December 05, 2012 | Jim Killock

BPI remove from Pirate Bay block list

The BPI have this afternoon confirmed to us that they have asked ISPs to unblock as the organization responsible for maintaining the list of sites blocked under the injunctions to block the

On Monday, ORG wrote to Virgin, BT, O2, TalkTalk and Sky to ask them why the is being blocked. Virgin confirmed to ORG that the site was supplied to them as a domain to be blocked.

Under the terms of the blocking injunctions, the BPI instruct providers that are subject to the injunctions to block:

“ its domain and sub-domains and any other IP address or url whose sole or predominant purpose is to enable or facilitate access to The Pirate Bay website.”

The had been listed as one of those domains, according to Virgin, and thus it was up to the BPI to instruct the ISPs of the mistake.

We therefore wrote to the BPI to ask them to correct the problem. They wrote back to say that they yesterday instructed ISPs to lift the block.

The incident is rather revealing: it firstly shows that there is a significant need for greater transparency about the nature of blocking injunctions. Secondly, it shows that the BPI have been given a great deal of discretion over what may be blocked. Thirdly, it shows an alarming lack of transparency about what precisely is blocked. Neither ISPs nor the BPI seem keen to disclose what is on the list. It is effectively secret.

We have also written to rights holders, ISPs and groups interested in free speech if they would like to help us with creating a mechanism for greater transparency surrounding injunctions. While injunctions are public documents, they are not routinely published, and require significant resources.

We are likely to get greater resistance around the blocked lists. We will explore this, because, as we have seen this week, it is very problematic.

We’ll be running this transparency website if we get to 150 new members to start our legal project: so please join so we can get going! We’re nearly there – but still need help.

We’re also interested in what the next steps for the IETF’s Error 451 will be: the RFC ends in January. These errors could be very useful for standardizing responses and helping users locate why the blocks take place.

[Read more] (3 comments)

December 03, 2012 | Jim Killock

PromoBay block

Reports from TorrentFreak that the legitimate website is being blocked by several UK ISPs highlights some of the problems with website blocking as a strategy and practice.

Promo Bay is republishing entirely legal content that nevertheless originates from the Pirate Bay. It does not deserve to be blocked, and it is unclear why it is blocked.

We think there are two likely reasons this block is in place:

(1) The site may be hosted at an IP address that is used by the Pirate Bay. This would be a classic example of ‘over blocking’, mandated by law. This wasn’t the intention:

As Mr Walsh explained, it is straightforward to prevent that method of circumvention by using IP address blocking. IP address blocking is generally only appropriate where the relevant website's IP address is not shared with anyone else. If it is shared, the result is likely to be overblocking (see 20C Fox v BT (No 2) at [6]). In the present case, however, TPB's IP address is not shared. Thus IP address blocking is appropriate. Accordingly, the Defendants have agreed to orders which require IP address blocking

Nevertheless it could be argued that the site could move IP address. This may be possible – but equally if the IP address is tied to TPB’s ownership in any way, it might get blocked again.

(2) The site’s domain may be on a list of domains deemed to be copies of the Pirate Bay in the court order. If so this is an error. 


ORG has written to the ISPs that are subject to the order today, to find out exactly what has happened. To be clear, we think the problem is less likely to be with the ISPs than the way the blocking orders are working. Furthermore, it is unclear what would be needed by the ISPs to get the block lifted, and what mechanisms are envisaged by the High Court to deal with these kinds of issues.

However, the wider policy ought to cause some concern at this point. The site that is blocked is publishing material that is both legal and promoting independent musicians. Censoring such material should hardly be a result that the music industry wishes to see.

But these results are the likely consequence of a policy of blocking. Censorship is an emotive issue. It betrays power relationships. Innocent sites can be caught. It fails to deal with the root problems, and can even reduce pressure to do so. At ORG, we contend that there are better ways of dealing with infringement than blocking:

  1. target companies with legal action;
  2. use legal avenues to stop commercial interaction with infringement;
  3. continue improvements in meeting demand with supply and give consumers what they want.

