Press releases

Press releases


Rights groups demand more transparency over Facebook’s ‘insights’ into young users

Facebook told marketers it can detect teens feeling ‘insecure' and ‘worthless'. Data could be used to drive products based on mood and using manipulation.

Facebook should immediately release all documents describing how it collected and analyzed psychological information it recently collected about its youngest users, some as young as 14, and college students, Public Citizen and a coalition of 25 groups said in a letter to the corporation today.

The groups are concerned about how this information might have been used or may be used in the future by marketers and others to take advantage of young people’s emotions, all without users’ knowledge. Marketing companies and Facebook have secretly moved to tap into teens’ emotions and developmental vulnerabilities strictly for profit, the letter says. The groups want to know how the data was used, when it was used, how many users were impacted and the names of the companies that received the data. 

“What began as a way for college students to keep in touch has morphed into a platform for brand-saturated marketing and psychological manipulation,” said Kristen Strader, campaign coordinator for Public Citizen’s Commercial Alert campaign. “It is incumbent upon Facebook as a cultural leader to protect, not exploit, the privacy of young people, especially when their vulnerable emotions are involved.”

According to The Australian newspaper, Facebook presented research to one of its advertisers that shows it collects sensitive data regarding young users’ emotions and “mood shifts.” The research detailed how Facebook can analyse sensitive user data in real time to determine how young users are communicating emotion, and at which points during the week they are doing so, the letter continued. Facebook’s research was conducted without users’ knowledge, which raises ethical concerns.

“Because Facebook plays such a powerful role in the lives of teens, it must adopt a policy that respects and protects them,” said Dr. Kathryn Montgomery, professor of communication at American University and a consultant to the Center for Digital Democracy. “This should include not only strong safeguards for its advertising and data practices, but also clear limits on the kinds of research it conducts for marketing purposes. Under no circumstances should marketers be using emotional states, stress levels, biometric information or other highly sensitive data to target users. And this should apply to both young people and adults.” 

Jim Killock, Executive Director of UK-based digital rights campaigners, Open Rights Group explained why they had signed on:

“We need more transparency about supposed research projects that are used to create valuable insights, which can be sold to the highest bidder. This is exploiting children and young people, who may not be aware of how Facebook are using and selling their data.”

The public, its users and elected officials have a right to know how pervasive this research was, who was affected and how the company will ensure it does not occur again, the groups said. The only way to fully address those concerns is to publicly release the internal document and related materials, accompanied by a more detailed explanation from Facebook of what was intended, what happened and the company’s actual practices, the letter says.

Read the letter

 For more information, contact press@openrightsgroup.org

[Read more]


Selective, secret consultations have no place in open Government

Yesterday, Open Rights Group received a leaked copy of the Government's draft technical capability notices (TCNs) regulation.

This is a ‘targeted consultation’ and has not been publicised to the tech industry or public. The Secretary of State is in fact not under any obligation to consult the public, but instead must consult only a small selection of organisations listed in Section 253 (6) of the Investigatory Powers Act 2016.

Executive Director Jim Killock said:

“These powers could be directed at companies like WhatsApp to limit their encryption. The regulations would make the demands that Amber Rudd made to attack end-to-end encryption a reality. But if the powers are exercised, this will be done in secret.

“The public has a right to know about government powers that could put their privacy and security at risk. “There needs to be transparency about how such measures are judged to be reasonable, the risks that are imposed on users and companies, and how companies can challenge government demands that are unreasonable.

“Businesses and the public need to know they aren’t being put at risk. Sometimes, surveillance capabilities may be justified and safe: but at other times, they might put many more people – who are not suspected of any crime – at risk.”

“Selective, secret consultations have no place in open Government.”

Technical capability notices (TCNs)

TCNs can be used to order companies with over 10,000 UK users to adapt their technology to enable intercept and metadata collection. While this power already existed under the Investigatory Powers Act, the regulation provides much more detail about what companies could be compelled to do if they are served with a TCN.

Potentially, these notices could be used to compel companies to introduce backdoors to end-to-end encryption, or put in place other security weaknesses, with little accountability.

The regulations state that companies could be forced to ‘modify’ their products in order to comply with Government demands.

The powers would also limit the ability of companies to develop stronger security and encryption. They could be forced to run future development plans past the Government.

