Today the EU and member states including the UK signed the Anti-Counterfeiting Trade Agreement in Japan.

You may remember the healthy debate held here about whether this international treaty was something that the UK should commit itself to, helping policy makers arrive at a collectively taken decision. No? Good spot - there was no such debate! It was waived through the committees responsible for scrutinising the agreement, being deemed a 'document not raising legal or political questions requiring a report to the House'. (I posted about the democratic vacuum at the heart of ACTA here.) This is despite ACTA having very serious consequences for the free flow of information online, repeating the kind of mistakes seen in the US' 'SOPA' and 'PIPA' legislation.

We're getting to crunch time. The ball is now very much in the European Parliament's court. The good news is, that gives you a chance to say why we think ACTA is such bad news. Finally, a mechanism to influence the course of this international agreement. Various committees will be providing opinions over the coming weeks, before a final vote before June. La Quadrature Du Net have set out the process in their latest blog:

ACTA procedure in EU Parliament

• The International Trade (INTA) Committee of the European Parliament is the main committee working on ACTA.
• The Legal Affairs (JURI), Development (DEVE), Civil Liberties (LIBE) and the Industry (ITRE) committees will first vote on their opinions after holding “exchange of views” on draft reports in the coming weeks.
• Opinions will then be sent to INTA to influence its final report, which will recommend the EU Parliament as a whole to reject or accept ACTA.
• The final, plenary vote by the EU Parliament on ACTA should be held no sooner than June.

So what can you do right now?

First, read up on the problems with ACTA using EDRi's excellent 'What's wrong with ACTA' papers (they're my favourite kind of document: short, and clear). There's a more detailed analysis from La Quadrature Du Net of the final ACTA text here. The actual ACTA text is available here.

And then call UK MEPs who are members of the Development committee, who are currently considering their opinion. There are contact details here. La Quadrature have some suggestions about what to say here. (One tip includes being friendly, concise and clear - after all they're considering ACTA, not responsible for it.) 

There'll be plenty more to do in the coming months - and when we find out when the final vote is, there'll be a big push to convince all MEP's that ACTA needs swatting away. Stay tuned.

[Read more] (9 comments)

Open Rights Group and Tor have established that UK mobile networks such as Vodafone, O2 and 3 are filtering UK users' access to Tor's primary website (meaning the HTTP version of the Tor Project website, rather than connections to the Tor network) on pre-paid contractless accounts. 

Tor helps people stay anonymous online. Some examples of how it has been used include those trying to avoid oppressive state censorship in places such as Iran, through to abuse victims in the UK. There is a post by Jacob Appelbaum with more technical details about the blocking on UK mobile networks over at the Tor blog. 

These mobile networks' filters are supposed to be tools through which parents can manage their children's access to the Internet. O2 provide a tool to check whether a URL is blocked under their filtering system. Searching for 'torproject.org' tells us it is blocked because it falls into the category of 'anonymiser'. (Orange also say that they block content that falls into the 'anonymiser' category - but it does not seem that Tor is blocked on Orange.) It's unlikely that mobile operators are targeting Tor, and more likely that anonymisation tools generally are filtered.

It is not clear why services such as Tor have been included in filtering systems. It's clear that mobile operators need to look again at what sites they are blocking and why, especially when those blocks include important and legitimate tools such as Tor.

We initially established that Tor was blocked initially through our new tool blocked.org.uk. You can help us monitor how filtering on mobile networks works by reporting when you come across incorrectly applied blocks.

Problems with mobile Internet filtering

These problems would be less of an issue if it was clear to users when filtering applied to their account, how to turn the filter off, and how to report mistakes. But this isn't the case.

Phone companies 'filter' the mobile Internet because they don't know whether their phones are being given to or used by children and young adults. This happens by default in most cases. The concern is that if young people have unfettered access to the Internet they will stumble upon undesirable material. Filtering is usually turned 'on' by default.

Mobile Internet filtering systems can often block access to the wrong content, for example because content is categorised incorrectly or simply because the blocks are applied too broadly. 

