Privacy International

Privacy International (PI) is a UK-based non-profit organisation formed in 1990, "as a watchdog on surveillance and privacy invasions by governments and corporations." PI has organised campaigns and initiatives in more than fifty countries and is based in London, UK.

Formation, background and objectives

During 1990, in response to increasing awareness about the globalisation of surveillance, more than a hundred privacy experts and human rights organizations from forty countries took steps to form an international organization for the protection of privacy. [ Bennett, Colin, J. Regulating privacy: data protection & public policy in Europe and the United States; 1992, Cornell University Press. p.248]

Members of the new body, including computer professionals, academics, lawyers, journalists, jurists and human rights activists, had a common interest in promoting an international understanding of the importance of privacy and data protection. [ [http://www.privacyinternational.org Interim report to members, 1990-1991] ] Meetings of the group, which took the name Privacy International (PI), were held throughout that year in North America, Europe, Asia, and the South Pacific, and members agreed to work toward the establishment of new forms of privacy advocacy at the international level. The initiative was convened and personally funded by British privacy activist Simon Davies who has since then been director of the organization.

At the time, privacy advocacy within the non-government sector was fragmented and regionalised, while at the regulatory level there was little communication between privacy officials outside the EU. Awareness of privacy issues at the international level was generated primarily through academic publications and international news reports but privacy campaigning at an international level until that time had not been feasible. [ For a comprehensive analysis of the international privacy regulatory environment of that era see David H Flaherty, "Protecting privacy in surveillance societies"; University of North Carolina Press, 1989]

While there had for some years existed an annual international meeting of privacy regulators, the formation of Privacy International was the first successful attempt to establish a global focus on this emerging area of human rights. PI evolved as an independent, non-government network with the primary role of advocacy and support, but largely failed in its first decade to become a major international player. Most of its early campaigns were focused on South East Asia. [Peddling Big Brother, Time Magazine, June 24, 1991 [http://www.time.com/time/magazine/article/0,9171,973251,00.html] ]

Privacy International's aims and mandate have remained largely unchanged since its inception. The organisation's Articles of Association state that its objectives are:

#To raise awareness of and to provide education about threats to personal privacy;
#To work at a national and international level toward the provision of strong and effective privacy law;
#To monitor the nature, effectiveness and extent of measures to protect privacy and personal data;
#To conduct research into threats to personal privacy;
#To monitor and report on surveillance activities of security forces and intelligence agencies;
#To scrutinise the nature, extent and implications of trans-border flows of information;
#To engage in advocacy at a national and international level, such as making representations to bodies such as the United Nations, the Council of Europe and the OECD;
#To seek ways through which information technology can be used in the protection of privacy.

Campaigns, networking and research

Throughout the 1990s Privacy International was active in North America, Europe and Southeast Asia, where it liaised with local human rights organisations to raise awareness about the development of national surveillance systems. In more recent times the organisation has shifted much of its focus to issues concerning the EU and the US and has adopted a more aggressive program of legal action.

Since the late 1990s the organization's campaigns, media activity and projects have focused on a wide spectrum of issues, including Internet privacy, international government cooperation, passenger name record transfers, data protection law, anti-terrorism developments, freedom of information, Internet censorship, identity systems, corporate governance, the appointment of privacy regulators, cross-border data flows, data retention, judicial process, government consultation procedures, information security, national security, cybercrime and aspects of around a hundred technologies and technology applications ranging from video surveillance to DNA testing.

The PI network has also been used by law reform and human rights organisations in more than forty countries to campaign on local privacy issues. In Thailand and the Philippines, for example, Privacy International worked with local human rights bodies to develop national campaigns against the establishment of government identity card systems. In Canada, New Zealand, the United States, Hungary, Australia, and the United Kingdom it has promoted privacy issues through national media and through public campaigns. In Central and Eastern Europe, PI has been active in promoting government accountability through Freedom of information legislation.

PI monitors the activities of international organisations, including the European Union, the Council of Europe, and United Nations agencies. It has conducted numerous studies and reports, and provides commentary and analysis of contemporary policy and technology issues.

