Press releases

Press releases


“Dangerous and irresponsible” age verification goes ahead

Government announces 15 July 2019 launch date for dangerous and irresponsible age verification scheme, without compulsory privacy scheme.

Reacting to the government’s announcement on age verification for adult content, Jim Killock Executive Director of Open Rights Group said:

“The government needs to compel companies to enforce privacy standards. The idea that they are ‘optional’ is dangerous and irresponsible.

“Having some age verification that is good and other systems that are bad is unfair and a scammer’s paradise – of the government’s own making.

“Data leaks could be disastrous. And they will be the government’s own fault.

“The government needs to shape up and legislate for privacy before their own policy results in people being outed, careers destroyed or suicides being provoked.”

[Read more]


ICO Age Appropriate Design Code of Conduct: tread lightly

The ICO Age Appropriate Design Code of Conduct is now available for consultation

Reacting to the ICO Code of Conduct  Matthew Rice, Open Rights Group said:

"It is welcome to see the ICO lay out strong “high privacy” by default including switching off geolocation, services the rely on profiling, and restricting nudge techniques, among others. This gives the opportunity for children to access and use online services without becoming tracked and having their personal data monetised as soon as they land on the site.

"However the ICO must tread lightly when it comes to requesting verification of a child’s age. There is a risk that an interpretation of the code will increase the spread of age verification technologies which, if implemented badly, could increase data collection of children or lead to inadvertently restricting access to services for children that don’t have identity documents or sufficient parental support. The ICO must place strong restrictions to minimise the use of data collected, and give children the opportunity to enjoy the freedom to access to information and the communication potential that the best of these services provide.” 

More information

Contact +442070961079 press@openrightsgroup.org

Notes

The ICO Code is available at: https://ico.org.uk/about-the-ico/ico-and-stakeholder-consultations/age-appropriate-design-a-code-of-practice-for-online-services/ 

The consultation ends on 31 May 2019

[Read more]


DCMS publishes White Paper on Internet Safety and Online Harm

The Department for Digital, Culture, Media and Sport (DCMS) today published its long-awaited White Paper on Online Harms.

The White Paper focuses heavily on the duties of social media platforms to police user-generated content. It proposes imposing a duty of care on platforms to protect users, particularly children and young people, from harm, with compliance overseen by a regulator.

DCMS extends the scope of the duty of care to include "tools or services which allow, enable or facilitate users to share or discover UGC or interact with each other online". This is a broad-reaching definition and includes search tools, app stores and  messaging services.

Jim Killock, Executive Director of Open Rights Group, said:

“The government’s proposals would create state regulation of the speech of millions of British citizens.

“We have to expect that the duty of care will end up widely drawn with serious implications for legal content, that is deemed potentially risky, whether it really is nor not.

“The government refused to create a state regulator the press because it didn’t want to be seen to be controlling free expression. We are skeptical that state regulation is the right approach.”

“The government is using Internet regulation as a blunt tool to try and fix complex societal problems. Its proposals lack an assessment of the risk to free expression and omit any explanation as to how it would be protected.”

The White Paper forms part of DCMS’s Digital Charter policy. A twelve-week consultation period will now commence.

ENDS

Notes

See ORG’s fuller view of the Duty of Care at https://www.openrightsgroup.org/blog/2019/duty-of-care:-an-empty-concept

The DCMS White Paper is available at https://www.gov.uk/government/consultations/online-harms-white-paper. This follows its Internet Safety Strategy Green Paper published in October 2017.

[Read more]


European Parliament approves controversial Copyright Directive

Tuesday 26 March 2019 - Today the European Union’s Copyright Directive was approved in a decisive vote by the European Parliament in Strasbourg.

Reacting to the vote in the European Parliament, Jim Killock, executive director of Open Rights Group said:

“This is a very bad day for free expression, for copyright and democracy. Millions of people have voiced their opposition and thousands have protested against it. If copyright filters go ahead, large numbers of mistaken takedowns will impact what we do and say online. The EU Parliament has made a serious error of judgement here. We will go on doing everything we can to stop this being the disaster it promises to be.”

