ORG policy update/2017-w47

This is ORG's Policy Update for the week beginning 20/11/2017.

If you are reading this online, you can also subscribe to the email version or unsubscribe.

ORG’s work

  • ORG is running a petition against the Government’s proposals to criminalise repeated viewing of online terrorist propaganda and compelling internet companies to police their own networks. ORG started a petition against the Government’s proposals to criminalise repeated viewing of online terrorist propaganda and compelling internet companies to police their own networks. Sign the petition here!
  • In case you couldn’t come to ORGCon, you can now watch the talks online! Have a look at our YouTube channel.

Planned local group events:

  • Join ORG Cambridge on Tuesday 5 December for a monthly meetup. They will discuss the current state of digital rights, what they've done in the past month, and what they are planning to do in the upcoming months.
  • ORG Glasgow will hold their monthly meetup on Thursday 7 December at the Electron Club. You will have an opportunity to discuss current affairs and topics of interest and to generate new ideas for public events and presentations.
  • ORG London are hosting a presentation on the 'Cryptobar' installation on Tuesday 12 December. Cryptobar is a project aimed at spreading the word about privacy (and privacy-enhacing technologies) in an artistic and accessible way.

Official meetings

UK Parliament

DPBill debate in the HoL Committee continues

The Data Protection Bill (DPBill) was debated in two last Committee sittings in the House of Lords this week.

The full transcripts from this week's sessions are available from here:

Lords debated these sets of amendments.

The current full text of the bill, as amended in the Lords Committee stage is available here.

Report sittings will begin soon, on 11 December and 13 December.

The Committee debated amendments regarding the implementation of the General Data Protection Regulation Article 80(2). The amendment would allow independent privacy bodies to represent data subject without naming them. Two amendments were submitted and supported by both Lib Dems and Labour. Amendment 184 would cover both processing of data which applies under the General Data Protection Regulation and outside of it. Amendment 185 only covers the processing of data under the GDPR.

The two amendments have received a wider support from the House. However, the Government stated that they do not find it necessary to implement them because the Data Protection Bill will allow organisations to represent named data subjects (as outlined in Article 80(1)). Additionally, Lord Ashton of Hyde said that individuals have the ability to independently complain to the Information Commissioner where they have concerns. He called the amendment premature as there is a need for an analysis of other similar provisions in UK law.

Ashton further raised issues of what organisations would be permitted to represent data subjects, their motivation and trustworthiness. In a somewhat puzzling way, Lord Ashton articulated the Government's reluctance to implement Article 80(2) due to the lack of consent from data subjects to be represented.

"To summarise, we have chosen not to adopt article 80(2) because the Bill is based on the premise of getting consent—but these amendments are saying that, regardless of what the data subject wants or whether they have given consent, other organisations should be able to act on their behalf without their consent. That is the Government’s position and I hope that noble Lords will feel able not to press their amendments.”

Peers who put their names to both amendments showed considerable bewilderement following Lord Aston's explanation. Both amendments were withdrawn and are likely to be brought in for a debate at the Report stage.

Prior to the Report stage, both Baroness Williams of Trafford and Lord Ashton of Hyde are due to publish their letters giving more detail on how exemption on the processing of data for immigration purposes will be used in practice and what progress has been made in regards to age verification obligations as set out in the Digital Economy Act 2017 respectively.

Other national developments

National advisory body for artificial intelligence

The UK Government announced in the Autumn Budget that it intends to create a 'Centre for Data Ethics and Innovation'. They claim the body will "set standards for the use and ethics of AI and data" and promote the UK as a world-leader in "developing practical uses" for artificial intelligence.

Europe

Civil Liberties Committee rejects #censorshipmachine

This week, the European Parliament (EP) Committee on Civil Liberties, Justice and Home Affairs (LIBE) voted against a section of the Copyright Directive proposal, that would have required the establishment of mandatory 'upload filters' on all EU-based sites that accept user-uploaded content.

The function of the proposed filters would have been to implement content recognition technologies to 'filter' out uploads to sites which were potentially in violation of copyright regulations.

The Committee's opinion addressed what it deemed were the two most potentially damaging parts of the proposal, by:

  • a) rejecting the obligation to filter every single upload to the internet using content recognition technologies; and
  • b) clarifying that measures to ensure enforcement of licensing arrangements should not include general monitoring obligations for internet companies.

ORG and other organisations from across the EU have previously called for removal of Article 13. Despite not deleting Article 13, LIBE has has firmly opposed the imposition of censorship machines in the copyright proposal. Next, the Legal Affairs Committee will discuss and vote on their report on the copyright proposal. This is likely to take place in on 24 or 25 January.

