This coming Thursday (13 April 2017), the World Wide Web Consortium (W3C), the international body responsible for developing web standards, is set to recommend Digital Rights Management in the form of Encrypted Media Standards, become an official part of HTML5. Here’s a quick run-down of why this matters and what you can do to stop it happening.
Thank you to everyone who joined us at Birmingham Open Media (BOM) on Wednesday for our exploration of how the police are covert surveillance technology known as IMSI catchers to spy on hundreds of mobile phone users at a time. Here’s a round-up of the evening, in case you missed it or would like to know more.
Join us at Birmingham Open Media at 6.30pm on Wednesday 22 February for our first meetup of 2017. We’ll be looking at how polices in the West Midlands are covertly using devices- known as IMSI-catchers or Stingrays – to indiscriminately intercept and hack up to 500 phones every minute. We’ll be exploring what police use of IMSI-catchers means for our human rights and civil liberties and what we can do to challenge indiscriminate surveillance.
We’re pleased to announce our next meetup after the summer break will take place on take place on at BOM (Birmingham Open Media) at 6.30pm on Wednesday 28 September.
Please join us then to find out more about how the Government’s plans to expand online surveillance through the Investigatory Powers Bill (aka the Snoopers’ Charter) threatens press freedoms, why this matters for our democratic society and what action each of us can take to stop the Bill.
Join us to protect press freedom and democracy
Journalists have been some of the fiercest critics of the Government’s plans to expand surveillance powers through the Investigatory Powers Bill, launching the Save Our Sources petition to protect journalistic sources from state surveillance.
The meetup will feature contributions by Paul Bradshaw, Course Leader of Online Journalism MA at Birmingham City University and Founder of Online Journalism blog and Help Me Investigate, an award-winning platform for collaborative investigative journalism.
Although ORG Birmingham events are free, it really helps if people can RSVP via our meetup page. This helps us get an idea of likely numbers and makes it easy for us to let you know about future events.
As well as attending the meetup, you can take the following actions to oppose the Government’s plans and demand targeted, not total surveillance:
Sign the Save Our Sources petition
Use ORG’s easy-to-use tool to Email your MP
Join Liberty’s #NoSnoopersCharter campaign
What is the Investigatory Powers Bill?
In November 2015, the Home Office published the draft Investigatory Powers Bill (IPB), which was intended to be a comprehensive new law that would replace the UK’s broken legal framework for surveillance. However, instead of restricting mass surveillance, it will put all of the powers revealed by Edward Snowden and more into law.
Big Brother Watch have created fact sheets that explain the implications of the Bill in more detail.
If passed, the UK will have a surveillance law that is more suited to an authoritarian regime than a democracy. The Don’t Spy on Us campaign is calling for the Bill to be amended so that surveillance is targeted to those who are suspected of a crime, not the entire UK population.
More about ORG
Open Rights Group (ORG for short) is the UK’s only digital campaigning organisation working to protect the rights to privacy and free speech online. With almost 3,000 active supporters, we are a grassroots organisation with local groups across the UK.
We’re excited to announce we’ll be screening ‘The Haystack’ documentary, which examines the rise of suspicionless surveillance in the UK, at our next meetup on Monday 4 July.
With the EU Referendum dominating the news agenda, you may missed the news on Tuesday that the government has agreed to Labour’s demands for an independent review of the so-called bulk powers set out in the Investigatory Powers Bill.
I’ve previously blogged about how the language the government uses to describe is designed to be as boring as possible in order to disccourage public scrutiny. For an idea of how effective this can be as a tactic, see the comedian Jon Oliver’s piece on the campaign for Net Neutrality, which he memorably described as “even boring by C-Spann standards“.
What are bulk powers and why should you be concerned?
Under the Investigatory Powers Bill, the term ‘bulk powers’ gives the government to powers:
- Tap fibre cables and scoop up vast amounts of global internet data – essentialy collecting, storing and analysing everyone’s web traffic, emails, messages, Skype calls, etc.
