call +44 20 7096 1079


July 22, 2013 | Jim Killock

David Cameron is issuing bad advice to parents

Moving onto filtering today, David Cameron has created a very unfortunate debate about what he expects from Internet Service Providers.

David Cameron cc-by-nc-sa WorldEconomicForumLast week, we published a list of questions about the impacts of filtering technologies, on privacy, Internet applications and user awareness of the technology. These are a baseline of the concerns. We do not expect filters to be 'default on' but rather 'active choice': we expect adults to make a choice about what they install, as the government promised following their DfE consultation last year.Cameron states that:

"By the end of this year, when someone sets up a new broadband account the settings to install family-friendly filters will be automatically selected. If you just click 'next' or 'enter', then the filters are automatically on.

We hope he is inaccurate. Why wouldn't the set up require you make make an 'active' decision, yes or no, as previously agreed? Anything less would mean parents not engaging with the technology. It would mean accepting  that the collatoral damage from filtering would apply to many people entirely pointlessly. This won't just be pornography: it will be likely to include alcohol, gambling, web forums, and supposedly extreme political views.

However, today's comments from Cameron also constitute misleading and dangerous advice to parents. He said:

"in a really big step forward, all the ISPs have rewired their technology so that once your filters are installed, they will cover any device connected to your home internet account. No more hassle of downloading filters for every device, just one-click protection. One click to protect your whole home and keep your children safe.

"Once those filters are installed, it should not be the case that technically literate children can just flick the filters off at the click of a mouse without anyone knowing. So we have agreed with industry that those filters can only be changed by the account holder, who has to be an adult. So an adult has to be engaged in the decisions."

This places too much faith in technical tools that have historically proved flawed in achieving their goals.

Teenagers are usually sexually curious, and the forbidden has its own cachet. This may motivate them to try to bypass filters. It is poor advice to suggest that they will not succeed.

The filtering being suggested is only likely to work for those not actively looking for adult content, and even then no filter is perfect.

For instance devices, left unchecked, could be used to bypass filtering with extreme ease. Filtering can often be bypassed by anyone with an admin password, by using a VPN or proxy. This may sound technical, but is trivial. Many children learn how to do this to access Facebook at school.

Additionally, many network filters will only be applied to content sent "in the clear" and not encrypted content. In this circumstance, if available, SSL can be used to trivially bypass filtering - anyone capable of adding an "s" into a URL can do this. (As a consequence, pornographers may move to SSL if a large part of their adult market is enduced into a filtered Internet.) 

Thus Cameron's advice is just plain bad and misleading. Children will not necessarily be any less likely to be able to access whatever they like as the result of network filters, even if they are deterred. That may be a reasonable objective – but it is wrong to suggest that a magic bullet has solved the problem he talks about.

But that is symptomatic of the policy conundrum he has placed himself into, by pandering to a demand from the Daily Mail that 'porn must be blocked' and only accessible through an 'opt in'.

Education and parents talking to their children remain the only way for children to be helped. Cameron today should have been heavily caveating his claims, and by failing to do so, many parents will think the technologies ISPs are about to provide do a much better job than they will.


We've launched a petition calling for David Cameron to drop his plans for default Internet filtering. Sign the petition here:

[Read more] (11 comments)

July 21, 2013 | Jim Killock

Cameron demands action on child abuse images

Today we were expecting an announcement from David Cameron on the Andrew Marr Show previewing a speech on Monday about filters to stop children accessing adult pornography. Instead we have an announcement about paedophiles on the Internet. These are very different issues, needing different policy responses.

David Cameron cc-by GPaumierEvery right minded person wants to get rid of child abuse images, and stop people from accessing them. But Cameron's targeting of search engines seems wrong headed and rather 1995.

Firstly, most child abuse images are circulated in private networks, or are sold by criminal gangs. Banning search terms seems unlikely to combat the serious activity, which is independent of search engines. It may help for casual searches, but this seems at best a marginal help, and certainly not worth a Prime Ministerial announcement, nor threats of legislation implying that this action is critical for child safety.