Under the IP Act, TCNs may be challenged on technical grounds, to an Advisory Board. They are also approved by Judicial Commissioners. However, the criteria for making a sound judgement of risk to all parties are not set out in the Act, nor the draft regulations; nor is there a clear route of appeal.

Notes to Editors

The consultation last four weeks, concluding on 19 May with responses to: investigatorypowers@homeoffice.gsi.gov.uk.

The consultation process is outlined at Section 253 of the IP Act 2016

[Read more]


Law Commission's 'shoddy and confused' proposals would threaten free speech in UK

Digital rights campaigners, the Open Rights Group have criticised a consultation report by the Law Commission, which calls for a new Espionage Act that could see journalists and whistleblowers get up to 14 years in prison for handling and publishing official data.

In their own report, ORG condemns the proposals as, “shoddy and confused, contradictory, poorly researched, and ill-informed on public interest issues”.

Executive Director Jim Killock said: “From MPs’ expenses to the Snowden leaks, investigative journalism is vital for exposing wrongdoing and holding the Government to account. If the Law Commission’s proposals had been in place ten years ago, the journalists behind these stories could be in prison right now.

“The Law Commission needs to ditch these proposals and come up with concrete evidence as to why reform is needed. Modernising the Official Secrets Act should not be at the expense of investigative journalism.”

ORG main criticisms are as follows:

Threat to free speech: The proposals could see editors and journalists threatened with up to 14 years in prison just for handling official data. If they publish, they can be charged if it can be shown that they were aware that damage might be caused  – and they would not be allowed a public interest defence. This would pose a massive threat to free speech in the UK.

Lack of evidence: There is a lack of evidence about why reform is needed, other than that existing Official Secrets Acts are old. ORG believes that the Law Commission needs to provide more evidence to justify its proposals.

Omissions: The report fails to discuss the role and effects of the Internet, or its implications in the flow of data through espionage. ORG believes that the review took place as a result of the Snowden leaks but there is no mention of this case nor other significant cases, such as Wikileaks, the Spycatcher affair or the ABC trial.

Poor consultation process: The Law Commission claimed to have consulted with human rights organisations, including ORG but this was not the case. After quietly announcing the consultation report through a Telegraph opinion piece, the Commission extended the deadline for submissions by a month until today, May 3.

Notes to Editor

Over 23,000 people have signed an ORG petition calling for the Law Commission to drop proposals to criminalise whistleblowers and journalists: 

ORG’s full submission is available here.

Last week, the UK fell two places in the World Press Freedom Index, compiled by Reporters Without Borders, who cited the Law Commission’s proposals as ‘alarming’. Contact: press@openrightsgroup.org

[Read more]


ORG response to Home Affairs Committee report on hate speech and Internet companies

Open Rights Group has responded to an inquiry by the Commons Home Affairs committee, which calls for Internet companies to do more to take down hate speech and illegal content.

Executive Director, Jim Killock said: 

“This report is very imbalanced. While social media companies have serious obligations to deal with illegal content, they also have a duty to make sure any censorship they conduct is correct.

“The report assumes that identifying extremist content is a simple matter for technology to deliver.

“MPs need to be extremely careful as financial and legal incentives to censor material would almost inevitably leads to removal of legal material, including, for example, commentary opposing terrorism, that simply uses some of the same images or texts.”

For more information, email press@openrightsgroup.org

[Read more]


Parliament votes to put privacy in hands of porn companies

The UK parliament has passed a law that could put web users at risk of hacking and blackmail.

The Digital Economy Bill (DEBill) will require that porn sites verify the age of their users in order to prevent under 18s from viewing pornography. Despite concerns that this will leave porn users vulnerable to hacks and security risks, the Government has failed to amend the Bill so that privacy is written into the legislation. Instead, Codes of Practice will place the responsibility for protecting people’s privacy with porn sites not the companies supplying age verification technology.

Executive Director Jim Killock said:

“Age verification is an accident waiting to happen. Despite repeated warnings, parliament has failed to listen to concerns about the privacy and security of people who want to watch legal adult content.

“As we saw with the Ashley Madison leaks, the hacking of private information about people’s sex lives, has huge repercussions for those involved. The UK government has failed to take responsibility for its proposals and placed the responsibility for people’s privacy into the hands of porn companies.”

