Press releases

Press releases

ORG response to calls for automated takedowns of online extremist content

ORG has issued a response to the Government’s call for Internet companies to do more to automatically detect and remove extremist content online.

Jim Killock, Executive Director of Open Rights Group said:

“Internet companies have a role to play in removing illegal content from their platforms but we need to recognise the limitations of relying on automated takedowns. Mistakes will inevitably be made – by removing the wrong content and by missing extremist material.

“Given the global reach of these companies, automated takedowns will have a wide-reaching effect on the content we see, although not necessarily on the spread of extremist ideas as terrorists will switch to using other platforms.”

“There needs to be transparency about where takedown requests come from and what is being taken down automatically; there also need to be clear routes for appeal when mistakes are made.”

“There are also wider implications. This move by the British, French and Italian Governments could also be used to justify the actions of authoritarian regimes, such as China, Saudi Arabia and Iran, who want companies to remove content that they find disagreeable.”

For more information, email

[Read more]

Data Protection Bill must give privacy groups right to lodge complaints

Open Rights Group has responded to the publication of the Data Protection Bill, which put the provisions of the General Data Protection Regulation into UK law.

ORG welcomes the Bill, which will improve our ability to control how data is collected and used. However, the Government has failed to enact all of the options outlined in the GDPR.

Executive Director Jim Killock said:

“The UK has neglected an important option in the General Data Protection Regulation, which gives consumer privacy groups like Open Rights Group the ability to lodge independent data protection complaints.

"It is almost impossible for the average person to know how their data is being collected, shared and sold by social media platforms, advertisers and other businesses. We may not know which companies hold data about us. Privacy groups can therefore play an important role in protecting consumers by taking independent action against companies that fail to protect our data protection rights.”

“Open Rights Group wants to be able to campaign on behalf of people who are afraid of complaining or do not realised that they have been affected.”

[Read more]

ORG response to CPS announcement on social media hate crime

ORG has responded to the announcement by the CPS that they will treat online hate crime as seriously as offline offences.

Legal Director, Myles Jackman said:

“It is quite right that people who hide behind social media to commit hate crime should be held accountable for their actions by the criminal justice system and clearly, internet companies should not be left to ‘police’ online speech.

However, some offences employ highly subjective terms like “grossly offensive” and “obscene” which could have a severe chilling effect on the more unpalatable but legitimate areas of free speech, if interpreted strictly.

Finally, Alison Saunders’ avowed intent to crack down on hate crime on social media may be significantly hampered by Kier Starmer’s High Evidential Threshold Test which was specifically designed to reduce the number of cases that actually reached Court”.

For more information, contact:

[Read more]

Data Protection Bill to be welcomed but still needs work

ORG responds to the Government's statement of intent on a Data Protection Bill

Javier Ruiz – policy director at digital rights campaign organisation Open Rights Group – said,

“We welcome the Government’s intention to bring European data protection laws into UK law. It will strengthen everyone’s ability to control what data can be collected about them and how it can be used.

These laws could be fundamentally altered after Brexit. The Government must explain how these data protection rights will be guaranteed after the UK has left the EU.

We are disappointed that UK Ministers are not taking up the option in EU law to allow consumer privacy groups to lodge independent data protection complaints as they can currently do under consumer rights laws.

Citizens face increasingly complex data ecosystems. It is almost impossible for average person to be able to know which organisations hold their personal data. Enabling privacy groups to take independent action will ensure consumers’ rights are properly enforced.”

[Read more]

Real people care about security

Open Rights Group responds to Amber Rudd's comments on encryption today

Responding to Amber Rudd’s comments today suggesting that “real people” don’t expect security in their communications, Jim Killock – executive director of UK digital rights campaign Open Rights Group – said:

"The suggestion that real people do not care about the security of their communications is dangerous and misleading. Some people want privacy from corporations, abusive partners or employers. Others may be worried about confidential information, or be working in countries with a record of human rights abuses. It is not the Home Secretary’s place to tell the public that they do not need end-to-end encryption.

