Press releases

Press releases


November 17, 2016 | Pam Cowburn

The Investigatory Powers Bill's impact will reach beyond the UK

The Investigatory Powers Bill (IP Bill) has been passed by the House of Lords and is expected to become law within the next few weeks.

Executive Director Jim Killock responded:

“The passing of the IP Bill will have an impact that goes beyond the UK's shores. It is likely that other countries, including authoritarian regimes with poor human rights records, will use this law to justify their own intrusive surveillance powers.

“The IP Bill will put into statute the powers and capabilities revealed by Snowden as well as increasing surveillance by the police and other government departments. There will continue to be a lack of privacy protections for international data sharing arrangements with the US. Parliament has also failed to address the implications of the technical integration of GCHQ and the NSA.

“While parliamentarians have failed to limit these powers, the Courts may succeed. A ruling by the Court of Justice of the European Union, expected next year, may mean that parts of the Bill are shown to be unlawful and need to be amended. 

"ORG and others will continue to fight this draconian law.”

About the IP Bill
In the wake of the Snowden revelations, three separate inquiries called for new surveillance laws in the UK. It was recognised that the Regulation of Investigatory Powers Act (RIPA) had failed to limit surveillance and allowed the creation of surveillance programmes without parliamentary debate or assent. In response, the Government published the draft IP Bill in November 2015.

The IP Bill is a vast piece of legislation that will extend not limit surveillance in the UK. It will mean that:

  • Internet Service Providers could be obliged to store their customers’ web browsing history for a year. The police and government departments will have unprecedented powers to access this data through a search engine that could be used for profiling.
  • The security services will continue to have powers to collect communications data in bulk.
  • The police and security services will have new hacking powers.
  • The security services can access and analyse public and private databases, even though the majority of data will be held about people who are not suspected of any crimes.

For more information about the Bill and what it means, visit ORG's campaign hub.

 

[Read more]


November 09, 2016 | Pam Cowburn

Open Rights Group responds to US election results

Executive Director Jim Killock said:

“The US election has massive implications for the British public as both countries’ intelligence agencies are so closely integrated. The Snowden leaks showed us how GCHQ carries out work for the NSA and how the latter’s operatives can access GCHQ surveillance programmes.

“The integration of the NSA and GCHQ puts into question the UK’s ability to have proper oversight of the surveillance of its citizens. The UK is dependent on US technology and data to such an extent that it is unlikely that we could separate our intelligence capabilities even if we wanted to.

“Whilst the ‘special relationship’ has always been perceived to be in the UK’s interests, our politicians need to consider its implications in the age of bulk data collection and surveillance.”

Notes to Editors
Open Rights Group’s report Collect it all: GCHQ and mass surveillance outlines how GCHQ and the NSA are integrated. See in particular sections 5.3 and 9.9.

[Read more]


November 03, 2016 | Pam Cowburn

MPs propose web blocking for porn sites

A group of MPs have tabled an amendment to the Digital Economy Bill that would allow pornography websites to be blocked by Internet Service Providers if they fail to verify the age of their users.

Executive Director Jim Killock said:

“Perhaps these MPs have realised that plans to make all adult websites apply age verification are unworkable as foreign porn sites may simply not comply. They are now suggesting that websites who don't comply should be blocked – even though their content is perfectly legal.

“While child protection is important, this proposal is disproportionate. Censorship of this kind should be reserved for illegal and harmful content.

“We are talking about potentially thousands of websites with legal material being censored, something that is unprecedented in the developed world.”

The Digital Economy Bill has proposed that all pornography websites should be forced to verify the age of their users. This has sparked concerns that the privacy of adults could be violated. It is not yet clear how age verification will be implemented but it could lead to the collection of data on everyone who visits a porn website. This kind of information could be vulnerable to ‘Ashley Madison’ style data breaches.

