Supporter Newsletter

February 28, 2020 | Mike Morel

Supporter Newsletter March 2020

In February Open Rights Group (ORG) continued the fight for UK digital rights by standing up for encryption, raising the alarm on user data transfers to the US and opposing government plans to appoint a state regulator of online speech.

ORG weighs in on escalating encryption debate

In response to children’s rights groups’ joint letter condemning Facebook’s plans to bolster encryption for its messenger, ORG countered that undermining encryption creates far more problems than it solves. Encryption is literally the foundation of a secure internet for all, including children. It is wishful thinking to assume “digital back doors” for authorities won’t be exploited by hackers, criminals, even abusers, to gain access to our private lives. Tampering with encryption is a dangerously shortsighted move by politicians eager to look tough on social media platforms.

ORG warns Google’s US data transfer weakens our privacy

In response to Google’s Brexit-inspired decision to transfer control of UK users’ data from Ireland to the US, ORG Executive Director Jim Killock said, “Moving people's personal information to the USA makes it easier for mass surveillance programmes to access it. There is nearly no privacy protection for non-US citizens. Data protection rights will also become more fragile, and are likely to be attacked in trade agreements pushing 'data flows'.”

ORG offers alternative to state regulation of online speech

The government’s plans to grant telecom regulator Ofcom new powers to protect users from harmful content will lead to state regulation of online speech. By contrast, co-regulation, which does not have the same inherent conflict of interest, is a far better alternative that provides internet companies with independent scrutiny. The Government’s proposed “duty of care” to address online harms remains an open-ended and vague concept that needs vastly clearer definition. 

Strengthening the right to data subject access

Last week ORG delivered a submission to the Information Commissioner’s Office (ICO) consultation on the Right of Access Guidance broadly supporting the proposal and providing a range of areas in which it can be usefully and easily improved. The right to subject access is a vital data right that gives individuals important control over their personal data. 

Scottish Biometrics Commissioner Bill advances with ORG recommendations

Amendments made to the Scottish Biometrics Commissioner Bill have strengthened the status of the proposed Commissioner by providing an individual complaints procedure, making the code of practice set by the Commissioner binding and allowing for the Commissioner to present compliance notices. ORG called on all of these areas to be included for the Commissioner years ago during the Independent Advisory Group on the Use of Biometrics. 

Police Scotland drops facial recognition technology

Police Scotland shelved plans to deploy facial recognition technology after an investigation by the Justice Sub-Committee on Policing concluded the technology was “not fit” for use because of how it discriminates based on gender and race. Echoing evidence submitted by ORG, their report called facial recognition “a radical departure from Police Scotland’s fundamental principle of policing by consent.” Scotland stands alone among UK countries in rejecting facial recognition. 

ORG around the UK

ORG Data & Democracy Project Officer Pascal Crowe submitted evidence to the House of Lords Select Committee on Democracy and Digital Technologies. Pascal called for a market based approach to regulate the use of data in political campaigning. 

In February ORG Glasgow held an event exploring the question of whether surveillance is creating a culture of self-censorship. ORG Glasgow organiser Jennifer Breslin posted an inside look at the Computers, Privacy & Data Protection Conference in Brussels. ORG Norwich held an event about Brexit’s impact on digital rights and ORG London hosted a talk by Privacy International about their campaign to challenge intrusive police surveillance tools.

Join us in March for a pub social in Cambridge, a CryptoParty in Oxford, or a talk in London about surveillance in education.

Thank you for supporting UK digital rights.


[Read more]

February 04, 2020 | Mike Morel

February 2020 Newsletter

From an astonishing reversal for the EU Copyright Directive to emerging privacy threats from post-Brexit trade deals, the 2020’s started with a bang for UK digital rights. In January Open Rights Group (ORG) was busy as ever meeting these challenges and more. Read on to get caught up on all things ORG.