Let us accept that some identifiable search terms will bring up illegal images. If a list of blacklisted terms exists, then new terms will be invented so that people can find what they want. Thus Cameron invites a game of cat and mouse which is likely to have very limited impact. The terms used may hide themselves into search terms that cannot be banned because they are innocuous. This, for instance, is the kind of reason why the term 'Lolita' was adopted to signal such material.

The first thing that should be done is for Cameron to ask for statistics about the searches he wants to ban. It would be interesting to know if this has been requested but no figures have been quoted so far.

In any case, search engines have moved well beyond being dependent on identifying content through a small set of accurately reproduced keywords. Banning a few terms seems unlikely to prevent any kind of material from being available through search.

Of course, Google and other search engines, once they are aware of such material, will always remove it from their databases. Organisations like IWF who look for it may well, of course, be using search engine terms to find it as well, probably in more sophisticated ways than the casual searchers Cameron believes he is trying to target: he should be careful that his policy does not make the lives of the IWF more difficult.

It is also being reported that Cameron is going to say tomorrow to Google, Microsoft and Yahoo! that:

You're the people who take pride in doing what they say can't be done.
You hold hackathons for people to solve impossible internet conundrums.
Well – hold a hackathon for child safety.
Set your greatest brains to work on this.

On the face of it, this would be an open invitation to the public — in that any member of the public can create a search engine, or any other kind of network software  — to engage in an activity that would almost certainly result in a violation of the Sexual Offences Act 2003*. One may well expect someone to use this in a future defence: "I only downloaded those images to help train an algorithm to block them".

The real ways this offensive and rightly illegal material is combated is through takedown and targeting criminals. Takedowns of child abuse image websites still take days, rather than hours in the case of bank phishing attempts. More could be done to make sure international co-operation improves the speed that images are taken down, therefore.

CEOP have done work to restrict the use of payment mechanisms, with some success, but more could be done to stop the money laundering that is necessary for images to be traded.

Search engines are an easy target. They cannot be seen to aid criminality as serious as paedophilia. They will therefore be under immense pressure to do what Cameron asks, no matter if it is counter productive or simply irrelevant to his aims. Cameron will be able to chalk up a victory and move onto the next Daily Mail headline generating press stunt.

Should we, therefore, care? We should: it is embarrassing for our Prime Minister to stand up and demand a policy that is likely to be of highly marginal impact, and discuss it as if it was of vital national interest, while failing to concentrate on the real answers. 

Cameron's announcement is symptomatic of the way the Internet is viewed and treated by policy makers. The technical challenges and consequences of policies are viewed as less important than the moral purpose justifying calls for action. Policies are announced before they have been properly considered. And worse, these announcements risk being another case of blaming the commercial intermediaries – in this case search engines – because that is easier and cheaper than doing what is really necessary.


* Actually, Section 1 of the Protection of Children Act 1978 and section 160 of the Criminal Justice Act 1988.

[Read more] (8 comments)

July 19, 2013 | Peter Bradwell

Questions ISPs must answer about Internet filtering

Internet Service Providers have agreed to roll out network level filtering to protect children online, following significant political pressure. We have sent them 20 questions on how their Internet filtering systems will work - questions policy makers have failed to ask.

Over the past few weeks the Government has held meetings with Internet companies about child protection online. These are designed to prompt more more action to protect children, on the assumption that these companies could and should be doing more.

Sadly the Government has seemed keen to appear as if they are taking tough action, and not so keen on thinking carefully about what their action should be.

Nowhere is this problem clearer than in an extraordinary letter written by the Department for Education to internet companies, which was leaked to Rory Cellan-Jones at the BBC. The letter sets out a fairly direct interventionist industrial policy - these businesses are asked to make various commitments in service of a speech that the Prime Minister would like to make. The ISPs are asked to implement 'pre-ticked' boxes, a 'browser intercept' to prompt users to turn on filtering, and to refer to the system as 'default on'.

