On Tuesday evening we met at Centrala arts space in Digbeth to hold our first ever held our first ever Mozilla Maker Party. The purpose of the evening was to make people aware of EU plans to change copyright in ways that threaten creativity and freedom of expression on the internet. `Attendees worked with Birmingham-based digital artist Antonio Roberts to create satirical memes and rebellious selfies to highlight the flaws in the EU’s plans and make the case for a copyright system which is able to keep up with how we lives our lives now.
On Monday evening we held a screening of The Haystack surveillance documentary at Birmingham Open Media, followed by a discussion of what the recent Brexit vote means for digital rights.
With the EU Referendum dominating the news agenda, you may missed the news on Tuesday that the government has agreed to Labour’s demands for an independent review of the so-called bulk powers set out in the Investigatory Powers Bill.
I’ve previously blogged about how the language the government uses to describe is designed to be as boring as possible in order to disccourage public scrutiny. For an idea of how effective this can be as a tactic, see the comedian Jon Oliver’s piece on the campaign for Net Neutrality, which he memorably described as “even boring by C-Spann standards“.
What are bulk powers and why should you be concerned?
Under the Investigatory Powers Bill, the term ‘bulk powers’ gives the government to powers:
- Tap fibre cables and scoop up vast amounts of global internet data – essentialy collecting, storing and analysing everyone’s web traffic, emails, messages, Skype calls, etc.
- Require communications providers collect and store for 12 months internet connection records for all UK citizens – this will show every site you’ve visited, the locations you have visited (thanks to mobile location tracking) and which apps you have installed on your phone.
- Broad powers to hack internet equipment – instead of hacking a suspect’s computer, authorities will be able to hack the network for the entire Greater London area, putting vital infrastructure at risk.
The easiest way to understand bulk powers is the oft-cited needle in a haystack analogy. The government is seeking powers to gather hay on the whole population, in the hope that if they will then be able to spot the needles (suspected terrorists and other criminals).
The Open Rights Group and other members of the Don’t Spy On Us coalition believe bulk powers constitute mass surveillance, which is fundamentally incomptabile with basic human rights of privacy and freedom of expression. Liberty have produced a detailed briefing on the problems with the bulk powers as they are currently stand.
Reasons to be cautious about the independent review
On the face of it, the announcement of an independent review of bulk powers is to be welcomed. After all, it shows the government is willing to listen to criticism, right?
While the review is a valuable opportunity for campaigners to raise awareness of the problems with bulk collection, we should be cautious about what difference the review will make for a couple of reasons:
- The review will be conducted by David Anderson, the Independent Reviewer of Terrorism Legislation. While Anderson has received praise for some aspects of his 2015 review of terrorism legislation (A Question of Trust), he was criticised for accepting the case for bulk collection. Are Anderson’s views on bulk collection will have moved significantly in the past year or so?
- The goverment is under no obligation to act on the findings of the independent review. Forgive me if this sounds cynical, but the government has so far pushed the bill through parliament and taken onboard very little of the criticisms levelled by no fewer than three parliamentary committees. With the review coming so late on in the parliamentary process (the bill is due to receive its third and final reading in the House of Commons in June), there’s a real chance the government will merely pay lip service to Anderson’s recommendations.
Keep up the pressure – email your MP and sign our petition today
Given the uncertainty which surrounds the inpendent review, we can’t afford to wait until Anderson reports back on bulk powers. It’s vital we keep the pressure up on the government. You can do this by:
As well as keeping up the pressure on politicians, it’s vital we continue to talk to our friends and family about the dangers of the Investigatory Powers Bill. By doing this we can raise public awareness and get more people to oppose the bill.
Did you know that today (Tuesday 3 May) is International Day Against Digital Rights Management? I suspect your answer may be no as so far the battle against digital rights management (DRM) has not yet captured the popular imagination in the way that the current battle over strong encryption has.
I believe this state of affairs needs to change and, as we enter the internet of things era, we must not allow digital rights management to extend its reach beyond our computer software and into our everyday household devices and even into our very bodies. Here are my top reasons for opposing DRM.
DRM doesn’t prevent unauthorised file sharing, compelling digital services do
It’s an open secret that most people working in technology don’t like DRM very much and find it a pain to work with. Rights holders, however, continue to insist that DRM is necessary to prevent piracy or unauthorised file sharing and make sure people ‘play by the rules’.
