By Robert Bateman

U.K. supermarket chain the Southern Co-op is using facial-recognition technology to address shoplifting, a move that privacy advocates argued violated shoppers’ privacy rights.

The supermarket has been using facial-recognition cameras, provided by the security firm Facewatch, in 18 of its stores across the south of England since 2018, a company spokesperson told Digital Privacy News.

The cameras scan the faces of anyone walking into the store and retains biometric data derived from the facial images of people suspected of having committed a crime.

“To see a supposedly ethical company secretly using rights-abusive tech like facial recognition on its customers in the U.K. is deeply chilling,” said Silkie Carlo, director of U.K. privacy advocacy group Big Brother Watch.

Continue reading “Privacy Advocates Outraged by UK Supermarket’s Face Cameras” →

By Robert Bateman

Social media app TikTok is facing a class-action lawsuit in the U.K., led by an unnamed 12-year-old girl who claims the app breached her privacy.

The High Court of England and Wales allowed the plaintiff, known only as “SMO,” permission to proceed anonymously in a hearing conducted last month.

Court documents revealed that the plaintiff was citing the General Data Protection Regulation (GDPR), an EU law adopted into U.K. law before Brexit. The law, passed in 2016, restricts how apps and other online services use children’s personal information. 

Under the GDPR, if online service providers want consent to process a child’s personal information, they must request it from a parent or guardian.

Continue reading “UK Girl, 12, Sues TikTok Over Claims of Breaching Her Privacy” →

By Robert Bateman

Tech giants Oracle and Salesforce are facing class-action lawsuits in the U.K. and the Netherlands over allegations that they are “misusing the personal data” of millions of people.

The legal claims relate to how the companies contribute to “real-time bidding” (RTB), a controversial advertising practice that involves the auctioning of personal data collected via web cookies and other tracking technologies.

The U.K. suit, led by privacy advocate Rebecca Rumbul, is seeking damages of approximately $13 billion, which would amount to about $650 for every U.K. internet user.

The parallel Netherlands case, led by the nonprofit Privacy Collective, is seeking approximately $19.5 billion.

Continue reading “Oracle and Salesforce Face Huge Lawsuits in UK, Netherlands” →

By Robert Bateman 

The U.K. is establishing a new competition authority to regulate digital markets and improve consumer choice.  

The new Digital Markets Unit (DMU) will be established next April, following a report in July about online platforms by the U.K.’s Competition and Markets Authority (CMA). 

The unit will “introduce and enforce a new code to govern the behavior of platforms… such as Google and Facebook,” according to a government news release last month. 

But with a handful of firms increasingly dominating the market, some experts told Digital Privacy News that they were concerned that the new regime could struggle to take on the tech giants. 

Continue reading “UK Sets Up Regulator to Take On Big Tech” →

By Robert Bateman

A digital-rights organization, the Open Rights Group (ORG), is taking the U.K.’s privacy regulator to court over allegations that it has failed to address illegal practices in the digital advertising technology — adtech — industry.

The claim, filed Oct. 21 with the U.K.’s Information Rights Tribunal, follows a complaint first filed with the regulator, the Information Commissioner’s Office (ICO), by ORG Executive Director Jim Killock in September 2018.

The complaint alleged that Google and other tech companies were using people’s personal data illegally, via a process called “real-time bidding” (RTB).

Continue reading “Rights Group Sues UK Privacy Regulator in Landmark Case” →

By Robert Bateman

Governments across the world are calling on technology firms to allow agencies access to private communications, claiming that end-to-end encryption that shuts out law enforcement presents a “severe risk to public safety.”

In a statement, signed Oct. 11, the governments of the U.S., U.K., Australia, New Zealand, Canada, India and Japan argued that software developers should “engage in consultation with governments and other stakeholders” to “embed the safety of the public in system design.”

But experts told Digital Privacy News that the proposals presented an unacceptable risk to individual privacy.

Continue reading “Officials Urge Tech Firms to Help Them Access User Data” →

Facebook Begins Controversial Integration of Messenger, Instagram

By Robert Bateman

Facebook has begun the long-planned integration of its Messenger and Instagram platforms, as governments and regulators show increasing concern about its market dominance.

