call +44 20 7096 1079


March 23, 2013 | Jim Killock

“Gaming” can be avoided: bloggers can be protected from the Crime and Courts Bill

We’re told that politicians are concerned, exempting small and medium size businesses from the Bill could lead to “gaming”. That is, a large publisher could create small subsidiaries to avoid the Leveson sticks applying to them. We believe this can be avoided. The Companies Act anticipates “gaming”, and includes protections against it.

We believe this can be avoided. The Companies Act anticipates “gaming”, and includes protections against it.

To recap, the Bill provides sticks and carrots to persuade publishers to join a self regulator.

They are the threat of all costs being awarded against you, even if you win your defence against a claim of libel; and the threat of exemplary damages. There is also a carrot of protection against costs if you have joined a self-regulator, and your accuser could have chosen arbitration.

The sticks apply, under the Courts and Crimes Bill, if you are a “relevant publisher”. This currently is anyone publishing about current affairs, with multiple authors, as a business. Thus small, semi-commercial blogs (like Labour List or Conservative Home for instance) may need to shelter under the 'voluntary' self regulation.

The proposal we and Big Brother Watch proposed (after the meeting we held with Hacked Off) is that small and medium size (news publishing) companies are also exempted. BBW drafted an amendment that has been tabled by Lord Lucas:

Insert into New Schedule 5 of the Crime and Courts Bill ‘Exclusions from definition of “relevant publisher”

9) “A publisher who does not exceed the definition of a small or medium-sized enterprise as defined in Section 382 and 465 Companies Act 2006.”

ORG asked for advice about the gaming question yesterday, after it was raised with us. Francis Davey suggested to us that the amendment could read:

Insert into New Schedule 5 of the Crime and Courts Bill ‘Exclusions from definition of “relevant publisher”

9) “A publisher, which is a company, such that either: (i) the small companies regime, defined in Section 381 of the Companies Act 2006, applies to it; or (ii) the company qualifies as medium-sized as in accordance with Section 465 of the Companies Act 2006 and which is not excluded from taking advantage of the provisions of Part 15 of the Companies Act 2006 relating to companies qualifying as medium-sized by Section 467 of that Act."

His reasoning – on a very quick, few minutes reading of the Act – is that it already anticipates that “gaming” may occur, and provides protections.

There is always a risk of gaming with these sorts of provisions, but in the case of the SME definitions in the Companies Act 2006, there is some protection.

Taking "S" companies first. Section 381 defines a small company as one that meets conditions in s.382 subject to various exclusions found in s.384. Those exclusions include being in the same group as a public company. The definition of "group" is pretty robust (and can be amended for anti-avoidance purposes). It means that if one of the large media companies created a subsidiary it could not be an "S" company.

But this only works if you use the definition in s.381 not s.382.

The drafters of the companies act must have decided to define "M" companies differently. Here s.465 is like s.382 - it has no exclusions in it. The exclusions - much like the "S" exclusions - are found in s.467. They too prevent a company from taking advantage of the rules on M companies if they are in the same group as a public company.

But this requires another tweak to the definition so that s.467 is brought in. I think that was the intention but hasty drafting is very error prone.

The message here is that we can exclude small publishers without a significant risk of “gaming”. The Companies Act anticipates this.

The very hasty process that the Courts and Crimes Bill is undergoing means that there is little time to correct the mistakes in the new clauses introduced this week. The new suggestions (others include excluding non-profits, for instance) need to be worked on by the three parties. Every effort must be made to make sure these obligations are not imposed, inappropriately, on smaller web publishers.

Take our action to let the leaders know! Over 1500 emails have been sent to David Cameron, Nick Clegg and Harriet Harman so far

Update: how the Bill might exclude non-corporate businesses: 

For a non-corporate business, an easy solution (without the anti-avoidance provisions) would be to add another excluded category:
"Any business that, if it were a company, would meet the qualifying conditions in section 465(3) of the Companies Act 2006." 
That has a turnover/employee/balance sheet set of conditions which are amended to keep in line with inflation. All you are doing is using a statutory set of numbers that already exist. They are quite large (eg c.£25 million for turnover).

You could instead use the small business definition:
"Any business that, if it were a company, would meet the qualifying conditions in section 382(3) of the Companies Act 2006." 
There is no point using *both* because the medium-sized limits are larger than the small limits so one implies the other.


