ORG parliamentary and policy update/2014-w37

< ORG parliamentary and policy update

Top Stories:

  • Evaluation of National Cyber Security Programme finds it needs to 'speed up' work in area of cyber threats

This is ORG's Parliamentary and Policy Update for the week beginning 08/09/2014

If you are reading this online, you can also subscribe to the email version.

Official Meetings

Javier Ruiz attended the Anonymisation Conference on Thursday, organised by the UK Anonymisation Network (UKAN).

Consultations and departments

A full list of open consultations and Parliamentary events can be found on our Events

Ofcom invites submissions for agenda topics

The UK's regulatory body for the communications industry, Ofcom, has invited contributions on topics to be discussed between Ofcom's chair and chief executive regarding the regulator's performance in the preceding year and their 2014/15 strategy.

Industry representatives, individual consumers and consumer bodies are all invited to contribute by 13 October 2014.

You can visit for more information and how to submit.


Evaluation of National Cyber Security Programme finds need for progress in area of cyber threats

The National Audit Office has published an updated report, evaluating the work of the National Cyber Security Programme. The report says the Programme was making good progress, but evaluated their understanding of the most sophisticated threats to national security as 'varied'.

You can get access to the full report on the Office's website.

Government Bills

Home Secretary letter to human rights committee regarding DRIP's data protection safeguards published

A letter Theresa May MP wrote to the Joint Committee on Human Rights regarding the Data Retention and Investigatory Powers Act 2014 (DRIP), in July has been published.

In it she says "It is important to note (...) that the CJEU judgement was about the EU Data Retention Directive and not UK domestic legislation".

The letter went on to state ways in which she claims DRIP will enhance the data protection safeguards originally set out in the European directive.

The following are some of the stated measures:

  • Ministers must consider proportionality and necessity before issuing retention notices
  • The content of new notices will be more specific
  • Access to data retained subject to a notice will only be available via request under RIPA, court order or judicial authorisation
  • Scope of data will be limited to lists of data types
  • The maximum (rather than absolute) period of data retention will be 12 months

You can view the rest of the safeguards and measures, detailed in the letter, online (PDF)

Private Members Bills

Bill to prohibit the distribution of sexually explicit images over devices and the internet

Sponsored by Geraint Davies MP, a new bill has been introduced to parliament to "prohibit the distribution of sexually explicit images via the internet and text message without the consent of the subjects of the images". The bill includes provisions for manufacturers to set devices capable of connecting to the internet, to deny access to pornography by default.

The second reading of the bill is scheduled to take place on 7 November 2014. During the second reading, the bill is debated for the first time (

Debates, questions and speeches

William Hague responds to questions regarding security of emails on Microsoft cloud servers

William Hague MP has responded to security concerns, following an American court ruling that found Microsoft in contempt of court, for refusing to hand over emails located in their Ireland-based servers.

Mr Hague said that any government communication done through Microsoft's cloud-based servers, located in Ireland and the Netherlands, are protected by European data protection laws.

However, John Hemming MP, whom Mr Hague was addressing, said "where [the letter says] the US authorities could not exercise a right of search and seizure on an extraterritorial basis, well, they are doing that, in America, today." (Computer Weekly)

Question on the security of government files and emails stored on iCloud

A question was asked on the safety of government communications and files which contain material relating to constituents, in light of the recent security breaches of the iCloud.

John Thurso MP responded that the government doesn't comment on security matters and that the Parliamentary Information and Communications Technology (ICT) does not use iCloud.

He added that the ICT takes advice from Legal Services and the Director of Parliamentary Security, scrutinising the agreement between Cloud service providers, to ensure appropriate safeguards are in place. (Hansard)

International Developments

Report finds Germany as global exporter of surveillance technology

Two leading researchers on surveillance and digital security technology have found that Germany is a leading global exporter in surveillance technology. The authors of the report suspect that most of the technologies produced are bought and sold without a license. In Germany, a license is required for technologies which can be used for "bad and good" (also referred to as dual use technologies).

The report says that while the German government has denied supplying exporting licenses for a surveillance toolset to be sold to Bahrain and Ethiopia, there is ample evidence that the particular technology has indeed be sold there (Global Voices Online).

European Union

European Court of Justice allows libraries to digitise books

The European Court of Justice has allowed for the digitisation of books by libraries even if publishers don't allow them to do so. However, the reading of the material can only take place on dedicated terminals (The Register).

ORG Media coverage

See ORG Press Coverage for full details.

ORG contact details

Staff page