ENDS

--

About Open Rights Group:

Open Rights Group is a non-profit company limited by Guarantee, registered in England and Wales no. 05581537.‍ We challenge mass government surveillance, protect free expression online and the right to privacy online. We campaign, lobby, talk to the media, go to court — whatever it takes to build and support a movement for freedom in the digital age.
Contact Details:

Jim Killock
Executive Director
Jim@openrightsgroup.org
Mobile / Signal is +44 7894498127

[Read more]


BBFC fails to explain its porn privacy scheme at meeting 300m from its office

Following a roundtable meeting with Age Verification providers, the Open Rights Group (ORG) has demanded that the British Board for Film Classification (BBFC) meet with ORG to discuss their privacy scheme, which BBFC hope will protect some visitors to pornographic websites.

Pornographic websites will soon have to verify the age of their website visitors, under the Digital Economy Act 2017. Late last year, BBFC added a voluntary privacy scheme to ensure that at least some of the age verification systems would be privacy protective. The Act, however, contains no powers which could make the scheme compulsory.

BBFC have to date failed to explain if their Age Verification scheme will be consulted on publicly, and which company is being used to run the scheme.

BBFC did not attend a roundtable with Age Verification providers and privacy experts organised by the Open Rights Group this morning, three hundred meters from BBFC’s offices.

Jim Killock, Executive Director of Open Rights Group said:

“In our meeting today, it was clear that private consultation had begun and a company had been appointed to run the privacy certification scheme.

“But good privacy schemes are written in public, with consultation and as much input as possible. Writing a scheme like this in the dark is very risky, as very important risks might be missed.

“It is also clear that the privacy scheme needs to be compulsory. All Age Verification products need to be in the scheme, not just a few, if users’ data is going to be protected.

“Data leaks of sexual habits could lead to relationships being impacted, individuals being outed and even suicides. The BBFC's privacy scheme matters.

“We were disappointed that the BBFC did not attend our roundtable, which was held three hundred meters from their office.”

More information

https://www.openrightsgroup.org/blog/2019/we-met-to-discuss-bbfcs-voluntary-age-verification-privacy-scheme-but-bbfc-did-not-attend

Jim Killock, Executive Director Open Rights Group

Mobile / Signal is +44 7894498127BB

[Read more]


KARMA POLICE: UK mass surveillance challenge will go to Europe’s highest human rights court

The Grand Chamber of the European Court of Human Rights will hear Open Rights Group, Big Brother Watch, English PEN, computer science expert Dr Constanze Kurz and several other human rights organisations’ case against mass surveillance by the UK government.

6 February 2019

In September 2018 the European Court of Human Rights (ECtHR) ruled that the UK’s mass interception programmes breached the European Convention on Human Rights. The landmark judgment in September marked the Court’s first ruling on UK mass surveillance programmes revealed by NSA whistleblower Edward Snowden. Campaign groups Big Brother Watch, English PEN, Open Rights Group and the computer science expert Dr Constanze Kurz began the legal challenge in 2013 following Mr Snowden’s revelations of GCHQ mass spying.

However, the campaign groups claim that the judgment did not go far enough in clarifying the unlawful nature of state mass surveillance of electronic communications, which is now practised under the Investigatory Powers Act 2016. The referral to the Grand Chamber is expected to deliver a definitive judgment on the compatibility of mass communications surveillance with the European Convention on Human Rights.

Documents provided by Mr Snowden revealed that the UK intelligence agency GCHQ was conducting “population-scale” interception, capturing the communications of millions of innocent people. The mass spying programmes included TEMPORA, a bulk data store of all internet traffic; KARMA POLICE, a catalogue including “a web browsing profile for every visible user on the internet”; and Black Hole, a repository of over 1 trillion events including internet histories, email and instant messenger records, search engine queries and social media activity.

In 2016, the Government passed the Investigatory Powers Act which expanded mass surveillance powers under a new statutory footing.

 Jim Killock, Executive Director of Open Rights Group said:

The news that the Grand Chamber of the European Court of Human Rights will finally get to examine the UK surveillance state’s mechanisms should bring hope to us all. Now the Court has an opportunity to expose it for what it is: generalised, suspicionless surveillance of every citizen. Finally the Karma Police at GCHQ are being exposed to an appropriate level of scrutiny by an independent International Court.”

Silkie Carlo, director of Big Brother Watch said:

We are taking the challenge to the highest level to protect the rights of millions of citizens to be free from unwarranted state intrusion. Some of the worst abuses of state powers in recent years have been enabled by secret, suspicionless surveillance and it must come to an end. Our legal challenge is of critical public importance and now gives the Grand Chamber an opportunity to protect the future of the fundamental right to a private life.”

