<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p> <a class="moz-txt-link-freetext"
href="https://wiki.openrightsgroup.org/wiki/ORG_policy_update/2017-w37"
moz-do-not-send="true">https://wiki.openrightsgroup.org/wiki/ORG_policy_update/2017-w37</a>
<br>
</p>
<div class="moz-forward-container">
<h1 class="entry-title" style="color: rgb(0, 0, 0) !important;
margin: 0px 0px 1em; padding: 0.5em 0px 0px; line-height: 1.2em;
font-weight: normal; clear: both; font-size: 2.4em; display:
block; font-family: Rosarivo, Georgia, serif; font-style:
normal; font-variant-ligatures: normal; font-variant-caps:
normal; letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px;
background-color: rgb(252, 252, 252); text-decoration-style:
initial; text-decoration-color: initial;">ORG policy
update/2017-w37</h1>
<div id="bodyContent" class="entry-content" style="font-size:
18px; text-align: left; line-height: 1.5em; margin-bottom:
1.5em; color: rgb(51, 51, 51); font-family: Rosarivo, Georgia,
serif; font-style: normal; font-variant-ligatures: normal;
font-variant-caps: normal; font-weight: normal; letter-spacing:
normal; orphans: 2; text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing: 0px;
-webkit-text-stroke-width: 0px; background-color: rgb(252, 252,
252); text-decoration-style: initial; text-decoration-color:
initial;">
<div id="mw-content-text" dir="ltr" class="mw-content-ltr"
style="font-size: 18px; text-align: left; line-height: 1.5em;
margin-bottom: 1.5em;" lang="en">
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">This is ORG's Policy Update
for the week beginning 11/09/2017.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">If you are reading this
online, you can also subscribe to the<span> </span><a
rel="nofollow" class="external text"
href="https://lists.openrightsgroup.org/listinfo/parliamentary.monitor"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">email version or unsubscribe</a>.</p>
<div id="toc" class="toc" style="font-size: 18px; text-align:
left; line-height: 1.5em; margin-bottom: 1.5em;">
<h3><span class="mw-headline" id="ORG.E2.80.99s_work">ORG’s
work</span></h3>
</div>
<ul>
<li>Following the First Reading of the Data Protection Bill
in the House of Lords, we have started preparing a
briefing outlining our concerns about the current clauses
in the Bill.</li>
<li>Save the date for ORGCon -it will take place on Saturday
4 November at Friends House on Euston Road in London. We
have a second smaller event planned on Sunday 5 November
in a different location (TBC). This year is all about the
Digital Fightback. Confirmed speakers so far are Graham
Linehan, Noel Sharkey, Helen Lewis, Jamie Bartlett and
Nanjira Sambuli.<span> </span><a rel="nofollow"
class="external text"
href="https://orgcon.openrightsgroup.org/" style="color:
rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Tickets are on sale now</a>!</li>
</ul>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Planned local group events:</p>
<ul>
<li>Join<span> </span><a rel="nofollow" class="external
text"
href="https://www.meetup.com/ORG-Glasgow/events/243106505/"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">ORG Glasgow</a><span> </span>for
a free screening of The Internet’s Own Boy on 2 October.
