[ORG PM] ORG policy update - 25 November 2016
ORG Policy Monitoring
policy.monitoring at openrightsgroup.org
Fri Nov 25 15:03:55 GMT 2016
>
> https://wiki.openrightsgroup.org/wiki/ORG_policy_update/2016-w47 <https://wiki.openrightsgroup.org/wiki/ORG_policy_update/2016-w47>
>
> ORG policy update/2016-w47
>
> This is ORG's Policy Update for the week beginning 21/11/2016.
>
> If you are reading this online, you can also subscribe to the email version <https://lists.openrightsgroup.org/listinfo/parliamentary.monitor>.
>
> ORG's work
>
> ORG has launched a petition against censorship of legal content on erotica and pornography websites. Our petition is a response to a proposal from several MPs to block websites which don't comply with age verification. Blocking websites is a disproportionate, technical response to a social issue. Sign our petition <https://www.openrightsgroup.org/campaigns/digital-economy-bill-hub/stop-uk-censorship-of-legal-content> and reject proposals for censorship of legal content in the UK. Nearly 10,000 people have signed already!
> You can watch MPs calling for censorship of legal content in our new video here <https://www.youtube.com/watch?v=o-uh1VPYEbE>.
> ORG released another video featuring Alec Muffett, a security expert, explaining tech aspects of the Government’s plans to censor legal adult content. Watch it here <https://www.youtube.com/watch?v=fHdBgtKykLQ>.
> Planned local group events:
>
> Join ORG Cambridge for our monthly meetup on Tuesday 6 December to discuss the current state of digital rights, what we've done in the past month and what we are planning to do in the upcoming month.
> ORG Manchester have got their Christmas social with Manchester No2ID planned for Thursday 8 December. This is a social event rather than a formal meeting, although no doubt there will be some talk about the current state of the world!
> Join ORG London for a presentation on data-collection apps on Wednesday 21 December. Academic Jennifer Pybus will be discussing a recent hack day she led, where her students created an app that showed how advertisers collected data.
> Parliament
>
> DEBill
>
> The Report stage for the DEBill will start next week on 28 November. You can find a list of amendments due to be debated here <http://www.publications.parliament.uk/pa/bills/cbill/2016-2017/0087/amend/digital_rm_rep_1124.1-6.html>.
>
> Age verification
>
> Karen Bradley MP <https://wiki.openrightsgroup.org/wiki/Karen_Bradley_MP>, Secretary of State for Culture, Media and Sport announced <https://www.gov.uk/government/news/new-blocking-powers-to-protect-children-online> early this week that the Government will support website blocking by Internet service providers in order to protect children from accessing adult content online.
>
> The Government submitted their own amendment making the age-verification regulator (expected to be the BBFC) responsible for issuing notices to ISPs to block erotica and porn websites. ISP blocking of non-complying porn publishers will inevitably lead to a form of censorship on several levels.
>
> The BBFC, as the potential age-verification regulator, will not certify sites as compliant <https://www.theguardian.com/technology/2016/nov/23/censor-non-conventional-sex-acts-online-internet-pornography> if the sites publish material that is not legal in the UK, or that the BBFC believes are unacceptable to a UK audience. This would mean that the BBFC will seek to limit the content of foreign websites and age verify it.
>
> If the BBFC tries to enforce its own standards as the level of compliance this will be even more concerning, as they will not certify a number of activities that are regarded as fairly normal in the pornographic world.
>
> A very similar amendment submitted by Claire Perry MP <https://wiki.openrightsgroup.org/wiki/Claire_Perry_MP> has been supported by a big Cross Bench group of MPs. It is likely this amendment will be withdrawn and the MPs will support the Government’s proposal.