- Require communications providers collect and store for 12 months internet connection records for all UK citizens – this will show every site you’ve visited, the locations you have visited (thanks to mobile location tracking) and which apps you have installed on your phone.
- Broad powers to hack internet equipment – instead of hacking a suspect’s computer, authorities will be able to hack the network for the entire Greater London area, putting vital infrastructure at risk.
The easiest way to understand bulk powers is the oft-cited needle in a haystack analogy. The government is seeking powers to gather hay on the whole population, in the hope that if they will then be able to spot the needles (suspected terrorists and other criminals).
The Open Rights Group and other members of the Don’t Spy On Us coalition believe bulk powers constitute mass surveillance, which is fundamentally incomptabile with basic human rights of privacy and freedom of expression. Liberty have produced a detailed briefing on the problems with the bulk powers as they are currently stand.
Reasons to be cautious about the independent review
On the face of it, the announcement of an independent review of bulk powers is to be welcomed. After all, it shows the government is willing to listen to criticism, right?
While the review is a valuable opportunity for campaigners to raise awareness of the problems with bulk collection, we should be cautious about what difference the review will make for a couple of reasons:
- The review will be conducted by David Anderson, the Independent Reviewer of Terrorism Legislation. While Anderson has received praise for some aspects of his 2015 review of terrorism legislation (A Question of Trust), he was criticised for accepting the case for bulk collection. Are Anderson’s views on bulk collection will have moved significantly in the past year or so?
- The goverment is under no obligation to act on the findings of the independent review. Forgive me if this sounds cynical, but the government has so far pushed the bill through parliament and taken onboard very little of the criticisms levelled by no fewer than three parliamentary committees. With the review coming so late on in the parliamentary process (the bill is due to receive its third and final reading in the House of Commons in June), there’s a real chance the government will merely pay lip service to Anderson’s recommendations.
Keep up the pressure – email your MP and sign our petition today
Given the uncertainty which surrounds the inpendent review, we can’t afford to wait until Anderson reports back on bulk powers. It’s vital we keep the pressure up on the government. You can do this by:
As well as keeping up the pressure on politicians, it’s vital we continue to talk to our friends and family about the dangers of the Investigatory Powers Bill. By doing this we can raise public awareness and get more people to oppose the bill.
Did you know that today (Tuesday 3 May) is International Day Against Digital Rights Management? I suspect your answer may be no as so far the battle against digital rights management (DRM) has not yet captured the popular imagination in the way that the current battle over strong encryption has.
I believe this state of affairs needs to change and, as we enter the internet of things era, we must not allow digital rights management to extend its reach beyond our computer software and into our everyday household devices and even into our very bodies. Here are my top reasons for opposing DRM.
DRM doesn’t prevent unauthorised file sharing, compelling digital services do
It’s an open secret that most people working in technology don’t like DRM very much and find it a pain to work with. Rights holders, however, continue to insist that DRM is necessary to prevent piracy or unauthorised file sharing and make sure people ‘play by the rules’.
Research in the area of file sharing is always contested. In my view, however, the evidence points towards the carrot of providing compelling, easy to use digital services rather than the stick of DRM restrictions and related legal enforcement measures. The COPIA institute’s report, entitled The Carrot or the Stick? Innovation Vs Anti-Piracy enforcement notes:
“we found little evidence to suggest that the combination of the carrot and the stick is needed. While some entertainment industry executives have argued that these kinds of anti-piracy laws are necessary for authorized services to feel comfortable launching in these countries, the evidence suggests this is simply not true.”
DRM facilitates consumer lock-in
Got a Kindle? Chances are, your library will consist of ebooks bought exclusively through Amazon rather than from a selection of booksellers.
This outcome isn’t simply the result of Amazon offering seamless integration between Kindle hardware and their digital bookstore (which it does). Virtually all publishers insist on encumbering their books with proprietary DRM which only works with certain hardware. This means Kindle ebooks only work on Kindle devices and can’t (legally) be transferred to the Nook or Sony’s ereader.