The Internet’s Own Boy tells the life story of programmer,
writer, political and internet activist Aaron Swartz, an
internet pioneer and free speech campaigner. Following the
screening, Scotland Director Matthew Rice will be
available for a discussion and will give information about
how to get involved in initiatives in Glasgow and
Scotland.</li>
<li>Join<span> </span><a rel="nofollow" class="external
text"
href="https://www.meetup.com/ORG-Leeds/events/243357617/"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">ORG Leeds</a><span> </span>o 21
September for an evening of talks and discussion where
they will explore the current state of digital rights, why
they matter and the dangers of mass surveillance to our
democracy.</li>
</ul>
<h3><span class="mw-headline" id="Official_meetings">Official
meetings</span></h3>
<ul>
<li>Jim Killock met with<span> </span><a
href="https://wiki.openrightsgroup.org/w/index.php?title=John_Whittingdale&action=edit&redlink=1"
class="new" title="John Whittingdale (page does not
exist)" style="color: rgb(0, 80, 156); text-decoration:
none;" moz-do-not-send="true">John Whittingdale</a><span> </span>regarding
various privacy issues; and with<span> </span><a
href="https://wiki.openrightsgroup.org/w/index.php?title=Lord_Errol&action=edit&redlink=1"
class="new" title="Lord Errol (page does not exist)"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Lord Errol</a><span> </span>to
discuss age verification.</li>
<li>Javier Ruiz gave evidence to the GLA Oversight Committee
of the London Assembly. He was in a panel on privacy and
the use of personal data with Elizabeth Denham, the
Information Commissioner, and Renate Samson from Big
Brother Watch. The committee discussed the Met Police face
recognition plans, road pricing and mobile tracking by
TfL, among other issues.</li>
</ul>
<h3><span class="mw-headline" id="UK_Parliament">UK Parliament</span></h3>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Parliament is back on recess
as the party conference season is on.</p>
<h4><span class="mw-headline"
id="The_Data_Protection_Bill_is_in_the_House_.28of_Lords.29">The
Data Protection Bill is in the House (of Lords)</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The House of Lords read the<span> </span><a
rel="nofollow" class="external text"
href="https://publications.parliament.uk/pa/bills/lbill/2017-2019/0066/18066.pdf"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Data Protection Bill</a><span> </span>(pdf),
(<a rel="nofollow" class="external text"
href="https://publications.parliament.uk/pa/bills/lbill/2017-2019/0066/18066en.pdf"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">explanatory notes - pdf</a>) for
the first time this week. The Second Reading of the Bill is
scheduled for 10 October.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The DPBill is the
implementation of the EU’s General Data Protection
Regulation which should be in place across the EU Member
States by May 2018.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The new Bill will make changes
to consent given to data collecting and processing allowing
only unticked opt-in boxes to signify it. It will also place
restrictions on children consenting to data collection and
processing without parental authorisation under a certain
age. Other changes will include the right to have one’s data
be “erased” in certain circumstances, changes to
notifications of data subjects affected by data breaches.
The Bill deals with law enforcement and implements the new
EU requirements for data protection law in this area.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The Bill will allow individual
data subjects to bring complaints to the Information
Commissioner’s Office if their data has not been processed
in compliance with the law and demand compensation from data
controllers.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Section 173 of the Bill allows
data subjects to designate a body or other organisation
(which meet specific criteria) to exercise certain rights on
their behalf. The GDPR provided a derogation to the Member
States to allow organisations raise complaints on data
processing without a named data subject. The UK decided not
to implement this option.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">This approach to data
protection policy will stop many dubious or harmful data
processing practices from being investigated. Affected data
subjects may often wish not to have their names publicly
associated with certain companies. In many cases, they will
not realise they have been affected.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">In such situations, an
independent privacy group should be able to lodge a
complaint.</p>
<h3><span class="mw-headline" id="UK_national_developments">UK
national developments</span></h3>
<h4><span class="mw-headline"
id="IPT_refers_bulk_data_collection_to_the_EU_court">IPT
refers bulk data collection to the EU court</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The Investigatory Powers
Tribunal (IPT)<span> </span><a rel="nofollow"
class="external text"
href="http://www.ipt-uk.com/docs/Privacy%20International%20v%20SSFCA%20and%20Ors%20September%202017.pdf"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">ruled last week</a><span> </span>(pdf)
that the European Court of Justice (<a
href="https://wiki.openrightsgroup.org/wiki/CJEU"
title="CJEU" class="mw-redirect" style="color: rgb(0, 80,
156); text-decoration: none;" moz-do-not-send="true">CJEU</a>)
should decide on the legality of the UK’s mass surveillance
legislation in the case brought against the intelligence
agencies (MI5, MI6, GCHQ) by Privacy International.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Privacy International has been
trying to prevent the government from collecting and
retaining bulk communications data (BCD) and bulk personal
data sets (BPD). At the latest hearing, the<span> </span><a
rel="nofollow" class="external text"
href="https://www.theregister.co.uk/2017/09/08/european_court_must_rule_on_legality_of_uks_mass_surveillance_tribunal_says/"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">IPT considered whether the
