Links of the day Friday 1st July

Please note these are articles and opinions we found interesting, however they do not necessarily represent the views of Big Brother Watch

Background checking in the palm of the hand

Google faces 'wire tapping' case over Street View

Facebook crashes advertising industry party

Government refuses to keep DNA of innocent people

Does Johann Hari actually meet his interviewees?

Phishers switch focus to targeted attacks, warns Cisco

Links of the day Monday 13th June 2011

Daniel Hamilton: It’s time to defend our freedom and lift this ban

Toxic Plankton feeds on Android Market for two months

Royston's ANPR surveillo-plan goes to ICO

Labour and liberty: Do the rights thing

Taxman recruits tax-collecting robots

Turkey arrests Anonymous suspects after DDoS protest

Facebooking juror heads for trial

Hacker criminals plant fake news to discredit security researchers

Links of the day Thursday 26th May

Russia's occupation of Georgian territory must end

Instant View: Mladic's arrest is a historic moment for Serbia and for Europe

Thieves paint over CCTV cameras to steal eight tonnes of clothing from Fenland compound

Co-op error as 82,000 clients' data published online

UK banks breaching data protection rules - Which?

Ken Clarke raises data protection fears

Cookie law set to shake up UK websites, but won't be enforced for a year

US to hold details of British air passengers for 15 years

Fife police defend use of CCTV after high 'Big Brother' ranking

BT spies on the networks of their customers

BT officials have admitted to keeping tabs on the Local Area Networks (LANs) of their broadband customers. They claim to reserve the right to examine the networks of their broadband customers whenever they feel the information can improve the service they provide, or when the safety of their customers is placed at risk.

The practice was revealed last week, when BT contacted customers who were still using powerline networking (PLT) boxes which BT had discovered a manufacturing flaw in. The company had subsequently sent out replacements last October; however some customers had ignored the advice and continued to use the originals.

BT then sent out letters explaining that “remote diagnostic tests” had shown the potentially dangerous devices were still connected. Considering PLTs do not have an IP address to identify them by, the likely explanation is that BT runs a scan of Media Access Control (MAC) addresses from the main router. These are unique identifiers which help devices to communicate with each other on a network.

BT considers this process to be similar to Windows Update from Microsoft, but unlike that program it lacks an opt-out. There is a clear financial benefit for ISPs to have access to this information, as they can market certain products to customers based on what equipment they already have attached to their network. If they can identify useful products which aren’t connected, they can tailor their marketing towards these items. Alternatively, if for example an IP-capable TV is attached, they can advertise connected services which utilise this.

A statement from BT read:

“…there may be other circumstances in which we would carry out remote diagnostic tests of customers' equipment to make sure all is working. We don't believe that consent is necessary where the testing is necessary to the service that we are providing.”

The majority of everyday customers are unlikely to be troubled by this revelation, but those with concerns about privacy will wonder what BT intends to do with access to this sort of information, and how long it is stored for.

Links of the day: Tuesday 24th May 2011

Alex Deane: We must welcome the report of the Red Tape Taskforce as a step towards making volunteering less bureaucratic

Wikipedia founder opens new front in privacy battle

Identity scheme echoes ID cards, say campaigners

A whole new era for cookies begins tomorrow

Your guide to the EU Privacy Directive

Do-not-track off to a slow start, Mozilla adds support for Android

LinkedIn slashes cookie lifespan after research exposes security flaws

Exploited Hotmail bug stole email without warning

PlayStation Network breach will cost Sony $171m

Privacy, the Press and Twitter: some uncomfortable truths

Links of the day Monday 23rd May 2011

3.2 million records on police database

Cloud computing: Hidden danger to everyone's civil liberties? Exclusive

Websites risk breaking 'cookie' law

School toilet camera plan ‘under review’

Coalition plans to enlist private firms to speed ID authentication

ICO launch Information Rights Strategy

Where is your data?

Research team moves towards on-site DNA fingerprinting

One Year On: The Coalition and Civil Liberties

Big Brother Watch has today (11th May) released a research paper outlining the progress the Coalition Government has made on civil liberties issues during its first year in office.

The paper concludes that, while real progress has been made, many of the Coalition's promises to roll back the power of the state remain unfulfilled.

