Privacy and data protection


Absher, the official app for eServices of the Saudi Ministry of Interior’s National Information Center in Saudi Arabia, allows men to track and restrict the movement to women. It sends text messages to men when their wife or daughter tries to use their passport and men can use it to alert airports in Saudi Arabia to catch a woman in case the is trying to travel without permission or flee Saudi Arabia. U.S. Senator Ron Wyden sent an open letter to Apple and Google chief executive officers, Tim Cook and Sundar Pichai, urging them to ‘immediately remove from your app stores the Saudi government’s Absher app, which enables Saudi men to track and control the movements of Saudi women.’ Wyden asked them to prevent technical infrastructure, including app stores, from being used by Saudi government to enable ‘abhorrent surveillance and control of women.’ Cook was not familiar with the case, but promised the company will look into it and consider next steps on Apple’s App Store. A spokesman for Google said the company has also started investigating the app hosted on Google Play Store in order to determine if it is in accordance with its policies.

India’s government is finalising proposals to give it the power to block Internet contentThe new rules would require applications like Facebook, Twitter, and TikToc to implement automated screening tools and to remove posts or videos that Indian officials consider 'libelous, invasive of privacy, hateful, or deceptive'. The government could also undermine the privacy protections of messaging services by allowing the government to trace messages. Critics have compared the moves to censorship policy in China

Wired's Paris Martineau commented on the situation in India is Cracking Down on Ecommerce and Free Speech.

At the Milken Institute MENA Summit, Sean Parker, founding president of Facebook, argued there is ‘no limit’ to how Amazon is storing and listening to private conversations, and that these recordings ‘could potentially be used against you in a court of law or for other purposes’.  According to the CNBC, Parker also stated that ‘if you're having a conversation in front of an Alexa-enabled device, Amazon is not guaranteeing you any privacy’.


The German development ministry proposed a legal framework that provides mandatory human rights due diligence for German companies. The initiative was welcomed by CoRa, a network for corporate accountability with more than 60 development, human rights, environmental, consumer organisations and trade unions. According to CoRA, human rights diligence cannot be protected on a voluntary basis. Businesses should mandatorily take measures to prevent activities that provoke human rights violations. Liability and appropriate sanctions are key elements to enforce human rights in this context. In addition, companies should embrace the UN Guiding Principles on Business and Human Rights, adopted by the UN Human Rights Council in 2011, and report on their risk analyses, measures of mitigation and remedies.    

The Russian government is considering mechanisms to control its Internet traffic in similar manner to China. The draft law, which passed the first reading in State Duma, requires Internet Service Providers (ISPs) to direct data through exchange points listed in a registry maintained by Roskomnadzor (the Russian supervising body in the field of communications) .This means that data passing between Russian citizens and organisations will stay inside the country instead of being routed internationally through loops.The draft law also requires telecom operators to install a special equipment provided by Roskomnadzor that should help to fight the threats for Internet as well as will enable to exercise blocking of web resources from the Russian blacklist by cutting off Internet traffic. One of the alleged reasons is to defend the country's Internet in the case of an attempt by foreign powers to isolate or disrupt the country's communications. The legislation is considered controversial because it can also be used to promote censorship as the government will be able to restrict access to external sources of information.


After the Bulgarian Parliament adopted a national law implementing the GDPR on 24 January, the Bulgarian president vetoed the legislation due to concerns regarding ‘the regulated data processing for journalistic purposes and the purposes of academic, artistic or literary expression’. As reported by Novinite, President Radev stated that the necessary balance has not been achieved, and the 10-criterion provision is excessive and unbalanced.



The GIP Digital Watch observatory is provided by



and members of the GIP Steering Committee


GIP Digital Watch is operated by

Scroll to Top