collection and retention of BCD and BPD are lawful under
the EU law</a><span> </span>- Charter of Fundamental
Rights of the European Union and the Treaty of the European
Union.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The IPT did not expedite the
case to the<span> </span><a
href="https://wiki.openrightsgroup.org/wiki/CJEU"
title="CJEU" class="mw-redirect" style="color: rgb(0, 80,
156); text-decoration: none;" moz-do-not-send="true">CJEU</a><span> </span>which
means that it could take years before the final judgment is
handed down.</p>
<h4><span class="mw-headline"
id="The_Government_publishes_new_National_Cyber_Security_Strategy">The
Government publishes new National Cyber Security Strategy</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The Government published their<span> </span><a
rel="nofollow" class="external text"
href="https://www.gov.uk/government/publications/national-cyber-security-strategy-2016-to-2021"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">National Cyber Security Strategy
for 2016-2021</a>. The Strategy sets out the Government’s
plan to make the UK secure and resilient in cyberspace.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The Government plans to work
towards three objectives which they name as:</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Defend - to defend the UK
against evolving cyber threats, to respond effectively to
incidents, to ensure UK networks, data and systems are
protected and resilient.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Deter - to make the UK a
difficult target for aggression in cyberspace by detecting,
understanding, investigating and disrupting hostile actions.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Develop - to cultivate growing
cyber security industry.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Furthermore, the Government
plans on pursuing international action and invest in
existing and new partnerships through the EU, NATO and the
UN. The strategy relies on capabilities of cyber security
industry to minimise phishing attacks, filtering known bad
IP addresses, and actively blocking malicious online
activity.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The Government announced in
the strategy that they will launch two new cyber innovation
centres to drive the development of cutting-edge cyber
products and dynamic new cyber security companies.</p>
<h3><span class="mw-headline"
id="IPO_plans_a_crackdown_on_set-top_boxes">IPO plans a
crackdown on set-top boxes</span></h3>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The Intellectual Property
Office published the new<span> </span><a rel="nofollow"
class="external text"
href="https://www.gov.uk/government/publications/annual-ip-crime-and-enforcement-report-2016-to-2017"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">IP Crime Report for the period 2016
to 2017</a>. The report offers a recap of the year’s fight
against copyright infringement accompanied by insights from
the Police Intellectual Property Crime Unit and Crown
Prosecution Service.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The report cites figures
provided by the Ministry of Justice showing that only 47
people were found guilty of copyright infringement. The
number dropped from the previous year when 69 people were
found guilty.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The report hints at more
efforts in the next 12 months to target the set-top box
threat following the<span> </span><a rel="nofollow"
class="external text"
href="https://torrentfreak.com/selling-piracy-configured-media-players-is-illegal-eu-court-rules-170426/"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">judgment from the European Court of
Justice</a><span> </span>which ruled that sale of
pre-configured set-top boxes (which allow users to access
copyright infringing material) falls within communication to
the public and therefore the boxes break the copyright law.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">However, it is<span> </span><a
rel="nofollow" class="external text"
href="https://torrentfreak.com/new-uk-ip-crime-report-reveals-continued-focus-on-pirate-kodi-boxes-170908/"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">unlikely that the current
legislation will be able to tackle casual offenders</a><span> </span>and
will remain focusing only the most serious cases.</p>
<h3><span class="mw-headline"
id="Biometrics_Commissioner_calls_for_a_clear_policy_on_facial_custody_images">Biometrics
Commissioner calls for a clear policy on facial custody
images</span></h3>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The Commissioner for the
Retention and Use of Biometric Material, Paul Wiles,<span> </span><a
rel="nofollow" class="external text"
href="https://www.gov.uk/government/publications/biometrics-commissioner-annual-report-2016"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">published his yearly report</a>. In
the report, the Commissioner outlined future biometric
challenges.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Wiles identified the
collection and storing of facial custody images as one of
the most serious issues for the future. He emphasised the
need to consider technical quality, management,
interpretation, and governance and criticised the lack of
independent oversight. The Commissioner called for a clear
policy to correct this situation.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">In the<span> </span><a
rel="nofollow" class="external text"
href="https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/643638/2017-08-23__Letter_from_Baroness_Williams_to_Paul_Wiles_Biometrics_Commissioner.pdf"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Government’s response</a>(pdf), the
Minister for Countering Extremism, Baroness Williams of
Trafford, said that there should be a presumption that
police will remove the custody image from their database
unless there is an exceptional reason for it to be retained.