[Read more] (2 comments)

March 21, 2013 | Jim Killock

Meeting Hacked Off

The explosive revelations that websites will be included in the post-Leveson press regulation arrangements this weekend led to a flurry of analysis — and a meeting between Hacked Off, bloggers and free speech groups yesterday.

Simon Phipps’ article and comments from Cory Doctorow and Alec Muffett prompted the invite from Evan Harris and Hacked Off. However, ORG is not the only organization with links to bloggers and concerns over the scope of the proposals, so we asked that Index on Censorship, Big Brother Watch and others were there.

The issues Simon raised were primarily about definitions: the post Leveson process has suddenly swept up a large swathe of online publishers.

Very quickly, this weekend, after agreeing the shape of the post Leveson settlement and the Royal Charter, the government moved to introduce clauses into the Courts And Crime Bill to give substance to the ‘carrot and stick’ they want to use to induce media organizations to join a new self-regulator.

The clauses are being introduced very rapidly, with little preparation, and nearly no time – until Friday – for the Lords to propose amendments to correct mistakes. The rush is political: the parties are worried consensus will break, and want to avoid continued accusations of holding a sword over the press’ head, with the attendant ability to pressurize publications about what they say.

Index on Censorship, Article 19 and English PEN are opposed to the use of the punitive measures at the heart of the Bill, because of the likely chilling effect on free speech. Some publishers, like Private Eye, may have good reasons not to join a self-regulator, so it seems unfair to put them in greater legal danger because of a choice they face. Perhaps a self-regulator won’t be as independent or impartial as we hope, for instance.

The sticks are in two forms, making exemplary damages available against publishers who should be self-regulated, and making it possible to award costs in full against such publishers even if they win, because, essentially, they should be using self-regulation and cheaper arbitration mechanisms.

The costs issue may be the more important one. Free speech groups have pointed out that these sticks will be open to human rights challenges, and equivalent measures have already been rejected by the ECHR. In their view, it is only a matter of time before these ‘incentives’ come under legal attack and are rejected.

However, the sticks are only available against organizations that, in the definitions in the Courts and Crime Bill, ought to be self-regulated. Thus what falls in and out is extremely important. This is where Simon and Alec’s observations have helped us understand the threat to online publishers.

The rushed clauses were agreed without proper thought to what was caught up. Online publications are included, and the barriers are extremely low. Clause 29 outlines what is caught. You have to be businesses publishing news-related content which have multiple authors:

“relevant publisher” means a person who, in the course of a business (whether or not carried on with a view to profit), publishes news-related material—

(a) which is written by different authors, and

(b) which is to any extent subject to editorial control.

Exclusions then try to remove moderation from the meaning of ‘editorial control’. Then organizations are stripped out in Schedule 5:  broadcasters, special interest titles, academic journals, public bodies, charities, company news publications, book publishers.

The trouble with this approach is that the net is drawn much wider than Leveson intended – and then seeks to predict what we need to exclude. This is highly unsatisfactory. There is no proven need to force small publications into self-regulation.

Leveson identified a small group of irresponsible publishers, who are large and powerful, and whose financial need for an audience drives them into extraordinarily bad behaviour which they feel is a reasonable business risk, that needed better (self) regulation.

That is not the model of net businesses today, nor the large number of web publishers that could be swept into the category of businesses that face punitive measures.

We suggested (but did not agree as a group) three approaches as damage limitation:

  1. Narrow the scope by only including websites attached to a print publication; which was Leveson’s original proposal
  2. If this is not acceptable to the government, narrow the scope to larger businesses
  3. If that is not acceptable to the government, then Hacked Off and others must rely on suggesting new categories for exclusion. This is highly unsatisfactory, as we mentioned

We also briefly discussed the idea of trying to limit the scope by readership, but felt that was unworkable.

The wider incentive for all organizations is that arbitration is cheaper than court action. This kind of incentive should be available for publishers, but that is not dependent on punishments.

All groups – including Hacked Off – agreed that the pace of discussion was inappropriate. The situation is made more complicated by the politics of the three parties, with Lib Dems and Labour siding together.

