This is ORG's Parliamentary Update for the week beginning 27/01/2014
If you are reading this online, you can also subscribe to the email version.
- 1 Official Meetings
- 2 NSA and GCHQ updates
- 2.1 Canadian electronic spy agency "tracked" travellers using airport wifi for days
- 2.2 GCHQ is collecting information from social networking sites in real-time
- 2.3 NSA collecting user information through popular apps
- 3 Consultations and departments
- 4 Government Bills
- 5 Debates and questions
- 6 International Developments
- 7 European Union
- 8 Law and Legal Cases
- 9 Political Parties
- 10 Commercial Stakeholders
- 11 ORG Media coverage
- 12 ORG contact details
Jim Killock met with Bits of Freedom to talk about digital rights.
NSA and GCHQ updates
Canadian electronic spy agency "tracked" travellers using airport wifi for days
New 'Snowden documents' show that the Communications Security Establishment Canada ( CSEC), used free wifi internet, at a major Canadian airport, to track the wireless devices of thousands of travellers for days. According to the document this was a trial run for a stronger software that is being developed with the help of the NSA. Experts analysing the documents, said that it was clear the CSEC intended to share the information and technology with the Five Eyes network (network of intelligence agencies in the US, New Zealand, Australia and Britain)
Canadian agencies are prohibited by law to collect the information of Canadians or anyone else in Canada without a warrant.
The agency commented that CSEC is "mandated to collect foreign signals intelligence to protect Canada and Canadians. And in order to fulfil that key foreign intelligence role for the country, CSEC is legally authorized to collect and analyse metadata." As CBC, who first broke the story comment, "CSEC claims "no Canadian or foreign travellers' movements were 'tracked,'" although it does not explain why it put the word "tracked" in quotation marks."
Separate pilot project to sweep mid-sized Canadian city
The documents also show that in a separate pilot project, they obtained access to two communications systems with the information of more than 300,000 users. It was then able to sweep a medium-sized Canadian city to pinpoint imaginary targets in a hypothetical kidnapping case.
Through a programme called "Squeaky Dolphin", it appears GCHQ was able to monitor the real-time activity of users in popular social media sites, such as Facebook, YouTube and blogging websites. A presentation document (PDF) to the NSA, showed the details of the project.
Experts analysing the documents, said GCHQ was able to obtain the information either through physical taps in the cables or by using third parties to gain physical access to the data stream.
Representatives of Google and Facebook denied any involvement and express their shock at the news as they had opposed legislation that would allow the British government to obtain this information (through the Communications Data Bill), but the government went along with it despite legislation being blocked. See below for a story on renewed calls by David Cameron to revive the Communications Data Bill.
NSA collecting user information through popular apps
A joint publication of documents by the New York Times, the Guardian and ProPublica found that the NSA has been collecting information on users through popular mobile applications. A 2012 report by British intelligence agencies detail a division in streams of information coming through mobile applications and other types of mobile traffic. Those streams are traditional telephony, social apps, geo apps, http linking (including webmail, MMS and traffic associated with mobile ads). One of the reports showed that just by updating Android software, more than 500 lines of data about the phone's use is sent to the network.
In response to questions about the programme, the NSA said “Because some data of U.S. persons may at times be incidentally collected in N.S.A.’s lawful foreign intelligence mission, privacy protections for U.S. persons exist across the entire process.” Similar protections, the agency said, are in place for “innocent foreign citizens.”
Another report cites apps like Angry Birds as source of personal information
A British report dated 2012 includes information on how to access apps such as Angry Birds. The company that made the application was accused in 2012 of collecting user information and passing it on to mobile advertising companies.
The profiles vary depending on which advertising companies are collecting the information. For example, some may focus on household income, the current activity of the cellphone user or basic information such as age and sex. Other ad companies were found to create even more intrusive profiles including information such as sexual orientation. The advertising companies mentioned include Burstly, Google’s ad services and Millennial Media.
Consultations and departments
A full list of open consultations and Parliamentary events can be found on our Events
More information on UKCCIS group looking at over-blocking by parental control filters
The BBC has reported on the UKCCIS working group plan dealing with problems of overblocking by parental control filters now offered by ISPs. The group is looking initially at creating a white list of the organisations that should not be blocked and a system for directly reporting wrongly blocked sites.
A number of charities and other organisations have been wrongfully blocked by the new family filters, due to keywords flagging them up. Examples include Edinburgh Women's Rape and Sexual Abuse Centre and award-winning sexual education site BishUK.com.
IP Bill goes through Committee Stage
The Intellectual Property Bill was in Committee stage this week, with debates on Tuesday and Thursday. A number of amendments were proposed by Iain Wright MP (the Labour, Shadow Minister for Industry) related to copyright reform and enforcement.
New Clause 2 looked to delay the progression of copyright changes related to the Hargreaves Review process until the Government had produced a report "setting out the government’s long term plans for the future of intellectual property", whilst new clause 3 would have forced the Government to announce, within three months of the IP Bill passing, how they would ensure "technology companies hinder access via the internet to copyright infringing material."