Policy makers who are pushing for more Internet filtering for child protection do not take the related practical and technical questions seriously. They tend to throw about ideas for technical interventions such as internet filtering without considering how these would work, or what unintended consequences they might have.

They simply want 'more' done. What that 'more' is, or what it will achieve, seems to be an irrelevant detail. This is despite the Government having run a consultation last year, after which they settled on a fairly reasonable policy of helping parents make the right choices about filtering. They seem determined to edge towards a stricter 'default on' regime.

We have seen no evidence that during the meetings with internet companies the Government has taken account of any of the broader public policy questions related to the implementation of Internet filtering systems. Along with Index on Censorship, English PEN and Big Brother Watch, we wrote to the Culture Secretary Maria Miller asking her to invite us to the discussions so these issues could be raised. The Department has subsequently set up a meeting between us and the Minister Ed Vaizey MP.

The details are very important. Internet filtering can easily block more content than it is designed to – for example, if people do not understand what is being blocked and why, or if sites are incorrectly categorised. People may also easily get around blocking. It can give people a false sense of security. Making Internet filtering fit multiple devices, ages or beliefs within a household or other setting is almost impossible. And there are other consequences, such as the speed of access or an impact on privacy where traffic or blocking events are logged.

That's why we are putting these questions to ISPs. We will be sending the questions and replies to the relevant policy makers, and will hope to explain to them why we think these are important questions.

You can read our questions below, and the letter we have sent to ISPs on the correspondence page.

Twenty questions for ISPs on Internet filtering systems

A. On how the technology works

Under the Internet filtering system set up following discussions with the Government about online safety and child protection:

1. Is any traffic of users who are not opted in to filtering inspected and / or logged? If so, is it logged in a way that links the traffic to a subscriber? What logging will there be of blocking events? How does this work?

2. Is filtering applied to all forms of connection offered by the ISP (dialup, ADSL, cable, fast fibre connections etc)?

3. Have you estimated the impact of the through-put of filtering technology on the speed of users' internet access (both for those who are opted in and opted out)?

4. We are concerned about the impact on Internet applications in general as well as web traffic. Does filtering take place only of HTTP traffic on port 80, or will other traffic be affected? What steps will be taken to avoid interfering with non-HTTP traffic on port 80, for example non-HTTP applications that use this port in order to bypass firewall restrictions?

5. What impact does the filtering have on end-to-end security measures such as SSL or DNSSEC?

6. Can you guarantee that your networks will not be susceptible to mistaken blocking as a result of using specific IP addresses for forwarding filtered traffic, for example as seemed to happen in a case involving Wikipedia?

7. Have you made any estimates on the impact of filtering systems on infrastructure upgrades?

B. On setting up the filtering

8. Are users faced with pre-ticked boxes when choosing to activate filtering? What is the impact on customers who do not have access to or who do not use a web browsers on a network such as a home broadband connection that is only used for Smart TV video on demand applications? (ie who will not be presented with a web-based set up screen?)

9. How granular are the available choices? Will a household be able to cater for:

a. Multiple ages or a variety of beliefs?
b. Can specific sites be unblocked by a user?

10. Have you done user-testing for your opt-in systems?

11. What information about the filtering is available at the point of sign up? Does it include:

a. Detailed information about what types of content are blocked, with examples?
b. The providers of their filtering tools, if a third party is involved?
c. Information about the possible problems with and limitations of blocking, with information about how to report problems?

12. What age-verification processes will be in place? How will this work?

13. Is a customer's decision not to activate filtering a one-off decision, or will it have to be periodically repeated?

C. On managing problems and mistakes

14. When a site is blocked, what information is supplied to the end-user about why and how it has been blocked?

15. Are there easy ways to report mistaken blocks, either over-blocking or under-blocking? Are these clear when users encounter a block?

16. Are there easy ways for people to check if URLs are blocked, and will this include a reporting tool for requesting corrections and reclassifications?