Surprise shelving of EU Copyright Directive 

Nearly a year after many UK MEPs aided passage of the dreaded EU Copyright Directive, which opened the door to automated upload filters that damage free speech, the UK Government infuriated opponents and proponents of the Directive alike by suddenly dropping plans to implement it. ORG campaigned fiercely against the Directive so welcomes the news, but the threat of algorithmic copyright enforcement remains. Rightsholder interests are certain to push for similar laws domestically.

ORG puts UK political parties on notice

ORG supporters sent thousands of subject access requests to UK political parties during the 2019 General Election demanding to see what personal data was being held on them. If you made a request for your personal data and received a response from the parties, click here to play a part in ORG’s project to restore integrity to UK elections. ORG also commissioned a poll that revealed a majority of UK residents were opposed to dark ads and political micro-targeting. The All Party Parliamentary Group (APPG) on Electoral Campaigning Transparency recently adopted ORG’s electoral reforms. 

New chance for data justice in “immigration exemption” appeal 

ORG and the3million continued to pursue legal action against the Data Protection Act’s unjust “immigration exemption” after a UK court granted our appeal to be heard. As millions of EU nationals fill settled status applications to remain in the UK, this is our chance to convince the Court that the exemption breaches fundamental rights by denying legal residents access to their personal data. Please help us reach our goal of £15K to cover legal fees.

Opposing Police Scotland’s cyber kiosks

ORG and Privacy International called for a halt to Police Scotland’s roll out of cyber kiosks in the absence of an overarching legal framework for the seizure of electronic devices in line with human rights standards. Access to our mobile devices means access to our photos, videos, contacts, messages, notes, calendars, browsing history, even our locations. The legal system in Scotland is not fit to respond to that level of intrusion. Meanwhile, the Scottish Biometrics Commissioner Bill passed the first stage of debate and incorporated several of ORG’s recommendations.

Commemorating Data Protection Day 

On Data Protection Day 28 January ORG called on every Member of Parliament to commit to safeguarding digital privacy rights in the post-Brexit era. As the UK negotiates new international trade agreements, there will be pressure from many sectors, such as insurance, bank credit agencies and some large internet companies, to lower standards. Intense pressure will come from the US government, who will want to make ‘data flows’ more important than ‘data protection’.

ICO blinks on AdTech 

In January the Information Commissioner’s Office (ICO) announced they were taking minimal steps to enforce the law against massive data breaches taking place in the online ad industry (AdTech). Threatening legal action, ORG Executive Director Jim Killock said, "Last year the ICO gave a deadline for an industry response to our complaints. Now the ICO is falling into the trap set by industry, of accepting incremental but minimal changes that fail to deliver individuals the control of their personal data that they are legally entitled to.”

Online age checks overhauled

The ICO’s new Age Appropriate Design Code reflected ORG's concern that their plan to protect children’s privacy online could backfire by saddling adults with the burden of proving they are over 18 and curtailing free expression. The changes are welcome, but it remains unclear whether the new plan will create barriers to adults reaching legal content, including news, opinion and social media. With so much at stake, the public and Parliament need a thorough debate, rather than sneaking in a change via parliamentary rubber stamping with potentially huge implications for the way we access Internet content.


Is ethical AdTech possible?

ORG hosted a roundtable discussion at the annual Computer Privacy and Data Protection (CPDP) conference in Brussels asking whether privacy friendly ethical alternatives to mainstream advertising technology (AdTech), which targets Internet users using their personal data, can work and generate revenue for online publishers. 

Digital trade vs digital rights

ORG Policy Director Javier Ruiz joined Duncan McCann of the New Economics Foundation in London to discuss how post-Brexit free trade agreements may weaken data protection and the accountability of algorithms and instead favour the trade secrets of businesses. Watch their presentations here and here.