Amber Rudd must be absolutely clear on what co-operation she expects from Internet companies. She is causing immense confusion because at the moment she sounds like she is asking for the impossible. She must give the public a good idea of the risks she wants to place them under.

If WhatsApp turn off or compromise encryption, you can expect criminals to use something else. The people who will suffer are law-abiding citizens who want privacy and security."

For more information, contact

[Read more]

Brexit trade agreements “fragile” after CJEU opinion on Passenger Name Record data

The Court of Justice of the European Union has issued an Opinion that an agreement over the transfer of Passenger Name Record data between Canada and the EU, “may not be concluded in its current form because several of its provisions are incompatible with the fundamental rights recognised by the EU”.

Any future agreement between the EU and UK would similarly be open to challenge if the UK’s laws do not uphold the privacy of EU citizens. The Opinion reinforces arguments that privacy and data protection rights in the UK could be put under intense scrutiny, if the agreement covers transfers of personal data, which are fundamental for most communications and commerce.

Executive Director of Open Rights Group, Jim Killock responded:
“This decision has massive implications for Brexit. The EU courts have rejected an agreement that failed to protect fundamental rights, including the rights to privacy and protection of personal data.

“Any future trade agreement between the UK and EU would be subject to the same stringent requirements. Given the UK’s mass surveillance laws and indiscriminate data retention, any trade agreement for digital, communications and even banking and insurance businesses, could look very fragile indeed.”

Current UK arrangements to collect and use PNR data are also likely to need improved safeguards, along the lines the court requires for the EU-Canada agreement.

Notes to Editors
The CJEU have explained their decision in a press release which notes:

“the Court considers that the agreement should:
• determine in a more clear and precise manner certain of the PNR data to be transferred;

• provide that the models and criteria used for the automated processing of PNR data will be specific, reliable and non-discriminatory;

• provide that the databases used will be limited to those used by Canada in relation to the fight against terrorism and serious transnational crime;

• provide that PNR data may be disclosed by the Canadian authorities to the government authorities of a non-EU country only if there is an agreement between the European Union and that country equivalent to the envisaged agreement or a decision of the European Commission in that field;

• provide for a right to individual notification for air passengers in the event of use of PNR data concerning them during their stay in Canada and after their departure from that country, and in the event of disclosure of that data to other authorities or to individuals;

• guarantee that the oversight of the rules relating to the protection of air passengers with regard to the processing of their PNR data is carried out by an independent supervisory authority.

“Since the interferences which the envisaged agreement entails are not all limited to what is strictly necessary and are therefore not entirely justified, the Court concludes that the envisaged agreement may not be concluded in its current form.”

Open Rights Group is a member of European Digital Rights (EDRi), which have also issued a statement.

[Read more]

Age verification plans put web users' privacy at risk

Open Rights Group has responded to the announcement that the Government has initiated plans for the age verification of porn websites.

Executive Director Jim Killock said:

“Age verification could lead to porn companies building databases of the UK's porn habits, which could be vulnerable to Ashley Madison style hacks.

“The Government has repeatedly refused to ensure that there is a legal duty for age verification providers to protect the privacy of web users.

“There is also nothing to ensure a free and fair market for age verification. We are concerned that the porn company MindGeek will become the Facebook of age verification, dominating the UK market. They would then decide what privacy risks or profiling take place for the vast majority of UK citizens.

“Age verification risks failure as it attempts to fix a social problem with technology. In their recent manifestos, all three main political parties called for compulsory sex and relationship education in schools. Sex education would genuinely protect young people, as it would give them information and context.”

For more information, email

[Read more]

ORG response to Queen's speech 2017

Open Rights Group has responded to today's Queen’s Speech.

Executive Director Jim Killock said:

“We need to ensure that Internet companies have as much incentive to fully protect free speech as they do to remove illegal content.