Antonia Byatt, director of English PEN said:

“Governments have a duty to protect the human right of freedom of expression, not threaten it. This is a once in a generation opportunity for the European Court of Human Rights to curtail state intrusion into free speech”.

Notes for Editors

The ECtHR case brought together three challenges being heard simultaneously, with the following titles:

·   Big Brother Watch and Others v United Kingdom(no. 58170/13)

·   10 Human Rights Organisations and Others v United Kingdom(no. 24960/15)

·   Bureau of Investigative Journalism and Alice Ross v United Kingdom(no. 62322/14)

Contact:

Open Rights Group media enquiries: 0207 0961079

Big Brother Watch media enquiries: 07730 439257

English PEN media enquiries: 020 7324 2535

[Read more]


UK mass surveillance ruled unlawful in landmark judgment

The European Court of Human Rights (ECtHR) today ruled that the UK’s mass interception programmes have breached the European Convention on Human Rights.

The Court found that the UK’s mass surveillance programmes, revealed by NSA whistleblower Edward Snowden, did ‘not meet the “quality of law” requirement’ and were  ‘incapable of keeping the “interference” to what is “necessary in a democratic society”’.

The landmark judgment marks the Court’s first ruling on UK mass surveillance programmes revealed by Mr Snowden. The case was started in 2013 by campaign groups Big Brother Watch, English PEN, Open Rights Group and computer science expert Dr Constanze Kurz following Mr Snowden’s revelation of GCHQ mass spying.

Documents provided by Mr Snowden revealed that the UK intelligence agency GCHQ were conducting “population-scale” interception, capturing the communications of millions of innocent people. The mass spying programmes included TEMPORA, a bulk data store of all internet traffic; KARMA POLICE, a catalogue including “a web browsing profile for every visible user on the internet”; and BLACK HOLE, a repository of over 1 trillion events including internet histories, email and instant messenger records, search engine queries and social media activity.

The applicants argued that the mass interception programmes infringed UK citizens’ rights to privacy protected by Article 8 of the European Convention on Human Rights as the “population-level” surveillance was effectively indiscriminate, without basic safeguards and oversight, and lacked a sufficient legal basis in the Regulation of Investigatory Powers Act (RIPA). 

In its judgment, the ECtHR acknowledged that ‘bulk interception is by definition untargeted’[2]; that there was a ‘lack of oversight of the entire selection process’,[3] and that safeguards were not ‘sufficiently robust to provide adequate guarantees against abuse’.[4]

In particular, the Court noted ‘concern that the intelligence services can search and examine “related communications data” apparently without restriction’ – data that identifies senders and recipients of communications, their location, email headers, web browsing information, IP addresses, and more. The Court expressed concern that such unrestricted snooping ‘could be capable of painting an intimate picture of a person through the mapping of social networks, location tracking, Internet browsing tracking, mapping of communication patterns, and insight into who a person interacted with’.[5]

The Court acknowledged the importance of applying safeguards to a surveillance regime, stating: ‘In view of the risk that a system of secret surveillance set up to protect national security may undermine or even destroy democracy under the cloak of defending it, the Court must be satisfied that there are adequate and effective guarantees against abuse.’[6]

The Government passed the Investigatory Powers Act (IPA) in November 2016, replacing the contested RIPA powers and controversially putting mass surveillance powers on a statutory footing.

However, today’s judgment that indiscriminate spying breaches rights protected by the ECHR is likely to provoke serious questions as to the lawfulness of bulk powers in the IPA. 

Jim Killock, Executive Director of Open Rights Group said:

  • “Viewers of the BBC drama, the Bodyguard, may be shocked to know that the UK actually has the most extreme surveillance powers in a democracy. Since we brought this case in 2013, the UK has actually increased its powers to indiscriminately surveil our communications whether or not we are suspected of any criminal activity.
  • “In light of today’s judgment, it is even clearer that these powers do not meet the criteria for proportionate surveillance and that the UK Government is continuing to breach our right to privacy.

Silkie Carlo, director of Big Brother Watch said:

  • “This landmark judgment confirming that the UK’s mass spying breached fundamental rights vindicates Mr Snowden’s courageous whistleblowing and the tireless work of Big Brother Watch and others in our pursuit for justice. 
  • Under the guise of counter-terrorism, the UK has adopted the most authoritarian surveillance regime of any Western state, corroding democracy itself and the rights of the British public. This judgment is a vital step towards protecting millions of law-abiding citizens from unjustified intrusion. However, since the new Investigatory Powers Act arguably poses an ever greater threat to civil liberties, our work is far from over.”