17. How will complaints, from both your subscribers and from owners of sites that are blocked, be dealt with?

a. Are there plans in place to train customer service staff for dealing with these reports?
b. Are there targets for dealing with mistakes in a timely manner, or estimates of how long responding to and correcting mistakes will take?
c. Will you share error reports and corrections with other ISPs?

18. Have you specified acceptable error rates to suppliers of filtering services? If so, what are they?

19. Have you sought legal opinions relating to liability for incorrect blocks, including both false positives and false negatives? Do you have plans to offer compensation for businesses harmed by blocking errors, for example when potential customers are unable to access the site?

20. Are there or will there be systematic reviews of the effectiveness and quality of filtering, including reporting on problems and complaints? Is there a process for review and improvement? Is there or will there be an ombudsman or other oversight body to handle disputes and review performance?

[Read more]

July 19, 2013 | Jim Killock

ORG asks court for web blocking documents

Courts have not been forthcoming with access to website blocking orders, citing administrative reasons for refusing to treat them as public documents.

A few weeks ago, ORG published the website to compile and analyse website blocking orders in the UK.

Our aim is to create transparency over what methods of blocking are being authorised, what blocking is being done and by whom.

Once a judge has decided that a website deserves to be blocked under Section 97A of the Copyright Act, each ISP is sent a court order describing the actions they must take to block the website. It specifies the kind of blocking to be undertaken. The court order contains other important information, including the name of the organisation responsible for mistakes and changes to the lists of clone sites to be blocked.

Publication of the orders should benefit everyone. Courts, ISPs and copyright holders stand to benefit by having this knowledge made public. Accountability, fewer errors and less confusion about what is happening should be the result.

However, ISPs are often reluctant to share the orders with us, despite the fact they are 'public documents'. Possibly they feel that copyright owners asking for the orders may find publication by an ISP provocative. This means we are obliged to ask the courts for the documents, in order that we can publish and analyse their contents.

Unfortunately, court officials so far have turned down ORG's requests for copies of the blocking orders. They have done this because, they say, 'judgment has not been entered' or 'service has not been acknowledged'.

We think court orders ought normally to be easily accessible to the public at all stages of litigation. At present the rules governing access to court documents only permit access to these orders as of right once the litigation has finished. The courts seem to be treating blocking injunctions as if they were like temporary injunctions made while proceedings are still going on. In fact the injunctions are the end of the section 97A process. Nothing more is intended to happen.

This week we therefore applied to have a procedural judge (a 'Master') in the High Court to look at our requests to gain access to the documents relating to the blocks of Fenopy, H33t and Kickass Torrents.

We hope to persuade the Master that a section 97A blocking injunction should be treated like any final judgment in court and be available to the public as of right. If we cannot do that, we will ask the Master's permission to have access to the orders.

As the orders proliferate, it is important that keeps a record of what is happening. In due course, we hope that ISPs will also link to these documents in their blocking notices, to make it clear what the legal authority for the block is.

[Read more] (1 comments)

July 17, 2013 | Ed Paton-Williams

Mobile Privacy: Parliament debates data protection and the mobile industry

What happened when the Commons debated privacy and mobile data earlier this week?

On Monday night, Parliament debated the use of personal data by mobile operators.

We met with Helen Goodman MP last month to talk about mobile companies developing marketing and analytics products based on data about their customers without clear consent. After that meeting, she was able to secure the Commons debate on the issue.

Houses of Parliament

Helen Goodman told the Commons that "current law is inadequate to protect people’s privacy" and "consent rules are completely inadequate."

"For consent to be meaningful, it needs to be explicit, informed and freely given. Usually, that is not the case—the consent is buried somewhere in paragraph 157 of the terms and conditions—and people have no option to refuse if they want the service at all."

She went on to ask the Government whether it thought mobile companies can legally process customers' location data when it is not for the customers' benefit and if the ICO is doing enough to ensure consumers are aware of how their data is used.

"Do the Government think there is a proper legal basis for processing location data for the benefit of the marketing purposes of third parties?"