Join a local ORG group in your area

Local ORG groups meet in cities across the UK and are made of people like you who are concerned about losing freedoms in the digital age. We’ve got upcoming events in the following cities:

ORG Cambridge Tuesday 4 Feb

ORG GlasgowMonday 10 Feb

ORG London Monday 10 Feb

ORG Norwich Wednesday 12 Feb 

We’d like to thank our newest corporate supporter MiniTool for their support of ORG! Also big thanks out to Elegant Chaos for renewing their support!

Thanks for being part of the movement to protect digital rights.

[Read more]

December 17, 2019 | Mike Morel

2019 Year in Review

From tech’s threats to UK democracy to the ad industry’s continued abuse of our personal data, digital rights were at the centre of some of 2019’s biggest stories. Thanks to supporters like you, Open Rights Group (ORG) met these challenges head on and changed the debate on AdTech, age verification, political profiling and more. Read on for a review of ORG’s big year.


Winning the argument on AdTech

In a landmark statement issued by the Information Commissioner’s Office (ICO) in June, the data protection authority agreed with ORG’s joint complaint against Google & IAB asserting their real time bidding advertising systems are in violation of the General Data Protection Regulation (GDPR). The ICO is expected to announce findings from their own investigation into AdTech on 20 December. ORG’s next task will be to push the regulator to act.


Two elections, two data rights campaigns

In May ORG teamed with Who Targets Me to promote their browser extension which enables Facebook users to automatically document manipulative political ads served during the 2019 European Parliament elections. During the UK General Election, ORG supporters signed petitions, attended events, wrote candidate letters and submitted subject access requests to challenge how UK political parties acquire personal data to profile and micro-target voters. If you haven’t already, you can use our tool to find out what personal data UK parties hold on you.


Modernising Scotland and protecting human rights

Open Rights Group has given evidence twice to the Scottish Parliament: on the creation of a Scottish Biometrics Commissioner (which we support), and the use of facial recognition by Police Scotland (which we do not). We’ve released reports on the lawfulness of seizing digital devices by Police Scotland and pushed for reform of Defamation law in Scotland. And don’t forget about ORGCon Scotland (see below).


Flawed Age Verification plan gets binned

ORG has been raising the alarm about major privacy risks in the Government’s well intentioned but dangerously insecure plan to require age verification on adult websites ever since it was proposed as part of the Digital Economy Act 2017. In 2019 the plan was finally dropped [8] although proposals are likely to come back in some form. There’s no question children must be protected from harmful content, but optional privacy protections and vulnerable records of the public’s porn preferences are not the way to do it. 


Transparency win in immigration data legal challenge

ORG’s court action with the3million compelled the Home Office to state it will now inform residents when it uses the Data Protection Act’s “immigration exemption” to deny people access to their personal data. That means the millions of EU nationals living in the UK legally who have to reapply for a new immigration status after Brexit will be more able to contest what could be life-changing clerical errors. After the UK High Court struck down our legal challenge, we quickly earned permission for our appeal to be heard.


Preparing for Brexit’s effects on UK life online

This year ORG investigated Brexit’s implications for UK digital rights and produced a series of explainers on what to expect for digital privacy, free expression online and mass surveillance post-Brexit. To show what the Internet could look like if post-Brexit international agreements are made in secret, ORG created the fully interactive parody social media Futurebook.Join us on 20 January in London when we explore this urgent topic further.


Defending the right to parody

This year ORG submitted evidence to the government’s review of 2014 copyright reforms including the right to parody, caricature or pastiche. ORG also lobbied intensely to remove Article 17 (formerly Article 13) from the EU Copyright Directive which could introduce general monitoring of users and algorithmic censorship that damages free speech. Though the highly controversial law passed into law, its implementation in the UK is far from certain.


Nominet promise more transparency over .UK domain suspensions

Following our report into free expression last year, Nominet have produced proposals to display splash pages when they ‘suspend’ .UK domains at law enforcement request. While they need a robust system governed by law, splash pages are a step forward as we will learn more about what is suspended and consumers affected by fraud won’t be left in the dark when they visit a suspended domain.


Two ORGCons in one year!