 Antonia Byatt, director of English PEN said:   

  • This judgment confirms that the British government’s surveillance practices have violated not only our right to privacy, but our right to freedom of expression too. Excessive surveillance discourages whistle-blowing and discourages investigative journalism. The government must now take action to guarantee our freedom to write and to read freely online.

Dr Constanze Kurz, computer scientist, internet activist and spokeswoman of the German Chaos Computer Club said:

  • “What is at stake is the future of mass surveillance of European citizens, not only by UK secret services. The lack of accountability is not acceptable when the GCHQ penetrates Europe’s communication data with their mass surveillance techniques. We all have to demand now that our human rights and more respect of the privacy of millions of Europeans will be acknowledged by the UK government and also by all European countries.

Dan Carey of Deighton Pierce Glynn, the solicitor representing the applicants, stated as follows:    

  • "The Court has put down a marker that the UK government does not have a free hand with the public's communications and that in several key respects the UK's laws and surveillance practices have failed. In particular, there needs to be much greater control over the search terms that the government is using to sift our communications.  The pressure of this litigation has already contributed to some reforms in the UK and this judgment will require the UK government to look again at its practices in this most critical of areas."

Notes to Editor

The ECtHR case brought together three challenges being heard simultaneously, with the following titles:

  • Big Brother Watch and Others v United Kingdom (no. 58170/13)
  • 10 Human Rights Organisations and Others v United Kingdom (no. 24960/15)
  • Bureau of Investigative Journalism and Alice Ross v United Kingdom (no. 62322/14)

For further information about these cases: https://wiki.openrightsgroup.org/wiki/10_Human_Rights_Organisations_v_United_Kingdom

Foototes

[1] Para. 387

[2] Para. 317

[3] Para. 387

[4] Para. 347

[5] Para. 356

[6] Para. 307


 

[Read more]


MEPs advance Article 13 of EU Copyright Directive

Members of European Parliament today voted to adopt amendments to the European Commission’s draft EU Copyright Directive. This followed a vote in July where MEPs voted down plans to fast-track the Copyright Directive and Article 13.M

Open Rights Group has been campaigning against Article 13 over concerns that free speech will be impacted through the large scale removal of material without adequate review.

Reacting to the vote in the EU Parliament in favour of Article 13 of the Copyright Directive, Jim Killock, executive director of Open Rights Group said:

“Article 13 creates a Robo-copyright regime that would zap any image, text, meme or video that appears to include copyright material whether it is legally used or not. This is disappointing and will open the door to more demands for Robocop censorship.

The Directive is not yet law and could improve during trilogue negotiations. We will keep opposing these measures which will lead to legal material being removed in this way.”

ENDS

Open Rights Group is a non-profit company limited by Guarantee (05581537) based in London and Edinburgh.

Notes:

More information can be found here: https://saveyourinternet.eu

 

[Read more]


Open Rights Group and the3million launch judicial review challenging the Data Protection Act's immigration exemption

Human rights organisations have launched a judicial review challenging the UK Government over the inclusion of a specific clause in the Data Protection Act 2018 which, they argue, would unnecessarily restrict the rights of millions of people across the country for the purpose of ‘effective immigration control’.

The challenge has been brought by Open Rights Group (ORG) - a UK based digital campaigning organisation working to protect the rights to privacy and free speech online and the3million - the largest grassroots organisation of EU citizens living in the UK.

ORG and the3million, represented by the law firm Leigh Day, argue the exemption undermines the principles of the General Data Protection Regulation, which the Act was designed to implement. The exemption removes the long standing rights of access to personal data which has been available for decades, with no evidence offered by the Government why the exemption is necessary now when it wasn’t in the past.

The grounds go on to argue that the exemption would apply to a wide range of Government and non-government bodies. This includes NHS, DVLA, employers, landlords, banks and others. The organisations argue there is no justification for such bodies to be able to derogate from the vast majority of fundamental data protection rights.

The two groups are calling for the courts to declare the immigration exemption incompatible with the General Data Protection Regulation, and Charter of Fundamental Rights.

