<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div class="container content-width3 font-size5">
<div class="reader-header header" dir="ltr">
<a class="reader-domain domain" href="https://wiki.openrightsgroup.org/wiki/ORG_policy_update/2018-w21">https://wiki.openrightsgroup.org/wiki/ORG_policy_update/2018-w21</a>
<div class="domain-border"></div>
<h1 class="reader-title">ORG policy update/2018-w21</h1>
</div>
<hr class="">
<div class="content">
<div class="line-height4 moz-reader-content" dir="ltr"><div id="readability-page-1" class="page"><div id="bodyContent" class="">
<div id="mw-content-text" dir="ltr" lang="en" class=""><p class="">This is ORG's Policy Update for the week beginning 21/05/2018.
</p><p class="">If you are reading this online, you can also subscribe to the <a rel="nofollow" href="https://lists.openrightsgroup.org/listinfo/parliamentary.monitor" class="">email version or unsubscribe</a>.
</p>
<h2 class=""><span id="ORG.E2.80.99s_work" class="">ORG’s work</span></h2>
<ul class=""><li class="">A huge thank you to everyone who has helped out so far by donating to <a rel="nofollow" href="https://www.crowdjustice.com/case/immigrationexemption/" class="">our CrowdJustice fundraiser</a>
to help fight the Immigration Exemption in the Data Protection Act. Our
fundraiser is still going and so far we have raised £24,000!</li>
<li class="">In preparation for our judicial review of the Immigration Exemption,
ORG have submitted a chasing letter to the Government to follow our
letter-before-claim, and have begun receiving letters of support from a
number of other NGOs to submit along with our challenge.</li>
<li class="">In preparation for GDPR, ORG made some updates to our Privacy Policy
and made the document easier to read. We'll continue to fight for
stronger data protection law, and you can count on us to keep your data
secure and protected. You can read our updated policy <a rel="nofollow" href="https://www.openrightsgroup.org/privacy" class="">here</a>.</li>
<li class="">Javier Ruiz attended the <a rel="nofollow" href="https://datajusticelab.org/data-justice-conference/data-justice-2018/" class="">Data Justice 2018 Conference</a> in Cardiff. Javier is in the advisory board of the <a rel="nofollow" href="https://datajusticeproject.net/" class="">DATAJUSTICE project</a>, funded by the European Research Council. The project explores the meaning of social justice in an age of datafication.</li></ul>
<h2 class=""><span id="Official_meetings" class="">Official meetings</span></h2>
<ul class=""><li class="">Jim Killock met with Facebook to discuss <a href="https://wiki.openrightsgroup.org/wiki/CTIRU" title="CTIRU" class="">CTIRU</a>, and content takedowns on the platform.</li>
<li class="">Jim Killock, Javier Ruiz, Alex Haydock and Mike Morel met with Index
on Censorship, Liberty, Big Brother Watch and Article 19 to discuss the
Government's Digital Charter and future campaign plans.</li>
<li class="">Arjun Datta Majumdar met with Paul Wiles to discuss his experience
as Biometrics Commissioner for England and Wales, and help with ongoing
research into building oversight of Biometrics in Scotland.</li></ul>
<h2 class=""><span id="UK_Parliament" class="">UK Parliament</span></h2>
<h3 class=""><span id="Data_Protection_Act_2018_receives_Royal_Assent" class="">Data Protection Act 2018 receives Royal Assent</span></h3><p class="">After the final back and forth debates between the House of Commons
and the Lords, the Data Protection Act 2018 was passed and received
Royal Assent on 23 May 2018. This was just in time for the General Data
Protection Regulation (GDPR) to become directly applicable across the
European Union on Friday 25 May 2018.
</p><p class="">The Data Protection Act 2018 is part of a package that includes
the GDPR and grants increased control for a user over their data. For
instance, the new regime requires clearly given and informed consent
from users for data processing: hence that inbox clogging that took
place around the 23 and 24 May asking for your permission for companies
to keep sending you emails.
</p><p class="">Despite this increased control, there are some concerning aspects
to the UK Government’s Data Protection 2018. The Act still contains the
Immigration Exemption that removes most rights for individuals, for
example to access their data, if it would prejudice “effective
immigration control".