>
> Jim Killock gives more details on the implications of this “disastrous policy” in the Huffington Post blog <http://www.huffingtonpost.co.uk/jim-killock/draft_21_b_13201456.html> and in a response to the letter by John Carr <https://www.theguardian.com/culture/2016/nov/21/block-on-pornography-would-make-it-possible-to-enforce-current-law> in the Guardian <https://www.theguardian.com/technology/2016/nov/23/internet-age-checks-are-an-overreaction>.
>
> You can watch ORG’s new video featuring Alec Muffett, a security expert, explaining tech aspects of the Government’s plans to censor legal adult content here <https://www.youtube.com/watch?v=fHdBgtKykLQ>.
>
> Data sharing
>
> ORG has previously criticised the state of the Codes of Practice regarding data sharing and we put together a list of amendments <https://wiki.openrightsgroup.org/wiki/Data_Sharing_amendments> to improve them.
>
> Loose wording in the Codes of Practice could lead to energy companies being given tax and benefits data of UK citizens. The DEBill proposal would help people lower their energy bills but the wording of the Bill and Codes of Practice could fail to unify the discount system, and the government may feel obliged to share personal data with the companies so they can validate the discounts themselves.
>
> Javier Ruiz gives more details in his blog <https://www.openrightsgroup.org/blog/2016/debill-loophole>.
>
> IPBill
>
> The Investigatory Powers Bill completed all its parliamentary stages in both houses <http://arstechnica.co.uk/tech-policy/2016/11/investigatory-powers-act-imminent-peers-clear-path-for-uk-super-snoop-law/> on 16 November. The Bill is still awaiting Royal Assent and is expected to become an Act of Parliament before the end of 2016 and before the DRIPA <https://wiki.openrightsgroup.org/wiki/DRIPA> sunset clause takes effect.
>
> Paul Bernal summarised <https://theconversation.com/how-the-uk-passed-the-most-invasive-surveillance-law-in-democratic-history-69247> the process of how the Bill got passed.
>
> Media have been increasingly discussing the Bill this week labelling it as granting “the most extreme surveillance powers in history”. The UK public responded by launching a petition <https://petition.parliament.uk/petitions/173199> to repeal the new law. At the time of writing, the petition was nearing 40,000 signatures. It could be discussed in a debate in Parliament if 100,000 people sign the petition.
>
> Question on Cybercrime elections
>
> Tom Blenkinsop MP <https://wiki.openrightsgroup.org/wiki/Tom_Blenkinsop_MP> asked <https://www.theyworkforyou.com/wrans/?id=2016-11-17.53501.h&s=%22cyber%22#g53501.r0> the Minister for the Cabinet Office, whether the Government has assessed the level of potential risk of cyber interference by foreign governments in elections in the UK.
>
> Ben Gummer MP <https://wiki.openrightsgroup.org/wiki/Ben_Gummer_MP> responded that the Government treats cyber security seriously. They recognise that cyber attacks remain a top threat to the UK's economic and national security (according to the 2015 National Cyber Security Strategy). Gummer did not expressly comment on cyber interference in elections.
>
> Question on the ICO issuing guidance
>
> Lord Hodgson <https://www.parliament.uk/biographies/lords/lord-hodgson-of-astley-abbotts/1651> asked <https://www.theyworkforyou.com/wrans/?id=2016-11-15.HL3212.h&s=privacy#gHL3212.r0> the Government whether the Information Commissioner is required to consult relevant stakeholders before issuing guidance. In addition, he asked whether there are any plans to review the conduct of guidance consultation process.
>
> Lord Ashton <https://www.parliament.uk/biographies/lords/lord-ashton-of-hyde/4247> responded that the Information Commissioner is required to consult “with trade associations, data subjects or persons representing data subjects as appears to him to be appropriate”. The Information Commissioner is due to review the ICO guidance consultation process as part of its preparations to implement the EU General Data Protection Regulation.