"Does the Minister believe that the ICO is taking enough action to require mobile phone companies to keep consumers informed?"

Ed Vaizey - the Minister responding for the Government - didn't seem to be fully aware of the laws governing companies' handling of customer data. In his reply, he spoke about the E-Privacy Directive/PECR as if it related solely to cookies.

Helen Goodman had spoken about PECR because it imposes restrictions on the processing of traffic and location data that go beyond the general Data Protection regime. These - apparently lesser known - requirements put a question mark on the legal basis for some of these, so called, BIg Data products.

The Government's response on this issue leaves a lot to be desired. Open Rights Group will continue to work with Helen Goodman and others to press mobile operators to clarify the legality of their operations and improve their privacy policies. These companies should also make it easier for customers to opt out of data about them being processed and shared to third parties.

[Read more]

July 05, 2013 | Ed Paton-Williams

Mobile Privacy: 'You can't see the contract until after we've done a credit check'

How do you choose which mobile operator to go with? A good deal? Strong coverage in your area? Access to the best new handset? Would you like to know which companies let you keep your data private?

On Wednesday afternoon, I left the ORG office and went to the mobile operators' shops on the Strand in central London.

Could I get a good deal, strong coverage, a great new handset and choose a company that let me keep my data private?

Mobile Shops

To do that, I'd need to be able to have a look at their contracts to see which one was best. It didn't seem likely that they'd just hand them over without the prospect of a sale.

I needed a story. Here's what I told the sales assistants.

"I'm looking for a phone and contract for my dad. He's never needed a mobile before but he had a fall recently. I just want to get him one for peace of mind." (None of that is true by the way.)

The sales assistants in Three, O2, Vodafone, EE and Phones4U were more than happy to tell you about tarifs, give phone demos and talk about how easy it is to transfer numbers over.

After the sales pitches, I told them a request my dad had.

"My dad's quite privacy-conscious. He told me he's been reading stories in the newspaper about mobile companies tracking where their customers go. I'm sure it's all fine but he told me to read the contracts before picking a company to go with."

Suddenly it was a very different story.

'You can't see the contract until after we've done a credit check' was the response in all the shops. I pushed back each time. 'I just want to make sure I read whatever I'm going to sign.'

The guy in Vodafone let me have a quick look but said I couldn't take it away. I could have a promotional flyer though, which was nice. After a lot of persuasion, EE reluctantly let me take the contract home to have a look at.

In O2, Three, and Phones4U, they all said that they don't have contracts in the shop. They print them out each time apparently. Not very likely. Vodafone and EE both had the contracts and terms & conditions behind the till.

I laid out my predicament to the woman in Phones4U, "My dad wants to choose his mobile operator based how they handle his data. But you won't let me see the contract saying how they handle his data until he chooses his mobile operator."

My only option was to agree to the mobile company carrying out a credit check on me before I could see the documents I'd have to sign. And I definitely didn't want to do that just to see the contract.

It's pretty clear there was a serious lack of transparency. Was I unable to see the contracts because of a policy set by the companies? Or were the sales assistants out of line in not showing me the documents I'd have had to agree to eventually anyway?

Whichever is the case, the only straightforward way to find out what data the mobile companies collect and what they do with it is reading the ORG Wiki page documenting their privacy policies.

But if you were on the Strand on Wednesday afternoon and wanted to buy a phone and contract from a mobile company that told you if you could keep your data private, you were definitely out of luck.

Image by Simon Phipps under CC BY-NC-SA 2.0 licence

[Read more]

July 03, 2013 | Ed Paton-Williams

ORG's next challenge

We've got a huge challenge on our hands. You've probably read about Edward Snowden's leaks revealing the NSA's PRISM and GCHQ's Tempora mass surveillance programmes.

Here in the ORG office, they've managed to both shock us and confirm our worst suspicions.

What's the problem?

