Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Privacy International Profile picture
@privacyint
Feb 10, 2023 9 tweets 4 min read Read on X
Yesterday we attended a hearing at the CNIL (the French data protection authority) following our 2020 complaint against @doctissimo, a major French health and wellness information website. Some spicy details, including a proposed €380,000 fine...

Thread 👇
@doctissimo The CNIL rapporteure focused on 5 points: data retention, consent, joint controllership, security and cookies - it found that Doctissimo failed on all of them when collecting and sharing the sensitive data of thousands of people.
@doctissimo Through the 684 (!) health & wellness online self-tests that Doctissimo offers, the company reached 584,000 people.

Doctissimo said only 5% of those tests collected health data, meaning 30,000 people had their data unlawfully processed.
@doctissimo Qualifio, a third party company contracted by Doctissimo to run its online self-test forms, had access to the IP addresses of Doctissimo users, which Doctissimo failed to notice despite being provided with regular reports.
@doctissimo This means Qualifio could use this data to identify users, for example for advertising purposes - and to cross the data obtained through Doctissimo with data obtained from other clients.
@doctissimo Data was shared with third parties without any encryption (using HTTP) until October 2019, meaning that until then thousands of people's health data could have been intercepted by malicious actors.
@doctissimo The rapporteure found that despite implementing a consent mechanism after our investigation, Doctissimo still placed cookies on people's browsers even if they'd declined.

At the time of our investigation, Doctissimo was liberally sharing people's health data with 557 partners.
@doctissimo Through it all, Doctissimo's lawyers argued that all of this wasn't a big deal. Failing to protect the health data of 30,000 people isn't a big deal? We disagree.
@doctissimo Read our original complaint here and stay tuned for updates!

privacyinternational.org/legal-action/c…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Privacy International

Privacy International Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @privacyint

Privacy International Profile picture
Mar 1
🚨 BREAKING 🚨
The UK government’s policy of GPS tagging asylum seekers arriving in the UK has been found UNLAWFUL, in a powerful decision by the data protection regulator, @ICOnews.

This is huge. 🧵
ico.org.uk/about-the-ico/…
GPS location pin hovering around people walking
@ICOnews Since Jan 2021, the Home Office has been GPS ankle tagging migrants, subjecting them to 24/7 surveillance.

This policy was expanded to people arriving on small boats in 2022, in spite of efficacy, well-being and human rights concerns.
@ICOnews We filed a complaint in August 2022 with the ICO, alleging widespread and significant breaches of privacy and data protection law.

privacyinternational.org/news-analysis/…
Read 9 tweets
Privacy International Profile picture
Feb 27, 2023
As Member States begin to negotiate the #PandemicTreaty @WHO (apps.who.int/gb/inb/e/e_inb…), PI made recommendations to strengthen the zero draft 👇privacyinternational.org/advocacy/5035/…
🧵 1/5
@WHO PI welcomes the inclusion of a provision in the #PandemicTreaty on confidentiality and privacy to reflect the role of data protection in any effective, modern public health policies. 2/5
@WHO However, we are concerned that the draft #PandemicTreaty does not adequately regulate private-sector entities including demanding that safeguards are in place to mitigate the risks of human rights harm. 3/5
Read 5 tweets
Privacy International Profile picture
Jan 30, 2023
💥 NEWS! In a landmark ruling, the UK Investigatory Powers Tribunal found “very serious failings” by MI5 breaching the right to privacy from at least 2016, and that successive Home Secretaries didn't enquire into & resolve this rule breaking, despite the red flags 🚩

🧵👇
We began this legal case in January 2020 with @libertyhq & welcome today’s ruling after arguing that MI5 unlawfully held and used individuals’ personal data, gathered in secret, in breach of key legal safeguards.
MI5 has already admitted it handled the public’s data improperly, with no legal right to do so & failed to disclose this to oversight bodies.

The Tribunal found MI5 knew at the highest levels that there was a serious problem but did not fix the problem or report it.
Read 7 tweets
Privacy International Profile picture
Sep 15, 2022
🧵
1. NEW PI REPORT! "SECURING PRIVACY: PI ON END-TO-END ENCRYPTION"!

PI believes E2EE of your communications is core to your privacy, security and freedoms in the digital age.

privacyinternational.org/report/4949/se… report cover showing two people talking in a field
2. E2EE benefits us all, giving us all private spaces to think, explore and talk, without governments, corporations and criminals being able to spy on what we're saying.
3. We know this can be frustrating for law enforcement. But the alternative - to get rid of E2EE and make all our comms accessible - makes us all less safe. Because it means states can abuse this access, and use it to censor and persecute. Criminals can use it, too.
Read 7 tweets
Privacy International Profile picture
Aug 17, 2022
‼️NEWS‼️ Today we file complaints against the GPS tagging of migrants in the UK. We’re asking the Information Commissioner (ICO) & Forensic Science Regulator (FSR) to take action against this inhumane and degrading policy & practice by the Home Office.

Read 🧵 to find out more:
GPS ankle tags monitor a person’s precise location 24/7, generating a huge amount of sensitive and granular “trail data”, stored for years.

This provides deep insight into and reveals intimate details of an individual’s life.
The UK Home Office uses these tags to monitor migrants released from immigration detention. Despite the indiscriminate nature of this surveillance, there isn’t provision for judicial or independent oversight at the point where electronic monitoring is imposed.
Read 7 tweets
Privacy International Profile picture
Aug 5, 2022
BREAKING: Nearly 4 years after our complaint and 2 after starting their investigation, the French data protection authority CNIL finds breaches in Criteo's activities, and proposes a fine of €60 million.

Why did this happen and why does it matter? 👇 privacyinternational.org/advocacy/2426/…
Criteo is an online advertising platform claiming to have captured the "identity and interest data" of 72% of all internet users, building "the world's largest open shopper data set", allowing them to "precisely predict what inspires shoppers and drive higher engagement"
They spy on people's online browsing behaviour to try and predict their propensity to engage with specific products, and the types of ad design they would best respond to.

In short, it's a manipulation machine.
Read 9 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(