Privacy International

Privacy International (PI) is a UK-based non-profit organisation formed in 1990 "as a watchdog on surveillance and privacy invasions by governments and corporations". PI has organised campaigns and initiatives in more than fifty countries and is based in London, UK.

Formation, background & objectives

During 1990, in response to increasing awareness about the globalisation of surveillance, more than a hundred privacy experts and human rights organisations from forty countries took steps to form an international organisation for the protection of privacy.^[1]

Members of the new body, including computer professionals, academics, lawyers, journalists, jurists and human rights activists, had a common interest in promoting an international understanding of the importance of privacy and data protection.^[2] Meetings of the group, which took the name Privacy International (PI), were held throughout that year in North America, Europe, Asia, and the South Pacific, and members agreed to work toward the establishment of new forms of privacy advocacy at the international level. The initiative was convened and personally funded by British privacy activist Simon Davies, who has since then been Director of the organisation.

At the time, privacy advocacy within the non-government sector was fragmented and regionalised, while at the regulatory level there was little communication between privacy officials outside the EU. Awareness of privacy issues at the international level was generated primarily through academic publications and international news reports but privacy campaigning at an international level until that time had not been feasible.^[3]

While there had for some years existed an annual international meeting of privacy regulators, the formation of Privacy International was the first successful attempt to establish a global focus on this emerging area of human rights. PI evolved as an independent, non-government network with the primary role of advocacy and support, but largely failed in its first decade to become a major international player. Most of its early campaigns were focused on South East Asia.^[4]

Privacy International's aims and mandate have remained largely unchanged since its inception. The organisation's Articles of Association state that its objectives are:

To raise awareness of and to provide education about threats to personal privacy;
To work at a national and international level toward the provision of strong and effective privacy law;
To monitor the nature, effectiveness and extent of measures to protect privacy and personal data;
To conduct research into threats to personal privacy;
To monitor and report on surveillance activities of security forces and intelligence agencies;
To scrutinise the nature, extent and implications of transborder flows of information;
To engage in advocacy at a national and international level, such as making representations to bodies such as the United Nations, the Council of Europe and the OECD;
To seek ways through which information technology can be used in the protection of privacy.

Campaigns, networking & research

Throughout the 1990s Privacy International was most prominent in North America, Europe and Southeast Asia, where it liaised with local human rights organisations to raise awareness about the development of national surveillance systems. In more recent times the organisation has shifted much of its focus to issues concerning the EU and the US and has adopted a more aggressive program of legal action.

Since the late 1990's the organization’s campaigns, media activity and projects have focused on a wide spectrum of issues, including Internet privacy, international government cooperation, passenger name record transfers, data protection law, anti-terrorism developments, freedom of information, Internet censorship, identity systems, corporate governance, the appointment of privacy regulators, cross-border data flows, data retention, judicial process, government consultation procedures, information security, national security, cybercrime and aspects of around a hundred technologies and technology applications ranging from video surveillance to DNA testing.

The PI network has also been used by law reform and human rights organisations in more than forty countries to campaign on local privacy issues. In Thailand and the Philippines, for example, Privacy International worked with local human rights bodies to develop national campaigns against the establishment of government identity card systems. In Canada, New Zealand, the United States, Hungary, Australia, and the United Kingdom it has promoted privacy issues through national media and through public campaigns. In Central and Eastern Europe, PI has been active in promoting government accountability through Freedom of information legislation.

PI also monitors the activities of international organisations, including the European Union, the Council of Europe, and United Nations agencies. It has conducted numerous studies and reports, and provides commentary and analysis of contemporary policy and technology issues.

The organisation is relatively small, comprising three full-time staff, part-time research support and a number of volunteers and interns. However this small team is supported in its project work by a collaborative network of around a hundred organisations in the fields of civil liberties, academia, technology assessment and human rights. These include, or have included, the American Civil Liberties Union, the Australian Privacy Foundation, the Electronic Privacy Information Center (US), Statewatch (UK), the Electronic Frontier Foundation (US), the European Digital Rights Initiative, Consumers International, the Foundation for Information Policy Research (UK), Liberty (UK), the Hungarian Civil Liberties Union, the Moscow Human Rights Network, Amnesty International, Privacy Ukraine, Quintessenz (Austria), Human Rights Watch, Bits of Freedom (Netherlands), freedominfo.org, Index on Censorship, the Association for Progressive Communications, the Global Internet Liberty Campaign, Charter 88 (UK), the Philippine Alliance of Human Rights Advocates and the Thai Civil Liberties Union.