</p><p class="">Open Rights Group and the3million, the campaigning organisation
for residents from the EU living in the UK, have been calling for the
removal of the immigration exemption throughout the Bill’s passage. The
organisations intend to take the Government to court over the inclusion
of the exemption in the Bill.
</p>
<h2 class=""><span id="Other_national_developments" class="">Other national developments</span></h2>
<h3 class=""><span id="Science_and_Technology_Committee_publishes_report_on_algorithmic_ethics" class="">Science and Technology Committee publishes report on algorithmic ethics</span></h3><p class="">As the Government continues to work on launching the <i class="">Centre for Data Ethics & Innovation</i>,
the Science and Technology Committee have published a report which
calls upon the new body to "examine algorithm biases and transparency
tools, determine the scope for individuals to be able to challenge the
results of all significant algorithmic decisions which affect them (such
as mortgages and loans) and where appropriate to seek redress for the
impacts of such decisions."
</p><p class="">The report also calls for greater oversight of the private
sector's application of algorithms to public sector datasets, and offers
a number of further recommendations, suggesting that the Government
should:
</p>
<ul class=""><li class="">"Continue to make public sector datasets available for both 'big
data' developers and algorithm developers through new 'data trusts',
and make better use of its databases to improve public service
delivery."</li>
<li class="">"Produce, maintain and publish a list of where algorithms are being
used within Central Government, or are planned to be used, to aid
transparency, and identify a ministerial champion with oversight of
public sector algorithm use."</li>
<li class="">"Commission a review from the Crown Commercial Service which sets
out a model for private/public sector involvement in developing
algorithms."</li></ul><p class="">The report can be downloaded and read from the Parliament.UK site <a rel="nofollow" href="https://www.parliament.uk/business/committees/committees-a-z/commons-select/science-and-technology-committee/news-parliament-2017/algorithms-in-decision-making-report-published-17-19-/" class="">here</a>.
</p>
<h3 class=""><span id="Government_publishes_Digital_Economy_Act_Draft_Codes_of_Practice" class="">Government publishes Digital Economy Act Draft Codes of Practice</span></h3><p class="">This week, the Government published a series of Draft Codes of
Practice covering the sections of the Digital Economy Act 2017 that
enable new powers for extensive data sharing in the public sector.
</p><p class="">The guidance available covers:
</p>
<ul class=""><li class=""> draft regulations relating to the Public Service Delivery chapter</li>
<li class=""> explanatory memorandum for the draft regulations</li>
<li class=""> a Code of Practice on Public Service Delivery, Debt and Fraud</li>
<li class=""> a Code of Practice for Civil Registration data, enabling access to
Births, Deaths and Marriages across the public sector with very limited
safeguards</li>
<li class=""> a Code of Practice and accreditation criteria for access to data for research purposes</li>
<li class=""> draft statement of principles and draft Code of Practice on the changes to data systems</li>
<li class=""> explanatory material relating to the Codes of Practice and Statement of Principles</li></ul><p class="">You can find the page with this guidance <a rel="nofollow" href="https://www.gov.uk/government/publications/digital-economy-act-2017-draft-codes-of-practice-and-regulations" class="">on GOV.UK here</a>.
</p>
<h3 class=""><span id="House_of_Lords_Communications_Committee_publishes_new_evidence" class="">House of Lords Communications Committee publishes new evidence</span></h3><p class="">The House of Lords Communications Committee is still in the process
of publishing written evidence they have received as part of their <i class="">Internet: to regulate or not to regulate?</i> inquiry.
</p><p class="">Among others, the Open Rights Group submitted evidence to the inquiry as well as giving oral evidence during earlier stages.
</p><p class="">Evidence submissions which have been published so far can be found on the Parliament website <a rel="nofollow" href="https://www.parliament.uk/business/committees/committees-a-z/lords-select/communications-committee/inquiries/parliament-2017/the-internet-to-regulate-or-not-to-regulate/publications/" class="">here</a>.
</p>
<h2 class=""><span id="International_developments" class="">International developments</span></h2>
<h3 class=""><span id="Mark_Zuckerberg_questioned_by_MEPs_over_Cambridge_Analytica_scandal" class="">Mark Zuckerberg questioned by MEPs over Cambridge Analytica scandal</span></h3><p class="">CEO of Facebook, Mark Zuckerberg, appeared before MEPs this week to
answer questions about Cambridge Analytica, and how Facebook processes
user data.
