection Supervisor said at the beginning of May. Police forces in those states have brutal records of violence and torture.
Read more
-
Bits of Freedom monthly update on human rights & tech: April 2023
Read through the most interesting developments at the intersection of human rights and technology from the Netherlands. This is the fourth update in this series.
Read more
-
The Belgian government is failing to consider human rights in CSA Regulation
Despite the clear warnings, Belgium has taken a position calling on the EU to adopt the CSA regulation as quickly as possible, dismissing the technical problems, and without addressing the serious legal concerns that have been raised.
Read more
-
Open letter: e-Evidence package lacks appropriate safeguards, EU Parliament must reject it
Civil society, doctors, lawyers and journalists associations and internet service providers are calling on MEPs to reject the so-called “e-Evidence” package during the plenary vote on June 13 because the proposed system of cross-border access to data in criminal matters would severely undermine fundamental rights.
Read more
-
EDRi-gram, 31 May 2023
Here is what happened since we last touched base. The EDRi network met in Belgrade for our General Assembly. We strategised, got updates from national members about the state of #DigitalRights, and enjoyed personal connection time. A BIG welcome to EDRi's newly elected Board members: Andrej Petrovski, Director of Tech at EDRi member SHARE Foundation, and Isabela Fernandes, Executive Director of TOR Project. In the last fortnight, we also celebrated 5 years of the General Data Protection Regulation. The anniversary was marked by the €1.2 billion fine for Meta issued thanks to EDRi member noyb's work. The decision required 10 years and 3 court procedures against the Irish Data Protection Commission, which shows the need for better GDPR enforcement.
Read more
-
USA border plan requires “continuous and systematic” transfers of biometric data
Last year, it was revealed that the USA planned to launch Enhanced Border Security Partnerships (EBSPs) with other states around the world, seemingly targeting the EU, UK and Israel first. These would involve “continuous and systematic” transfers of biometric data to the USA for the purposes of immigration and asylum vetting, says a recent Council of the EU document obtained by Statewatch.
Read more
-
Sex, religion and race are advertising taboos, except for power-hungry politicians
As the GDPR turns five, certain EU lawmakers want to rip out some of its protections, so they can use our deeply personal information to tailor political ads and tip political elections and campaigns in their favour.
Read more
-
€1.2 billion GDPR fine for Meta over US mass surveillance
Today, a decade-long (2013 - 2023) case on Meta's involvement in US mass surveillance has led to a first direct decision. Meta must stop any further transfers of European personal data to the United States, given that Meta is subject to US surveillance laws (like FISA 702). The European Data Protection Board (EDPB) had largely overturned the Irish Data Protection Commission's (DPC) decision, insisting on a record fine and that previously transferred data must be brought back to the EU.
Read more
-
5 years of the GDPR: National authorities let down European legislator
On 25 May 2018, the General Data Protection Regulation (GDPR) came into force, promising to be the strongest set of data protection rules to enhance our privacy. While the contents of EU data protection rules stayed largely the same, the alleged big change was the GDPR's strict enforcement. 5 years later, national authorities and courts largely leave the European legislator in the lurch – despite a budget of more than €330 million in 2022.
Read more
-
Romania: CSA Regulation will make journalistic investigations of child abuse impossible
The back door to people’s private communications that only the authorities can access is a mythical creature that lives in the imagination of those dismissing the consequences of malware, spyware attacks and software exploits. Experts and affected people have spoken up about the dangers of creating a back door to secure communication even if it is to be accessed only by police and security services. The Child Sexual Abuse (CSA) Regulation has revived the age-old debate.
Read more
-
Open letter: Gender-inclusive and safe digital world that is free from violence for all
EDRi and 45 organisations call on the European Parliament to better protect those who face digitally facilitated gender-based violence.
Read more