>
> Question on data protection and charities
>
> Lord Hodgson <https://www.parliament.uk/biographies/lords/lord-hodgson-of-astley-abbotts/1651> asked <https://www.theyworkforyou.com/wrans/?id=2016-11-15.HL3210.h&s=%22data+protection%22#gHL3210.r0> the Government whether they have made assessment of the extent to which the Information Commissioner has complied with the duties relating to promoting good practice by data controllers in relation to charities (section 51 of the Data Protection Act 1998 </wiki/Data_Protection_Act_1998>).
>
> Lord Ashton <https://www.parliament.uk/biographies/lords/lord-ashton-of-hyde/4247> responded that the ICO <https://wiki.openrightsgroup.org/wiki/ICO> updated its direct marketing guidance in March 2016 with references to the charitable sector. The ICO also published a webinar providing specific advice to charities on how to comply with the direct marketing legislation.
>
> Other national developments
>
> GCHQ to respond to FoI
>
> The European Court of Human Rights </wiki/European_Court_of_Human_Rights> ruled <http://hudoc.echr.coe.int/eng#{%22itemid%22:> that European citizens have a right to information from public authorities under Article 10 of the European Convention on Human Rights.
>
> Article 10 <http://www.echr.coe.int/Documents/Convention_ENG.pdf> says:
> “"Everyone has the right to freedom of expression. This right shall include freedom to hold opinions and to receive and impart information and ideas without interference by public authority and regardless of frontiers."
> The judgment was made in a case concerning a dispute <http://arstechnica.co.uk/tech-policy/2016/11/gchq-foi-response-european-convention-human-rights-ruling/> between Hungary's government and an NGO (the Hungarian Helsinki Committee) over a freedom of information request filed by the NGO. The latest ECtHR interpretation of Article 10 in the case ruling gave guarantees to people on obtaining information from a government. The right does not apply to all requests but it shall apply to all requests where access is “'is instrumental for the individual’s exercise of his or her right to freedom of expression”.
>
> This ruling could have further implications for disclosure of information by public bodies, such as GCHQ </wiki/GCHQ> or the National Crime Agency </wiki/National_Crime_Agency>.
>
> Three UK data hack
>
> Customers of the UK mobile operator Three have been exposed to a data breach <http://arstechnica.co.uk/security/2016/11/three-mobile-data-breach-trio-arrested-handset-fraud>. Personal data of 134,000 customers has been accessed.
>
> This data includes name, address, date of birth, gender, handset type, contract start and end date, whether they are a handset or SIM only customer, telephone number, e-mail address, previous address, marital status, employment status, Three account number and phone number, and how long they’ve been with Three.
>
> The mobile operator believes that the attack was carried out in order to obtain new handsets through getting access to their handset upgrade database, not to obtain customers’ information. The affected customers have not been notified by Three yet.
>
> The ICO </wiki/ICO> had been notified of the breach and they are investigating the incident.
>
> TfL wifi tracking
>
> Transport for London has begun a four week trial in which they are following wifi connections <http://www.ukauthority.com/news/6675/tfl-plans-analysis-of-underground-wi-fi-connections> of their customers throughout the Underground station. The trial aims to understand passengers’ movements and interchanging habits and to assess best advertising placements.
>
> The trial started on 21 November using data from mobile devices at 54 stations in zones 1-4.
>
> TfL has taken several privacy measures: travellers MAC (Mobile Access Control) addresses will be encrypted and depersonalised, the data will be stored on a secure server and not linked to any other data and the data will be unavailable to third parties.
>
> TfL customers have been notified of the trial through posters displayed at the entrances and on the platforms of all the participating stations. They have the option of opting out of the trial by switching their wifi off.
>
> TfL is hoping to obtain data that will help them with better disruption management, timetable planning and station design.
>
> Despite the TfL’s efforts, not all privacy concerns have been answered. The explanation given by TfL on posters at stations and platforms misses three crucial points to help passengers understand how the scheme works, all the purposes the data is being collected for, and how to opt out:
>
> TfL are tracking people's movement around London and around stations
> Passengers have to turn off WiFi on all the devices they are carrying to opt out. If they leave WiFi switched on but never use the WiFi network, they will still be tracked.
