March 12, 2014 | Alan Cox

Openness and Privacy in Big Data

This is a guest blog from ORG Advisory Council member Alan Cox.

Balancing openness and privacy is often a false division and one that it seems a lot of those involved with a big data agenda either don't understand or choose not to.

Big data people are obsessed with putting everything they can into their system and crunching it to the point they have no idea how the answer arose. The fact they haven't got a clue why their system reaches an answer is a problem in itself but it also means they haven't got a clue whether the stuff they threw into it was important. In a lot of cases openness and privacy and doing exciting things with data is not a balancing act but a question of proper implementation, ownership and control. The latest NHS insurance data fiasco could have been handled far better if the insurance businesses had paid the NHS to do the crunching. There was no need for the NHS to hand insurance companies vast quantities of sensitive personal data that could trivially be de-anonymized.

Had the NHS kept the data it could instead have provided the insurers with the results they needed, and also kept the ability to use that knowledge to improve the NHS as well. Instead it sold on the data for peanuts to allow a commercial business to put up its insurance premiums. All the benefits promised by data sharing are there for the NHS to achieve by doing the crunching for third parties and keeping the results open.

Our universities for years operated on the model that the state paid researchers to write papers for free that went into commercial journals who then charged us to read them. Open journals are now fixing this. How sad and ironic would it be for the NHS to give our personal data to researchers for peanuts so that they can use it to make the NHS pay vast amounts for overpriced patented drugs based upon that data.

Such parasitic bottom feeding from open content is not new. In the rest of the world beyond government we solve it with 'share alike' licensing. At the very least any use of NHS and other government open data should be a share-a-like fashion. Allowing people to freeload off public data enables amazing things to be done, but we don't have to allow the mega-corporations to sell us back our own data.

Likewise we've had not-so-open data messes including abuse of the DVLA database. This could have been mostly prevented by having a processing system where the DVLA forwards claims from approved parties, or meeting an approved form rather than giving out drivers personal data to random people.

Who manages the bits and who is trusted to manage the bits is key. This is why it is so important that people are able to keep control of the use of their personal data. This is becoming increasingly evident as not only are current "pseudonymisation" techniques completely inadequate but the mathematicians tell us that the problem is for the most part not soluble.

Big data and open data is also part of open governance. Open data isn't however enough to achieve the proper holding of the state to account.

Instead I would argue the parallel is actually in openness in science. In the ideal world a conclusion made from data in government should be - based on open data - based on a published policy which is open and transparent - sufficient that a third party can run the data set and policy and duplicate the result - sufficient that a third party should be able to demonstrate flaws in the policy and run the data set to produce their result - sufficient that a third party should be able to run different data sets (eg what if sets, or differing sources) and generate a comparison result

For personal data this is going to raise some interesting challenges - how do you authenticate conclusions drawn upon personal data, who do you trust to validate the raw data-sets you can't share ? Open data and policy is not the same as decision making and we need to be careful because it's clear that many of our politicians do not understand science, and also do not understand the distinction between scientific results and their job. The obvious example is drug policy. Instead of saying "we acknowledge the science, but the public want otherwise" politicians repeatedly attack the data. The current government spends enormous effort attacking anyone who dares disagree with them, or any data which shows they are not doing the optimal thing, without it seems understanding that their job isn't public school bully but to provide actual policy based upon informed understanding of both the evidence and of the desires of those whom they represent.

[Read more]

March 12, 2014 | Javier Ruiz

Open Rights Group at RightsCon

ORG participated in RightsCon, an international conference organised by Access that saw 700 participants convening in San Francisco to talk about censorship, surveillance and digital rights in general. Many workshops focused on the activities of less democratic countries, such as the use of targeted malware against activists by the Vietnamese government. But quite a few of the panels also discussed the pervasive surveillance by Western nations revealed by Edward Snowden.

I presented our successful crowdfunding efforts with in a panel with Indiegogo among others. I also held several meetings and workshops with groups campaigning against mass surveillance in the US, Latin America and Asia.

The day after RightsCon, I participated in a satellite event, the Responsible Data Forum. The Forum is an effort to develop useful tools and strategies for dealing with the ethical, security and privacy challenges facing data-driven advocacy. ORG's contribution centred on the challenges around open data and privacy.

[Read more]

March 10, 2014 | Ruth Coustick-Deal

Support ORG's Censorship Monitoring Project

ORG are building tools to monitor the effects of default filtering in the UK

Can you join us now to help keep this project going?

We want to end the UK-wide censorship system of web blocking by holding ISPs and the Government accountable.

We know that default filters prevent people accessing important and legal information. Over-blocking is a serious and unavoidable effect of filtering.  Yet ISPs give website owners and customers minimal information on why and what is being blocked, or how to report problems.

This is why ORG's Censorship Monitoring project is building tools to monitor and challenge filtering.