Click here to download the report

Commenting on the report, Big Brother Watch Director Daniel Hamilton said:

"The Coalition has some real achievements to speak off. 

"Ministers should be congratulated for taking steps to scrap ID cards and remove the profiles of the one million innocent people held on the national DNA database.   They should also be praised for doing away with the ContactPoint database of children’s details and reforming the criminal record check regime.

"They do, however, have more work to do. 

"Police stop and search powers remain in place, Control Orders remain virtually unreformed and there has been no opt-out from the European Arrest Warrant.  When it comes to E-Borders, the Summary Care Record and Intercept Modernisation Programme, they have continued to implement the previous government’s policies – warts and all." 

Summary of the Summit on Net Neutrality and the Open Internet

“Net Neutrality means so many things that it doesn’t mean anything at all,” said Robert Pepper, Cisco’s Vice-President for Global Advanced Technology Policy yesterday at the EU’s Summit on the Open Internet and Net Neutrality in Europe. Mr. Pepper’s statement sums up the summit accurately – the summit wasn’t about Net Neutrality per se, it was about growth, innovation, new business models, and the digital economy.

The purpose of the summit was to bring together industry leaders, policy makers, and interested parties in order to discuss the recent public consultation on Net Neutrality and the Open Internet which closed on September 30th. The initial findings of that consultation had been made public and the European Commission brought together people in order to discuss, explain, and back up the outcome of those findings.

European Parliament and industry experts discuss Net Neutrality on Thursday in Brussels

While the US election has quashed any further discussions on Net Neutrality for now, we here in the UK await some sort of indication this week on how the European Commission will stand when it announces it official position on net neutrality at the end of the year. The New York Time reports that the European Commissioner for Telecommunications, Ms. Neelie Kroes, is likely to discuss this issue briefly during a daylong meeting on the topic this Thursday at the European Parliament. 

On September 30 of this year the European Commission closed a consultation on Net Neutrality and the Open Internet. Findings of this consultation are expected by the end of the 2010 and an agreement on ‘reasonable’ traffic management practices are to be agreed upon by May 1, 2011 among all of the 27 EU member state national regulators. Ms. Kroes has indicated in the past that she is not likely to push for regulation on broadband and wireless traffic management in spite of statements earlier this year where she warned operators not to bar competing services.

My speech to the Libertarian Alliance: Anonymity is not a Crime

I gave this speech this weekend and thought that readers might be interested. It's a bit long and I look like the left side of my face is slowly being cooked by the lighting, but it's not a bad speech I think.

Topics covered:

* Intercept Modernisation Programme

* Stop and Search

* ID Cards

* Control Orders

* NICE databases

Topic I would have covered if I had time, and will be addressing again very soon indeed: European Arrest Warrant

By Alex Deane

A call to arms

Tomorrow afternoon Members of Parliament will, for the first time, have the opportunity to fully debate the issue of privacy and the internet - an astonishing thought given that more than 60% of the public use the internet every day.  

The debate was secured following a successful application by Robert Halfon MP to the Backbench Business committee and will take place in Westminster Hall from 2:30pm to 5:30pm. 

The debate will be wide-ranging in tone, examining issues such as the implicatons for privacy of the Google Street View service, the targeting of online advertising to internet users based on the websites they have visited in the past and data security concerns surrounding Facebook. 

It is crucial, particularly in light of the discovery that Google has recently harvested thousands of personal e-mail addresses and other sensitive personal information from domestic WiFi connections, that as many Members of Parliament as possible attend and contribute to the debate.

Please do get in touch with your MP and them to attend.  If you don't have their contact details to hand, visit http://www.theyworkforyou.com.

By Daniel Hamilton

In Defence of ISPs

Internet Service Providers (ISPs) in Britain are having a bad year. First, the Digital Economy Act passed into law requiring ISPs to monitor and pay for part of the illegal downloading prosecuting process. Then, Net Neutrality is gaining steam and if an expected decision is made by the EU shortly it will require ISPs to fundamentally change the way they do business. And now, as of yesterday, ISPs will be forced to retain all of our digital data on behalf of the Coalition Government.

What next? Will ISPs be required to bake bread and deliver it fresh daily to ever customer?