We created a website recently that helps people report when this 'over-blocking' happens. In the last couple of weeks, we have received around 30 reports of inappropriate blocks to sites ranging from bars and restaurants through to personal blogs and pictures. This is denying businesses access to their market, consumers to services they want and restricting people's ability to freely access information online.

One of the first cases we came across was of a church being blocked by O2 - with the person running the church having serious problems getting the site unblocked. 

Such stories help demonstrate many of the problems with overly broad blocking:

• Phone companies do not properly inform adults that they may encounter censorship, or fully explain what is blocked.
• It can be difficult to opt out, and people who do are often actually asked to “opt in” to pornography and to provide credit card details.
• Mobile companies don't allow website owners to check if their sites are blocked, don't make it easy to report when things go wrong, and can be unresponsive when made aware of mistaken blocks. 
• Their staff seem poorly trained to help users making complaints.

Open Rights Group will be meeting with mobile operators over the next few weeks to talk about making sure that they can both help parents manage their children's mobile Internet use and avoid clumsy implemented filtering. Some are better at aspects of this than others (Orange provide an overview of the categories they block, for example.) But none implement a transparent and clear policy that puts users in charge.

We hope to have a good and constructive discussion about the pitfalls and how to tackle them; we have some pretty simple 'asks' that should help address many of the problems:

• Every adult is given a straightforward choice at sign up, whether to live with censorship or not. This is often called an 'active choice'.
• Every adult is given clear advice about the kind of content that may be blocked.
• They provide information on how their blocking works.
• Every mobile operator provides clear and easy ways to check if a site is blocked.
• Every mobile operator provides an easy ways to complain about wrongful blocks, including at the time that you find an incorrectly blocked website.

We'll be posting about our discussions with mobile operators as they happen.  

[Read more] (10 comments)

Open Rights Group today blanked out its landing page in support of protests against two IP-related laws currently being discussed in the USA. Similar black outs and protests are happening on US websites such as Wikipedia, Wordpress, Reddit and Google.

The two bills in question, which ostensibly aim to tackle internet piracy, are called the Stop Online Piracy Act (better known as SOPA) and the PROTECT IP Act.

There are two reasons that Open Rights Group are supporting a protest aimed at US laws. First, the overly broad definitions and wording of the bills put any websites at risk of action from US authorities. Second, we face many of the issues with these copyright-related bills here in the UK: inappropriate enforcement measures, in particular website blocking; overly-broad or vague definitions and wording; and weaknesses in due process and redress. (For completists, we can throw in that they are also based in flawed evidence, just like copyright laws here.)

The discussions hosted last year by the Department for Culture, Media and Sport, for example, initially included no input from those concerned with consumer or citizen interests, and initial proposals from rights-holders about how website blocking for copyright infringement should work outside of a proper court process embodied many of these concerns. Voluntary arrangements aren't inherently bad. But excluding people or view points representing broader concerns about due process and proportionality of enforcement online and freedom of expression can only lead to lop-sided arrangements. Those discussions are ongoing, and have only recently started to seriously engage with ORG and these problems. We wrote about this process many times last year - the most recent updates are here, here and here.

We hope that focusing on the issues with the proposals currently on the table in the US will not only support opposition to some very flawed bills, but will help this year's round of IP enforcement policy debates be more constructive and less damaging to the legitimate, free flow of information online. The Foreign Secretary William Hague recently told ORG that the UK took principles of freedom of expression and privacy online very seriously. We hope this helps emphasise how these commitments start at home.

You can read a letter that a number of international civil society organisations sent to Senator Harry Reid, setting out our concerns, here. There's an earlier letter, sent in November, about SOPA here.

[Read more]

Today, we're launching a website and campaign calling for a new exception to copyright law for parodies and pastiche. Here's why.

Late last year we heard about a video parodying the Olympic mascots Wenlock and Mandeville. It featured the two cycloptic cartoons flying off a rainbow into the middle of a riot. Having become the number one comedy video on YouTube the day it was released, it was forced off the Internet by legal threats from lawyers representing the Olympics.