2019 saw our biggest ever ORGCon conference in London and our first ever ORGCon Scotland in Edinburgh. Big thanks to everyone who made these memorable days of activism and inspiration happen. Watch Edward Snowden’s inspiring keynote address here and Patrick Harvie MSP’s opening speech for ORGCon Scotland here.


Addressing “online harms” the right way

ORG responded to new government proposals to curb “online harms” spanning everything from cyber-bullying and hate speech to terrorist propaganda and child abuse images. We brought together child protection groups, industry and free expression organisations for discussions. ORG countered the government’s harm-based approach with a rights-based plan that protects free speech online in our official responses. You can expect to hear a lot more on this in 2020 as the new Online Harms Bill advances.


Wrapping up the VIRT-EU project

VIRT-EU is Values and Ethics in Responsible Technology in Europe –  a European project funded by the Horizon 2020 program to create an ethical framework for Internet of Things (IoT) developers. Over the past three years ORG worked with five other European organisations to develop tools to encourage reflection on the relationship between technological innovation and societal concerns. Our goal is to enable a self-assessment of the ethical and social impact of new IoT technologies.


ORG Around the UK

From Aberdeen to Bristol and everywhere in between, ORG’s local groups held over 50 events this year including film screenings, workshops, panel discussions and more. Huge thanks to our stellar local organisers for all your time and effort, we couldn’t have done it without you!

We’d also like to thank our newest corporate supporter Ecommerce Booth.

Last but not least, thank YOU for being part of this movement to protect UK digital rights. 


We’ll see you in 2020. 

[Read more]

November 06, 2019 | Mike Morel

Supporter Newsletter - November 2019

An action packed October at Open Rights Group (ORG) included a big win on age verification, our first ever ORGCon Scotland and new developments in our legal challenge to the Data Protection Act.

Gov drops Age Verification

After years of dithering, the Government cancelled plans to require age verification on adult websites, averting a systemic privacy risk for millions of UK residents. There’s no question children must be protected from harmful content, but the plan’s privacy protections were merely optional for companies and would have prompted the creation of vulnerable records of the public’s porn preferences. That could lead to people being outed, blackmailed or having their careers destroyed. With your support, Open Rights Group was able raise the alarm and convince the Government they were making a huge mistake. 

Support the appeal of ORG’s Data Protection Act legal challenge 

This year Open Rights Group and the3million argued before the UK High Court that the “immigration exemption” used to deny people access to their personal data is far too broad and imprecise. In October the judge ruled against our challenge, but in a win for transparency the Home Office said it will now inform residents when it uses the exemption. That means the millions of EU nationals living in the UK legally who have to reapply for a new immigration status after Brexit will be more able to contest what could be life-changing errors. We need your help to continue the fight. Please support our effort to appeal the decision.

Regulating the use of personal data in political campaigning

After the Information Commissioner’s Office (ICO) issued a draft framework code of practice for the use of personal data in political campaigning, ORG hosted a round table with participants from academia, government, and civil society. The meeting produced a bold call for greater coordination between the ICO and the Electoral Commission because online political campaigning requires both data protection regulation and campaign finance regulation. Currently it is difficult for the ICO and the Electoral Commission to interact as effectively as they could. Expect to hear a lot more from ORG on this subject as we approach the general election on 12 December.

ORGCon Scotland debuts in Edinburgh

Open Rights Group teamed up with the Scottish Informatics & Computer Science Alliance to host the first ever ORGCon Scotland in Edinburgh. Big thanks to all the speakers and attendees who made it a success! We explored the unique digital rights environment in Scotland including topics like police cyber kiosks and Government plans for digital identification. Check out the keynote address by co-leader of the Scottish Green Party Patrick Harvie MSP


ORG Norwich 20 November
Join us for a presentation by Pascal Crowe, ORG's Data and Democracy Project Officer, to learn how UK political parties use your personal data and what you can do about it.