Research in the area of file sharing is always contested. In my view, however, the evidence points towards the carrot of providing compelling, easy to use digital services rather than the stick of DRM restrictions and related legal enforcement measures. The COPIA institute’s report, entitled The Carrot or the Stick? Innovation Vs Anti-Piracy enforcement notes:
“we found little evidence to suggest that the combination of the carrot and the stick is needed. While some entertainment industry executives have argued that these kinds of anti-piracy laws are necessary for authorized services to feel comfortable launching in these countries, the evidence suggests this is simply not true.”
DRM facilitates consumer lock-in
Got a Kindle? Chances are, your library will consist of ebooks bought exclusively through Amazon rather than from a selection of booksellers.
This outcome isn’t simply the result of Amazon offering seamless integration between Kindle hardware and their digital bookstore (which it does). Virtually all publishers insist on encumbering their books with proprietary DRM which only works with certain hardware. This means Kindle ebooks only work on Kindle devices and can’t (legally) be transferred to the Nook or Sony’s ereader.
In placing an artificial restriction on where book lovers can buy and read their ebooks, DRM undermines competition and innovation. Of course there are ways to remove DRM from your ebooks so that you can read them on any device but this is never going to be a mainstream pursuit. Furthemore, under copyright law, it is unlawful to remove DRM even on media you own. This legal barrier prevents companies from making a device capable of reading , regardless of where you purchased them.
Furthermore, legal measures known as anti-circumvention provisions mean it is technically illegal to remove DRM from files, even for media that you purchased. The threat of legal action prevents companies from offering an ebook reader that can read every kind of ebook because to do so would involve removing DRM and converting the ebooks into a standard format.
DRM in web standards threatens permissionless innovation
To date, the development of the web has been characterised by ‘permissionless’ innovation. A person (or most likely a team of people) has a new idea for a new browser feature that users will love, implements it in a browser built using freely accessible standards defined by the W3C consortium and, if the idea proves popular, the person or team enjoys success. Writing for The Guardian today, Cory Doctorow reminds us that 10 years or so ago it was Mozilla who chose to integrate pop-up adblocking into its Firefox browser, a move which delighted users frustrated the ads but which angered publishers who thought they were just great.
Fast forward to May 2016 and the W3C has just last month agreed to proceed with the integration of DRM into web standards as part of its work on Encrypted Media Extensions. In this glorious DRM-encumbered future, any company wanting to include video playback features in their browser will have to get permission from a small group of media companies behind the new EME standard. This will give media companies the power to restrict consumer-friendly innovation. Want users to be able to watch Netflix on your new browser? Better not allow users to install privacy and security-protecting plugins such as Privacy Badger or UBlock Origin.
The elevation of DRM to a core standard of the open web platform tilts the scales away from disruptive innovation which benefits end and back in the direction of cosy, industry-friendly innovation.
DRM and the internet of things
DRM books are just the tip of a very large iceberg. Virtually every week tech blogs such as Techdirt and BoingBoing report on how the internet of things means DRM is rapidly embedding itself in our daily lives.
At best, the spread of DRM is annoying and harmful to consumer choice. For example, Keurig used DRM in the embedded software of its coffee maker to prevent users from using coffee capsules made by other companies. Similarly, there was a public outcry last year when Philip issued a software update to its ‘Hue’ smart lighting system, which overnight prevented compatible non-Philips lightbulbs users purchased from working with the system.
At its worst, DRM poses a growing risk to our health and personal safety. Due to the legal penalties for breaking DRM on software, security researchers were reluctant to report concerns over the potential for hackers to take control of cars via their embedded software systems. Similarly, restrictions on examining car software meant it was more difficult for researchers to spot the problems at VW which resulted in the global scandal over falsified diesel emissions results.
With connected devices becoming the norm, it looks as though DRM is going to be more and more part of our lives unless we stand together and take action. Please support the fight against DRM and help make sure a good few more people know about International Day Against DRM in 2017.
Last week, the Home Office published its revised Investigatory Powers Bill (AKA the Snooper’s Charter) less than three weeks after receiving widespread criticism from no fewer than three separate parliamentary committees.
Chances are, if you’ve visited the Open Rights Group Birmingham you know and care about this already. The problem is, how many of your friends and family who aren’t into digital rights/politics/human rights first of all know about what the government is up to, let alone are committed to stopping them?
Email your MP today!
Right now, the campaign is focused on asking supporters to email their MPs about the Investigatory Powers Bill. The hope is that if MPs receive enough emails from their consituents expressing concerns over the bill, they will be more likely to carefully consider the bill and not simply nod it through.
If you’ve not done so already, please email your MP today! Open Rights Group has created an online tool for contacting your MP as well as some suggestions for what to say in your email.
Join us next Wednesday (16 March) for art against the IP Bill
As important as it is to email your MP about the Investigatory Powers Bill (IPBill), it can be a little dull. Given the mindboggling array of digital technology at our disposal, and open Rights Group’s base at Birmingham Open Media, surely we can do better than email?