You can already report overblocking on our website,, but we want to do much more. This tool will check automatically whether the URLs you submit can be reached via all major UK fixed line ISPs and mobile networks. Future versions will let you explore the extent and history of filtering in the UK and will publish the raw data for you to reuse.

This work is only possible thanks to the generosity of the tech activism community. ORG volunteers are giving their time, Bytemark Hosting are donating the server and Andrews & Arnold are subscribing the project up to all the other ISPs.

Can you join them?

ORG merchandise and branded itemsJoin ORG now and double your gift

We've been offered up to £3000 in matched funding to support this project. Please help us keep the work going. We've only got enough funding to cover project management for 3 months. But with this matched funding gift you can make that 6 and double the impact of your donation!

For every £1 you give we'll get £2, whether that's through joining up for a regular Direct Debit or giving a one-off donation. If you join up to ORG, your donation for the first year will be doubled.

Join by Direct Debit


Donate with Paypal

What are the benefits to being an ORG supporter?

  • You'll get discounts to all our ticketed events
  • Give £5/month or more and you'll get a free ORG t-shirt!
  • You'll get a copy of our latest reports and ORG stickers to show your support
  • Vote (or stand!) in board elections
  • You'll help influence our policy and direction throughout the year
  • You'll join an engaged community of activists taking direct action to stand up for digital rights

Why join ORG? 

ORG are a small organisation but we punch well above our weight. Besides defending digital rights in the courts, we've done considerable work on surveillance, privacy, copyright, open data and data protection.

  • We're working with a huge coalition of campaigners and civil liberties groups to generate a mass joint campaign against state surveillance as revealed by Edward Snowden
  • We're running a legal challenge at the European Court of Human Rights, arguing that the Government's authoritarian surveillance practices have been unlawful.
  • We successfully campaigned against the Snoopers' Charter for 2 years and made sure it was dropped
  • We produced our Digital Surveillance report offering reasonable alternatives to proposed investigatory powers
  • We won Human Rights Campaigner of the Year at the 2012 Liberty awards

How do I join?

Joining by Direct Debit is the best way for us.

You can also set up a PayPal subscription, but we prefer Direct Debits: it’s cheaper for ORG to process and means more of your hard earned cash can make a difference.

Student? Join for only £5/year - click here

If you want to help make this project real you can learn more about how to get involved here:

[Read more] (1 comments)

March 07, 2014 | Jim Killock

The world we want and how we get there

Today we've published on our about page a new definition of the world we want to see, explaining how we are working to achieve our aims.

We wrote this short statement of our aims, objectives and values after asking all our supporters what you thought we should be working on, and what you thought our values are. We think it's a real call to arms:

We uphold human rights like free expression and privacy. We condemn and work against repressive laws or systems that deny people these rights.
We campaign, lobby, go to court – whatever it takes to build and support a movement for freedom in the digital age. We believe in coalition, and work with partners across the political spectrum to support an informed population of Internet users who understand and fight for their rights in the digital age.
We scrutinize and critique the policies and actions of governments, companies, and other groups as they relate to the Internet. We warn the public when policies – even well-intentioned ones – stand to undermine the freedom to use the Internet to make a better society.

It's the first major result of our strategy work, which this year has involved ORG talking to all of our supporters, local groups, partners and allies, as well as our staff, board and Advisory Council about our work and our future.

On April 12, many of our supporters and volunteers will be meeting to discuss our future. We're looking at quite a few options for new projects and initiatives, and thinking hard about how we grow over the next three years.

We want to involve you in two ways. Firstly, if you're a long term volunteer and want to come to the strategy day, let me know as there are a few places left. Secondly, we will be sending a poll to all our supporters asking you how much you like the new ideas. This will help inform our discussions in April.

[Read more] (1 comments)

February 28, 2014 | Javier Ruiz

ICO Survey on the Code of Practice on Anonymisation

The Information Commissioner's Office is asking for feedback on their Code of Practice on 'anonymisation', but the survey does not ask the right questions. We explain the issues.

The ICO survey on the Code of Practice on Anonymisation closes today.

Asking for comments and feedback on the code is a positive move, but the survey is not balanced to capture a variety of opinions. For example it asks whether the code explains the benefits of anonymisation, but not whether it explains the risks. And it doesn't.

The survey also has space for comments on the style and language of the code, but not on the content, which is surely at least as important.

The code itself is a good initiative but it falls short in certain areas. For example, some of the concepts are not properly explained.

“We draw a distinction between anonymisation techniques used to produce aggregated information, for example, and those – such as pseudonymisation – that produce anonymised data but on an individual-level basis.”

Presenting pseudonymisation – which involves converting transparent identifiers such as names into reference codes - as a proper anonymisation technique could lead to dangerous releases of personal information. In many contexts we would argue that pseudonymous data should have the same levels of protection as fully identifiable data.

In general, the code presents an excessively optimistic narrative that could encourage risks to be downplayed. The current debate on is a good example of this.