Key activities

Research projects

PI has published around thirty major research reports. These include studies on Internet censorship ^[5], communicatons Data Retention, ^[6], counter-terorism policies in the EU and the US ^[7], SWIFT auditing processes ^[8], travel surveillance ^[9], Secrecy provisions & protection of sources ^[10], Internet privacy ^[11], policy laundering ^[12], Free expression & privacy ^[13], the US VISIT program ^[14] and identity cards and counter-terrorism ^[15].

The SWIFT affair

In June 2006, the New York Times and the Los Angeles Times published details of a private arrangement between Society for Worldwide Interbank Financial Telecommunication (SWIFT) and the United States Government that involved the mass covert disclosure to the US of customer financial data. SWIFT is a cooperative involving around 8,000 financial institutions. It handles the secure messaging process at the heart of the majority of financial transfers worldwide, amounting to around $2,000 trillion per year.

The following week PI filed simultaneous complaints with Data Protection and Privacy regulators in 38 countries concerning the secret disclosures of records. The complaints alleged that the transfers violated EU law.

The PI complaints sparked a series of regulatory and legal actions that have ultimately forced SWIFT to re-evaluate its practices. The organisation has now agreed to move its data operations to Switzerland where US authorities have no jurisdiction.

The Big Brother Awards

In 1998 Privacy International took the decision to start an international gong called the Big Brother Awards to be given to the most influential and persistent privacy invaders, as well as to people and organisations who have excelled in defending privacy. To date, 75 award ceremonies have been held as annual events in seventeen countries including Japan, Bulgaria, Ukraine, Australia. France, Germany, Austria, Switzerland, the Netherlands, New Zealand, Denmark, the United States, Spain, Finland and the United Kingdom.

The Stupid Security competition

In January 2003, PI launched an international competition to discover the world's "most pointless, intrusive and self-serving security initiatives". The "Stupid Security" award highlighted measures which are pointless and illusory, and which cause unnecessary distress, annoyance and unintended danger to the public. The competition resulted in over five thousand nominations from around the world. The winners were announced at the Computers, Freedom and Privacy conference in New York on April 3rd that year. The competition will be held again in 2008.

PI and public controversy

Privacy International's unconventional and sometimes aggressive approach to privacy advocacy has at times resulted in controversy.

The most notable political controversy surrounding the organization was sparked in 2005 when former British Prime Minister Tony Blair and former Home Secretary Charles Clarke publicly accused PI's Director and founder Simon Davies of covertly using his academic affiliation with the London School of Economics (LSE) to undermine the government's plans for a national identity card.^[16] The claims were strenuously denied both by Simon Davies and by the LSE's Director, Sir Howard Davies and resulted in heated criticism of the government by Opposition parties both in the House of Commons^[17] and the House of Lords ^[18]. A comprehensive and heavily publicized campaign across government was nevertheless undertaken to discredit PI and Davies, leading some media to draw comparisons with former government scientific advisor David Kelly who took his life following an allegedly similar campaign.^[19]

In his 2006 autobiography^[20], another former Home Secretary David Blunkett wrote "I am really sorry that the London School of Economics have allowed him (Davies) to even hint that he has any connection with them". Davies has lectured at the LSE since 1997 and continues to do so both as Visiting Fellow and as co-director of the LSE's Policy Engagement Network.

In June 2007 PI released an assessment of the privacy practices of selected online services ^[21]. This generated controversy within the blogosphere for what some observers perceived as undue criticism of Google, which was rated as more privacy-infringing than Facebook or Microsoft. Particular criticism was levelled at Privacy Interational's choice to rate Microsoft's Live Search brand and Microsoft as a corporation separately, a decision that resulted in a more flattering assessment of Microsoft than might otherwise have been the case. PI defended itself on the grounds that it had also split Google into two separate entities.

Privacy index

Since 1997 Privacy International in cooperation with the Electronic Privacy Information Center has conducted annual surveys^[22] in order to assess how much privacy nations' populations have from both corporative and government surveillance.^[23] The 2006 survey examined all EU countries and 11 other selected countries.

Template:Privacy International/Privacy index

Final Score
4.1-5.0	Consistently upholds human rights standards
3.6-4.0	Significant protections and safeguards
3.1-3.5	Adequate safeguards against abuse
2.6-3.0	Some safeguards but weakened protections
2.1-2.5	Systemic failure to uphold safeguards
1.6-2.0	Extensive surveillance societies
1.1-1.5	Endemic surveillance societies

Structure and finances

PI has received funding and support from a range of Foundations, academic establishments and non-government organisations. These include the Soros Foundation, the American Civil Liberties Union, the Electronic Privacy Information Center, the Fund for Constitutional Government, the Stern Foundation, the Privacy Foundation, the German Marshall Fund, and the University of New South Wales. The organisation is also minimally financed through donations from members of the public.