The Minister said that this strikes a reasonable balance
between privacy and public protection.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The Commissioner also notes
that the private sector has been increasingly using the
biometrics to develop big data and that it is possible for
the government to do so as well. The Government’s response
indicated that they will push a Biometrics strategy that
will address these issues.</p>
<h3><span class="mw-headline" id="International_developments">International
developments</span></h3>
<h4><span class="mw-headline"
id="New_iPhone_X_to_use_facial_recognition">New iPhone X
to use facial recognition</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Apple announced this week a
release of new models of iPhone. The<span> </span><a
rel="nofollow" class="external text"
href="https://www.theguardian.com/commentisfree/2017/sep/13/facial-recognition-iphone-x-privacy"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">iPhone X will contain the Face ID
feature that will use face recognition</a><span> </span>to
allow users access into their phones. The new feature will
replace the fingerprint identification and will complement
passcodes.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">The new technology raised
several security concerns regarding the coerced scanning of
user’s facial features. Apple employed several security
measures, for example not allowing access to the phone if
user’s eyes are closed. However, in various circumstances,
users could still be forced to have their faces scanned.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">This feature can also prove
troublesome for iPhone users when police want to gain access
to the device. The law is likely to treat biometric
information differently to passcodes and the users might
easily be ordered to unlock their phone with a facial scan.
You can read more about the legal status of facial ID scans
in the US<span> </span><a rel="nofollow" class="external
text"
href="https://www.theverge.com/2017/9/12/16298192/apple-iphone-face-id-legal-security-fifth-amendment"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">here</a>.</p>
<h3><span class="mw-headline"
id="Questions_in_the_UK_Parliament">Questions in the UK
Parliament</span></h3>
<h4><span class="mw-headline"
id="Question_on_electronic_surveillance">Question on
electronic surveillance</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Lyn_Brown_MP"
title="Lyn Brown MP" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Lyn Brown
MP</a><span> </span><a rel="nofollow" class="external
text"
href="https://www.theyworkforyou.com/wrans/?id=2017-09-04.7878.h&s=%22surveillance%22"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">asked</a><span> </span>the
Secretary of State for the Home Department to make an
assessment of the potential merits of wider use of equipment
interference warranty in conjunction with notices requiring
technology companies to maintain a capacity to provide
access to individual devices as an alternative to place
requirements on the companies to decrypt messages sent using
their communications software.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Ben_Wallace_MP"
title="Ben Wallace MP" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Ben Wallace
MP</a><span> </span>responded that the Government will
commence the provisions of the Investigatory Powers Act 2016
concerning technical capability notices in due course and
will bring forward regulations, on which we have already
held a targeted consultation with relevant bodies.</p>
<h4><span class="mw-headline" id="Question_on_pornography">Question
on pornography</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Chi_Onwurah_MP"
title="Chi Onwurah MP" class="mw-redirect" style="color:
rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Chi Onwurah MP</a><span> </span><a
rel="nofollow" class="external text"
href="https://www.theyworkforyou.com/wrans/?id=2017-09-06.9256.h&s=%22internet%22"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">asked</a><span> </span>the
Secretary of State for Digital, Culture, Media and Sport,
what representations she has received on the implementation
processes for age verification for online pornography; and
how that data is stored and shared.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Matthew_Hancock_MP"