We now know the US can monitor what up to 95% of the world's population does online. If you use the services provided by US firms like Google, Skype and Facebook and you're a non-American outside the USA, the US Government simply doesn't accept your right to privacy.

And US intelligence shares what they learn from their snooping with the UK.

Not wanting to be outdone, the UK has been spying on the web's 2 billion users and working with the US to analyse the data.

The problem here is RIPA - the British law governing surveillance and enabling Tempora. No-one's broken any laws because the law's already broken. So we badly need to reform RIPA.

By abusing loopholes in RIPA, GCHQ is tapping undersea cables to intercept staggering quantities of people's web data as it enters Britain. They're then storing all that data for 3 days and the metadata for 30 days

And the Snoopers' Charter?

You might well have been thinking, "The Home Office were a bit cheeky trying to get the Snoopers' Charter through when they could do all this anyway."

And you'd be right.

Even without the Snoopers' Charter, GCHQ's been able to intercept terrorists' web use for at least 3 years. But the Home Office argued that they needed the Snoopers' Charter to get intelligence on terrorists.

Now that claim seems even more nonsensical and misleading than it did at the time.

ORG was at the forefront of the campaign against the Snoopers' Charter. We worked really hard to:

  • inform and influence politicians, the media and other NGOs so everyone knew the problems with the Government's plans
  • help ORG supporters tell the Government why they opposed the Snoopers' Charter
  • produce our Digital Surveillance report to present everyone with a better alternative - accountable and targeted surveillance

And it worked! Thanks to the huge opposition to the plans, Nick Clegg blocked the Snoopers' Charter.

How can we stop RIPA now?

With Tempora and RIPA, we've got an even greater challenge.

If we want to reform RIPA to stop GCHQ abusing the law and invading everyone's privacy, there's a lot to do.

We really need to:

  1. Grow ORG's base of digital rights activists even further so we can maintain public pressure
  2. Spend more time talking to politicians and the media so we can keep pushing for reform of RIPA
  3. Keep on doing the in-depth research and policy work that will provide the arguments to win the debate on surveillance

Inevitably, increasing the amount of work we do costs more money.

At the moment, about 30,000 people subscribe to ORG's emails and take part in our campaigns. But only around 1,700 supporters chip in an average of £5 a month to help fund our work.

ORG needs more supporters to help us take on RIPA

If you haven't joined ORG yet, it's the perfect time to get even more involved with ORG's work by joining us as an ORG supporter.

As well as the knowledge that you're helping defend everyone's digital rights, you'll also get a free copy of Tim Wu's The Master Switch when you donate £5 a month or more.

And if you join ORG before 10AM on Friday 5th July (that's this Friday) you'll automatically be entered into a draw to win two tickets to see Graham Linehan's The Ladykillers.

The winner will go to London's West End for the prestigious Press Night performance on Tuesday 9th July. After the show, you'll go to the after-show party with the cast and producers of the show.

So...defend privacy and freedom of expression, become a member of the UK's biggest digital rights movement and get a chance to see one of the best new plays around.

I hope you decide that now's the right time to join ORG. We really need your help.

And if I'm already an ORG Supporter?

If you are already a paying ORG supporter, thank you! Your support helped ORG fight off the Snoopers' Charter, win the campaign for changes to copyright law and defend consumer rights on the Internet.

Can you help spread the word by sharing the link to our Join page to your friends, family and followers?

Click the buttons below to help ORG to ask people to join you as a supporter.

Email share button  Facebook Share button  Twitter Share Button  Google Plus Share button 

[Read more]

July 01, 2013 | Javier Ruiz

Open Rights Group at Latin American open data events

Open Rights Group participated in two international conferences in Uruguay last week. We were invited to cover the junction between privacy and open data, an area under increasing scrutiny as governments implement transparency programmes.

ORG has been working on the issues and conflicts around privacy and open data for some time. Recently ORG intervened to help limit access to the National Pupil Database for commercial companies.