By 2007 the organization had an international advisory board with members from over 30 countries, and a Board of Trustees who oversee a small team of research and policy staff. It is an independent non-profit organization chartered in the UK. Its US organisation is administered through the Fund for Constitutional Government in Washington DC.

References

^ Bennett, Colin, J. Regulating privacy: data protection & public policy in Europe and the United States; 1992, Cornell University Press. p.248
^ Privacy International Interim report to members, 1990-1991
^ For a comprehensive analysis of the international privacy regulatory environment of that era see David H Flaherty, "Protecting privacy in surveillance societies"; University of North Carolina Press, 1989
^ Peddling Big Brother, Time Magazine, June 24, 1991[1]
^ Silenced: censorship and control of the Internet, 2003
^ Briefing for Members of the European Parliament on Data Retention; September 2005
^ Threatening the Open Society: Comparing Anti-terror Policies and Strategies in the U.S. and Europe; December 2005
^ Booz Allen Not An Independent Check On SWIFT Surveillance: A Memo by the American Civil Liberties Union and Privacy International,
^ Regulatory challenges for the US and EU airlines and passengers: current & future challenges
^ Legal Protections and Barriers on the Right to Information, State Secrets and Protection of Sources in OSCE Participating States
^ A Race to the Bottom: Privacy Ranking of Internet Service Companies, June 2007
^ Privacy and Cyberspace: Questioning the Need for Harmonisation; July 2005
^ Politics of the Information Society: The Bordering and Restraining of Global Data Flows, UNESCO 2004
^ The enhanced US border surveillance system: an assessment of the implications of US-VISIT, September 2004
^ Mistaken Identity; Exploring the Relationship Between National Identity Cards & the Prevention of Terrorism, April 2004
^ For a brief history of the controversy see "ID cards academic attacks Clarke", BBC News online, 5 July 2005 [2]
^ David Davis MP, Commons debates, 28 June, 2005 [3]
^ Lord Northesk, Lords Debates 6 February 2006 [4]
^ See for example "'Hounding' could lead to another David Kelly case", Times Higher Education Supplement, 10 February, 2006 [5]
^ The Blunkett Tapes: My Life in the Bear Pit; Bloomsbury, London; p.797
^ Privacy International: A Race to the Bottom: Privacy Ranking of Internet Service Companies
^ Privacy International. Ratings Table of EU and Leading Surveillance Societies
^ Privacy International. Briefing paper on the ratings table

External links

Template:Lists of countries

[1] Bennett, Colin, J. Regulating privacy: data protection & public policy in Europe and the United States; 1992, Cornell University Press. p.248

[2] Privacy International Interim report to members, 1990-1991

[3] For a comprehensive analysis of the international privacy regulatory environment of that era see David H Flaherty, "Protecting privacy in surveillance societies"; University of North Carolina Press, 1989

[4] Peddling Big Brother, Time Magazine, June 24, 1991[1]

[5] Silenced: censorship and control of the Internet, 2003

[6] Briefing for Members of the European Parliament on Data Retention; September 2005

[7] Threatening the Open Society: Comparing Anti-terror Policies and Strategies in the U.S. and Europe; December 2005

[8] Booz Allen Not An Independent Check On SWIFT Surveillance: A Memo by the American Civil Liberties Union and Privacy International,

[9] Regulatory challenges for the US and EU airlines and passengers: current & future challenges

[10] Legal Protections and Barriers on the Right to Information, State Secrets and Protection of Sources in OSCE Participating States

[11] A Race to the Bottom: Privacy Ranking of Internet Service Companies, June 2007

[12] Privacy and Cyberspace: Questioning the Need for Harmonisation; July 2005

[13] Politics of the Information Society: The Bordering and Restraining of Global Data Flows, UNESCO 2004

[14] The enhanced US border surveillance system: an assessment of the implications of US-VISIT, September 2004

[15] Mistaken Identity; Exploring the Relationship Between National Identity Cards & the Prevention of Terrorism, April 2004

[16] For a brief history of the controversy see "ID cards academic attacks Clarke", BBC News online, 5 July 2005 [2]

[17] David Davis MP, Commons debates, 28 June, 2005 [3]

[18] Lord Northesk, Lords Debates 6 February 2006 [4]

[19] See for example "'Hounding' could lead to another David Kelly case", Times Higher Education Supplement, 10 February, 2006 [5]

[20] The Blunkett Tapes: My Life in the Bear Pit; Bloomsbury, London; p.797

[21] Privacy International: A Race to the Bottom: Privacy Ranking of Internet Service Companies

[22] Privacy International. Ratings Table of EU and Leading Surveillance Societies

[23] Privacy International. Briefing paper on the ratings table

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

[21]

[22]

[23]