Privacy and data protection
Privacy and data protection are essential for us to live, connect, work, create, organise and more. Governments and companies have long used mass surveillance for control trying to legitimise snooping for health, security or other reasons. The near-total digitisation of our lives has made it easier to control, profile and profit from our attention, data, bodies and behaviours in ways that are very difficult for us to understand and challenge. European data protection standards such as the GDPR are a good step forward but we need more to effectively ensure enforcement and protection against unlawful surveillance practices.
Filter resources
-
EDRi-gram, 3 April 2024
After our light-hearted April Fool’s edition, it’s time to get down to brass tacks. In this issue, we delve into the European Court of Justice’s landmark decision declaring the EU regulation on fingerprint IDs invalid—a significant victory. We’re also peeling back the layers of the Artificial Intelligence Act, offering you an in-depth look at the legislation’s intricacies and its implications for your digital rights. Furthermore, we shine a spotlight on the concerning trends in surveillance expansion and disinformation spread across Eastern partnership countries.
Read more
-
2023 Digital Rights Update: Eastern Partnership CSO Meter
Countries of the Eastern Partnership region continue digitalisation efforts and some implemented promising data protection legislation. However, the expansion of surveillance and spread of disinformation put digital rights under constant pressure in 2023.
Read more
-
Mandatory fingerprints on IDs will be up for re-negotiation
On 21 March 2024, the European Court of Justice ruled the European Union (EU) regulation that enacts fingerprint IDs to be invalid for formal reasons. The principle of mandatory fingerprint collection was declared to be compliant with fundamental rights. However, the court has required a new regulation to be adopted on a different legal basis, opening up opportunities to ultimately overturn the fingerprint obligation.
Read more
-
EU’s AI Act fails to set gold standard for human rights
A round-up of how the EU Artificial Intelligence (AI) Act fares against the collective demands of a broad civil society coalition that advocated for prioritising the protection of fundamental human rights in the law.
Read more
-
New EU health data law endangers medical secrecy
EU lawmakers have agreed on a compromise for the European Health Data Space (EHDS) which will expose everyone’s medical records to unnecessary security and privacy risks in the name of research and “innovation”.
Read more
-
Europol and biometric surveillance “won” the Czech Big Brother Awards
For the 19th year, the Big Brother Awards took place in the Czech Republic. There were four negative awards given as well as one positive award.
Read more
-
Europe’s highest court delivers landmark judgment against IAB Europe in GDPR consent spam pop-ups case
The Court of Justice of the European Union's landmark decision on March 7, 2023, against the auctioning of personal data for advertising purposes under the General Data Protection Regulation (GDPR) challenges the legality of invasive tracking and profiling in the context of online advertising. It marks a significant victory for privacy advocates and sets a precedent for the protection of personal data in the digital era.
Read more
-
EDRi-gram, 20 March 2024
On March 13, following years of tireless advocacy, the EU Parliament finally passed the Artificial Intelligence (AI) Act. But there’s not much to celebrate – the law missed the mark when it comes to protecting our human rights, especially those of migrants and people on the move. On the same day, the Parliament also passed the European Media Freedom Law (EMFA) which aims to protect journalists and media workers. Another legislation with lofty ambitions that did not live up to its goals. Despite the Brussels spyware scandal that shocked up in February 2024, EU’s approach to surveillance technology remains lackadaisical at best. What will finally convince them to take action?
Read more
-
European Court of Human Rights confirms: weakening of encryption can violate the human right to privacy
In a milestone judgment - Podchasov v. Russia - the European Court of Human Rights (ECtHR) has ruled that weakening of encryption can lead to general and indiscriminate surveillance of the communications of all users and violates the human right to privacy.
Read more
-
GPS tagging of migrants found unlawful by UK data protection authority
As a result of Privacy International’s 2022 complaint against the UK Home Office, the UK data protection authority (ICO) has found that the GPS tagging of migrants and asylum seekers arriving to the UK small boats was unlawful, and issued a formal warning for all future data protection compliance of GPS tagging as a whole. This is a major step towards better scrutiny of the human rights implications of the surveillance of migrants.
Read more
-
Will the Brussels spyware scandal finally convince the EU to act?
In February, Brussels was rocked by reports of phone hacking and spyware attacks on members of the European Parliament’s defence and security committee. Such intrusions are a huge threat to EU democracy — interfering with decision-making and allowing obstructive disruptions to public debate. Three weeks on, nothing seems to have changed with the EU’s approach to spyware.
Read more
-
Privatised municipal surveillance on the stage of security theatre in Slovenia
The municipality of Ljubljana, the capital of Slovenia, wasted almost two years deflecting freedom of information requests (FOIAs) from EDRi member Državljan Dsfor the municipal CCTV system data in the city. The data, when finally provided, revealed the scale of ineffective security theatre paid for by Ljubljana’s citizens, and the need for a public debate about the use of this technology.
Read more