Censorship regime

The Bill will also enable the creation of a censorship regime as the BBFC will be given powers to force ISPs to block legitimate websites without any judicial process. These powers were added to the Bill, when it became apparent that foreign porn sites could not be compelled to apply age verification. During parliamentary scrutiny, they were extended to include other content, not just pornography, raising further concerns about the threat to free speech.

Killock added: “These new powers will put in place a vast system of censorship which could be applied to tens of thousands of adult websites. The BBFC will be under pressure to censor more and more legal content. This is a serious assault on free speech in the UK.”

Almost 25,000 ORG supporters signed a petition calling for the Government to reject plans for blocking legal pornography.

For more information, email press@openrightsgroup.org or call 020 7096 1079.

[Read more]


UK falls two places in World Press Freedom Index

The UK has fallen two rankings on the World Press Freedom Index. It is now 40th on a list of 180 countries ranked by how much they respect press freedom.

Executive Director Jim Killock said:

“Extensive surveillance powers are threatening investigative journalism and freedom of expression in the UK. In just four years, the UK has fallen ten places in the World Press Freedom Index, a deeply worrying trend that needs to be addressed.

“The Government failed to protect journalists when it passed the Investigatory Powers Act. Now, the Law Commission has proposed to send them to prison if they so much as handle official data. This comes at a time when we must be able to hold the Government to account over its vast surveillance powers.”

“Mass surveillance chills freedom of expression and undermines democracy.”

About the World Press Freedom Index

The World Press Freedom Index is published each year by Reporters Without Borders. According to RSF's website: "The Index ranks 180 countries according to the level of freedom available to journalists. It is a snapshot of the media freedom situation based on an evaluation of pluralism, independence of the media, quality of legislative framework and safety of journalists in each country."

For more information, contact press@openrightsgroup.org

[Read more]


Government must respond to CJEU ruling on surveillance

Open Rights Group has responded to the publication of operational cases for the extensive surveillance powers laid out in the Investigatory Powers Act.

Executive Director Jim Killock said:

“The government still hasn’t stated how it will respond to a CJEU ruling, which calls into question the legal basis for the current data retention regime.

“The CJEU said that blanket data retention was not permissible and should only be used for serious crime. It also said that there needed to be independent authorisation for access to communications data.

“The Government has yet to respond publicly to this ruling. It’s vital that the Government clarifies its position before the election.”

ORG will deliver a letter, signed by over 1,200 ORG supporters, to the Secretary of State and Shadow Ministers on Monday, urging the Government to present its plans before the election.  

The CJEU judgment relates to a case brought by Deputy Leader of the Labour Party, Tom Watson MP, over intrusive data retention powers in the Data Retention and Investigatory Powers Act (DRIPA). Open Rights Group intervened in the case together with Privacy International, arguing that DRIPA, which was rushed through parliament in 2014, was incompatible with EU law. While the judgment will no longer affect DRIPA, which expired at the end of 2016, it has major implications for the Investigatory Powers Act.

In March, it appeared that the Government has accepted part of the CJEU ruling, after ORG noticed a tender on the UK Government Digital Marketplace, which called for businesses to help develop a new “independent communications data authorising body.

However, the Government has still not made a public statement about how it will respond to the judgment. 

The updated cases for operational powers are here.

For more information, email press@openrightsgroup.org

[Read more]


Campaigners call for transparency over Home Office meetings with tech companies

Civil liberty organisations have written to the Home Secretary Amber Rudd in advance of her meeting with tech companies on Thursday, March 30th.

Rudd has asked for a meeting to discuss ways that companies can help the Government combat terrorism. It comes in the wake of Rudd’s comments to the BBC’s Andrew Marr about encryption and her desire to talk to people “who understand the necessary hashtags” in order to prevent extremist content from being posted online.

The campaigners are calling for:

• Transparency about any meetings and agreements made between the Government and tech companies 

• Evidence-based policies that do not jeopardise the personal security of UK citizens 

• Input from the civil society, human rights and legal organisations to ensure that the privacy, and free speech rights of citizens are protected


Encryption
Encryption is vital for ensuring that citizens can communicate, shop and bank online safely. Weakening encryption technologies would put UK citizens at greater risk of cyber crime.

The Investigatory Powers Act gives the Government the power to compel companies to reengineer their products and services if it is reasonable and technically possible. This means that the government can secretly order companies to remove encryption.