The story seems to encapsulate the problems of parody and copyright law. The Olympics will draw on huge amounts of public money and affect many people's lives across East London and beyond. Whether the Olympics is good, bad or both, it is a hugely significant event whose impact should be open to a robust public debate. It will tell a story about the UK and the people in it. Some businesses are allowed to associate themselves with this story by trading on powerful Olympic images and branding. Those organisations will be trying to suggest to us that we eat, drink, wear or use their products and services.

For everyone else, genuine engagement with the meaning of the Olympics is heavily regulated. Copyright is one tool that can be used, and is being used, to stifle efforts to engage with that story - to use the signs and symbols associated with the Olympics to say something different about what the occasion will mean for the people affected. As one of the creators of the parody told us:

As comedy writers our first intention was to make people laugh. But the glaringly obvious hypocrisy in staging a billion pound event at a time of austerity and social unrest was a satirical gift. I find it outrageous and more than slightly comical that an organisation this large can be so concerned with crushing something so small as a Mother's Best Child sketch. Does it surprise me that the creators of the London 2012 mascots don't have a sense of humour? Erm, no.

At the moment, parodies of copyrighted films and music are not currently allowed under UK copyright law, unless you have the permission of the person who owns the copyright.

The result is that too often copyright is used to to stifle activity that we should be encouraging. Whether it is Greenpeace's parody of a Volkswagen advert, the many parodies of the German film Downfall, or the above Olympics parody, the work that suffers is often trying to make a point, to engage with an important issue of public interest, or to just poke some fun. Sometimes the works betray the developing creative talents of their creators. The story of B3ta.com shows that allowing people to use the creative works around them can be an important way for people to learn skills they can later benefit from. B3ta has been something of a training ground for some now well established creative industry artists, but have repeatedly fallen foul of copyright law.

The question is simply this: would we rather encourage this kind of creative activity, or discourage it? If it is the former - which is what we think - then the law needs to change.

Help us give copyright a sense of humour

That's why today we are launching a campaign for a new exception to copyright law for parody and pastiche. The exception was recommended in the recent independent review by Professor Hargreaves, and the government are currently consulting on how they should follow his ideas. If framed correctly, this should bring significant benefits for our ability to be a part of the cultural conversations around us. And just have some fun.

We need to tell policy makers now that copyright needs a sense of humour. And we need your help to do so. First, please think about signing our petition here. Second, if you make parodies and have had problems with copyright law, please get in touch. And do consider making a parody yourself and adding it to our Flickr group.

Finally, we'll be making our submission to the consultation soon. We'd encourage you to do so too, especially if you have been affected directly by this issue. We will post ours up on the website in case it helps.

Oh, and tell all of your friends.

[Read more] (6 comments)

To coincide with the London Conference on Cyberspace last November, Open Rights Group and nine other Internet freedom advocates, including Cory Doctorow and Index on Censorship, wrote to the Foreign Secretary about censorship and privacy in the UK.

We were concerned that some fine words about international obligations to freedom of expression and privacy were being undermined by the coalition's domestic Internet policies. We highlighted in particular suggestions made in the immediate aftermath of the riots that there should be more powers to block access to social networks, plans for more pervasive powers to surveil and access people’s personal information online, and also concerns that the Government might develop proposals to filter adult and other legal material on UK Internet connections by default.

Below is the full text of the Foreign Secretary's reply (which is also posted here). Overall it reiterates the rhetorical commitment to the principles of freedom of expression and privacy online and the Government's commitment to international human rights conventions. A couple of highlights to pull out now:

1. There is an explicit rejection of default censorship of adult content, and the suggestion that the Government will mandate Internet filters. The Foreign Secretary outlines a policy of 'active choice', saying that 'the position of Claire Perry on default filtering of adult content is not the position of this government.' So it's somewhat positive on the question of filtering and censorship - reasonably good news given this year is likely to see a number of policies developed on how content regulation works. (There's information on Claire Perry MP's inquiry into child protection online here). 