</p><p class="">The format of the questioning suffered wide criticism after the
session - including from Guy Verhofstadt, the European Parliament member
from Belgium that is well known in Britain for his central role in the
Brexit negotiations, who noted that of the six yes/no questions he had
asked Zuckerberg, he had not received answers to any. MEPs asked
questions at the beginning of the session in one large block, without
Zuckerberg being expected to respond after each one. Zuckerberg then
took time near the end of the session to respond to the questions he was
able to address in the short time period available.
</p><p class="">Some points from the discussion:
</p>
<ul class=""><li class="">Zuckerberg apologised on behalf of Facebook and took
responsibility for some of the issues the platform had faced over recent
years, saying: “Whether it’s fake news, foreign interference in
elections or developers misusing people’s information, we didn’t take a
broad enough view of our responsibilities. That was a mistake, and I’m
sorry.”</li>
<li class="">German MEP Manfred Weber said it was “time to discuss breaking
Facebook’s monopoly”. Weber noted that the company owned a number of
other services such as WhatsApp and Instagram, and suggeted that it
already had “too much power in one hand”.</li>
<li class="">Zuckerberg answered a question explaining why Facebook keeps "shadow
profiles" for users who do not actually have a registered account. He
said: “It’s very important that we don’t have people who aren’t Facebook
users coming to our service and trying to scrape the public data that’s
available. So one of the ways that we do that is that with people who
use our service even if they’re not signed in we need to understand how
they are using the service to prevent bad activity.”</li></ul><p class="">A full transcript of the session is expected to be published soon,
and Facebook is expected to send follow-up answers to questions which
were missed due to the format and limited time available during the
session.
</p>
<h2 class=""><span id="Questions_in_the_UK_Parliament" class="">Questions in the UK Parliament</span></h2>
<h3 class=""><span id="Question_about_web_blocking_for_ISIS_content" class="">Question about web blocking for ISIS content</span></h3><p class="">Lord Alton of Liverpool asked the Government "what action they are
taking to block access to internet archive sites that disseminate
material including ISIS bomb making manuals and videos of the execution
of opponents and non-compliant members of minority communities."
</p><p class="">Lord Alton also asked "what further action they intend to take in
response to the call by Andrew Parker, Director-General of the British
Security Service, to secure the support and cooperation of social media
firms to combat the spread of ISIS ideology."
</p><p class="">Baroness Williams of Trafford <a rel="nofollow" href="https://www.theyworkforyou.com/wrans/?id=2018-05-15.HL7872.h" class="">replied</a>:
</p>
<blockquote class="">"The UK has been at the forefront of the battle against
online terrorist material. We have worked closely with a variety of
Communications Service Providers (CSPs), including archive sites, to
improve their response to terrorist exploitation of their platforms.
This has included helping to set up the Global Internet Forum to Counter
Terrorism (GIFCT), an international, industry-led forum to prevent
terrorist use of the internet.
<p class="">We want to see the GIFCT leading the cross industry response to
reduce the availability of terrorist content on the internet, so there
are no safe places for terrorists online. This includes removing content
within one hour of upload; securing the prevention of re-uploads; and
ultimately preventing new content being made available to users in the
first place. There is still more to be done in engaging smaller
platforms, but we have made a good start.