Online content
The Government wants companies to take down online extremist content that they believe radicalises individuals to carry out acts terrorism. Transparency and judicial oversight should be required for government takedown requests.

The full letter is available here.

Quotes from signatories

Jim Killock, Executive Director, Open Rights Group:

“Rudd’s comments to Marr show a worrying lack of understanding about how encryption keeps us all safe. She clearly needs to talk to experts but this should be done openly and transparently. Secret deals between governments and companies have no place in a democracy.”

Rebecca Vincent, UK Bureau Director, Reporters Without Borders:
"Amber Rudd's comments on encryption are yet another example of this government sacrificing freedom of expression, the right to privacy, and other human rights in the name of security, and contribute to a very worrying trend of increasing attacks on press freedom in the UK in recent months. The ability to communicate securely is essential for investigative journalists, their sources, and whistleblowers. Eliminating encryption tools likes WhatsApp would have a broad chilling effect, and would serve as another damaging blow to investigative journalism in the UK."

Thomas Hughes, Executive Director, ARTICLE 19

"Encryption capabilities are fundamental to allow us to communicate freely and safely in an open and democratic society. Any discussions of a framework through which the security services can access our communications must be transparent. Knee-jerk political statements and rushed through deals are at best unhelpful at protecting our civil liberties and at worst a dangerous threat to them. The government risks eroding our freedoms at a time when it is alluding to a desire to protect them."

Contact press@openrightsgroup.org

[Read more]


Home Office breaching Cabinet Office guidelines over surveillance consultation argue campaigners

A group of lawyers, civil liberty groups and trade unions have written to the Home Secretary Amber Rudd to ask her to re-run her consultation into new Codes of Practice required under the Investigatory Powers Act.

The codes include over 400 pages of legal text, outlining how the powers in the IPA will be put into practice. However, the Home Office has allowed respondents just six weeks to give feedback.

The Cabinet Office’s guidelines say that consultations should “Give enough information to ensure that those consulted understand the issues and can give informed responses.” However, the consultation includes just fifteen paragraphs to explain the content of the five documents.

The letter’s signatories are calling for the Cabinet Office to publish more detailed information about the codes, including the changes made since Parliament saw them, followed by a full three months for consultation and to arrange briefings with lawyers, civil society and other interested groups.

The Home Office has been compelled to publish the Codes of Practices after the Investigatory Powers Tribunal ruled that documents about the use of surveillance must be made public.

Jim Killock, Executive Director of Open Rights Group said:

“Amber Rudd wants to be trusted with even more powers to remove security at WhatsApp, yet she is running the flimsiest possible consultation process for her existing powers, designed to stop people from understanding whatever she is proposing.

“She has also failed to explain to Parliament in what way she has changed the Codes from the drafts she showed Parliament. The changes we have detected include watering down strict obligations given to the agencies to more general guidance, by changing words like ‘must’ to ‘may’.”

Thomas Hughes, Executive Director, ARTICLE 19 said:

"The so-called consultation process on these Codes of Practice raises damning questions about the government's approach to democratic participation and open and transparent processes. The Home Office has made it near impossible for any meaningful scrutiny, despite their complexity. A rushed-through consultation is no consultation at all. The Home Office must take immediate steps to ensure a consultation process that lives up to its name and supports the meaningful participation of civil society.”

Rebecca Vincent, UK Bureau Director of Reporters Without Borders said:

"We remain extremely worried by the implications of the Investigatory Powers Act for investigative journalism in the UK. The Home Office's approach to the consultation on the proposed codes of practice presents further cause for concern. Civil society must be given the chance to meaningfully engage on these proposals, in the interest of transparency and accountability."

For more information, contact press@openrightsgroup.org

[Read more]


ORG responds to Amber Rudd's comments on WhatsApp and encrypted communications

Open Rights Group has responded to comments by the Home Secretary Amber Rudd MP about the need for the police to be able to access encrypted messages.

Rudd made the comments on the BBC's Andrew Marr programme.

Executive Director Jim Killock said: 

"It is right that technology companies should help the police and intelligence agencies with investigations into specific crimes or terrorist activity, where possible. This help should be requested through warrants and the process should be properly regulated and monitored.

"However, compelling companies to put backdoors into encrypted services would make millions of ordinary people less secure online. We all rely on encryption to protect our ability to communicate, shop and bank safely."

For more information, contact: press@openrightsgroup.org

 

[Read more]