Technology Pill Privacy International

What do you know about cryptography? Have you ever wanted to get a better understanding of some of the maths behind encryption? This week we speak to Ed, a Senior Technologist at PI, about some of the history and basics of encryption.

Find out more about encryption:

- Computerphile on youtube (https://www.youtube.com/@Computerphile) is a computer science professor with a range of useful and accessible videos on encryption

- Cloudflare have a helpful learning centre including this article on how encryption works and why cloudflare use Lava lamps to generate keys: https://www.cloudflare.com/en-gb/learning/ssl/lava-lamp-encryption/

- This is a helpful article on Diffie-Hellman including a diagram of the colours demonstration, which Ed discusses during the podcast: https://www.comparitech.com/blog/information-security/diffie-hellman-key-exchange/

- This article is great for learning more about hashing: https://auth0.com/blog/hashing-in-action-understanding-bcrypt/

- And if you're interested here is the wikipedia page on the Skytale sticks Ed talks about (https://en.wikipedia.org/wiki/Scytale)



Learn more about PI's work on encryption:

- PI's main encryption learn page: https://privacyinternational.org/learn/encryption

- A PI report on the importance of End to End Encryption (E2EE): https://privacyinternational.org/report/4949/securing-privacy-end-end-encryption

This week we speak to Mark Nelson, a car mechanic and father of five, who has been forced to wear a GPS tag by the Home Office for the past 20 months, and his lawyer Katie Schwarzmann of Wilsons Solicitors. The pair have been challenging the Home Office's ongoing imposition of GPS tracking on Mark in the courts and are now awaiting a judgement. We explore the legal case, the ways the tag hasn't worked for long periods of time, and a dubious AI the Home Office has been using in decisions as to whether someone remains on a GPS tag.



Links
- Read more from Katie's law firm, Wilsons Solicitors, about the case:
https://www.wilsonllp.co.uk/news/high-court-hears-first-challenge-to-the-governments-policy-of-gps-tagging-migrants

- PI's Complaint to the ICO (the UK's Data Protection Authority):
https://privacyinternational.org/legal-action/ico-complaint-against-uks-gps-tagging-migrants

- Read more about relevant cases in which PI has filed witness evidence:

https://privacyinternational.org/legal-action/uk-migrant-gps-tracking-challenges

- The five companies at the heart of the UK's GPS tagging system:
https://privacyinternational.org/long-read/5063/who-profits-uks-247-tracking-migrants

- We tested GPS ankle tags, read how our experiment went:
https://privacyinternational.org/long-read/5064/life-under-247-gps-surveillance-gps-ankle-tag-experiment

- Listen to our last podcast discussing GPS ankle tags:
https://privacyinternational.org/video/5074/gps-tracking-migrants-uk-who-profits

This week we talk about good things (or good-ish things) that you might have missed from 2023!



Links



Companies getting disciplined

- Ovulation Tracking App Premom Will be Barred from Sharing Health Data for Advertising Under Proposed FTC Order https://www.ftc.gov/news-events/news/press-releases/2023/05/ovulation-tracking-app-premom-will-be-barred-sharing-health-data-advertising-under-proposed-ftc

- Facebook getting fined for data exploitation in Norway: https://dig.watch/updates/meta-fined-98500-daily-over-user-privacy-breach-in-norway

- CNIL fines Criteo: https://privacyinternational.org/press-release/5075/global-adtech-company-criteo-fined-eu40-million-france-unlawfully-collecting

- CNIL fines Doctissimo: https://edpb.europa.eu/news/national-news/2023/health-data-and-use-cookies-french-sa-fines-doctissimo_en

- Worldcoin (aspires to be World ID) has been getting some pushback from some countries: https://www.citizen.digital/news/data-protection-office-says-worldcoin-likely-to-tamper-with-data-from-kenyans-seeks-courts-intervention-n325472



Governments abandoning plans, or at least held to account

- Kenya drops Huduma Numba and replaces it with new systems (it’s not any better and advocacy under way) but it’s still a sense of victory that they dropped Huduma Numba that caused some much controversy as highlighted by CSOs in particular through advocacy, research and litigation (which we supported led by Kenyan organisations like Nubian Rights Forum, amongst others) https://www.biometricupdate.com/202303/kenya-huduma-namba-funding-almost-entirely-cut-as-upi-digital-birth-registration-begins

- MI5 win: https://privacyinternational.org/press-release/5027/press-landmark-ruling-exposes-years-rule-breaking-mi5

- UK Supreme Court rules against Rwandan policy https://www.ft.com/content/c040946a-c294-4a89-808e-46c8b2f2f414

- Colombia at the UN Human Rights Committee https://privacyinternational.org/advocacy/5080/pis-submission-un-human-rights-committee-regarding-colombias-compliance-iccpr

- USA at the UN Human Rights Committee: https://ccprcentre.org/ccprpages/united-states-under-the-microscope-vast-participation-of-american-civil-society-organizations

- Brazil at the UN Human Rights Committee: https://tbinternet.ohchr.org/_layouts/15/treatybodyexternal/Download.aspx?symbolno=CCPR%2FC%2FBRA%2FCO%2F3&Lang=en



Legal protections emerging

- Proposed US Privacy Act: https://www.wired.com/story/government-surveillance-reform-act-2023/

- New data protection laws adopted (they are not perfect but they exist) in India https://www.techradar.com/computing/cyber-security/india-approves-new-privacy-law-but-is-it-really-a-win-for-citizens and Nigeria: https://kpmg.com/ng/en/home/insights/2023/09/the-nigeria-data-protection-act--2023.html



Innovations

- Apple deciding right to repair actually matters https://www.theverge.com/2023/10/24/23930762/apple-right-to-repair-white-house-iphone

This week we have a think about generative AI. After a concerning Guardian article about deep fake scams, we ask the question: did we really understand the risks when we started a podcast?