For that reason, we’ve decided to hold a special ‘Art Against the IPBill’ session next Wednesday (16 March). Please sign up via our ORG Birmingham Meetup page.
Think memes, animated GIFs, looping videos, audio storytelling and anything else that will get across all that is wrong about the IP Bill. Liberty have produced a very good analyis called the IP Bill: the good, the good, the bad and the downright scary but I can’t help but feel it’s missing a LOLcat.
Bring along anything you think will help you create. This could be your trusty laptop, tablet or phone. Alternatively, you might like to go old school and work with a pen and a pad.
We’re hoping to have some fully paid-up artists from Birmingham Open Media and beyond to help inspire us with their creativity. If you’re an artist and you’d like to get involved, please do get in touch or simply drop in on the night.
Looking forward to seeing you next Wednesday. And in the meantime, please don’t forget to email your MP.
Please RSVP for the session via the ORG Birmingham Meetup page
You’ve probably heard by now that earlier today (1 March) the Home Office has published the revised Snoopers’ Charter / Investigatory Powers Bill less than three weeks after three reports by MPs and peers made 123 recommendations for changes.
On first reading, the revised Bill barely pays lip service to the serious concerns raised by the committees that scrutinised the draft Bill. The Bill still includes police powers to see which websites and apps we use, and bulk surveillance powers for GCHQ – it needs serious improvements.
You can find out more on the Don’t Spy On Us coalition website.
Ask your MP to stand up to the Home Office
Now that the Home Office has published the Bill, we need MPs to stand up to the Home Office’s attempts to ride roughshod over parliamentary scrutiny and avoid having a proper public debate.
You can help by contacting your MP to tell them you are unhappy about what the Home Office is doing and asking them to make sure the Investigatory Powers Bill is not rushed.
The national Open Rights Group has created an easy-to-use form for emailing your MP:
Remember, you don’t have to write a lot, the most important thing is to contact your MP as soon as possible to remind them that the Home Office should not rush the Investigatory Powers Bill should not be rushed through parliament. The main messages to include are:
- The Investigatory Powers Bill should not be rushed. The Home Office has been told to examine carefully the criticisms and recommendations of three Parliamentary committees. Less than three weeks is not enough time for a considered redrafting of the Bill. The new Bill only has a few significant changes from the draft version.
- The new powers for the Police to access our ‘Internet Connection Records’ – a database of our online activity in the last 12 months – is invasive and unneccessary. Internet Service Providers, web hosting companies, and parliamentarians have been critical of this power.
- The arguments made for bulk collection powers and Internet Connection Records are built on anecdotes. The operational case needs to provide figures, costs, and be open to scrutiny.
Keep up to date with ORG Birmingham
Please sign up for our mailing list to be first to know about future workshops, talks and campaigns:
The Open Rights Group needs your help! Please read on for how you can help stop the government passing the seriously flawed Investigatory Powers Bill.
This is less than three weeks (!) since the Joint Committee set up to review the bill published a report calling on the government to make significant changes to the bill, including:
– Strengthening privacy safeguards
– Clarifying the government’s position on encryption, which is essential to modern life and the digital economy
– Making the case for mass surveillance/bulk collection of everyone’s data in a way that is legally compliant with the UK’s obligations to protect the right to privacy
You can read more about the committee’s recommendations over on the Open Rights Group website.
These are complex issues and the stakes are incredibly high – our civil liberties and national security are at stake. It is difficult to believe the government has given itself enough time to take on board the feedback it has received. Instead, the government is giving the impression that it is determined to pass the Investigatory Powers Bill at any cost, in order to free up more time to focus on higher profile issues, such as this summer’s referendum on EU membership.
Take action – email your MP today!
If we are stop the government rushing through the Investigatory Powers Bill, we need to gain the support of MPs.
You can help by emailing your local MP to let them know you are concerned about the government’s plans to rush through the Investigatory Powers Bill.
You can easily find out who your local MP is and email them directly via the excellent WriteToThem website.
Please don’t let the technical aspects of the surveillance debate put you off contacting your local MP. Simply letting your MP know you are concerned about the government’s approach and asking them to consider the issues will make a real difference.
Wherever possible, please include in your email a link to the guidance the Don’t Spy on us coalition has produced for parliamentarians. This explains in more detail the problems with the Investigatory Powers Bill and what MPs can do to make the bill fit-for-purpose.
When writing to your MP, remember to be polite and encouraging, not rude and demanding. Respectfully making your local MP aware of the issues surrounding the bill is the best way to build support for an Investigatory Powers Bill that is truly fit-for-purpose.