Blocking does not seem to be reducing infringement, but nevertheless music revenues are going up, largely because of the growing success of legal services. That's the way forward, rather than getting invoved in largely pointless battles that merely tarnish the industry's name while driving problems further underground.

[Read more] (1 comments)

December 03, 2012 | Lee Maguire

Tales of the Unexpected: the Communications Data Bill

Police cited botched, corrupt investigation as reason to spy on the nation

We await with interest the report from the joint committee on the draft Communications Data Bill, and trust the committee has properly considered the substantial evidence submitted. The debate is hotting up, with Theresa May pitching hard in the Sun.

We are very interested to see if the Committee took a look at the submission by Caspar Bowden on page 102 of the written evidence highlighting the testimony given by Peter Davies (Chief Executive of the Child Exploitation and Online Protection centre), in support of the draft Bill. Mr Davies gave an example of a murder case in Lincolnshire in which increased data retention could have helped.

A check on the internet for the details of the case show a rather different picture. Rather than featuring a communication data problem, the case was one in which the police failed to properly investigate the murder. Worse, it later emerged that a corrupt police officer had been feeding police intelligence about the victims — to the murderer.

Not perhaps the best example to give as the Home Office ask us to trust the police with huge amounts of new intelligence gathering.

… there is a much grave concern about the good faith of the police evidence to the Committee on 12th July, when it was stated: 

(Q142) Peter Davies: For some time it has been possible, roughly or more precisely, to locate a mobile telephone through the use of communications data. A team I have led has used that as almost the sole means of detecting a serious double murder in one of my previous forces ....(Q146) ...related to a retired couple shot dead in their home on the coast of Lincolnshire in August 2004 by, as it turned out, the pre-eminent organised crime group then operating in Nottinghamshire. Bluntly, without communications data relating to contacts between mobile phones it would not have been possible to detect that crime and lock up the people responsible. ..(Q147)...Bluntly, there were other people involved in the conspiracy whom it might have been possible to prosecute and convict, but who it but who it was not possible to prosecute and convict because there was a data loss in that investigation

Tracing this case using the details provided leads to news reports suggesting this account is materially misleading :

Police failed to protect innocent couple executed in gangland revenge attack, damning watchdog report reveals

The IPCC upheld five of seven complaints made by the Stirlands' family. They found:

• After the shooting incident at their Nottingham home, Mr and Mrs Stirland were given neither protection nor help by Nottingham police.

• That incident was "not properly investigated, despite rumours circulating about who was responsible".

• Nottinghamshire Police's failure to share intelligence with Lincolnshire Police about the threat to the Stirlands was "unacceptable".

• The response to Mrs Stirland's call about the prowler was "delayed and unsatisfactory".

Moreover it emerged two years later at the inquest that

Stirland revenge hit men 'known before killings': Police had identified Nottingham crime boss Colin Gunn's team of six hit men weeks before two killed a couple in a revenge attack, an inquest jury heard....The former officer, who remained anonymous, said the two men who killed the Stirlands had been named as part of Gunn's team of hit men.

Although this case was offered in evidence as an illustration of the necessity of blanket data retention, in actuality it precisely illustrates how diligent and proactive use of targeted data preservation could both prevent and detect crime. Had communications data preservation commenced promptly about suspects identified weeks before the crime, prima facie police might well have been able to prevent the crime as well as catch the perpetrators. Furthermore, it emerged, contrary to the conclusions of the IPCC investigation that:

Corrupt officer fed data to Colin Gunn on Stirlands: A corrupt detective searched Nottinghamshire Police computers for intelligence about a couple killed in a gangland execution, an inquest heard.

It seems ironic that the police cite a fatal case of police corruption and its subsequently botched investigation, as justification for blanket retention of data about the entire population. It would be more logical to propose blanket retention of data on the entire police force. This is probably not the conclusion drawn by the Committee from the evidence heard.