This is how legislative mistakes are made. Where ORG, Index and Big Brother Watch differ from them is over the use of punitive measures against non-participating publishers. Discussion was good however, although it remains to be seen how much the the three parties will be prepared to listen to either Hacked Off or free speech campaigners.

See also Alec Muffett's blog recording the discussion. Please note the correction concerning A19.

[Read more] (1 comments)

March 19, 2013 | Peter Bradwell

Is the tide turning in the fight for our privacy rights?

The latest vote on the EU Data Protection Regulation suggests MEPs are starting to realise why privacy protections are important. We need your help now to get the message across.

This morning the Legal Affairs Committee (JURI) in the European Parliament voted on their opinion on the proposed Data Protection Regulation. This is the latest of four Committees to vote on the draft. 

There's good and bad news. On the one hand, the JURI opinion is better than the ones from previous Committees. The bad news is that it still proposes to weaken the Regulation and undermine our privacy rights.  In short, they proposed fewer of the changes to the Regulation that would really undermine our privacy rights. (We have written before about previous Committee votes. And we have produced a brief guide to the issues.)

Good bits from the JURI vote: 'Data portability', which would allow you to get your data from people who collect and use it, remained in the draft. The Committee also kept in some safeguards around profiling.

Bad bits: The Committee want companies to be able to profile people without their consent if they think it is in their own "legitimate interests". They also voted to allow companies to use data for purposes unrelated to those for which it was originally collected, again if they think it is in their "legitimate interest". That seriously undermines the control that people will have over how their personal information is used. 

More information is up on EDRi's write up of the vote

What you can do to help *now*

The vote today demonstrates that we are making some progress countering the huge amount of lobbying from data monopolies and the US government against the Regulation. 

But now we really need your help. The control that you have over your data is at stake. We need a Regulation that strengthens rights that help you decide how your information is used. We need stronger definitions of consent; the power to have data about us deleted; and the power to get our data back. But immense lobbying pressure from US data monopolies, the ad industry and the US government threatens to take these rights away.  

If you want the power to decide when and how information about you is used, please write to your MEP now.  The final and very important 'LIBE' Committee vote is soon. Writing to your MEP will help emphasise to them that people care about their privacy, and that the European Parliament should adopt a strong Regulation that enhances our rights.

Last year, we relied on the mobilisation of our supporters - for example your emails and phone calls - to convince MEPs to vote against ACTA. Your emails to your MEPs make a difference.  

You can easily write to your MEPs using our website

For more information on the key points, our brief guide to the issues is up here. If you have questions about what to say, or need to talk about a reply from your MEP, please do get in touch with me at


[Read more]

March 19, 2013 | Simon Phipps

Royal Charter or Star Chamber For Stars?

The new Royal Charter being rushed through the UK Parliament includes some drafting that appears to drag blogs, Twitter and other social media into the penalty net. This is an extremely worrying development that needs rapid response from the meshed society of citizen creator-consumers (that almost certainly means you).

(Hat tip to Alec Muffett for pointing this out

Unpacking all the nested definitions in the draft Charter, a person who:

  • publishes in the United Kingdom or for an audience mainly located in the United Kingdom
  • news or information about current affairs or
  • opinion about matters related to the news or current affairs or
  • gossip about celebrities, other public figures or other persons in the news, on
  • a website containing news-related material (whether or not related to a newspaper or magazine)

falls within the remit of this Charter as a “relevant publisher”. This is the only clear scope I can find in the whole proposed regulation.  Yes, that clearly includes my blog, Twitter, public posts on Facebook and pretty much any other social media channel. I do not believe this is a drafting error; I believe it’s an intentional gag on whistleblowers and individual attention, on anyone who doesn’t have a boss someone powerful can call to have them shut up.

Of course, the proposals have no regard for this meshed world of creator-consumers. All the thinking revolves around Big Media, so there’s no representation for me or you in the regulatory body it creates, nor accommodation for the realities of the meshed society we inhabit. By including the new meshed world of creator-consumer citizens into this measure intended as a leash for dinosaurs, nothing is achieved in terms of realistic regulation.

But a new, deadly weapon is created to allow the rich to chill and punish any of those creator-consumers who dare to challenge them. When an established publication publishes a diatribe, they provide an umbrella for its author to shelter them from the new threats made available through this new regulatory mechanism. They are already pretty good at shielding authors; as long as they have jumped through the new hoops and behave reasonably, there’s not much more threat here than before.