Following debate, none of these proposed amendments were passed. You can read a transcript of the debates in Committee on the Parliament website. The text of the new clauses can be read in the Bill documents, as can the other relevant amendments (most notably amendments 35 and 36).
You can view all the latest developments related to the Bill on the Parliament website.
Debates and questions
Questions on government actions to protect children online
Steve Rotheram MP has asked two questions relating to actions to protect children online.
In response to what discussions occur between the Secretary of state for the Home Office with the Secretary of State for Culture, Media and Sport for the protection of children online, Damian Green MP, replied that the two departments meet regularly to discuss the topic and the UK Council for Child Internet Safety (UKCCIS) meets quarterly to discuss strategies to tackle the issue, the next meeting being in March.
The UKCCIS is composed of representatives from law-enforcement, government, charities, academia etc and is chaired by Under-Secretary of State for Culture, Communications and the Creative Industries, the Parliamentary Under-Secretary of State for Children and Families and Mr Green.
The second question was what steps the Secretary for Education is taking to prevent children from being bullied online. Edward Timpson MP replied that all schools are obliged to have anti-bullying measures. Each school is allowed to develop their own, but are accountable to Ofsted. He also added that as part of the changes to computing programmes, e-safety will be taught in all stages.
Finally, he noted that the Department for Education is donating £4 million over the next two years to anti-bullying organisations Beatbullying, the Diana Award, Kidscape and the National Children's Bureau consortium
US Department of Justice to allow disclosure of more information on surveillance request
Following a series of lawsuits from Microsoft and Google, the US Department of Justice (USDOJ) has granted them permission to include more details on the amount of received surveillance requests by the United States Foreign Intelligence Surveillance Court (FISA court). According to the USDOJ statement, the permission comes after President Obama's speech on reforms to the intelligence agencies. The statement said "the administration is acting to allow more detailed disclosures about the number of national security orders and requests issued to communications providers, and the number of customer accounts targeted under those orders and requests including the underlying legal authorities."
Report on effectiveness of three-strike ban for illegal file sharing
A report found a system of sending three warning strikes to copyright infringers to be ineffective. The system was introduced as a law in France, but since July 2013 has been discontinued because of its high cost and relatively low success rate. Under the three strikes, a user would be warned three times and eventually have their internet access blocked if they continued their activity.
However, a paper titled "Graduated Response Policy and the Behavior of Digital Pirates: Evidence from the French Three-Strike (Hadopi) Law" found it to be ineffective as a deterrent and even found evidence that people more informed about the law would seek alternative peer-to-peer networks that weren't monitored.
The paper is available on the Social Science Research Network.
Data protection vote moved to after European elections in May
The European Data protection regulation has been delayed until after the European Parliament elections in May this year. Key negotiators in the process have agreed to pass the regulations before the end of 2014.
The negotiations were meant to start in October by the civil liberties committee, but disagreements among member states in December delayed the process. The delays in negotiations are mainly caused by a group of countries that are seeking to weaken the regulations. UK, Denmark, Hungary, and Slovenia are pushing to make the regulation into a directive. While regulations are meant to be implemented as presented, directives give domestic governments the freedom to interpret the laws.
Deputies will vote to start the negotiations with member states during the plenary sessions in either April or May.
The regulation was announced two years ago
Law and Legal Cases
Spanish court orders ISP to block copyright infringer from internet access
An association of Spanish music producers and major record labels, with the assistance of an anti-privacy firm, located the user, however, only by his nickname and IP address (ISPs in Spain are not compelled to reveal their user's identity). As the association was not able to identify the user, they brought a litigation suit directly against the ISP, under laws that allow rights holders to take action against intermediaries in copyright infringement.
The court initially dismissed the claim, but after an appeal ordered the termination of the users internet.
David Cameron makes new calls for a Communications Data Bill
The Prime Minister has made renewed calls to revive the Communications Data Bill after the elections in 2015. He said there was a need to modernise laws and procedures to allow the monitoring of citizens to keep them safe. He is referring to legislation introduced in 2012, blocked by the Deputy Prime Minister, which would lawfully allow intelligence agencies to collect communications data.
Speaking to a Parliamentary committee, the Prime Minister argued that TV crime dramas show the necessity of gathering information from people's mobiles to solve cases. He said "I love watching, as I probably should stop telling people, crime dramas on the television. There's hardly a crime drama where a crime is solved without using the data of a mobile communications device."
Sky parental filters block plugin crucial to operation of popular websites
On Sunday, Sky's parental filters accidentally blocked jQuery, a plugin crucial to the operation of many of the internet's biggest websites, after it was wrongly classified as 'malware or phishing' . The Guardian reports that the most likely explanation for this is that an actual malware website using the plugin caused it to be blocked.
The malware labelling resulted in the plugin being blocked on filters that had selected an '18+' access.
ORG Media coverage
See ORG Press Coverage for full details.
- 2014-01-28 - Open Democracy - Britain 'shines light of transparency' on secret lobbying. Just kidding.
- Author: Jonathan Gray
- Summary: Open Rights Group mentioned