ORG Glasgow 2 December
Join us for a free screening of Netflix’s the Great Hack followed by a panel discussion. The film uncovers the dark world of data exploitation through the journeys of players on different sides of the explosive Cambridge Analytica/Facebook data scandal. Register your free ticket here.

ORG Cambridge, London, Bristol & more:
We’ll be announcing several more November events soon - watch this space!

Last but not least, we’d like to thank VPN Compare for renewing their support of Open Rights Group.

Thanks for being part of the movement to protect UK digital rights.

[Read more]

October 02, 2019 | Mike Morel

Supporter Newsletter October 2019

This week marks 14 years since Open Rights Group (ORG) was created to protect UK rights online! Each year our network and impact grows stronger, thanks to supporters like you.

Preparing for Brexit’s digital impact

In September ORG sent an open letter to ministers overseeing Brexit negotiations about the lack of preparedness for continuation of cross-border data flows in the event of a no deal exit. 75% of the UK’s international data flows are to and from the EU and include the transmission of personal data. In a no deal exit, the legal right to freely transfer personal data from the EU to the UK will disappear overnight. If you haven’t already, sign our pledge for a future of freedom and rights post-Brexit. 

Advertising Technology (AdTech) industry on notice

In September the Information Commissioner’s Office (ICO) reaffirmed their stunning assertion that the real-time bidding (RTB) systems underpinning the AdTech industry are unlawful under the General Data Protection Regulation (GDPR) and must be reformed by year’s end. The UK data protection authority’s game changing condemnation of RTB was a direct response to ORG’s joint complaint with Michael Veale and Dr. Johnny Ryan against ad giants Google and IAB. 

ORGCon is coming to Scotland

Join us Saturday 26 October in Edinburgh for ORGCon Scotland! Spread across three rooms, we’ll explore Scotland’s most pressing digital rights issues like government identity systems, police cyber kiosks and biometrics oversight. We’ll also consider broader topics like the adTech industry’s abuse of personal data and the social impact of technology and its effects on the democratic process. A full programme is coming soon. Get your FREE ticket here and see footage of ORGCon in London here. 

Ensuring effective biometrics oversight

ORG sent a joint open letter to Scottish Government Cabinet Secretary for Justice Humza Yousaf MSP calling for the scope of a new Scottish Biometrics Commissioner to expand beyond law enforcement. Biometric identifiers like facial and gait recognition are being used in health and social care, immigration proceedings, commercial spaces and even education. To strike a balance between security and rights to privacy and data protection, the new regulator’s jurisdiction must encompass all applications of biometrics in our society. ORG submitted evidence to the Scottish Government’s Justice Committee to support the letter.

ORG Around the UK

ORG Bristol 28 October
Data rights, worker’s rights and the gig economy.

ORG Glasgow 28 October
Brexit, digital rights & the coming election.

ORGCon Scotland 26 October
ORGCon 2019 is coming to Edinburgh!

ORG Manchester 19-20 October
ORG will be exhibiting at the open software “unconference” Oggcamp.

ORG Edinburgh 10 October
Data protection expert Chris Pounder “Ask Me Anything” session.

We’d like to send a big thank you to our supporters VPN Selector and Dot-com Monitor!

Thanks for supporting our work to protect UK digital rights. You can support our work by becoming a member today.


[Read more]

August 05, 2019 | Mike Morel

Supporter Newsletter - August 2019

From hosting our biggest event ever to the rollout of a fully interactive parody social media website, Open Rights Group (ORG) has gone from strength to strength this summer. We couldn’t have done it without thousands of dedicated supporters like you.

Data Protection Act legal challenge update

A June hearing on our challenge against the Immigation Exemption in the Data Protection Act 2018 at the High Courts of Justice revealed this controversial data rights opt-out has been used in 60% of its immigration-related data requests this year. ORG opposes the Exemption because it allows bodies including the Home Office, hospitals, employers and landlords to refuse people access to their personal data if releasing the information would “prejudice effective immigration control.” We expect a ruling in the autumn.

