ORG policy update/2017-w16

This is ORG's Policy Update for the week beginning 17/04/2017.

If you are reading this online, you can also subscribe to the email version or unsubscribe.

ORG’s work

  • Following the election announcement by the Prime Minister Theresa May this week we have been analysing the impact of the general election on ORG’s current campaigns.
  • ORG launched a campaign asking the Home Office to clarify their position on the Investigatory Powers Act. Sign onto our letter to the Secretary of State and Shadow Ministers!
  • ORG launched an action to Email your MEPs about EU plans for websites to do mandatory upload filtering against a database of copyright works. MEPs are debating the proposals in several committees. Email your MEP today!

Planned local group events:

  • Join ORG Manchester on Saturday 22 April for a film screening of Citizen Four followed by a discussion with the NUJ about the Espionage Act.
  • Come and discuss ideas from other ORG Local Organisers with ORG North East on Saturday 22 April. We will have a casual meetup to discuss the state of things like the Digital Economy Bill, Espionage Act and future events.
  • With WikiLeaks' revelations of alleged CIA hacking tools it's more important than ever that we as citizens take steps to protect our privacy. Join ORG Birmingham on Monday 24 April for a practical session to learn about the threats you face and what you can do to protect yourself.
  • Join ORG Leeds on Wednesday 26 April for an evening of talks and discussion where we will explore the current state of digital rights, why they matter and the dangers of mass surveillance to our democracy. This event is part of the Leeds Digital Festival.



The House of Commons is back from recess and will discuss amendments to the DEBill made in the House of Lords on 26 April.

Amendments are expected to be accepted without many objections from MPs. The newest version of the Bill can be accessed here.

The Bill contains:

  • insufficient privacy safeguards for age verification

Part 3 and the Codes of Practice for age verification do not clearly divide the responsibilities of several regulators and an administrator of the appeals processes. The Government decided not to legislate on users being able to choose the tool to verify their age. It will be up to websites to choose which age-verification tools they want to use. With only the market, and not legislation, regulating the most widely used AV tools, new risks of tracking people’s sexual preferences will be created, and possibilities of data leaks will abound.

  • poorly defined provisions on censorship

DEBill does not limit what can be blocked if age verification is not used on an adult website. Without any limits imposed on the levels of blocking , the Government can easily block entirely legal sites.

  • no amendment for online copyright infringement

The Government decided not to include thresholds of seriousness for the definition of online copyright infringement offences. This makes any intentional infringement a criminal matter. Such definition is not proportionate and makes the offence unforeseeable.

  • partial improvements to data sharing in government

The Government improved the data sharing part by making the Codes of Practice statutory and by narrowing down what public authorities can access data. However, the Bill still enables bulk sharing of civil registration data and does not provide for reviews for all the powers under Part 5.

GDPR consultation

The Department for Culture, Media and Sport launched a call for views on implementation of the EU General Data Protection Regulation (GDPR). The Government is calling for views on the exemptions contained within the GDPR.

Previously the Government stated that they intend to implement the GDPR fully before the UK exits the EU.

The consultation is seeking views on sanctions, compliance demonstration, data protection officers, archiving and research, third country transfers, sensitive personal data and exceptions, criminal convictions, rights and remedies, processing of children’s personal data by online services, freedom of expression in the media, processing of data, restrictions and rules surrounding churches and and religious associations.

The call for views closes on 10 May midday. It will continue through the general election campaign. Submissions can be made here.

Question on parking and data protection

Jo Stevens MP asked the Secretary of State for Communities and Local Government, if the Department will make it their policy to carry out an assessment of effects on privacy and industry regulation of the practice of private car parking companies who are known to distribute information from the DVLA vehicle keeper database to third parties.

Marcus Jones MP responded that the Department does not plan to carry out an assessment. The Information Commissioner’s Office conducted an audit in March 2016 to judge DVLA’s procedures regarding processes in place to mitigate the risks of non-compliance with the Data Protection Act.

Question on Internet and protection of children

Laurence Robertson MP asked the Secretary of State for the Home Department, what steps the Department has taken to eliminate the circulation of indecent images of children online.

Sarah Newton MP responded that the Home Office increased resources to the National Crime Agency leading to a doubling of their investigative capability. Furthermore, the Joint Operations Cell was launched in 2015 (collaboration between GCHQ and the NCA) and is targeting the most sophisticated online offenders.