> The data will be used to find and set prices for advertising spaces in stations, in addition to improving services
> More in depth assessment of the TfL's trial practices can be found in a blog by Ed Johnson-Williams <https://www.openrightsgroup.org/blog/2016/tfl-needs-to-give-passengers-the-full-picture-on-wifi-collection-scheme>.
>
> Retailers offering e-receipts
>
> A Money Mail investigation <http://www.dailymail.co.uk/money/news/article-3962548/Why-shops-really-begging-email-address-claim-s-send-receipt-actually-just-want-sell-more.html> revealed that several high street retailers are offering their customers e-receipts and potentially harvesting their details for marketing.
>
> Customers are offered e-receipts as a substitute for printed receipts because of their convenience and as a substitute for warranty. The investigation found that shop staff did not always explain that emails could be used for marketing emails and that some customers were still sent marketing emails even though they had expressly asked not to get them.
>
> According to the law <http://www.legislation.gov.uk/uksi/2003/2426/regulation/22/made>, customers need to be given “a simple means of refusing” any future direct marketing. The ICO </wiki/ICO> issued a short guide <https://iconewsblog.wordpress.com/2016/11/23/would-you-like-us-to-email-you-a-receipt/> on how retailers should proceed when asking for their customers’ data.
>
> You can find more information in Pam Cowburn’s blog post <https://www.openrightsgroup.org/blog/2016/no-one-expects-spam-for-christmas>.
>
> Europe
>
> EU countries on encryption
>
> A freedom of information request from the Dutch NGO Bits of Freedom <https://www.bof.nl/> revealed that several EU countries want EU law to be created to enable law enforcement agencies to access encrypted information <http://www.euractiv.com/section/social-europe-jobs/news/five-member-states-want-eu-wide-laws-on-encryption/>.
>
> The Slovakian government (currently holding the rotating presidency of the Council of Europe) asked the member states to identify how their law enforcement agencies deal with encryption technology. From the 12 responses obtained so far by the Dutch NGO, Croatia, Hungary, Poland, Latvia and Italy called for drafting EU laws letting their agencies to decrypt information.
>
> Several countries indicated in their responses that their police forces lack the funds and technical skills to intercept criminals encrypted communications. Following the survey responses, national ministers will discuss encryption at a meeting in early December.
>
> Andrus Ansip, Vice President for the Digital Single Market, previously criticised <https://www.euractiv.com/section/digital/interview/ansip-i-am-strongly-against-any-backdoor-to-encrypted-systems/> the efforts to create backdoors for encryption.
>
> ORG media coverage
>
> 2016-11-18-The Canary-While we were busy freaking out about Trump, parliament had a bonfire of our human rights <http://www.thecanary.co/2016/11/18/busy-freaking-trump-parliament-bonfire-human-rights/>
> Author: Carlyn Harvey
> Summary: Jim Killock quoted on the IPBill being the most extreme surveillance law ever passed in a democracy.
> 2016-11-20-Al Jazeera-UK politicians approve 'extreme surveillance' law <http://www.aljazeera.com/news/2016/11/uk-lawmakers-approve-extreme-surveillance-law-161120082825419.html>
> Summary: Jim Killock quoted warning on the international reach of the IPBill and authoritarian regimes using it as a justification for their own practices.
> 2016-11-21-Metro- Plan to block porn websites ‘to go ahead’, government confirms <http://metro.co.uk/2016/11/21/plan-to-block-porn-websites-to-go-ahead-government-confirms-6272574/>
> Author: Rob Waugh
> Summary: Jim Killock quoted on the necessity for privacy and safety of end users if age verification proposals are to be implemented.
> 2016-11-21-Wired-UK government plans to block porn sites that don’t provide age-checks <http://www.wired.co.uk/article/porn-age-verification-checks-digital-economy-act-uk-government>
> Author: James Temperton
> Summary: Jim Killock quoted on the ISP website blocking leading to censorship of legal material.