Biggest, best ORGCon ever

In July ORG held the biggest and best ORGCon ever with over 700 attendees and an inspiring keynote by surveillance whistleblower Edward Snowden. Many thanks to those of you who attended. You can watch the entire main stage showcase here:

Futurebook takes your personal data. Seriously.

Last month also saw the launch of one of our most ambitious campaign websites ever, the parody social media website Futurebook. Futurebook offers a bleak glimpse of what the Internet could look like if all our digital rights are traded away in secretive international agreements post-Brexit. If you haven’t already, check out Futurebook and share it with your friends and followers.

Last month ORG also launched a website dedicated to giving the facts about the privacy risks of the Government’s age verification plan for adult websites in the UK. Go to to learn the privacy risks of age verification technology - whether you’re an an adult, under 18 or if you own a website.


What Scotland can learn from the facial recognition fiasco

While the trials of live facial recognition in South Wales and the Metropolitan Police have been a slowly unravelling catastrophe, the controversial surveillance technology is still an ambition for Police Scotland. Before trials can even begin to take place, there is a need to pause and learn from what has gone on down South, writes Scotland Director Matthew Rice. 

New Gov launches attack on end-to-end encryption

Priti Patel, the freshly appointed Home Secretary, started her new job with demands for technology companies to design access for security and intelligence agencies into their secure messaging systems. Ms Patel was writing after a summit of ministers of the Five Eyes spying alliance, where their joint communique expressed similar positions, also echoed in a speech by the US Attorney General W.P. Barr last week. The coordinated barrage has raised alarm bells among human rights campaigners worldwide. Stay tuned for more updates.

We’d like to welcome our newest corporate supporters, Mappd, Loadview and SwitchVPN. Thank you for supporting our work!

[Read more]

July 01, 2019 | Lee Maguire

Supporter Newsletter - July 2019

The first half of 2019 has been strong for Open Rights Group (ORG). We have taken positive steps in challengingexploitative online advertising practices and protecting digital privacy. We are also getting ready for our biggest ever ORGCon London event taking place in less than two weeks!

The forgotten online harm: Damage to freedom of expression

The Government’s new plan to make social media safer gives Internet companies little choice but to scan all user content with automated systems, putting legal speech in the crossfire. If this sounds familiar, it’s because we’ve just been through the same story with the Copyright Directive. The only difference is this time the algorithms will be setting their sights on “harmful content” instead of copyrighted material. Today is the last day of the public comment period on the Online Harms White Paper. If you haven’t already, please tell the Government that social media regulation must protect the right to free expression. 

Full ORGCON 2019 programme announced

With over 500 tickets sold and iconic mass surveillance whistleblower Edward Snowden headlining, ORGCon 2019 on 13 July in London is shaping up to be our biggest and best ever. We’ve got four rooms of activism, talks, tech demos, and exhibits covering free expression online, mass surveillance, digital privacy and data & democracy. Check out the programme and get your ticket today if you haven’t already. We hope to see you there! 

Challenging real time bidding 

Google and the Interactive Advertising Bureau (IAB) found themselves in the Government’s crosshairs when the Information Commissioner’s Office (ICO) agreed with complaints by Open Rights Group and Dr. Michael Veale that AdTech real-time bidding systems give individuals “no guarantees about the security of their personal data”. As new complaints to data protection authorities from rights organisations across Europe continue to multiply, the ICO’s statement could set a global precedent. ORG is calling for the ICO to back up their statement with action

Age verification rollout fizzles (again!)

In a major upset last month government plans to force online porn companies to verify the age of users have been put off yet again. The development occurred just a week after ORG published a report showing that the British Board of Film Classification’s (BBFC) Age Verification Certificate Standard fails to protect the privacy of 20 million adults that are estimated to watch porn in the UK. Meanwhile, Government plans to regulate beyond adult sites and age gate the wider Internet are gaining pace. 