[Read more] (1 comments)

November 30, 2012 | Jim Killock

Data protection debate at MoJ

Yesterday I attended the first of the Department of Justice's Advisory panel meetings on the new Data Protection regulation laws being proposed at the EU.

The new laws are already the subject of intense lobbying and pressure. The key changes are designed to strengthen the privacy rights of citizens, in several ways:

Better definitions: the definitions of personal data and consent have caused problems especially in the UK, where we haven't followed the Directive strictly. The result is that some personal data - like that collected by behavoural advertisers - is not treated as personal data; and sometimes consent is "implied" rather than actually freely given and explicit.

The right to be forgotten: perhaps better understood as a right to have data deleted in full, when you choose to exit a service. The debate is about how easy it is for a service to request data be deleted by third parties that it works with, when your data has been shared

The right to your data: in the UK, getting your data back costs £10. In other coutries, it is free. The new law proposes you get it back for free, and in electronic format so you can move around different data services easily. Some businesses claim that this would lead to frivolous claims, and want to limit your ability to get your data. We argue it should be possible for bigger businesses to make it easy by building the systems right.

Put together, the right to delete in full and get your data back are meant to create a market for individuals to be able to choose data services and drive the market.

Increased fines based on turnover: this would create a real and scalable deterrent, reflecting penalties in competition law.

Damages that are based on the sigificance of a breach to a person, not proving financial or personal harm: data breaches put you at risk and are a harm in themselves. In the UK, you must prove actuall loss, or stress, or some other tangible harm to take someone to court. This is too high a bar and means most people cannot complain to a court.

Breach notification: while longer than 24 hours speficied in the draft is needed, you should have a right to be told of a data breach.

Group actions: the regulation would allow groups like Which? or ORG to represent groups of affected citizens in a particular case.

EU consistency: by choosing a regulation, the new data protection law would be written straight into UK law, so would be the same as other countries. This would reduce the burden on business, improve predictability for citizens and hopefully make it easier for people to enforce their rights.

There was of course a lot of disagreement about the big issues, like what to do with the right to be forgotten, or how data portability should work. The meeting was conducted on Chatham House rules, so I can't name names, but this may give you a picture.

There was surprising consensus that a unified European data protection law would be good for everyone: business, small businesses and citizens, by making it easier for people to know their duties and rights wherever they are. The group felt this should reduce the burden on business overall.

This placed the government's current position of opposing a new, tighter "regulation" as failing to represent the consensus among those parts of UK society represented at the meeting. This included major businesses, small businesses, policing and civil society. Despite the government's desire to limit the changes to data protection, the advisory group seemed to be prepared for change, and without a doubt wanted greater legal consistency.

There are also seemingly contradictory positions within the UK government, where BIS are trying to increase data portability through domestic legislation to support Midata, but Justice are resisting it at the EU.

The real arguments will come as US businesses and government lobbyists try to weaken the regulation. Right now, UK citizens' interests need to be better reflected by the government, who should be supporting greater control over our personal information.


[Read more]

November 26, 2012 | Peter Bradwell

ORG granted permission to intervene in Golden Eye appeal

We're delighted to announce that we have been granted permission to intervene in the appeal by Golden Eye International. (See a previous post for more details).

The case relates to an application earlier this year by Golden Eye for a 'Norwich Pharmacal Order'.

The order would have seen Telefonica UK (called O2 in the UK) handing over to Golden Eye the details relating to around 9000 IP addresses, through which copyright infringement is alleged to have occurred. The High Court granted an order for the disclosure of details relating to 2,845 of these IP addresses. But the High Court declined to give an order relating to around 6000 IP addresses, because of the arrangement that Golden Eye had with the owners of the copyrights. Golden Eye are appealing this aspect of the decision. 