title="Matthew Hancock MP" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Matthew
Hancock MP</a><span> </span>responded that the department
is in discussion with the British Board of Film
Classification as the intended age verification regulator,
and those who will be involved in the regulatory framework,
such as age verification providers. The Secretary of State
Guidance to the Regulator will be laid in Parliament later
this year.</p>
<h4><span class="mw-headline" id="Question_on_CCTV">Question
on CCTV</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;">Layla Moran MP<span> </span><a
rel="nofollow" class="external text"
href="https://www.theyworkforyou.com/wrans/?id=2017-09-04.8098.h&s=%22data+protection%22#g8098.r0"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">asked</a><span> </span>the
Secretary of State for the Home Department, what assessment
has been made of the effectiveness of current legislation
regulating the use of CCTV cameras with facial recognition
and biometric tracking capabilities.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Nick_Hurd_MP"
title="Nick Hurd MP" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Nick Hurd
MP</a><span> </span>responded that there is no legislation
regulating the use of CCTV cameras with facial recognition
and biometric tracking capabilities. However, the
Surveillance Camera Code of Practice requires any police use
of facial recognition or other biometric characteristic
recognition systems to be clearly justified and
proportionate in meeting the stated purpose.</p>
<h4><span class="mw-headline"
id="Question_on_facial_recognition">Question on facial
recognition</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Edward_Davey_MP"
title="Edward Davey MP" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Edward
Davey MP</a><span> </span><a rel="nofollow"
class="external text"
href="https://www.theyworkforyou.com/wrans/?id=2017-09-04.7426.h&s=%22data+protection%22#g7426.r0"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">asked</a><span> </span>the
Secretary of State for the Home Department, which
independent oversight mechanism is responsible for
overseeing the police's use of automated facial recognition
technology.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Nick_Hurd_MP"
title="Nick Hurd MP" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Nick Hurd
MP</a><span> </span>responded that the Surveillance Camera
Code of Practice requires any police use of facial
recognition or biometric recognition systems, in general, to
be clearly justified and proportionate. The retention of
facial images by the police is governed by data protection
legislation and by Authorised Professional Practice governed
by the College of Policing.</p>
<h4><span class="mw-headline" id="Question_on_the_NHS_hack">Question
on the NHS hack</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Jon_Trickett_MP"
title="Jon Trickett MP" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Jon
Trickett MP</a><span> </span><a rel="nofollow"
class="external text"
href="https://www.theyworkforyou.com/wrans/?id=2017-09-04.7509.h&s=cyber#g7509.r0"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">asked</a><span> </span>the
Secretary of State for Health, what changes have been made
to the NHS' cyber security following the cyber attack in May
2017.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Jackie_Doyle-Price_MP"
title="Jackie Doyle-Price MP" style="color: rgb(0, 80,
156); text-decoration: none;" moz-do-not-send="true">Jackie
Doyle-Price MP</a><span> </span>responded that The
Department developed an immediate response plan. The
document Your Data: Better Security, Better Choice, Better
Care accepts the 10 Data Security Standards proposed by Dame
Fiona Caldicott, the National Data Guardian, and sets out
the timescales for how the Government plans to deliver key
actions on cyber security and data sharing.</p>
<h4><span class="mw-headline" id="Question_on_cybercrime">Question
on cybercrime</span></h4>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Jon_Trickett_MP"
title="Jon Trickett MP" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Jon
Trickett MP</a><span> </span><a rel="nofollow"
class="external text"
href="https://www.theyworkforyou.com/wrans/?id=2017-09-04.7509.h&s=cyber#g7509.r0"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">asked</a><span> </span>the Minister