Police Scotland forge ahead with Cyber Kiosks

Despite the good faith engagement of Open Rights Group and other civil society groups Police Scotland are determined to roll-out the cyber kiosks. ORG have raised concerns that the kiosks are not human rights compatible in a report released last month and presented to the Justice Sub-Committee on Policing. Despite the concerns of ORG, Scottish Human Rights Commission and the Information Commissioner’s Office, Police Scotland say they intend to go ahead with roll-out later this Summer. 

Biometrics Bill published

The Scottish Government published their proposed Bill to create a Biometrics Commissioner last month. ORG have been calling for the creation of a Commissioner for some time. While the Bill is welcome in principle, current proposals leave the Commissioner without sufficient powers to hold the Police to account for their collection, retention and deletion of biometric information. A Justice Committee call for evidence will be announced soon and Open Rights Group will prepare a response. 

ORG around the UK

ORG Cambridge Tuesday 2 July 7pm

Monthly Meetup: Join us to discuss digital rights issues & ORG’s current campaigns. All are welcome!

ORG Edinburgh Thursday 4 July 7pm

Join ORG's Executive Director Jim Killock to discuss the Government's Online Harms White Paper. The discussion will be followed by a social at a nearby pub.

ORG Norwich Wednesday 17 July 7pm

We'll get a report on ORGCon 2019 and get to see/listen to highlights. We'll also discuss running Healthy Digital Lifestyle pop-up sessions in central Norwich in August.

ORG Oxford Wednesday 24 July 6:30pm 

Learn about ORG’s GDPR complaints against Google & IAB’s real-time bidding systems in targeted advertising. We’ll also hear highlights from ORGCon and updates on current ORG campaigns.

Corporate supporters

We’d like to thank the following companies for supporting our work:


The Best VPN

VPN Review

Restore Privacy

Thank you for supporting UK rights online.

[Read more]

June 03, 2019 | Mike Morel

Supporter Newsletter - June 2019

It’s been a year since the landmark General Data Protection Regulation (GDPR) wrestled control over personal data back from Big Tech. We’re celebrating GDPR’s first birthday with a look at Open Rights Group’s (ORG) growing work to protect digital privacy.

Holding AdTech accountable
In late 2018 ORG filed a joint complaint to European data protection authorities against Google and IAB Europe for GDPR violations in their real-time ad bidding systems which often share personal data like location and browsing habits with hundreds of companies. Since then, AdTech complaints have multiplied across Europe with more recently filed in four countries as well as the Irish data protection authority opening an investigation into Google.

Taking the Data Protection Act 2018 to court
Last year Open Rights Group teamed up with campaigners for EU citizens’ rights the3million to challenge the “immigration exemption” within the Data Protection Act 2018 on the grounds that it undermines the privacy rights of literally millions of legal UK residents. In 2019 the case was granted judicial review and our legal team is currently gathering evidence in preparation for the hearing.

Empowering users with Data Rights Finder
GDPR gives us powerful new rights over our personal data, but it’s not always easy to know how to use those rights. To help ORG teamed up with ProjectsbyIF to create the webtool Data Rights Finder which cuts through the confusing language of company privacy policies to tell you exactly what data rights you have and how to flex them.

Measuring GDPR’s impact
The public conversation about GDPR is often focused on how companies achieve compliance with far less attention on its benefits to individuals. To address this disparity ORG published a report investigating UK residents’ awareness of GDPR and how well they know their new data rights. ORG also compiled and edited Volume 3 of GDPR Today which surveys GDPR’s implementation across the European Union.

Challenging vulnerabilities in age verification tech
ORG has worked steadily to raise the alarm about privacy shortfalls in age verification tools on adult websites mandated by the Digital Economy Act 2017. ORG is preparing a public resource to increase awareness about the privacy risks of age verification tech in preparation for when enforcement begins on 15 July 2019.

GDPR was a huge victory for digital privacy and has allowed ORG to advance its work protecting the UK’s personal data. Thank you for supporting our work.

[Read more]