The past couple of weeks we have been asking for donations to help us cover the £5000 it will cost to intervene. We've had a fantastic response, with over £3,800 raised already. A huge thank you if you have contributed to this effort. If you'd like to help get us over the line, you can donate here:

This is one step in a wider effort to do more to promote digital rights and the interests of Internet users in the courts. We're also asking people to help by joining as paying supporters. If we hit our targets, we can employ a legal officer who will help co-ordinate our crack-team of volunteer lawyers, perform thorough legal research, and enable us to launch more legal interventions. You can learn more here, or head straight over to the join page.

What the appeal is about, and why we're intervening

Here's a recap of what is happening. (There's a slightly longer version in a previous post). In March, the High Court granted an order that compelled O2 to provide the personal details (names and postal addresses) relating to 2,845 of these IP addresses alleged to have been used to infringe copyright by peer-to-peer file-sharing (see our previous write up and the Consumer Focus press release). You can read the judgment online.

However, the High Court refused Golden Eye a Norwich Pharmacal Order in relation 12 of the 13 pornographic film producers. The Court considered whether it “is appropriate, when balancing the competing interests, to make an order which endorses an arrangement under which the Other Claimants surrender total control of the litigation to Golden Eye and Golden Eye receives about 75% of the revenues in return.” The Court concluded:

that would be tantamount to the court sanctioning the sale of the intended Defendants' privacy and data protection rights to the highest bidder. Accordingly, in my judgment, to make such an order would not proportionately and fairly balance the interests of the Other Claimants with the Intended Defendents' interests.

Golden Eye were representing these 12 rights holders on the basis of an 'enforcement only' licence, which means Golden Eye have to pay the 'Licensor' only around 25% of revenue recovered through settlement sums or damages awarded in court. It is that relationship that the Court was concerned about. Golden Eye is appealing that decision. 

If our intervention is successful, O2 will not be have to hand over the data it retains relating to just over 6,000 IP addresses. 

Similar revenue sharing agreements were the root of “speculative invoicing” schemes previously run by Davenport Lyons and ACS:Law. But because Golden Eye International is a limited company it is beyond the reach of the Solicitors Regulation Authority (SRA) which has suspended Dave Gore, Brian Miller and Andrew Crossley for sending intimidating letters.

To be clear, copyright holders and their exclusive licensees would still be able to enforce their copyright. This is about limited companies acting on behalf of large numbers of copyright owners on 'enforcement only' arrangements.

[Read more] (5 comments)

November 21, 2012 | Peter Bradwell

Google shopping and legal markets for digital goods

Something has always confused me about the market for digital goods online. If you search for, for example, "Emili Sande download", why don't more legal results turn up in the 'Shopping' section? (If anybody knows the answer or can explain, let us know in the comments section).

I'm not talking about the 'web' results - but the specific set of results listed under shopping. If I've been looking correctly, I only seem to ever see 7Digital and Fairsharemusic, and sometimes Sainsbury's Entertainment or Shop.To. Other than that, the results tend to be for CDs. But there are plenty more legal digital services around, and I don't see them. You get lots of shopping results if you search for something like 'men's trousers' - and a select few of those results also tend to show up as a small subsection of the general web search results.

Here's what happens when you search Google shopping for 'Emili Sande download": 

emili sande google shopping


And for a film, like 'Forrest Gump download":

Forrest Gump download

(Note: I subscribe to Netflix and I don't think Forrest Gump is in its repertoire). This seems crazy. I've not really even heard this talked about. 

It's interesting to note that in the US, Google Shopping is now a paid for service - businesses are only listed if they are part of the ads scheme. This isn't yet the case in the UK.

The following is complete speculation, but here are a few thoughts about why getting more legal digital services into Google shopping doesn't seem to be on the table:

  • Google: They have their own music service, Google Play. A well functioning shopping section is basically a way of advertising competitors to that. But results for Google Play don't even turn up in the shopping results. They may also have plans to launch Google shopping as a paid for service in the UK too. So bringing this to the table now may undermine the opportunity to sell space in there, or could heighten pressure to do something about normal web search results now.
  • Copyright owners: First, they may prefer people didn't discover music through Google, or any search engine; fully curated services they exert some more control over may be more appealing, for example. Second, they may have spotted that Shopping has become a paid for service in the US - and by demanding legal services are boosted in the normal web results now, perhaps they've seen an opportunity for a free leg up before that happens.