Rosa Curling, a human rights solicitor from law firm Leigh Day who are acting on behalf of the3million and Open Rights Group, said:

“Our clients warned the government that if the Immigration Exemption was written into law, it would be contrary to the General Data Protection Regulations (GDPR) as well as incompatible with EU law generally and the European Convention on Human Rights.

Unfortunately the concerns of our clients were ignored and they have been left no option but to launch this legal challenge. It cannot be correct that a two-tier system is created for data rights, distinguishing those who become subject to immigration control from British citizens.”

Jim Killock, executive director of Open Rights Group said:

“The Government’s hostile environment may have been renamed, but its policies are clearly still here. Restricting the rights of millions to their personal data in immigration processes risks inaccurate data being used to make life altering decisions. Open Rights Group can’t allow that to pass without challenge.

The Government is trying to avoid necessary accountability, and remove responsibilities to treat people fairly. This challenge aims to keep fairness and accountability in the immigration system.”

Nicolas Hatton, co-founder and co-chair of the3million said:

“the3million and Open Rights Group's legal challenge matters to all 3.6 million EU citizens - who will have to apply for settled status to stay in their own homes after Brexit - no applicant should be prevented from accessing the data the Home Office holds about them. This is 2018, not 1984.”

 
Ends.

Notes for editors:

Open Rights Group is a non-profit company limited by guarantee; Registered Company No. 05581537 (England) Registered Office: 12 Duke's Road, London WC1H 9AD  Contact: Martha@openrightsgroup.org

the3million is the largest grassroots organisation of EU27 citizens in the UK, campaigning to protect citizens’ rights together with their sister group British in Europe. Contact: luke.piper@the3million.org.uk or maike.bohn@the3million.org.uk

Open Rights Group and the3million funded the case via a Crowdjustice fundraiser which raised £40,300.

[Read more]


Online tool helps public find out how data is being used by Fintech companies

A new tool which will make it easier for the public to find out how organisations use data and help them to exercise their GDPR rights

 
  • Data Rights Finder will make it easier for people to request, change and delete the data that companies hold about them.
  • The free tool features over 30 fintech companies including Barclays, HSBC, Lloyds and Royal Bank of Scotland.
  • It’s one of the first online tools designed to help the British public exercise their GDPR rights.

Open Rights Group (ORG) and IF (projectsbyif.com) have launched Data Rights Finder, a new tool which will make it easier for the public to find out how organisations use data and help them to exercise their GDPR rights.

The tool analyses the privacy policies of over 30 fintech organisations, including major banks, Barclays, HSBC, Lloyds and the Royal Bank of Scotland, and comparison websites such as Compare the Market and Money Saving Expert.

It was developed to help people exercise some of the new rights given to them through the General Data Protection Regulation (GDPR), which came into force in May this year. These include the rights to see data that companies hold, amend it, delete it, limit it, challenge it and export it. Even when people are aware of their rights, the information they need to exercise them is often buried in long privacy policies. Data Rights Finder makes it quick and easy to search for an organisation, see an overview of its privacy policy and find the information needed to exercise a GDPR right.

The data the tool uses is open source, and IF and Open Rights Group are looking for partners to help them expand the organisations represented. They also plan to extend the coverage to other sectors in the future.

The data can be easily reused by anyone, so IF and ORG hope that organisations will come forward with ideas to use the data to support individuals in their complaints, or analyse what companies are doing with data.

Richard Pope, COO at IF said: “Recent events have shown that the way companies use data affects people’s trust in them. As well as helping people exercise their rights, we believe Data Rights Finder is an opportunity for companies to be more transparent about how they use and manage data.”

Jim Killock, Executive Director at Open Rights Group said: “Everyone has new and stronger rights since GDPR kicked in. Data Rights Finder can help you find out what financial companies know about you and why they’ve decided to offer or decline certain products. Your data increasingly defines you and your life chances, which is why we’ve built this tool.”

ENDS

Notes:

  • IF (projectsbyif.com) is a specialist digital rights consultancy founded by Sarah Gold in 2015. IF designs and builds services that respect people's rights, and its Data Ethics Toolkits help companies improve how they manage data.
  • Open Rights Group campaigns for the rights to privacy and free speech online. Founded in 2005, it is the UK’s only grassroots digital rights organisation.
  • Data Rights Finder is a joint initiative by Open Rights Group and IF, with funding from the Information Commissioner's Office.

[Read more]