The change will allow Facebook and Instagram users to send private messages to one another between platforms. Facebook also plans to include its WhatsApp platform in the integration.

Antitrust regulators in the U.S. and European Union have scrutinized Facebook’s acquisitions of Instagram and WhatsApp. Some experts told Digital Privacy News that Facebook’s plans might be designed to disrupt regulators’ activities.

Continue reading “‘Basis of a Lie’” →

By Robert Bateman

The U.K. government is planning a significant overhaul of its privacy laws in a move that experts told Digital Privacy News risked damaging the country’s economy and relations with the European Union.

The government’s national data strategy, published last month, says that the U.K. “will control its own data protection laws and regulations in line with its interests” after the country’s transition out of the EU.

Continue reading “UK’s Privacy Law Overhaul Could Damage Post-Brexit Economy” →

By Robert Bateman

The European Court of Human Rights (ECHR) struck a severe blow to privacy advocates this month when it rejected a legal challenge to the U.K. government’s surveillance activities on procedural grounds.

The case was brought by advocacy groups, who argued that the government’s cellphone-hacking and surveillance violated European human-rights law.

The court ruled Sept. 3 that the case was inadmissible because the advocates had not exhausted the U.K.’s domestic legal procedures.

Continue reading “European Court Spurns Challenge to UK Government Surveillance” →

By Robert Bateman

Google faces a $2.5 billion class-action lawsuit in the U.K., over allegations that its YouTube video-sharing platform is “breaching millions of young peoples’ privacy and data rights.” 

The case is on behalf of an estimated 5 million children under 13 across England and Wales, according to a Sept.14 news release from the case’s legal team.

If successful, it would be the first class-action lawsuit against a tech company in Europe. 

Google, which acquired YouTube in 2006, is accused of violating U.K. law, which states that children under 13 are unable to consent to the collection of their personal information.

“They’re using this data to capture the attention of our children,” Duncan McCann, the representative claimant in the case, told Digital Privacy News. 

He has three children aged 13 or under, and McCann said he was concerned about how Google used their personal information on YouTube.

Continue reading “Google Faces $2.5B Lawsuit Over YouTube and Children’s Data” →

By Robert Bateman

The U.K. government paid the artificial intelligence firm Faculty $524,000 to trawl and analyze the Twitter activity of the nation’s voters, according to an investigation by the campaign group Big Brother Watch.

The probe, disclosed by The Guardian on Aug. 10, revealed that Faculty was contracted to provide “topic analysis of social media” and gauge public response to the government’s handling of the COVID-19 crisis.

Continue reading “UK Pays AI Firm to Trawl Voters’ Twitter Data” →

By Robert Bateman

A landmark legal challenge to the use of facial-recognition technology has succeeded, with the U.K.’s Court of Appeal ruling this month that police in South Wales used automated facial recognition in violation of fundamental human rights.

Edward Bridges, a Cardiff resident supported by a human-rights group, Liberty, argued that the police had not adequately assessed how facial-recognition technology could violate individual “rights and freedoms” nor considered how the technology could be biased along racial and gender lines.

The Court of Appeal made its unanimous ruling Aug. 11. The South Wales Police has accepted the verdict and will not appeal to the Supreme Court.

Continue reading “UK Court Spurns Police in First Legal Test of Face Recognition” →

By Robert Bateman

The world of digital privacy was shaken this month, when the Court of Justice of the European Union (CJEU) invalidated the Privacy Shield framework, which allows certain businesses to freely transfer personal information from the E.U. to the U.S.

The E.U. court ruled July 16 in Luxembourg that U.S. surveillance laws violated the privacy of European citizens. International data transfers to the U.S. can still take place, however, subject to standard contractual clauses to protect personal information, written by the European Commission.

Experts on both sides of the Atlantic told Digital Privacy News that the U.K., which has similarly intrusive surveillance laws to the United States, could be disproportionately affected by the decision.

Continue reading “EU Strikes Down Privacy Shield, With Major Implications for UK Economy” →