2. The letter is less brilliant and specific on privacy. The line on the need to 'maintain capabilities to investigate crimes and to protect individuals where they are threatened by criminals, terrorism or foreign powers' is a nod towards policies such as the Communications Capabilities Development Programme that are about how to 'preserve communications capabilities'. The concern is that these 'updates' will, in practice, lead to significant encroachments into the privacy of our communications. Stay tuned - this will likely be a big one this year.

3. Regarding the regulation of social networks, the letter states that the Prime Minister did not call for social networks should be closed down in the aftermath of the riots. This is strictly accurate (see column 1053 here). The press seemed to have the impression on the morning of the speech that the Government were closer to the 'turn it off' option - it's good to know that this is off the table.

The Prime Minister did say that they were looking at 'whether it would be right to stop people communicating via these websites and services when we know they are plotting violence, disorder and criminality.' Perhaps echoing this somewhat, the letter does say 'law enforcement agencies, the network providers and social media organisations are looking at ways they can enhance co-operation to prevent the networks being used for criminal behaviour, in accordance with, and in order to uphold UK law.' It'll be important to make sure that this does not mean, in practice, that informal relationships that fly close to the limits of the law stand in for proper due process and robust oversight.

Overall, the reply is useful and constructive, and outlines pretty clearly some digital rights faultlines - credit is due to the Foreign Secretary and the FCO for taking the time to reply in detail.

Here is the letter in full:

In response to a letter from a number of media freedom groups, Foreign Secretary William Hague outlines the Coalition Government's policy on freedom of expression and the internet.

Response from Foreign Secretary William Hague to an open letter on freedom of expression and the internet:

Thank you for your letter of 1 November about the Coalition Government’s policy on freedom of expression.

This Government rejects censorship and surveillance that undermines people’s rights to express themselves, organise or communicate freely. We are proud to stand up for freedom of expression and privacy. Britain will always be on the side of those aspiring to greater political and economic freedom anywhere in the world, whether this is on or off the internet.

In the UK, we are striving for a model for internet governance where governments, industry and users of the Internet work together. Our obligations under the Human Rights Act, underpinned by our international treaty obligations, are central. As you know, these protect freedom of expression, association and assembly from undue interference from the government or other public bodies. International human rights conventions rightly set very high thresholds for any action by the state to suppress or control the free flow of information. Any action we take will be in accordance with these obligations.

I would like to address some specific issues you raise.

We believe that parents should be provided with wide tools to enable them to voluntarily block harmful and inappropriate content. Active choice is the preferred approach, with parents given a choice as to whether or not to activate parental controls when switching on a new internet enabled device or connecting to a new internet connection for the first time. It is important to distinguish between government encouraging people to make more use of existing protections as a matter of choice, and the government deciding what people can and cannot do online. Our plans do not prevent access to legal material, but seek to make it much clearer that protections exist, and to encourage their use. The position of Claire Perry regarding the default filtering of adult content is not the position of this government.

You referred to the Prime Minister’s statement to Parliament earlier this year in the wake of recent disturbances in the UK. Let me be clear. The Prime Minister did not suggest that social networks should be closed down. The government has not and is not seeking any new powers in this area. We recognise the enormous benefits that social networking brings, not least in the valuable part it played in helping citizens avoid trouble spots and in galvanizing community clean up efforts. Social networking itself was not the root cause of the disturbances, but, as our courts have recognised, did offer an enhanced means of communication to some individuals’ intent on inciting or facilitating widespread criminal behaviour. In light of this our law enforcement agencies, the network providers and social media organisations are looking at ways they can enhance co-operation to prevent the networks being used for criminal behaviour, in accordance with, and in order to uphold UK law.

Finally you raised concerns about powers of surveillance and access to personal information online. It is of course the responsibility of government to maintain capabilities to investigate crimes and to protect individuals where they are threatened by criminals, terrorism or foreign powers. The use of covert surveillance by the authorised government agencies, for example the acquisition of communications data and the interception of communications, is regulated by the Regulation of Investigatory Powers Act 2000 (RIPA). RIPA’s strict safeguards, including independent oversight, ensure that such surveillance is, and will continue to be, fully consistent with our obligations under the European Convention on Human Rights.