All UK police forces and the National Crime Agency (NCA) are connected to the Child Abuse Image Database (CAID) (launched in 2014). The Internet Watch Foundation have been assessing child sexual abuse images from the CAID and shared them with 6 major technology companies to enable their removal and prevent their sharing.

Question on encryption

Louise Haigh asked the Secretary of State for the Home Department,

  • what assessment the Department has made of the effect on consumer security of prohibiting end-to-end encryption;
  • what recent assessment they have made of the contribution to national security of prohibiting end-to-end encryption in digital messaging.

Ben Wallace MP restated in his response that the Government supports the use of encryption but they believe that there is a balance to be struck.

Wallace said that they have well-established, constructive working relationships with a wide-range of groups with an interest in this area, including the major Communications Service Providers. The Department plans to find a solution that both permits law enforcement and the security and intelligence agencies to get the information they need, whilst also protecting privacy.

Other national developments

Code of Practice on anti-piracy agreement

The Intellectual Property Office released the voluntary code of practice on anti-piracy agreements between search engines and the Government following a freedom of information request.

The Code was announced in February this year and sets targets for reducing the visibility of infringing content in search results by 1 June 2017. It was agreed on by Bing, British Phonographic Industry, Google, Motion Picture Association and the Alliance for Intellectual Property.

Microsoft and Google agreed to make it harder for people to find pirated media on their search engines. However, the code will not be applicable to other search engines.

Techniques for reducing visibility of infringing content specified in the code include automated demotion following the receipt of sufficient copyright infringement notices from rights holders and preventing the generation of autocomplete suggestions which lead consumers towards infringing websites.

The IPO will conduct quarterly cycles of research to assess progress toward meeting the Shared Objectives specified in the code. The IPO redacted parts of the Code that explained the metrics and criteria applied, so it will be impossible for civil society and external observers to make an independent assessment.

The code of practice is available here.

Survey on data breaches

The Department of Culture, Media and Sport published results of their survey on cyber security breaches. The results show that 51 percent of companies that hold sensitive customer information had suffered breaches, compared with 37 percent of firms that do not retain such data.

The telephone survey revealed that 46 percent of British businesses were subject to a cyber attack or a data breach in the past 12 months. According to the report, businesses are taking cyber security breaches more seriously now after several other high profile security breaches turned their attention to the issue.

The full survey results report is available here.

The survey is a part of the Government’s five-year National Cyber Security Strategy. The Government allocated 1.9 billion to improve protection against cyber attacks in the UK.


Eurobarometer on e-privacy

The European Parliament’s Civil Liberties Committee (LIBE) discussed the plans by the European Commission to introduce new privacy rules to take account of new practices such as internet-based messaging and allow users better control of their privacy settings. The Commission built their plans on the information obtained from a 2016 Eurobarometer survey. The survey showed that nine out of 10 Europeans believe it is important that the confidentiality of their emails and instant messaging is guaranteed.

The Commission published their proposal in January saying that strict EU privacy standards for electronic communications should apply not only to traditional telecoms companies, but also to new providers of communications services, such as WhatsApp, Facebook Messenger, Skype and Gmail.

The proposed changes would make it easier for users to accept or refuse cookies and would boost protection against spam.

During the LIBE’s hearing on 11 April, the Committee welcomed the Commission’s proposals. The Committee is due to report on the proposals in June. The report should be subject to a plenary vote in October. The privacy rules should be adopted by May 2018 as part of the General Data Protection Regulation.

ORG media coverage

See ORG Press Coverage for full details.

2017-04-10-FN London-The City vs WhatsApp: Surveillance battles intensify – paywall
Author: Lucy McNulty
Summary: Ed Johnson-Williams quoted on employers having to be transparent on data collection at workplace.
2017-04-20-Quartz Media-A generation of children is learning about sex through porn—and we have no way to stop it
Author: Cassie Werber
Summary: Myles Jackman quoted on age verification causing a massive revolt by the populace about state intrusion.
2017-04-20-Independent-Digital Economy Bill: What could happen after the government crackdown on online pornography
Author: Olivia Blair
Summary: Interview with Myles Jackman about the dangers of age verification in the Digital Economy Bill

ORG Contact Details

Staff page