This is the second time such amendments have been suggested. ORG has written about this previously here

For more information, contact press@openrightsgroup.org

Notes to Editors

The proposed amendments can be found here

 

[Read more]


November 02, 2016 | Pam Cowburn

Facebook is right to stop Admiral insurance from using its data

Open Rights Group supports Facebook's decision to prevent the Admiral insurance company from using its data to inform car insurance quotes for young people.

Executive Director Jim Killock said “We need to think about the wider consequences of allowing companies to make decisions that affect us financially or otherwise, based on what we have said on social media.

“Such intrusive practices could see decisions being made against certain groups based on biases about race, gender, religion or sexuality – or because their posts in some way mark them as unconventional. Ultimately, this could change how people use social media, encouraging self-censorship in anticipation of future decisions.

“Young people may feel pushed into such schemes because of financial constraints. The right to keep things private shouldn't be the preserve of those who can afford it.”

According to Admiral’s press release: “The technology uses social data personality assessments, matched to real claims data, to better understand first time drivers and more accurately predict risk.”

However, this has been found to be in breach of Facebook's Platform Policy section 3.15, which states:

"Don’t use data obtained from Facebook to make decisions about eligibility, including whether to approve or reject an application or how much interest to charge on a loan."

Contact press@openrightsgroup.org for more information.

Please note that this press release has been updated. We originally believed that Facebook had disabled the app but they have since issued a statement that it will be used for login and verification. Facebook's statement is as follows:

“Protecting the privacy of the people on Facebook is of utmost importance to us. We have clear guidelines that prevent information being obtained from Facebook from being used to make decisions about eligibility.
 
We have made sure anyone using this app is protected by our guidelines and that no Facebook user data is used to assess their eligibility. Facebook accounts will only be used for login and verification purposes.
 
Our understanding is that Admiral will then ask users who sign up to answer questions which will be used to assess their eligibility.”

 

[Read more]


November 01, 2016 | Pam Cowburn

Investigatory Powers Bill threatens the British public's right to privacy

The Investigatory Powers Bill is one step closer to becoming law after it was passed by the House of Lords yesterday.

Open Rights Group’s Executive Director, Jim Killock, responded:

“The UK is one step closer to having one of the most extreme surveillance laws ever passed in a democracy.

Despite attempts by the Lib Dems and Greens to restrain these draconian powers, the Bill is still a threat to the British public’s right to privacy.”

The IP Bill is a comprehensive surveillance law that was drafted after three inquiries highlighted flaws in existing legislation. However, the new Bill fails to restrain mass surveillance by the police and security services and even extends their powers. Once passed, Internet Service Providers could be obliged to store their customers’ web browsing history for a year. The police and government departments will have unprecedented powers to access this data through a search engine that could be used for profiling. The Bill will also allow the security services to continue to collect communications data in bulk and could see Internet security weakened by allowing mass hacking.

ORG’s concerns are outlined here.

The IP Bill will now return to the House of Commons for a final vote.

[Read more]


September 14, 2016 | Pam Cowburn

Copyright reform fails EU citizens in favour of industry

Open Rights Group has criticised the European Commission's proposals for the Directive on Copyright in the Single Market, published today.

Executive Director Jim Killock said:

“Thousands of EU citizens responded to the consultation on copyright, only for the Commission to ignore their concerns in favour of industry. The Commission’s proposals would fail to harmonise copyright law and create a fair system for Internet users, creators and rights holders. Instead we could see new regressive rights that compel private companies to police the Internet on behalf of rights holders.”

Failure to introduce EU wide freedom of panorama exception

The failure to introduce a harmonised exception for freedom of panorama is both a lost opportunity and a direct snub to the thousands of people who responded to the Commission’s consultation on this. It appears that the Commission has simply ignored their opinions and made no mention of freedom of panorama in its proposals. Freedom of panorama is a copyright exception that allows members of the public to share pictures they’ve taken of public buildings and art. While this right exists in the UK, many European countries do not have this exception, which means that innocuous holiday snaps can infringe copyright.