But when the same writer tweets an opinion, or when I post my opinion about it on my personal blog, this new regulation allows the well-resourced members of the media elite to subject us to weapons tuned for deterring the Murdochs of this world. The penalties involved are out of all proportion to any harm as well as way beyond your and my means even to buy insurance, let alone to pay.

Just the threat that we might get dragged into this Star Chamber for the stars would be enough to chill most of us. Until they were caught public figures, politicians and police were quite happy with the old arrangement, under which they and journalists committed illegal acts that benefited both sides. I’m sure those same people will be pleased to see a new arrangement that can be used to shut us all up, in prison if not in word.

You say such an abuse could never happen?  Tell Paul Chambers. Tell the security researcher imprisoned in the USA for longer than teenage rapists under a similarly ”misdrafted” regulation. Tell Matthew Keys. Tell the family of Aaron Swartz, hounded to his death by over-empowered investigators. Legislation aimed at powerful individuals and corporations kills people like us when it’s misapplied.

Cory Doctorow puts it this way:

In a nutshell, then: if you press a button labelled “publish” or “submit” or “tweet” while in the UK, these rules as written will treat you as a newspaper proprietor, and make you vulnerable to an arbitration procedure where the complainer pays nothing, but you have to pay to defend yourself, and that will potentially have the power to fine you, force you to censor your posts, and force you to print “corrections” and “apologies” in a manner that the regulator will get to specify.

The problem is not regulation; it’s that the politicians appear to have bought the acquiescence of the media industry to this limited restraint on their abuses by providing them with a new way to prevent inconvenient independent expression from further eroding their power. As Nick Cohen wrote in The Observer, “Did you not notice that Leveson hurt no one in power?”  The big story here is not erosion of press freedom; it is rather the chilling of the voice of the citizen.

(Also published on ComputerWorldUK)

[Read more] (3 comments)

March 07, 2013 | Ed Paton Williams

Snoopers' Charter: We need a consultation!

The Joint Committee on the Communications Data Bill instructed the Home Office to run a consultation on communications data. They've failed to do so. We need your help to tell the Home Office why we need a consultation. We've created an online submission page to make it as easy as possible to contact the Home Office.

Tell the Home Office why you should be consulted about the Communications Data Bill.

In December 2012, a Joint Committee of MPs and Lords reported on the Government’s draft Communications Data Bill, also known as the Snoopers’ Charter. Under the Bill, internet companies like BT, Virgin Media and Sky would monitor all of their customers' email and internet use. Law enforcement agencies would then be able to search this data to help them with investigations.

One of the Joint Committee's main criticisms was that the Home Office hadn't consulted widely enough on their plans before publishing the draft Bill. The last Home Office consultation on communications data had been run three years previously in 2009. Following widespread opposition to the Government's plans that were laid out in that consultation, the 2009 proposals were quickly dropped.

In their report, the Joint Committee said that the Home Office should learn its lesson and that "before  re-drafted  legislation  is  introduced  there  should  be  a  new  round  of consultation  with  technical  experts,  industry,  law  enforcement  bodies,  public authorities and  civil  liberties groups ... Meaningful consultation can take place only once there is clarity as to the real aims of the Home Office, and clarity as to the expected use of the powers under the Bill." The Joint Committee was very clear that rigorous consultation was necessary before the Home Office could present a new Bill to Parliament.

Unfortunately, such a consultation hasn't happened. Rather than conducting the crucial consultation that the Joint Committee called for, the Home Office has held piecemeal meetings with industry and civil society groups. Despite this lack of consultation, the Home Office is redrafting a new Bill and details have not been released. It's difficult to give feedback on proposals that haven't been published yet.

This just isn't good enough. The draft Bill contained significant changes to the law on communications data. It made considerable demands of internet companies and it wasn't clear how effectively those demands could be met. The Joint Committee's report, as well as many of the groups that gave evidence to the committee, thought that the Bill's impact on civil liberties needed significant consideration.