The code should stress that effective anonymisation is possible, but it is hard to achieve and we should be very careful when releasing data.

[Read more] (1 comments)

February 11, 2014 | Peter Bradwell

Join our new campaign to fight mass surveillance

Today, alongside an unprecedented coalition of leading privacy and human rights groups, we're launching Don't Spy On Us. We need your help.

You can learn more about the new campaign, sign our petition and email your MP at our new Don't Spy On Us campaign site.

Since 5th June last year we have read a series of revelations about the reach and power of our surveillance agencies. We've learnt about blanket collection of all sorts of digital information and the sharing of this data between the US and UK.

Our intelligence agencies do vital work for which we should all be grateful and which we all benefit from. But for Open Rights Group, and many others like us, the stories showed surveillance agencies exploit laws that have been rendered out of date by technology to collect too much information about too many people with too little democratic oversight.

The revelations can leave you feeling a bit powerless. You know something seems really wrong, but can you do anything about how our most secretive and powerful institutions work? How do you even begin to change how so many laws, programs and oversight bodies work?

Today our fightback begins in earnest. With our new campaign, Don't Spy on Us, we're intent on ending the blanket surveillance we've heard about because of Edward Snowden. Alongside our campaign partners, we want to change our archaic surveillance laws. We need your help.

We've got new demands for how the government can act quickly to make sure surveillance carried out in our name respects our privacy rights.

We're setting out six powerful principles that we want surveillance law to stick to. We're calling for an inquiry to be concluded before the election, and for the government to then proceed with legislation that upholds the principles we've set out.

This need to start happening now. Not in a few years after some drawn out mega inquiry, or in three Parliament's time. The government has to start listening now, accept the need for reform and commit to changing how our intelligence services work and are governed.

We've got an ambitious plan. But we can do it. We will need your help. We hope you'll want to join us and be part of such an important campaign.

You can help now by signing our petition and emailing your MP. You can do both at our new campaign site. Tell your friends, tell your family, tell your colleagues.

[Read more]

February 07, 2014 | Ed Johnson-Williams

Don't Spy On Us - Help get the word out!

GCHQ from the airOn Tuesday, internet users all over the world are standing up to say no to GCHQ and the NSA's mass surveillance. Over the last eight months we've heard plenty about how intelligence agencies monitor us on the Internet.

Our surveillance laws have let the intelligence agencies extend their reach deep into our private lives.

Tuesday 11th February is The Day We Fight Back.

As part of this global day of action against mass surveillance, Open Rights Group, Liberty, English PEN, Privacy International, Article 19 and Big Brother Watch are coming together to launch Don't Spy on Us.

On Tuesday, we'll be launching Don't Spy On Us and calling for:

  • an independent inquiry into UK surveillance to report before the General Election
  • a new law that will fundamentally reform the way GCHQ carries out mass surveillance

In the meantime, could you promise to send a Tweet or post a Facebook status on Tuesday to help get the word out about the Don't Spy On Us campaign? If enough people make that promise, we'll be able to make Don't Spy On Us appear on social media timelines around the country and the world.

It only takes a minute. Take action here.

Open Rights Group and the other campaign groups working with us on the Don't Spy On Us campaign were integral to getting last year's Snoopers Charter blocked. But after the Snowden revelations, we know that the challenge of stopping GCHQ's mass surveillance is much greater.

Hundreds of people tweeting and posting Facebook statuses at once on Tuesday will really help grab lots of people's attention - people who don't always pay attention to privacy concerns and mass surveillance.

We're relying on all our supporters to spread the word about the campaign and build the pressure on the decisions-makers in Government.

Pledge now to send a Tweet or post a Facebook status on Tuesday morning!

Image by the Ministry of Defence under the Open Government Licence v1.0

[Read more] (2 comments)

February 04, 2014 | Jim Killock

You did it!

Over 200 people joined ORG – raising enough to pay for two extra days so we can hire a full time Legal Director.

help hire a legal directorYou can still help out – there are always extra costs, including rent and fees for legal publications, that an extra contribution can cover costs for.

This is the biggest spike in membership in a single month that we've seen since hundreds of people joined after the passing of the Digital Economy Act – which is still not implemented, thanks to your work showing how bad the legislation is. And yesterday, Parliament continued their work repealing the dangerous website blocking powers the DEA still contains.

ORG's supporters have grown from just over 1500 a year ago to past 2100 today – that's 40% growth in a year. Your funding means we can now start a full-fledged legal track, as well as continue the campaigning work we do on privacy, surveillance, filtering and free speech.

We've ambitious ideas for the future: there's much more to be done. We need greater depth to our policy, campaigns and expertise. We've been thinking about the kinds of changes we need to see – so more of this later. For now, we'd just like to say thank you to everyone who joined, rejoined or increased their contribution. You've made an enormous step forward possible.

[Read more]