Compelling intermediaries to filter content

The proposals aim to compel intermediaries, such as YouTube, to prevent works that infringe copyright from appearing on their services through content identification technologies. This is effect would force sites to police their platforms on behalf of rights holders through filters and other technologies that are a blunt instrument.

Such proposals could place unreasonable burdens on smaller operators and reduce innovation among EU tech companies. They will certainly lead to a greater number of incorrect takedowns, as “Robocopy” takedowns cannot take account of fair quotation, parody, or even use of public domain material.

These plans could undermine the UK’s hard-won right to parody copyright works. Folk songs and classical performances by amateurs are often misidentified and removed as infringing 'copies' of performances of professional musicians for instance.

New ancillary copyright for news publishers

The proposals suggest a new right for news publishers, designed to prevent search engines and news aggregators from reproducing snippets at the expense of publishers. Although, this is designed to protect the media industry, it had a disastrous impact on news websites when similar proposals were introduced in Spain and Germany. It is also disproportionate that the proposed right would last 20 years, given that it applies to news.

Notes to Editors

Open Rights Group is the UK’s leading grass roots digital rights organisation, campaigning for the right to privacy and free speech.

ORG’s FAQs document on freedom of panorama is available here

ORG is part of Copyright for Creativity, which campaigns for a new European approach to copyright.

The Commisson's proposals are available here.



[Read more]


September 13, 2016 | Pam Cowburn

Digital Economy Bill could lead to Ashley Madison style data breaches

Open Right Group has criticised parts of the Digital Economy Bill (DEB), which has its second reading in the House of Commons today. While the Bill includes some beneficial proposals, there are worrying plans that could affect UK citizens’ rights.

Age verification for porn sites

The DEB includes plans to oblige porn websites to set up age verification to prevent under 18s from seeing adult content.

 
Executive Director of Open Rights Group, Jim Killock said:
 
“While age verification may seem like a good way to protect young people, it is not clear how it could be implemented and still protect individuals' privacy. Collecting the details of everyone who visits a porn website could create datasets that are vulnerable to Ashley Madison style data breaches. We need more information on how the government intends to implement this policy.”
 
Ten years in prison for file sharing

The DEB also includes proposals to bring sentences for online copyright infringement in line with physical copyright theft.
 
Killock added:

“The Digital Economy Bill could mean that people who share files could get a jail sentence, even if they aren't doing it to make money. Sharing music, films or books online could result in a longer prison sentence than stealing from a shop. We don't think the creative industries want to punish people in this way but it could be exploited by ‘copyright trolls’, such as Golden Eye International, who send threatening letters demanding payments to people who have committed minor copyright infringements. It will only take a small tweak to the proposed legislation to ensure that this doesn't happen.”

The DEB states that there needs to be “a reason to believe” that infringement will cause a loss or will create “a risk of loss”. ORG is calling for “risk of loss” to be removed to ensure that file sharing that is not done for financial gain does not lead to threats of criminal convictions with jail sentences.

ORG’s full briefing on the Digital Economy Bill is available here.

[Read more]


August 19, 2016 | Javier Ruiz

ORG responds to David Anderson's review of bulk surveillance

In today's review David Anderson provides broad support for the bulk surveillance powers included in the Investigatory Powers Bill going through Parliament. The review will be used to inform the next stages of parliamentary scrutiny of the Bill in the coming months.

Policy Director of the Open Rights Group, Javier Ruiz, responded:

"The review presents only one side of the story, the utility of such powers to the state.

We now need an honest discussion about surveillance that looks at the effects on society, and the balance of power between citizens and the government. Parliament must not simply rubber-stamp current practices.

Some of Anderson’s claims, such as that alternatives to bulk may exist but would be more cumbersome, should open the door to a deeper discussion about the ethics of bulk collection. Parliament cannot pass the buck any longer and will have to decide whether it is right to collect and analyse the phone calls and internet use of whole populations, turning everyone into a potential suspect."

For more information, contact javier@openrightsgroup.org, 07877 911 412

Notes to Editor

The Independent Reviewer of Terrorism Legislation, David Anderson QC, was asked by the Prime Minister to look at the operational case for the four bulk powers in the Investigatory Powers Bill, but but not to look at their desirability in the wider context or the safeguards that should apply.