The organisation is relatively small, comprising three full-time staff, part-time research support and a number of volunteers and interns. However this small team is supported in its project work by a collaborative network of around a hundred organisations in the fields of civil liberties, academia, technology assessment and human rights. These include, or have included, the American Civil Liberties Union, the Australian Privacy Foundation, the Electronic Privacy Information Center (US), Statewatch (UK), the Electronic Frontier Foundation (US), the European Digital Rights Initiative, Consumers International, the Foundation for Information Policy Research (UK), Liberty (UK), the Hungarian Civil Liberties Union, the Moscow Human Rights Network, Amnesty International, Privacy Ukraine, Quintessenz (Austria), Human Rights Watch, Bits of Freedom (Netherlands), freedominfo.org, Index on Censorship, the Association for Progressive Communications, the Global Internet Liberty Campaign, Charter 88 (UK), the Philippine Alliance of Human Rights Advocates and the Thai Civil Liberties Union.

Key activities

Research projects

PI has published around thirty major research reports. These include studies on Internet censorship, [ Silenced: censorship and control of the Internet, 2003 ] communications Data Retention, [ Briefing for Members of the European Parliament on Data Retention; September 2005] counter-terrorism policies in the EU and the US, [Threatening the Open Society: Comparing Anti-terror Policies and Strategies in the U.S. and Europe; December 2005 ] SWIFT auditing processes, [ Booz Allen Not An Independent Check On SWIFT Surveillance: A Memo by the American Civil Liberties Union and Privacy International] travel surveillance, [ Regulatory challenges for the US and EU airlines and passengers: current & future challenges] Secrecy provisions and protection of sources, [ Legal Protections and Barriers on the Right to Information, State Secrets and Protection of Sources in OSCE Participating States] Internet privacy, [ A Race to the Bottom: Privacy Ranking of Internet Service Companies, June 2007 ] policy laundering, [ Privacy and Cyberspace: Questioning the Need for Harmonisation; July 2005] Free expression and privacy, [ Politics of the Information Society: The Bordering and Restraining of Global Data Flows, UNESCO 2004] the US VISIT program, [ The enhanced US border surveillance system: an assessment of theimplications of US-VISIT, September 2004] and identity cards and counter-terrorism. [ Mistaken Identity; Exploring the Relationship Between National Identity Cards & the Prevention of Terrorism, April 2004 ]

The SWIFT affair

In June 2006, the "New York Times" and the "Los Angeles Times" published details of a private arrangement between Society for Worldwide Interbank Financial Telecommunication (SWIFT) and the United States Government that involved the mass covert disclosure to the US of customer financial data. SWIFT is a cooperative involving around 8,000 financial institutions. It handles the secure messaging process at the heart of the majority of financial transfers worldwide, amounting to around $2,000 trillion per year.

The following week PI filed simultaneous complaints with Data Protection and Privacy regulators in 38 countries concerning the secret disclosures of records. The complaints alleged that the transfers violated EU law.

The PI complaints sparked a series of regulatory and legal actions that have ultimately forced SWIFT to re-evaluate its practices. The organisation has now agreed to move its data operations to Switzerland where US authorities have no jurisdiction.

The Big Brother Awards

In 1998 Privacy International took the decision to start an international gong called the Big Brother Awards to be given to the most influential and persistent privacy invaders, as well as to people and organisations who have excelled in defending privacy. To date, 75 award ceremonies have been held as annual events in seventeen countries including Japan, Bulgaria, Ukraine, Australia. France, Germany, Austria, Switzerland, the Netherlands, New Zealand, Denmark, the United States, Spain, Finland and the United Kingdom.

The Stupid Security competition

In January 2003, PI launched an international competition to discover the world's "most pointless, intrusive and self-serving security initiatives". The "Stupid Security" award highlighted measures which are pointless and illusory, and which cause unnecessary distress, annoyance and unintended danger to the public. The competition resulted in over five thousand nominations from around the world. The winners were announced at the Computers, Freedom and Privacy conference in New York on April 3rd that year. The competition will be held again in 2008.

PI and public controversy

Privacy International's unconventional and sometimes aggressive approach to privacy advocacy has at times resulted in controversy.