As I outlined at the London Conference on Cyberspace (LCC), the UK’s approach to the future of cyberspace has at its heart a simple proposition: behaviour that is unacceptable in the offline world is also unacceptable online. This emphatically includes the curtailing of human rights. Human rights are universal, and apply with equal force online as they do offline. The UK will continue to take a lead role in ensuing these principles are upheld.

[Read more]

For the last four months, and despite repeated complaints, O2 has blocked the website of a Sheffield church, claiming it features adult content.

Now it’s Christmas, the time when we expect churches to be exercising their freedom of religion and expression to bring their message to those of us who are perhaps a little more Scrooge-like.

But not if you’re an O2 customer, it seems. O2 have settled firmly on the Scrooge side of things, denying their customers not just access to this site, but also any semblance of decent customer service when dealing with this censorship. O2 customer and ORG Supporter Gervase Markham explains:

My wife and I just moved to Sheffield and joined a network of churches called The Crowded House. I used my O2 Mobile Broadband to try and access their website, but it told me it was “18+ content”! When I contacted O2, my first email was rejected due to having “insufficient information”. I finally managed to find a contact form which worked, and they told me that I could “solve the problem” by having my mobile enabled for 18+ content! I told them that this was definitely not what I wanted, and refused to go through their age ‘verification’ procedure. Fixing the censorship for me alone is not a proper fix.

The next thing I knew, a text arrived on my phone saying “you can now access 18 rated content”. I had to explain to my wife quite why I was getting a text saying that. … To get them to reinstate the block, which they had removed without my permission, I had to call them. They told me they'd change it back, but then left me a message to say that they couldn't reinstate the block without my date of birth! I had to fight my way through their support menu system again to give it to them.

During the call, an O2 representative told me that he and his manager knew of no procedure for appealing against a block. He said that the block wasn't just for 18+ content, but it was also for things which might corrupt the morals of children. I asked him if he was describing my church's website in that way, which he hastily denied. He told me they unblocked people's phones all the time because they couldn't access perfectly innocent websites. I suggested that perhaps that this indicated that the system wasn't working very well.

ORG believes that innocent websites should not be censored by default, and clear mechanisms should exist to get innocent sites taken out of automatically generated censorship lists.

Just as importantly, people should provide their consent before having their Internet censored. They should be told what it means. And a customer should not be forced to label themselves a “porn-fiend” in order to remove censorship.

If you encounter examples of this default censorship disrupting people’s businesses, churches or free expression, please let us know. Report the block, via our mobile-friendly website, blocked.org.uk. Read more about what mobile companies should be doing here.

[Read more] (13 comments)

All the major UK mobile operators have Internet filtering schemes that block certain content from users. These filters are designed to protect children from accessing adult material. The filters are turned on by default when anybody signs up to a mobile contract. Age verification, normally via a credit card, is required to turn them off. We've heard a lot of anecdotal evidence of mistakes, over-blocking and the difficulty of pointing out when things go wrong (for example, see James Firth's blog on Vodafone's blocking of underwear sites).

Mobile Internet access is becoming more important as a means of getting online. According to Ofcom, 28% of UK adults said they accessed the internet on their mobile in the first three months of 2011, and mobile data use increased forty-fold between 2007 and 2010. We've started to look more closely at how this blocking works.

It's clear that mobile operators could be much clearer about this. They tend to be pretty opaque as to exactly how their filtering works, and how they decide which Web pages are inappropriate for under 18s.

For example, Orange says that it is the Independent Mobile Classification Body (IMCB) that decides what is adult content or not (see here). However this is not true. The IMCB does provide a framework for determining content that is inappropriate for children and teenagers. But content from the Internet is out of IMCB’s remit, as stated in its Classification Framework (see here). We've been in touch with IMCB about this, and are awaiting a reply.

Mobile operators all declare that they are acting according to a ‘code of conduct’ set by the Mobile Broadband Group. But this code does not provide for any kind of criteria for determining or defining blockable content. It simply points at the IMCB framework.