The first gathering was Abrelatam 2013, organised by the lovely people of Data Uruguay and Ciudadano Inteligente from Chile, the Latin equivalent to MySociety. If you want to hear more about the Chileans, founder Felipe Heusser will be in London at the Guardian Activate conference on Tuesday 9th of July.

Abrelatam 2013 unconference

Abrelatam brought together tech and transparency activists from across Latin America and beyond, including OKFN, Sunlight Foundation and MySociety. There were many inspiring stories and groups, from the data journalists from La Nacion to the mobile tech lab in a bus from Brazilians Transparencia Hacker.

The conference covered the usual open data topics from measuring the success of programmes - users, impacts, etc. - and smart cities to how to convince governments to open up. But quite refreshingly there were also many conversations around grassroots participation and involvement, with a very genuine concern that open data is not just about playing with tech toys. The discussion on the relationship between transparency and social movements took place against the backdrop of mass protests in Brazil.

We were particularly impressed with the work of the ACIJ from Argentina shedding light on the opaque selection process of magistrates in Buenos Aires using open data and visualisation tools. This case also brings important lessons on how privacy claims should not hinder the transparency of public appointments. Another excellent project, presented by Laura Sommer, is, where citizens can “verify public discourse”, with a classification system that besides true or false includes finer verdicts such as “not supported by evidence”, “exaggerated” and “true, but”, meaning that a crucial aspect has been ommited.

ORG’s proposed session on privacy brought up many interesting examples of conflicts and difficult choices. Among others we heard of exam results being published in Mexico and the electoral register with Google indexed photos in Argentina. The consensus was that the privacy and open data nexus is very important but we lack the framework to analyse it. This is particularly complicated with the diversity of legal and cultural contexts we find in different countries. Many activists asked for more information and capacity building.

The second event we attended involved governments and international bodies. The Regional Conference on Open Data for Latin America and the Caribbean covered a fairly comprehensive range of public information topics: agriculture, health, education archives and statistics, etc. The region can boast some transparency giants such as Brazil, and there are efforts in most other countries. But there is a long way to go in terms of accountability and genuine civic participation, as evidenced in the Brazilian riots.

Conf Datos Abiertos Uruguay 2013

ORG participated in a panel on the regulation of open data. The room was full despite the session partially clashing with the football match between Uruguay and Brazil that wrecked havoc with the planned schedule. Our contribution again centred on the privacy aspects of these policies. Other panelists included the data protection agencies of Uruguay and Mexico, the Brazilian Fundaçao Getulio Vargas and Spanish legal expert Franz Ruz from The discussion touched on the many legal frameworks governing open data, from access to licensing and reuse, but most of the hard questions centred on privacy and data protection.

We covered as much as we could in such a short time:

  • The conflict between open data and the fundamental principles of data processing - purpose limitation, etc.
  • Criteria for assessing the privacy protection of public employees: seniority, work related activities, etc.
  • Asymmetries of public benefit and personal costs: education, health, public registers…
  • The difficulties in asking citizens directly about the value of privacy and transparency
  • Anonymisation and its discontents
  • Voluntary sharing of personal information and the need for control over our data
  • European data protection hot topics: righto to delete (not forget), pseudonymous data, consent
  • Combining regulatory models for hard complexity: participation, multistakeholderism, strong data protection, technical guidelines, sector codes of practice…

On our last day we mananged to squeeze an extra workshop on privacy and open data for local activists and a meeting with the Government of Uruguay to help them improve their work with civil society to produce a national transparency plan, as required by their membership of the Open Government Partnership. ORG is part of the coordination of the UK civil society network working on the Open Government Partnership.

We came back home reassured that open data and privacy is a really important issue, where ORG can really help as one of a handful or organisations currently trying to tackle the difficult questions that arise. Last week also reaffirmed that most of the issues we deal with on the impacts of technology on rights and liberties have a global reach, and that while we must continue leading on UK policies we have to increasingly work internationally as well.

You can join our email list on Open Data Privacy HERE

[Read more]

google plusdeliciousdiggfacebookgooglelinkedinstumbleupontwitteremail