This may be way off the mark. Perhaps it's technically difficult. Perhpas there's a banal explanation, like they haven't thought of it before. This may all be a terrible idea for a reason I haven't thought of. I don't know.

But it seems like a decent deal all round - Google provides searches for determined consumers in large volumes; copyright owners want those results, and for people to be directed to legal content; consumers will likely be accustomed to using 'shopping' as a way of finding what they want to buy. And there are quite a few legal services that could populate the list of online stores. An overview of shopping results also tend to appear pretty high up in the general web search results - which would be good news for copyright owners as they tend to worry that the first results given by search engines are to unlicensed sites. To go back to the 'men's trousers' example, the 'shopping' results appear second:

Men's trousers google shopping

Also, Ofcom's new research into copyright infingement, published yesterday, found that around 44% of responders weren't sure what's legal online.   This would, you assume, help with that. 

As an added bonus, on top of these benefits, we avoid the tricky question about who is allowed to interfere in the rankings general web search results - which is what the trade associations involved in current policy discussions with government are demanding. 

But I don't believe this has been dicussed in these ongoing DCMS roundtables (which are supposed to be focused on sorting out online copyright). DCMS are running a series of roundtables in which trade associations seem to have been given free reign to demand action from online service providers, with apparently no account of due process, in the name of 'getting things done'. More analysis of what's happening in those roundtables soon. You can see the minutes of the latest meeting here and DCMS have a page on what they're doing on copyright here

At the moment, the consumer is left with things like 'The Content Map', a new website created by copyright owners that lists services where people can find legal digital content. There's not a whole lot to be said for it, other than 'it's a start'. Although I do predict that 'Just Content Map it' won't be something people are saying as a replacement for 'look for it online' any time soon.

[Read more]

November 20, 2012 | Jim Killock

ORG wins Human Rights Campaigner of the Year with 38 Degrees

On Monday evening at the 2012 Liberty Human Rights Awards ceremony, the Open Rights Group won Human Rights Campaigner of the Year Award, jointly awarded to us and 38 Degrees.

Jim Killock speaks receiving ORG / 38 Degrees award

On Monday evening at the 2012 Liberty Human Rights Awards ceremony, the Open Rights Group won Human Rights Campaigner of the Year Award, jointly awarded to us and 38 Degrees.

The Award was given for our work campaigning against the Snooper's Charter: that's your work, emailing and visiting MPs, submitting evidence to the Joint Committee and now, organising local campaigning across the country.

Liberty also highlighted the range of work we do, on copyright and censorship as well as privacy.

James Cronin, our Chair, adds:

I want, on behalf of the board and all of our supporters, to congratulate and sincerely thank Jim, our staff, our volunteers and the advisory council for all of your tremendous work, which it is truly humbling to have recognized in this way.

At the time of this email the full list of winners are not yet on their website, but you can see from the shortlist what deeply impressive company we were in.

Congratulations and thank you! I am extremely proud.

The Snooper's Charter campaign is gearing up, as the Joint Committee will shortly report. This is a great time to get involved, by coming to our local meetings, or London Conference, and joining the Open Rights Group!

[Read more]

November 19, 2012 | Ruth Coustick-Deal

Why your friends should join Open Rights Group

To help you with friend sign-ups we have written a guide to pitching ORG with some examples of where ORG affects every day online situations, and how funding a Legal Officer will have real world effects on your life.

Friend Sign-up Scheme Tips

As part of our ORGLawFund drive to fund a Legal Officer,  we’re offering thank you gifts of Rapture of the Nerds by Cory Doctorow and Charles Stross, Raspberry Pis and MakeyMakeys to our paying supporters who sign-up multiple friends to ORG as part of our ORGLawFund drive.