The review will inform Parliament's scrutiny of the Bill. The House of Lords had put on hold examining the sections of the Bill related to the review until after its publication, and this scrutiny will take place after the Summer recess.

[Read more]


July 19, 2016 | Pam Cowburn

ORG responds to CJEU Opinion into data retention

The Advocate General of the Court of Justice of the European Union has published his Opinion on data retention by EU member states. The subsequent judgment will have implications for the Data Retention and Investigatory Powers Act (DRIPA) and the Investigatory Powers Bill (IP BIll).

In today’s Opinion, the Advocate General said that data retention may be compatible with EU law only if data is being retained to fight serious crime and if there are strict safeguards in place.  The Opinion confirmed that he believes that EU law should apply when it comes to data retention and that member states should limit their interference with our fundamental rights to what is strictly necessary.

Executive Director of Open Rights Group, Jim Killock responded:

“The Advocate General has stated that data retention should only be used in the fight against serious crime, yet in the UK there are more than half a million requests for communications data each year. These do not only come from police but also local councils and government departments. It is difficult to see how the Government can claim that these organisations are investigating serious crimes.

“The Opinion calls for strict safeguards yet in the UK, there is currently no judicial authorisation in the UK -  police, local authorities and government departments can get internal sign off to access data. If the IP Bill is passed, data will be able to be analysed without a warrant through an intrusive tool known as the request filter.

“It may be too late to end data retention under DRIPA, which expires at the end of the year, but the Government has the opportunity to ensure that the IP Bill complies with EU law. In particular, they should end the extension of mass data retention proposed in the Bill, which would see the UK become one of the only democracies to record its citizens’ web browsing history and provide a police search engine to scour it.”

For more information, contact pam@openrightsgroup.org, 07749 785 932.

Notes to Editor

The CJEU had been asked to clarify how its previous judgment in a case brought by Digital Rights Ireland (DRI) should be interpreted by member states. The DRI judgment led to the Data Retention Directive being declared invalid on the grounds that it seriously interfered with our fundamental rights to respect for private life and to the protection of personal data.

Subsequently, Open Rights Group intervened in a case against the UK government brought by Tom Watson MP and David Davis MP, arguing that the Data Retention and Investigatory Powers Act (DRIPA) breached EU law. The High Court ruled that parts of DRIPA were invalid. When the Government appealed the High Court’s decision, the Court of Appeal asked the CJEU court to explain how the DRI ruling should be applied in the UK.

The CJEU Judgment in this case is likely to be issued in September.

[Read more]


July 14, 2016 | Pam Cowburn

Microsoft win is a victory for privacy rights

A US court has ruled that Microsoft does not have to hand over data from an email account to the US authorities because the data is held on a server in Ireland.

The US government attempted to use a search warrant to access the data, instead of relying upon the Mutual Legal Assistance Treaties (MLATs) agreed between the US and the EU and the US and Ireland. Microsoft challenged the initial decision by a US court to grant the warrant to search and seize the data. Today a Court ruled in favour of the company. However, the US may appeal the decision.

Open Rights Group's Legal Director Myles Jackman said:

“The US Court’s decision has upheld the right to individual privacy in the face of the US State’s intrusion into personal liberty. As a consequence, US law enforcement agencies must respect European citizens’ digital privacy rights and the protection of their personal data.

“States should not arbitrarily reach across borders just because they feel they can bully companies into doing so.

“We urge the UK Government to take note as the Investigatory Powers Bill will also attempt to create powers compelling overseas companies to do the UK's bidding. We need to establish a firm principle that companies abide by domestic law where they operate, rather than being answerable to every government across the globe that makes demands of them. The established route for requests for data by law enforcement agencies should be through treaties.”

Open Rights Group signed an amicus brief in support of Microsoft's case in December 2014.

For more information, email press@openrightsgroup.org





[Read more]