In placing an artificial restriction on where book lovers can buy and read their ebooks, DRM undermines competition and innovation. Of course there are ways to remove DRM from your ebooks so that you can read them on any device but this is never going to be a mainstream pursuit. Furthemore, under copyright law, it is unlawful to remove DRM even on media you own. This legal barrier prevents companies from making a device capable of reading , regardless of where you purchased them.
Furthermore, legal measures known as anti-circumvention provisions mean it is technically illegal to remove DRM from files, even for media that you purchased. The threat of legal action prevents companies from offering an ebook reader that can read every kind of ebook because to do so would involve removing DRM and converting the ebooks into a standard format.
DRM in web standards threatens permissionless innovation
To date, the development of the web has been characterised by ‘permissionless’ innovation. A person (or most likely a team of people) has a new idea for a new browser feature that users will love, implements it in a browser built using freely accessible standards defined by the W3C consortium and, if the idea proves popular, the person or team enjoys success. Writing for The Guardian today, Cory Doctorow reminds us that 10 years or so ago it was Mozilla who chose to integrate pop-up adblocking into its Firefox browser, a move which delighted users frustrated the ads but which angered publishers who thought they were just great.
Fast forward to May 2016 and the W3C has just last month agreed to proceed with the integration of DRM into web standards as part of its work on Encrypted Media Extensions. In this glorious DRM-encumbered future, any company wanting to include video playback features in their browser will have to get permission from a small group of media companies behind the new EME standard. This will give media companies the power to restrict consumer-friendly innovation. Want users to be able to watch Netflix on your new browser? Better not allow users to install privacy and security-protecting plugins such as Privacy Badger or UBlock Origin.
The elevation of DRM to a core standard of the open web platform tilts the scales away from disruptive innovation which benefits end and back in the direction of cosy, industry-friendly innovation.
DRM and the internet of things
DRM books are just the tip of a very large iceberg. Virtually every week tech blogs such as Techdirt and BoingBoing report on how the internet of things means DRM is rapidly embedding itself in our daily lives.
At best, the spread of DRM is annoying and harmful to consumer choice. For example, Keurig used DRM in the embedded software of its coffee maker to prevent users from using coffee capsules made by other companies. Similarly, there was a public outcry last year when Philip issued a software update to its ‘Hue’ smart lighting system, which overnight prevented compatible non-Philips lightbulbs users purchased from working with the system.
At its worst, DRM poses a growing risk to our health and personal safety. Due to the legal penalties for breaking DRM on software, security researchers were reluctant to report concerns over the potential for hackers to take control of cars via their embedded software systems. Similarly, restrictions on examining car software meant it was more difficult for researchers to spot the problems at VW which resulted in the global scandal over falsified diesel emissions results.
With connected devices becoming the norm, it looks as though DRM is going to be more and more part of our lives unless we stand together and take action. Please support the fight against DRM and help make sure a good few more people know about International Day Against DRM in 2017.
We’ll be holding our next meetup on Wednesday 20 April at Birmingham Open Media and we’d love it if you could join us and get involved!
Following on from well-attended practical session on protecting your online privacy and security, we’ll be introducing you to some amazing software packages and tools which you are completely free and legal for you to download.
All the software we’ll be introducing you to will be free and open source. Free software is software that gives you the user the freedom to share, study and modify it. That means it not only costs you nothing to use it (free as in beer), but gives you the right to make changes and contribute improvements (free as in freedom).
Free software and digital rights
As well as helping people access to software they would not otherwise be able to afford, free and open source software is really to protecting our privacy, security and human rights online. Because anyone can study and modify the software code, it is easier to spot and fix security bugs. And because no single company controls the software, it is harder for governments to forces companies to spy on their users as in the recent FBI versus Apple court case.
You can find out more about free software on the Free Software Foundation website.
You should come to this meetup if:
- You need software such as Adobe Photoshop or Microsoft Office for work or education but can’t afford the licence. GIMP is a high quality free alternative to Photoshop while LibreOffice can replace MS Office.
- Your laptop is a good few years old and is struggling to run Windows. The open source Ubuntu operating system could breathe new life into your computer.