The Home Office needs to hear evidence on these issues and many others before it can proceed with the Bill. So far though, the Home Office has shown no desire to seek out outside views on communications data and the Communications Data Bill. Unless organisations and individuals with an interest in the Communications Data Bill demand that the Home Office consult them, the Bill will likely progress without the external input it desperately requires.

Open Rights Group is asking organisations and individuals to get in touch with the Home Office to demand they are consulted on communications data and the Communications Data Bill. The Joint Committee told the Home Office to consult but they've failed to do so. There's a wide range of views on what laws on communications data should look like and it's important that the Home Office hears them.

The Home Office dropped plans to legislate on communications data in 2009 after widespread opposition so they've shown that under enough pressure they're open to outside influence. If enough organisations and individuals contact them demanding to be consulted on communications data, the Home Office will have to run the consultation the Joint Committee called for.

We've created an online submission page to make it as easy as possible to contact the Home Office. Click here to tell the Home Office why you should be consulted about the Communications Data Bill.

Open Rights Group has prepared a much more detailed briefing on communications data, the draft Communications Data Bill, the Joint Committee's report and why this consultation is needed. Click here if you want more information before contacting the Home Office.

If you want any more information or have any other questions about the Communications Data Bill, feel free to contact Open Rights Group at

[Read more]

March 01, 2013 | Peter Bradwell

Another important privacy vote in the European Parliament

We need your help to remind MEPs that they should support stronger data protection rules.

Members of the European Parliament are in the process of shaping a new Data Protection Regulation, which was proposed by the European Commission last January. A number of Committees in the Parliament are giving their opinions, which will influence what the final law might look like. (Full text of the proposed Regulation (pdf))

The original proposals from the Commission were very promising, offering much stronger privacy rights and a stricter regime to make sure those that collect and use personal data play by the rules. This sort of update to data protection law is badly needed. We have produced a short guide to the issues

As we've written about before, however, our privacy rights are now in danger. Lobbying from industry and the US and UK Government is threatening to see the proposals seriously weakened. On February 20th, the Industry, Research and Energy Committee (the 'ITRE' Committee) agreed on some disastrous amendments that would weaken our privacy rights, not strengthen them.

The ITRE MEPs voted to weaken the meaning of consent, narrowed the definition of personal information so certain types have less protection, and opened up a loophole that will allow companies to use data for purposes unrelated to the original collection. That would mean companies could pass information on to third parties, who could then use it for purposes unrelated to the originally collection, so long as they believe it is in their own 'legitimate interest'. That completely undermines people's ability to control how their personal information is used.

Another important vote - and how you can help

On March 18th-19th, the JURI Committee (Legal Affairs) will vote on their opinion. We need your help reminding MEPs in the Committee that they should support stronger privacy rights in this vote. Please write to your MEP and let them know this matters to you!

There are two UK MEPs on the JURI Committee.

If you live in the North West of England, you should contact your MEP Sajjad Karim:

  • Party: Conservative
  • Contact Tel (Brussels): +3222845640
  • E-mail:
  • MEP Karim is active in Twitter so that may be a good way to reach him: @SHKMEP

If you live in Yorkshire and the Humber, you should contact your MEP Rebecca Taylor:

  • Party: Liberal Democrats
  • Contact Tel (Brussels): +3222845201
  • E-mail:

If you don't live in either of these constituencies, it is still helpful for you to write to your MEP and tell them that you want to see a strong Data Protection Regulation. You can easily write to your MEP using our tool.

Remember, you should try to put your email in your own words, and please be polite - they are more likely to pay attention! 

If you have note been in touch with your MEP before about this, you could highlight that this is a unique opportunity to promote citizens' rights to privacy and data protection. People need to be given more control over their information, and we need to make sure companies play by the rules. By voting to give us stronger privacy rights for they will be helping make that happen.

More detail on the JURI vote

You may wish to go into more detail - we're here to help if you do. The Committee is considering some specific amendments to the Regulation. We have produced an overview of the top amendments that we think your MEP should support or reject. EDRi have also produced an analysis of all of the amendments. For more information on what this vote in JURI is about, see the campaign site put together by EDRi. For general information about the Regulation, we have produced a quick guide to the issues.

Background: what is being proposed?