for the Cabinet Office, what the target figure is for the
objective relating to the number of online products and
services coming into use being secure by default by 2021.</p>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a
href="https://wiki.openrightsgroup.org/wiki/Caroline_Nokes_MP"
title="Caroline Nokes MP" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Caroline
Nokes MP</a><span> </span>responded that there is no
target figure due to the magnitude of online products and
services.</p>
<h3><span class="mw-headline" id="ORG_media_coverage">ORG
media coverage</span></h3>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><i>See<span> </span><a
href="https://wiki.openrightsgroup.org/wiki/ORG_Press_Coverage"
title="ORG Press Coverage" style="color: rgb(0, 80,
156); text-decoration: none;" moz-do-not-send="true">ORG
Press Coverage</a><span> </span>for full details.</i></p>
<dl>
<dt style="font-weight: bold;">2017-09-14-The Sun-<a
rel="nofollow" class="external text"
href="https://www.thesun.co.uk/tech/4463299/facial-recognition-scanning-cctv-police/"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">BIG BROTHER'S FACEBOOK: Is YOUR
face on a database of 19 million photos which lets Brit
cops SPY on ordinary people?</a></dt>
<dd>Author: Margi Murphy</dd>
<dd>Summary: Jim Killock quoted on calling for the non-
suspect's facial custody images to be deleted by police.</dd>
<dd>Topics:<span> </span><a
href="https://wiki.openrightsgroup.org/wiki/Biometrics"
title="Biometrics" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Biometrics</a>,<span> </span><a
href="https://wiki.openrightsgroup.org/wiki/Surveillance"
title="Surveillance" class="mw-redirect" style="color:
rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Surveillance</a></dd>
<dt style="font-weight: bold;">2017-09-14-Gears of Biz-<a
rel="nofollow" class="external text"
href="http://gearsofbiz.com/uk-police-have-a-database-of-19-million-faces/56208"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">UK police have a database of 19
million faces</a></dt>
<dd>Author: Daniela Blot</dd>
<dd>Summary: Jim Killock quoted on the non- suspect's facial
custody images having to be deleted by police.</dd>
<dd>Topics:<span> </span><a
href="https://wiki.openrightsgroup.org/wiki/Biometrics"
title="Biometrics" style="color: rgb(0, 80, 156);
text-decoration: none;" moz-do-not-send="true">Biometrics</a>,<span> </span><a
href="https://wiki.openrightsgroup.org/wiki/Surveillance"
title="Surveillance" class="mw-redirect" style="color:
rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Surveillance</a></dd>
</dl>
<h3><span class="mw-headline" id="ORG_Contact_Details">ORG
Contact Details</span></h3>
<p style="font-size: 18px; text-align: left; line-height:
1.5em; margin-bottom: 1.5em;"><a rel="nofollow"
class="external text"
href="https://www.openrightsgroup.org/people/staff"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Staff page</a></p>
<ul>
<li><a rel="nofollow" class="external text"
href="https://www.openrightsgroup.org/people/staff#jim"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Jim Killock, Executive Director</a></li>
<li><a rel="nofollow" class="external text"
href="https://www.openrightsgroup.org/people/staff#javier"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Javier Ruiz, Policy</a></li>
<li><a rel="nofollow" class="external text"
href="https://www.openrightsgroup.org/people/staff#ed"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Ed Johnson-Williams, Campaigns</a></li>
<li><a rel="nofollow" class="external text"
href="https://www.openrightsgroup.org/people/staff#pam"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Pam Cowburn, Communications</a></li>
<li><a rel="nofollow" class="external text"
href="https://www.openrightsgroup.org/people/staff#lee"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Lee Maguire, Tech</a></li>
<li><a rel="nofollow" class="external text"
href="https://www.openrightsgroup.org/people/staff#myles"
style="color: rgb(0, 80, 156); text-decoration: none;"
moz-do-not-send="true">Myles Jackman, Legal Director</a></li>
<li>Slavka Bielikova, Policy Officer</li>
<li>Matthew Rice, Scotland Director</li>
<li>Mike Morel, Communications Officer</li>
</ul>
</div>
</div>
</div>
</body>
</html>