- You’re worried about how much control Facebook, Google and Apple have over digital and want to find viable alternatives such as Firefox web browser and Signal private messenger.
Don’t forget to bring your laptop/tablet/smartphone with you so that we can try out rather than just talk about software!
We look forward to seeing you on Wednesday 20 April.
You’ve probably heard by now that earlier today (1 March) the Home Office has published the revised Snoopers’ Charter / Investigatory Powers Bill less than three weeks after three reports by MPs and peers made 123 recommendations for changes.
On first reading, the revised Bill barely pays lip service to the serious concerns raised by the committees that scrutinised the draft Bill. The Bill still includes police powers to see which websites and apps we use, and bulk surveillance powers for GCHQ – it needs serious improvements.
You can find out more on the Don’t Spy On Us coalition website.
Ask your MP to stand up to the Home Office
Now that the Home Office has published the Bill, we need MPs to stand up to the Home Office’s attempts to ride roughshod over parliamentary scrutiny and avoid having a proper public debate.
You can help by contacting your MP to tell them you are unhappy about what the Home Office is doing and asking them to make sure the Investigatory Powers Bill is not rushed.
The national Open Rights Group has created an easy-to-use form for emailing your MP:
Remember, you don’t have to write a lot, the most important thing is to contact your MP as soon as possible to remind them that the Home Office should not rush the Investigatory Powers Bill should not be rushed through parliament. The main messages to include are:
- The Investigatory Powers Bill should not be rushed. The Home Office has been told to examine carefully the criticisms and recommendations of three Parliamentary committees. Less than three weeks is not enough time for a considered redrafting of the Bill. The new Bill only has a few significant changes from the draft version.
- The new powers for the Police to access our ‘Internet Connection Records’ – a database of our online activity in the last 12 months – is invasive and unneccessary. Internet Service Providers, web hosting companies, and parliamentarians have been critical of this power.
- The arguments made for bulk collection powers and Internet Connection Records are built on anecdotes. The operational case needs to provide figures, costs, and be open to scrutiny.
Keep up to date with ORG Birmingham
Please sign up for our mailing list to be first to know about future workshops, talks and campaigns:
The Open Rights Group needs your help! Please read on for how you can help stop the government passing the seriously flawed Investigatory Powers Bill.
This is less than three weeks (!) since the Joint Committee set up to review the bill published a report calling on the government to make significant changes to the bill, including:
– Strengthening privacy safeguards
– Clarifying the government’s position on encryption, which is essential to modern life and the digital economy
– Making the case for mass surveillance/bulk collection of everyone’s data in a way that is legally compliant with the UK’s obligations to protect the right to privacy
You can read more about the committee’s recommendations over on the Open Rights Group website.
These are complex issues and the stakes are incredibly high – our civil liberties and national security are at stake. It is difficult to believe the government has given itself enough time to take on board the feedback it has received. Instead, the government is giving the impression that it is determined to pass the Investigatory Powers Bill at any cost, in order to free up more time to focus on higher profile issues, such as this summer’s referendum on EU membership.
Take action – email your MP today!
If we are stop the government rushing through the Investigatory Powers Bill, we need to gain the support of MPs.
You can help by emailing your local MP to let them know you are concerned about the government’s plans to rush through the Investigatory Powers Bill.
You can easily find out who your local MP is and email them directly via the excellent WriteToThem website.
Please don’t let the technical aspects of the surveillance debate put you off contacting your local MP. Simply letting your MP know you are concerned about the government’s approach and asking them to consider the issues will make a real difference.
Wherever possible, please include in your email a link to the guidance the Don’t Spy on us coalition has produced for parliamentarians. This explains in more detail the problems with the Investigatory Powers Bill and what MPs can do to make the bill fit-for-purpose.
When writing to your MP, remember to be polite and encouraging, not rude and demanding. Respectfully making your local MP aware of the issues surrounding the bill is the best way to build support for an Investigatory Powers Bill that is truly fit-for-purpose.