However, persuading your variety of friends to give up their cash isn’t easy, even if it is for a cause you know is worth it. We’ve put together some facts, figures and examples to help you convince your friends that they want ORG to be able to defend them.

Choose your audience

Tweeting and sharing the link is wonderful and gets our name out there, but the best way to help us increase our membership and get your sign-up rewards is to find that friend who you know should be a member of ORG. That friend who already cares about the issues ORG campaigns on. Maybe a friend who:

  • Is passionate about preserving freedom of speech for minority groups
  • Voices fears about all the data companies like Facebook know about them
  • Is worried about increased surveillance by the Government
  • Reads Wired magazine and Techdirt regularly
  • Doesn’t trust the Daily Mail’s opinion on how their children should use the internet

Do you have a friend who ticks some or all of these boxes? This is the friend you need to sign-up to ORG.

Then give them some exact specifics about what ORG has done in the past and

There are a couple of solid examples below you can give of how ORG have kept the internet a free and open place for everyone.  There are plenty of others on our website

We have consistently campaigned against default on filters of ‘adult’ content on the internet. We are the only group to produce real evidence on the effect of blocking on the internet: it blocks the wrong content, misses what should be blocked and assumes under-18s, from 5 to 17, and their parents should all have the same level of access.  David Cameron is now backing off from default filtering after a sustained campaign.

We’ve campaigned to make sure information is accessible to all. For instance ensuring that libraries have the right to do e-lending, despite pressure from the publishing industry to limit this capability.

We led a coalition of organisations and individuals engaged with the process for implementing a parody exception to copyright. Parody presents no commercial competition to rightsholders and has great cultural value. We fed this perspective into the Hargreaves review, which recognised the need for reform, and are looking forward to the Government’s proposals soon.

Tell them what it is their money would go to

Some of the specific actions our Legal Officer would enable us to do are:

  • Draft amendments to delete or replace misused powers, such as Section 127 A of the Communications Act 2003, which was used to prosecute Paul Chambers in the Twitter joke trial.
  • Prepare friend of the court briefings to explain the civil liberties consequences of web blocking injunctions.
  • Provide technical advice to the courts where proposals would be unworkable or have unforeseen circumstances.
  • Challenge Government decisions in judicial reviews.
  • This new capacity will enable us to build on the friend of the court briefing on the Digital Economy Act judicial review where we explained the impact on privacy.
  • Expand our legal panel scheme where individuals can request pro-bono legal advice on digital rights issues

Explain how would our new capacity would affect them

There are many day-to-day situations that are directly affected by the laws that ORG want to challenge:

  • When the teasing joke to a friend on Facebook gets the police knocking on your door.
  • When the forum you frequent is accused of libel because of one angry thread, and the owners shut the whole community down in fear of a court case. ORG wants to preserve your freedom of speech online.
  • When you are pregnant and want to get some information on breastfeeding, but maternity sites are blocked for containing for sexual images. ORG have campaigned vigorously against default ‘on’ Internet filters.
  • When the parody video of Buffy killing Edward from Twilight is blocked for copyright reasons. ORG have campaigned for an exception to parody and want to be able to provide pro-bono advice to artists in these situations.
  • When copyright holders demand that whole families are disconnected from the internet because of allegations of copyright infringment. ORG wants this removed from the statue books because it is an expensive and disproportionate law.
  • When the government puts you under surveillance without suspicion. ORG have led the campaign against the Communications Data Bill and its worrying snooping powers.  

Then reiterate why they should sign up

ORG are a small organisation. We’ve achieved a great deal with the resources that we have, but without expanding our staff we won’t be able to expand our remit and achieve all of the above.

We need to be able to hire a legal staff member to give ORG the legal expertise to be your point of call when technology is being used to threaten your civil liberties.

[Read more]

Google+ Delicious Digg Facebook Google LinkedIn StumbleUpon Twitter Reddit Newsvine E-mail