> 2016-11-22-The UK is entering a draconian era of porn prohibition <http://www.newstatesman.com/science-tech/privacy/2016/11/uk-entering-draconian-era-porn-prohibition>
> Author: Amelia Tait
> Summary: Jim Killock quoted on the ISP website blocking leading to censorship of legal material.
> 2016-11-22-BBC-Porn sites could be blocked by ISPs under new UK rules <http://www.bbc.co.uk/news/technology-38062660>
> Summary: Jim Killock quoted on the ISP website blocking leading to censorship of legal material.
> 2016-11-22-Newsweek-Privacy Row as U.K. Government Plans Porn User Database <http://europe.newsweek.com/uk-government-plans-porn-user-database-523901?rm=eu>
> Author: Anthony Cuthbertson
> Summary: Jim Killock quoted on the ISP website blocking leading to censorship of legal material.
> 2016-11-23-Metro-Non-conventional’ porn will be banned from all websites in the UK, BBFC warns <http://metro.co.uk/2016/11/23/non-conventional-porn-will-be-banned-from-all-websites-in-the-uk-bbfc-warns-6278122/>
> Author: Rob Vaugh
> 2016-11-23-CNet-UK government: No porn please, we're British <https://www.cnet.com/uk/news/uk-government-no-porn-please-were-british/>
> Author: Katie Collins
> Summary: ORG quoted on the ISP website blocking leading to censorship of legal material.
> 2016-11-23-Vice-What the New British Porn Bill Means for You <http://www.vice.com/en_uk/read/non-conventional-sex-the-government-wants-to-block-perfectly-legal-porn-digital-economy-billorn-digital-economy-bill>
> Author: Girl On The Net
> Summary: Alec Muffet quoted on the non-existence of national boundary of the Internet in relation to the age verification proposals.
> 2016-11-23-Business Insider-The UK is banning 'non-conventional' porn and it could censor huge swathes of the web <http://uk.businessinsider.com/uk-ban-non-conventional-pornography-censorship-reddit-tumblr-digitaleconomy-bill-2016-11>
> Author: Rob Price
> Summary: ORG quoted on chilling privacy implications of age verification for porn websites.
> 2016-11-23-The Verge-The UK is about to wield unprecedented surveillance powers — here’s what it means <http://www.theverge.com/2016/11/23/13718768/uk-surveillance-laws-explained-investigatory-powers-bill>
> Author: James Vincent
> Summary: Jim Killock quoted on the impacts of the IPBill on people’s online behaviour.
> 2016-11-24-Politics-Insecure, ineffective and dangerous: The reality of the UK's new porn bill <http://www.politics.co.uk/comment-analysis/2016/11/24/insecure-ineffective-and-dangerous-the-reality-of-the-govern>
> Author: John Lubbock
> ORG Contact Details
>
> Staff page <https://www.openrightsgroup.org/people/staff>
>
> Jim Killock, Executive Director <https://www.openrightsgroup.org/people/staff#jim>
> Javier Ruiz, Policy <https://www.openrightsgroup.org/people/staff#javier>
> Ed Johnson-Williams, Campaigns <https://www.openrightsgroup.org/people/staff#ed>
> Pam Cowburn, Communications <https://www.openrightsgroup.org/people/staff#pam>
> Lee Maguire, Tech <https://www.openrightsgroup.org/people/staff#lee>
> Myles Jackman, Legal Director <https://www.openrightsgroup.org/people/staff#myles>
> Charlie Tunmore, Supporter Officer <https://www.openrightsgroup.org/people/staff#charlie>
> Slavka Bielikova, Policy Officer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openrightsgroup.org/pipermail/parliamentary.monitor/attachments/20161125/0d017b43/attachment.html>
More information about the Parliamentary.monitor
mailing list