The Data Protection Regulation, put forward in January 2012, would give you more control over your personal information and help make sure businesses that handle data play by the rules. It strengthens the right to consent to data collection and processing; it would give you stronger rights to access your data and have it deleted; and it would make sure companies are more accountable for their mistakes or abuses when handling personal information. It is a badly needed update to the existing, weak law. 

What is happening now?

The proposed Regulation is currently being looked at by a number of Committees in the European Parliament. The 'lead' Committee is the Civil Liberties, Justice and Home Affairs Committee (LIBE). They will write an opinion that includes suggested changes to the Regulation. That will influence the final big vote in the European Parliament later in the year. The LIBE Committee have to take into account the opinion of several other Committees when they write their report. That means the votes in the other Committees are really important.

What is the problem?

The Regulation is coming under sustained lobbying attack from technology companies, the US Government, the ad industry, the UK Government and even the UK's Information Commissioner. They are all suggesting changes that would undermine your control over your personal information and weaken the obligations on the people who collect and use it.

A number of 'amendments' to the law have been written by industry lobbyists, and our concern is that citizens' interests are not being given a fair hearing. We have an analysis of what these amendments mean for privacy. Lots of the amendments that the Committee will vote on would make the Regulation significantly weaker. We need to make sure the MEPs understand people care about this issue, and that they should be supporting their constituents.

[Read more]

February 28, 2013 | Jim Killock

Court blocking orders lack transparency

Judge Arnold today handed down judgements allowing the BPI to instruct ISPs to block Fenopy, H33T and KickassTorrents. ISPs did not contest the orders.

Blocking is an extreme response, which will encourage new forms of distributed infringement. The BPI and others should be mindful that their tactics may have the opposite effect to their intention, by legitimising and promoting resistance to their actions.

We are concerned that these orders are not protecting speech, are overblocking forums and discussion, and are prone to error as the actual block lists are private.
Furthermore, users and the public interest have not been represented in the processes. ORG is actively examining ways to rectify this and will shortly be hiring a legal director. You can help by joining ORG.
ORG is documenting the UK's blocking orders

[Read more]

February 18, 2013 | Jabed Tarapdar

BPI set to block three more BitTorrent sites

The British Phonographic Industry (BPI) will ask the UK's six biggest Internet Service Providers (ISPs) to block three more sites accused of piracy at a court hearing tomorrow. (UPDATED)

BPI, which acts on behalf of rights holders, calls for ISPs to block access to Fenopy, H33t and Kickass Torrents.

BPI argue these sites infringe music label's copyright. The six ISPs (BT, Sky, Virgin Media, O2, EE and TalkTalk) have agreed to block these sites, but only if the court order is put in place.

The power stated in Section 97A of the Copyright, Designs and Patents Act 1988 was first used recently to block the pirate sites – Newzbin2 and Pirate Bay – paving the way for more sites to be blocked. This has led to several major problems for blocking sites in the UK:

  • Website blocking is an extreme response. There are growing fears this precedent will make it too easy and quick to block sites. Time needs to be taken to consider the legitimate use of the sites.

  • There needs to be a more specific and adequate definition of the precise URL or IP address to be blocked to prevent mistakes.

  • Once a site is blocked, its alleged clone sites can also be blocked, but in this case, BPI will be able to practice this without a court order. The decisions would be made between BPI and ISPs and will not be published. 

  • The blocking of these sites does not come with an expiry date. This indefinite blocking is potentially problematic if the number of sites blocked keep growing, leaving a large number of sites hidden from the public. 

  • These court hearings between a judge, ISPs and right holders do not sufficiently represent the needs of the user as their voice is not included during the hearing.

Open Rights Group (ORG) will not intervene in this case. However, due to the lack of user rights represented in this case, ORG are more likely to do so in the future.

To ensure user rights are adequately represented in future cases ORG are asking for contributions and are also advertising for a Legal Officer.

The hearing is scheduled for 19 February 2013 in the Chancery Division, High Court (Rolls Building).

Court number:

Fenopy - HC12F04957

H33t - HC12F04958

Kickass Torrents - HC12F04959

(Update: The daily courts list for Tuesday doesn't appear to show these cases.)

(Update: The Judge is expected to set a date for the hearing week beginning February 25, 2013) 

[Read more] (1 comments)

google plusdeliciousdiggfacebookgooglelinkedinstumbleupontwitteremail