“We would hope that a Digital Charter’s regulatory framework will include independent or judicial oversight of material that is taken down by Internet companies. This will help to ensure that we do not simply place the free speech of UK citizens in the hands of private companies without any safeguards.

“We also hope that the reference to a world class regime for protecting our personal data will mean that the Government is committed to delivering the General Data Protection Regulation in full. We hope that the Government will give privacy organisations like Open Rights Group two important rights that are optional in GDPR. These are: to start enforcement cases without requiring to be instructed by individuals affected, and to be able to help people sue companies for privacy damages. These are vital powers that will help to improve data protection in the UK.

“We are surprised that the Queen’s Speech does not make any reference to plans to ensure that requests for communications data by the police and other bodies are independently authorised. The Court of Justice of the European Union ruled on this before Christmas and we know that the Home Office has put out a tender for businesses to help develop a new “independent communications data authorising body”. Yet the Government has still not been up front with Parliament about this important development.”

For more information, contact

[Read more]

Conservative plans for Internet clampdown are a distraction

Open Rights Group has responded to Theresa May’s post-election hints that she will continue with Conservative plans for Internet clampdowns.

Executive Director Jim Killock said:
“To push on with these extreme proposals for Internet clampdowns would appear to be a distraction from the current political situation and from effective measures against terror.
“The Government already has extensive surveillance powers. Conservative proposals for automated censorship of the Internet would see decisions about what British citizens can see online being placed in the hands of computer algorithms, with judgments ultimately made by private companies rather than courts. Home Office plans to force companies to weaken the security of their communications products could put all of us at a greater risk of crime.

“Both of these proposals could result in terrorists and extremists switching to platforms and services that are more difficult for our law enforcement and intelligence agencies to monitor.
“Given that the priority for all MPs is how the UK will negotiate Brexit, it will be especially hard to give the time and thought necessary to scrutinise these proposals.
“It could be tempting to push ahead in order to restore some of Theresa May’s image as a tough leader. This should be resisted. With such a fragile majority, greater consensus will be needed to pass new laws.
“We hope that this will mean our parliamentarians will reject reactionary policy-making and look for long-term, effective solutions that directly address the complex causes of terrorism.”

For more information, email

[Read more]

FOI response reveals porn company's proposals for UK to block millions of porn sites

A Freedom of Information request to the DCMS has revealed that porn company MindGeek suggested that the BBFC should potentially block millions of porn sites if they didn’t comply with Age Verification requirements outlined in the Digital Economy Act.

MindGeek, who are also developing Age Verification technology, said that the Government’s plans to prevent children from seeing pornography would not be effective unless millions of sites could be blocked.

Notes made by the company and sent to the DCMS state:

“A greylist of 4M URLs already exists from Sky, but lets assume that’s actually much smaller as these URLs will I suspect, be page- level blocks, not TLDs. The regulator should contact them all within that 12 months, explaining that if they do not demonstrate they are AV ready by the enforcement date then they will be enforced against. “On the enforcement date, all sites on the greylist turn black or white depending upon what they have demonstrated to the regulator.”

MindGeek could stand to gain commercially if competitor websites are blocked from UK visitors, or if the industry takes up their Age Verification product.

Executive Director of Open Rights Group, Jim Killock said:

“There is nothing in the Act to stop the BBFC from blocking 4.6 million pornographic websites. The only constraint is cash.

“This leaves the BBFC wide open to pressure for mass website blocking without any need for a change in the law.”

When giving evidence to the Public Bill Committee, the chief executive of the British Board of Film Classification, David Austin implied that only tens of sites would be targeted:

“We would start with the top 50 and work our way through those, but we would not stop there. We would look to get new data every quarter, for example. As you say, sites will come in and out of popularity. We will keep up to date and focus on those most popular sites for children.”

Notes to Editors

The Digital Economy Act 2017 obliges porn sites to verify the age of their users. Sites that fail to do so could be fined or blocked by Internet Service Providers.

Responses to ORG’s FOI requests are here.

For further information, contact

[Read more]