The audio clips featured in this podcast episode are the intellectual property of Smart Energy GB (Clip 1), Kim Kardashian (Clip 2), the Hollywood Reporter (Clip 3) and Lucasfilm Ltd (Clip 4). All rights are reserved to their copyright owners.

Other links:
- Experience: scammers used AI to fake my daughter’s kidnap:
https://www.theguardian.com/lifeandstyle/2023/aug/04/experience-scammers-used-ai-to-fake-my-daughters-kidnap
- 23 and Me hack:
https://www.bankinfosecurity.com/23andme-investigating-apparent-credential-stuffing-hack-a-23267
- Deepfakes Can Help Families Mourn—or Exploit Their Grief:
https://www.wired.com/story/deepfake-death-grief-hologram-photography-film/

This week we speak to competition expert Dr Deni Mantzari about competition, monopoly, and regulation. Are big tech companies monopolies? And if they are is that a problem?


Since we recorded this podcast there has been an update on the Microsoft Activision merger: https://www.theverge.com/2023/10/13/23796552/microsoft-activision-blizzard-cma-approval-uk

Links


PI competition page (our "very influential work"): https://privacyinternational.org/learn/competition-and-data
More about Dr Deni Mantzari: https://profiles.ucl.ac.uk/24171
Ecosystems and competition law in theory and practice - a research paper about ecosystems: https://academic.oup.com/icc/article/30/5/1199/6428760
Power Imbalances in Online Marketplaces: At the Crossroads of Competition Law and Regulation - one of Dr Deni's papers looking at peconomic dependence in online marketplaces: https://www.ucl.ac.uk/cles/sites/cles/files/cles_4_2021.pdf


Google Android European court case on abuse of dominance: https://curia.europa.eu/juris/document/document.jsf?text=&docid=265421&doclang=en
and more info here: https://curia.europa.eu/jcms/upload/docs/application/pdf/2022-09/cp220147en.pdf


The Stigler Report: https://www.chicagobooth.edu/research/stigler/news-and-media/committee-on-digital-platforms-final-report
The Furman Report: https://assets.publishing.service.gov.uk/media/5c88150ee5274a230219c35f/unlocking_digital_competition_furman_review_web.pdf
German Facebook case: https://www.bundeskartellamt.de/SharedDocs/Meldung/EN/Pressemitteilungen/2019/07_02_2019_Facebook.html;jsessionid=202D25E3738EF7AB3AC859AD9C78C43C.2_cid371?nn=3591568
Meta Data Protection fine: https://edpb.europa.eu/news/news/2023/12-billion-euro-fine-facebook-result-edpb-binding-decision_en
The UK's Competition and Markets Authority (CMA) Roomba decision: https://www.gov.uk/cma-cases/amazon-slash-irobot-merger-inquiry and PI's submission to the inquiry: https://privacyinternational.org/advocacy/5071/submissions-uk-and-eu-competition-authorities-amazonirobot-merger
The EU Digital Markets Act (DMA): https://commission.europa.eu/strategy-and-policy/priorities-2019-2024/europe-fit-digital-age/digital-markets-act-ensuring-fair-and-open-digital-markets_en
The EU Data Act: https://www.europarl.europa.eu/doceo/document/TA-9-2023-0069_EN.pdf

This month we speak to Dr Leonie Tanczer about her work looking at tech abuse: the use of “everyday” digital systems (computers, smartphones, apps) to coerce, control, and harm a person or groups of individuals. This is increasingly prevalent in the context of domestic abuse - around 85% of victims and survivors in the UK have been subjected to some form of tech abuse.



Links


Refuge's Tech Safety resources: https://refugetechsafety.org/
Refuge's Tech Safety smart home devices tool: https://refugetechsafety.org/hometech/
Read more about Dr Tanczer and her work: https://www.leonietanczer.net/about.html
Find out more about the Gender and Tech at UCL and sign up to the newsletter: https://www.ucl.ac.uk/computer-science/research/research-groups/gender-and-tech
PI's guides to improve your own device security: https://privacyinternational.org/act
UK MPs discuss smart tech and abuse: https://www.theguardian.com/society/2023/aug/07/uk-mps-warn-use-smart-tech-domestic-abuse
Connected technology: MPs call on Government to tackle growing problem of tech-enabled domestic abuse: https://committees.parliament.uk/work/6686/connected-tech-smart-or-sinister/news/196867/connected-technology-mps-call-on-government-to-tackle-growing-problem-of-techenabled-domestic-abuse/