The most notable political controversy surrounding the organization was sparked in 2005 when former British Prime Minister Tony Blair and former Home Secretary Charles Clarke publicly accused PI's Director and founder Simon Davies of covertly using his academic affiliation with the London School of Economics (LSE) to undermine the government's plans for a national identity card. [ [http://news.bbc.co.uk/1/hi/uk_politics/4651299.stm "ID cards academic attacks Clarke", BBC News online, 5 July 2005] ] The claims were strenuously denied both by Simon Davies and by the LSE's Director, Sir Howard Davies and resulted in heated criticism of the government by Opposition parties both in the House of Commons [ [http://www.publications.parliament.uk/cgi-bin/newhtml_hl?DB=semukparl&STEMMER=en&WORDS=simon%20davies&ALL=&ANY=&PHRASE=%22Simon%20Davies%20%22&CATEGORIES=&SIMPLE=&SPEAKER=&COLOUR=red&STYLE=s&ANCHOR=50628-16_spnew1&URL=/pa/cm200506/cmhansrd/vo050628/debtext/50628-16.htm#50628-16_spnew1 David Davis MP, Commons debates, 28 June, 2005] ] and the House of Lords. [ [http://www.publications.parliament.uk/cgi-bin/newhtml_hl?DB=semukparl&STEMMER=en&WORDS=simon%20davies&ALL=&ANY=&PHRASE=%22Simon%20Davies%20%22&CATEGORIES=&SIMPLE=&SPEAKER=&COLOUR=red&STYLE=s&ANCHOR=60206-11_spnew0&URL=/pa/ld199697/ldhansrd/pdvn/lds06/text/60206-11.htm#60206-11_spnew0 Lord Northesk, Lords Debates 6 February 2006] ] A comprehensive and heavily publicised campaign across government was nevertheless undertaken to discredit PI and Davies, leading some media to draw comparisons with former government scientific advisor David Kelly who took his life following an allegedly similar campaign. [ [http://www.thes.co.uk/current_edition/story.aspx?story_id=2027759 "'Hounding' could lead to another David Kelly case", Times Higher Education Supplement, 10 February, 2006] ]

In his 2006 autobiography, [The Blunkett Tapes: My Life in the Bear Pit; Bloomsbury, London; p.797] another former Home Secretary David Blunkett wrote "I am really sorry that the London School of Economics have allowed him (Davies) to even hint that he has any connection with them". Davies has lectured at the LSE since 1997 and continues to do so both as Visiting Fellow and as co-director of the LSE's Policy Engagement Network.

In June 2007 PI released an assessment of the privacy practices of selected online services. [ [http://www.privacyinternational.org/article.shtml?cmd%5B347%5D=x-347-553961 A Race to the Bottom: Privacy Ranking of Internet Service Companies] ] This generated controversy within the blogosphere for what some observers perceived as undue criticism of Google, which was rated as more privacy-infringing than Facebook or Microsoft. Particular criticism was levelled at Privacy International's choice to rate Microsoft's Live Search brand and Microsoft as a corporation separately, a decision that resulted in a more flattering assessment of Microsoft than might otherwise have been the case. PI defended itself on the grounds that it had also split Google into two separate entities.

PI were drawn into the Phorm affair in February 2008, after Kent Ertugrul claimed PI endorsement for Phorm's Webwise product; [ [http://www.guardian.co.uk/technology/audio/2008/mar/11/charles.arthur.phorm Charles Arthur: Interview with Kent Ertugrul] ]

Kent Ertugrul: "Just to be sure, bring in external validators, bring in Ernst and Young, bring in Privacy International"
Charles Arthur: "It wasn't Privacy International was it though? It was Simon Davies and Gus Hosein who were acting individually"
Kent: "Your point is what?"

Simon Davies drew fierce criticism for his apparent enthusiasm for aspects of Phorm's model of operation, stating that " [PI] DOES NOT endorse Phorm, though we do applaud a number of developments in its process". At the time of writing, PI have not published any analysis or comment concerning Phorm products.

Privacy index

Since 1997 Privacy International in cooperation with the Electronic Privacy Information Center has conducted annual surveys [ [http://www.privacyinternational.org/survey/phr2005/phrtable.pdf Ratings Table of EU and Leading Surveillance Societies] ] in order to assess how much privacy nations' populations have from both corporative and government surveillance. [ [http://www.privacyinternational.org/survey/phr2005/aboutphrtable.pdf Briefing paper on the ratings table] ] The 2006 survey examined all EU countries and 11 other selected countries.

tructure and finances

PI has received funding and support from a range of Foundations, academic establishments and non-government organisations. These include the Soros Foundation, the American Civil Liberties Union, the Electronic Privacy Information Center, the Fund for Constitutional Government, the Stern Foundation, the Privacy Foundation, the German Marshall Fund, and the University of New South Wales. The organisation is also minimally financed through donations from members of the public.

By 2007 the organization had an international advisory board with members from over 30 countries, and a Board of Trustees who oversee a small team of research and policy staff. It is an independent non-profit organization chartered in the UK. Its US organisation is administered through the Fund for Constitutional Government in Washington DC.

References

ee also

*Big Brother Awards
*Mass surveillance
*privacy
*data protection

External links

* [http://www.privacyinternational.org/ Privacy International]
* [http://www.no2id.net/ No 2 ID campaign in the UK]