It is most likely that security contractors and their algorithms employed by mobile operators, such as US companies like Blue Coat, decide what we are able to access. How the policies of these companies fit with the frameworks of the IMCB and the Mobile Broadband Group is another question we are looking to answer. 

As well as a lack of transparency, overblocking and clumsy customer support, there is also plenty of controversy surrounding the methods these security companies use, for example about how much user data they keep hold of and the consent issues raised by the retention of this data. There are also questions about some of these companies seemingly selling their filtering technology to oppressive regimes such as Syria and Burma.

Transparency regarding how mobile operators decide what counts as 'blockable' content is increasingly important. Customers should be able to ascertain how and why content is blocked, and have easier ways to point out when things are going wrong. We'll be developing more work on this, including tools to help you point out when mobile operators are blocking sites, soon. Please let us know if you're interested in helping out.

[Read more] (8 comments)

As we posted about previously, ORG was present at the most recent DCMS roundtable to discuss 'self-regulation' and copyright enforcement. We were given a fair chance to raise our concerns in that forum. We have not heard whether future meetings and discussions will continue to be as open. 

A few weeks ago we asked the Department for Culture, Media and Sport for papers, minutes the attendee list from another meeting, hosted by both the Secretary of State Jeremy Hunt and the Minister Ed Vaizey MP, between copyright holders and search engines. This took place on 15th November, with a focus on how search engines might help tackle copyright infringement. 

We've now received back the minutes from the meeting, which you can read here. We haven't received the proposals put forward at the meeting - and we have asked DCMS to explain why. We'll let you know the response.

'Self-regulation' is probably better described as private policing, because it involves companies making decisions about preventing users or other people behaving in certain ways or accessing certain information. The measures currently on the table involve blocking people from accessing to content, removing financial support for websites, or the manipulation of search results. 

Our concern is that businesses policing the Internet will lead to deliberate or mistaken restrictions on access to and the distribution of information, with the wrong sites or content penalised and insufficient remedies when that happens. We are concerned that discussions involving only narrow interests, driven by proposals whose evidential basis is not examined, hosted by a Government considering itself only an observer, will not take account of the full range of citizen, consumer and creator interests.

From their response to our request, it certainly seems like the Government are not interrogating rights holders proposals very closely. We were told:

"The meeting, as demonstrated in the actions listed in the note, was focused on industry-led measures, and information is not held to establish the validity, consequences or relevance of these measures."

This helps to highlight the fundamental problem with the Government's position in the debate. Whilst claiming to simply be facilitating industry-led proposals, they can avoid having to defend, question, interrogate or widely consult on the proposals. But if the Ministers are demanding industry come to an agreement or face legislation, then there must be criteria against which they will judge the Internet companies' willingness to act.

One would presume this isn't just be the extent to which Internet companies manage to placate the trade bodies involved. So there must be a position on what would be the best outcome in public policy terms. The question is, what exactly are the Government looking for? How can they continue to avoid establishing the validity, consequences or relevance of the measures proposed? If they do have a position on what the best outcome is, why aren't they engaging in a proper, open policy making process in which all views are solicited and reconciled? 

Whether it is search engines being asked to manipulate search results, advertisers and credit card companies severing ties to alleged infringing sites, or the blocking of access to websites, these are proposals that hand out the power to try to disrupt the free flow of information. This is fundamentally a freedom of expression issue.

It is worth pointing out that this problem is not restricted to these discussions. The City of London Police are already involved in a scheme with rightsholders and payment services to remove payment from sites allegedly involved in copyright infringement. We've tried to talk to the City of London Police about this, to see what kind of evidence they require and the due process involved. So far we have had no luck. 

We hope that our involvement in the latest roundtable is an indication of an opening up of this process, and not a one-off gesture. With the Communications Act revision looming, 2012 should see them embrace appropriately open policy making.  Especially as DCMS are, funnily enough, named in the new Cyber Security Strategy as the Department responsible for rights online.

[Read more]