</p>
Separately, on behalf of the Home Office, the Metropolitan Police
produces a list of URLs of unlawful terrorist content that have not been
removed by CSPs. This list is shared with filtering companies whose
products are used across the public estate, such as schools, to
establish appropriate levels of filtering, thereby limiting access to
terrorist and extremist material.</blockquote>
<h2 class=""><span id="ORG_media_coverage" class="">ORG media coverage</span></h2><p class=""><i class="">See <a href="https://wiki.openrightsgroup.org/wiki/ORG_Press_Coverage" title="ORG Press Coverage" class="">ORG Press Coverage</a> for full details.</i>
</p>
<dl class=""><dt class="">2018-05-23-International Observatory of Human Rights-<a rel="nofollow" href="http://observatoryihr.org/iohr_tv/jim-killock/" class="">Internet Privacy and Digital Rights</a></dt>
<dd class="">Author: International Observatory of Human Rights</dd>
<dd class="">Summary: Jim Killock in an extended 20-minute interview from IOHR covering ORG's work.</dd>
<dd class="">Topics: <a href="https://wiki.openrightsgroup.org/wiki/Data_protection" title="Data protection" class="">Data protection</a><a href="https://wiki.openrightsgroup.org/wiki/Copyright" title="Copyright" class="">Copyright</a><a href="https://wiki.openrightsgroup.org/wiki/Privacy" title="Privacy" class="">Privacy</a></dd>
<dt class="">2018-05-23-CPO Magazine-<a rel="nofollow" href="https://www.cpomagazine.com/2018/05/23/love-affair-with-facial-recognition-software-what-are-the-cybersecurity-risks/" class="">Love Affair with Facial Recognition Software: What Are the Cybersecurity Risks?</a></dt>
<dd class="">Author: Ana Dascalescu</dd>
<dd class="">Summary: Jim Killock quoted in an article about the potential risks of facial recognition software.</dd>
<dd class="">Topics: <a href="https://wiki.openrightsgroup.org/wiki/Privacy" title="Privacy" class="">Privacy</a></dd>
<dt class="">2018-05-23-Al Jazeera English (Live)</dt>
<dd class="">Author: Al Jazeera English</dd>
<dd class="">Summary: Jim Killock appeared live on Al Jazeera English to discuss
Mark Zuckerberg's appearance in front of MEPs the preceding evening to
be questioned over the Cambridge Analytica scandal.</dd>
<dd class="">Topics: <a href="https://wiki.openrightsgroup.org/wiki/Data_protection" title="Data protection" class="">Data protection</a><a href="https://wiki.openrightsgroup.org/wiki/Privacy" title="Privacy" class="">Privacy</a></dd>
<dt class="">2018-05-21-PBS News Hour-<a rel="nofollow" href="https://www.pbs.org/newshour/show/how-europes-new-online-privacy-rules-could-benefit-americans" class="">How Europe’s new online privacy rules could benefit Americans</a></dt>
<dd class="">Author: Malcolm Brabant</dd>
<dd class="">Summary: Jim Killock appeared on PBS News Hour to discuss the potential benefits that GDPR may have for Americans.</dd>
<dd class="">Topics: <a href="https://wiki.openrightsgroup.org/wiki/Data_protection" title="Data protection" class="">Data protection</a></dd></dl>
<h2 class=""><span id="ORG_Staff_Details" class="">ORG Staff Details</span></h2><p class=""><a rel="nofollow" href="https://www.openrightsgroup.org/people/staff" class="">Staff Contact Page</a>
</p>
<ul class=""><li class=""><b class=""><a rel="nofollow" href="mailto:jim@openrightsgroup.org" class="">Jim Killock</a></b>, Executive Director</li>
<li class=""><b class=""><a rel="nofollow" href="mailto:javier@openrightsgroup.org" class="">Javier Ruiz</a></b>, Policy Director</li>
<li class=""><b class=""><a rel="nofollow" href="mailto:martha@openrightsgroup.org" class="">Martha Dark</a></b>, Chief Operations Officer</li>
<li class=""><b class=""><a rel="nofollow" href="mailto:matthew@openrightsgroup.org" class="">Matthew Rice</a></b>, Scotland Director</li>
<li class=""><b class=""><a rel="nofollow" href="mailto:myles@openrightsgroup.org" class="">Myles Jackman</a></b>, Legal Director</li>
<li class=""><b class=""><a rel="nofollow" href="mailto:mike@openrightsgroup.org" class="">Mike Morel</a></b>, Campaign Manager</li>
<li class=""><b class=""><a rel="nofollow" href="mailto:ed@openrightsgroup.org" class="">Ed Johnson-Williams</a></b>, Policy and Research Officer</li>
<li class=""><b class=""><a rel="nofollow" href="mailto:alex.haydock@openrightsgroup.org" class="">Alex Haydock</a></b>, Legal Officer</li>
<li class=""><b class=""><a rel="nofollow" href="mailto:lee@openrightsgroup.org" class="">Lee Maguire</a></b>, Tech</li></ul>
</div>
</div></div></div>
</div>
<div class="">
</div>
</div>
<br class=""></body></html>