Last week, the government suffered a setback in their plans to introduce extensive new surveillance and hacking powers through the Investigatory Powers Bill.
Two of the three three committees set up to scrutinise the bill, the Intelligence and Security Committee and the Joint Committee, published reports calling on the government to make significant changes before the law is passed. These reports followed in the wake of the serious criticism of the bill by the Science and Technology Committee, whose chair called on the “urgently review the legislation“.
The core team at Open Rights Group have produced a good analysis of the Joint Committee recommendations, including justifying bulk surveillance powers, clarifying internet connection records, safeguarding encryption and removing Bulk Data Sets from the bill.
What happens next?
In line with other civil society organisations, the Open Rights Group believes the Home Office needs to address the recommendations of all three reports and undertake a major re-write of the Bill before it is laid before Parliament.
Currently, the government remains committed to passing the legislation before the end of 2016 but, given the extent of the criticism the bill has received, there is a very real possibility this date could slip.
What can you do to help?
You can help keep up the pressure on the government by contacting your local MP. Let them know you are concerned about the Investigatory Powers Bill and the issues raised by all three committees.
You don’t have to write a big long email or letter. Simply let your MP know that the government needs to learn the lessons from all three committee reports and re-write the bill. If possible, try to include links to where your MP can find more information. The Open Rights Group website is a great place to start.
You can quickly and easily email your MP using the free writetothem.com service.
It’s really important that each and everyone of us speaks out. The more emails and letters MPs receive about the Investigatory Powers Bill, the more seriously they will take it.
Earlier this week, the House of Commons science and technology committee published a highly critical report on the bill, with its chair, Nicola Blackwood MP commenting:
The current lack of clarity within the draft Investigatory Powers Bill is causing concern amongst businesses. There are widespread doubts over the definition, not to mention the definability, of a number of the terms used in the draft Bill. The Government must urgently review the legislation so that the obligations on the industry are clear and proportionate.
In particular, the report highlights the following problems:
- The feasibility of collecting and storing Internet Connection Records ICRs – including the very real problem of keeping these highly personal records from (non state-sanctioned) hackers.
- Anxiety amongst communication providers over the ability to use effective encryption, which Blackwood recognises is “important in providing the secure services on the internet we all rely on“. The committee particularly wants the government to provide greater clarity over the status of end-to-end encrypted communications, where decryption might not be possible by a communications provider that had not added the original encryption.
- Concerns amongst certain communications over ‘equipment interference’. For some providers, such as Mozilla (the makers of Firefox), this concern appears to stem from a genuine concern for its users’ privacy and the integrity of the internet. For other providers, the concern is more about how a perception of hacking could hurt their competitiveness in a global market for services.
- Uncertainty over costs. Coverage of the committee’s report has downplayed the risk associated with spiralling implementation costs, both for government and businesses. At last cost, the Home Secretary has put the cost of implementing the new ICR system at £247 million but the report notes that costs are likely to change (i.e. rise), given the uncertainty and rapid pace of technological change.
It’s worth noting that the committee’s remit was purely to look at the technical feasibility of the government’s proposals and how these might affect communications businesses, not whether the communications monitoring provisions or whether they are proportionate to the threats they are intended to deal with. These issues are expected to be addressed by the joint committe Joint Committee established to scrutinise the draft Bill as a whole.
I believe the criticisms levelled at the bill in this report are significant for a couple of reasons.
Firstly, by focusing solely on the technical feasibility of implementing the bill, it manages to side-step the highly polarised debate between privacy and security advocates. This report says, irrespective of your views on the merits of expanded monitoring of communications, you should be concerned as a citizen and taxpayer about the feasibility of implementing the government’s plans at anything approaching a sensible level of expenditure.
Secondly, by holding up the prospect that the Investigatory Powers Bill will do real harm to the growing UK tech sector, the report will hopefully encourage the government to modify its approach, if only to protect its supposed reputation for business confidence.
Both these signals – questions over the feasability of implementation and the likely damage to the UK’s growing tech sector – will not in itself be enough to stop the Investigatory Powers Bill becoming law, but it’s a start.
The Joint Committee is due to deliver its full report on the Investigatory Powers Bill no later than 17 February. It will be interesting to see whether this committee takes a similarly critical stance on the merits of expanded monitoring provisions and the limited amount of time the committee was given to scrutinise the bill.
Cost of Investigatory Powers Bill could undermine UK Tech sector – full details of science and technology committee report
Science and Technology Committee of Parliament slams Snoopers’ Charter – Open Rights Group’s reaction to the committee’s report