Consumer Protection Cooperation Regulation

The European Parliament passed a new Consumer Protection Cooperation Regulation, to serve as a replacement for the previous 2004 regulations. It aims to outline conditions under which the authorities in EU member states which are responsible for protecting consumer interests should cooperate with each other and with the European Commission to enhance the protection of consumers' economic interests.

The regulations contain powers allowing for web blocking and domain suspensions, which are specified as being enforceable either as administrative powers or through the courts.

While it is not clear that the new Regulation will apply to the UK as a result of Brexit, it would provide powers that could replace the current “voluntary” procedures made between Nominet and various consumer protection agencies, as well as the police including PIPCU.

Arguably the existence of a requirement for these powers should mean that the UK provides for a legal framework to replace the current ad hoc arrangements.

It would also however create a mechanism for much more widespread use of web blocking for a range of websites deemed to be harmful to the public.

In order to comply with the European Charter of Fundamental Rights, takedowns and censorship powers would need legal accountability.

It is not clear that administrative powers in the regulation would be compliant with the Charter, as rights for those affected by the takedown need to be taken into account.

Questions in the UK Parliament

Question on internet bullying

Jim Shannon asked the Secretary of State for Digital, Culture, Media and Sport what steps they have taken to address the issues caused by "internet trolls".

Matthew Hancock MP responded that the Government is considering a range of options to counter internet harms, including an "Internet Safety Strategy", published on 11 October.

He also responded that "the recently enacted Digital Economy Act will help to ensure that online abuse is effectively tackled by requiring a social media code of practice to be established."

Question on anonymity networks

Chris Evans MP asked the Secretary of State for the Home Department what steps the Government is taking to "regulate the download of anonymity network browsers". He also asked for statistics on the number of people convicted under the Terrorism Act 2006 in the past year were found to be using such anonymity tools. Finally, he asked what assessment the Home Department had made of the prevalence of the usage of such tools in the past year.

Ben Wallace MP declined to answer, noting that "the National Crime Agency and UK Intelligence Community regularly assess the threat to the UK from the use of online anonymity networks by criminals and terrorists", but that such information is operationally sensitive.

Question on social media privacy

Jo Platt MP asked the Secretary of State for Digital, Culture, Media and Sport, what steps they are taking to "protect social media users' privacy from social networks while using video and microphone equipped devices".

Matthew Hancock MP responded that "organisations, including social media companies, must have legitimate grounds for collecting and using personal data and handle people's personal data only in ways they would reasonably expect." He also noted that organizations breaching this would be liable for enforcement action from the ICO.

He went on to confirm that the Government is "currently legislating for a new Data Protection Bill. The Bill will set new standards for protecting general data, in accordance with the General Data Protection Regulation, giving people more control over use of their data, and providing new rights to move or delete personal data."

Question on removal of anti-semitic propaganda

Gregory Campbell asked he Secretary of State for Communities and Local Government, what steps he is taking to combat access to anti-Semitic propaganda among young people.

Marcus Jones answered that the Government was "working with internet service providers to ensure that antisemitic propaganda which is deemed illegal is removed within 24 hours. In addition, internet service providers are making a concerted effort to ensure that antisemitic propaganda does not appear at the top of search results."

ORG media coverage

See ORG Press Coverage for full details.

2017-11-21-The Telegraph-Google promises to end 'concerning' smartphone tracking
Author: Margi Murphy
Summary: Jim Killock quoted for story about Google gathering Android location data without user permission.
Topics: Privacy
2017-11-22-The Telegraph-Government urged to make it easier for public to be compensated after hacks
Author: James Titcomb
Summary: Jim Killock quoted in an article about an open letter to digital minster Matt Hancock urging the Government to allow consumer groups like ORG to seek redress for data breaches without prior instruction from the affected consumers.
Topics: Privacy, Security, Data protection
2017-11-22-Telecoms.com-UK urged to improve data protection for the digitally naive
Author: Jamie Davies
Summary: Jim Killock quoted in an article about an open letter to digital minster Matt Hancock urging the Government to allow consumer groups like ORG to seek redress for data breaches without prior instruction from the affected consumers.
Topics: Privacy, Security, Data protection
2017-11-22-ComputerWeekly-Government urged to improve redress for mass data breaches
Author: Warwick Ashford
Summary: Jim Killock quoted in an article about an open letter to digital minster Matt Hancock urging the Government to allow consumer groups like ORG to seek redress for data breaches without prior instruction from the affected consumers.
Topics: Privacy, Security, Data protection
2017-11-23-Engadget-Pornhub owner may become the UK's gatekeeper of online porn
Author: Daniel Cooper
Summary: Myles Jackman quoted in a story about MindGeek positioning themselves as the primary AV provider for adult content.
Topics: Privacy, Digital Economy Act 2017

ORG Contact Details

Staff page