Consumers in the UK are blessed with a wide range of choices when it comes to getting online. ISPs provide various means of access from cable to phone lines and offer different service levels depending on location, need, and cost. We even entrust ISPs with our private data and communications that we use on a daily basis online. Like every other business, some ISPs provide better service than others. Over the summer, Ofcom launched an investigation into advertised speeds for broadband which resulted in the creation of a voluntary code of practice and better business practices. All in all, in the UK we enjoy choice in how to connect to the Internet, unlike our American friends where provider consolidation has left few options in ISPs.

The 'Big Brother' snooping database is back

During the early days of the coalition Big Brother Watch was encouraged by the numerous Home Office announcements declaring "reviews" of some of the previous government's more draconian policies were underway.

One such policy was that of the 'big brother' database of all communications in the UK, designed to allow "police, security services and other public bodies [to be able to] find out which websites a person had visited, and when, where and to whom a text or call was made".

Sadly, the Daily Mail today reports that Home Office ministers have been "persuaded of the case to give the police and security officials enhanced rights to access the public’s communications", a move which will allow officials to snoop on which websites you visit and any online 'phone calls you may make.

While it is encouraging that the coalition appears to have ruled out holding the data collected on one central database, this scheme still represents a significant intrusion on the privacy of the British people which must be strongly resisted.

Click here to read the full story.

If you would like to raise your objections to the scheme, please do get in touch with your local MP. Their details can be found at http://www.theyworkforyou.com.

By Daniel Hamilton.

Privacy and Facebook: Congressmen demand answers

Over the past few weeks this blog has been alive with stories of Facebook's numerous security breaches, gross infringements of privacy and failures to protect personal data from third parties.

These failings have now drawn the attention of Democratic Congressman Ed Markey and Republican Joe Barton who have contacted the website's founder Mark Zuckerberg to express their concern "third-party applications gathered and transmitted personally identifiable information about Facebook users and those users' friends". 

According to the Wall Street Journal, "the letter asked Mr. Zuckerberg how many users had been affected by the [security] breaches" which involved personal details being transmitted to private companies "when Facebook became aware of it, and what changes Facebook plans in order to deal with the problem". The Congressman have requested to receive a full reply by October 27th, the details of which will be posted on this blog. 

The two Congressman, who chair the bi-partisan Privacy Caucus in the House of Representatives have already led investigations into concerns at the iPhone's privacy settings and the data retention policies of fifteen of America's largest websites.

Click here for the full story.

By Daniel Hamilton.

"Scraping" – or, Beware of What You Put on the Web (part two)

Regular visitors to this blog will have seen Dominique Lazanski's warning earlier this week about the risks of businesses and employers "scraping" personal information you have uploaded to the internet.

With this in mind, Big Brother Watch has been alerted to the case of the 'scraping' of PatientLikeMe.com - a discussion forum for people with emotional disorders, "ranging from bipolar disease to a desire to cut themselves". In the early hours of the morning on 7th May, website administrators observed "suspicious" activity on website, with copies of each of the messages on the website being copied in their entirety by a media-research firm representing the pharmaceutical industry.

Information about the opinions of the website's users where then forwarded to drug companies. While many users of the website posted their messages under pseudonyms, one user complained that information contained on his profile revealed his correct e-mail and blog addresses - something which could allow drug companies to identify him directly.

Despite the sensitive nature of its content - and their condemnation of companies who engage in "scraping" -  PatientsLikeMe.com, the website from which the data as to views of patients was obtained, freely admits to selling anonymized information about the profile of its users to commercial clients for market research purposes.

Scraping, the Wall Street Journal confirms, is big business:

"The emerging business of web scraping provides some of the raw material for a rapidly expanding data economy. Marketers spent $7.8 billion on online and offline data in 2009, according to the New York management consulting firm Winterberry Group LLC. Spending on data from online sources is set to more than double, to $840 million in 2012 from $410 million in 2009.

"Scraping services range from dirt cheap to custom-built. Some outfits, such as 80Legs.com in Texas, will scrape a million Web pages for $101. One Utah company, screen-scraper.com, offers do-it-yourself scraping software for free. The top listening services can charge hundreds of thousands of dollars to monitor and analyze Web discussions.

"Nielsen BuzzMetrics, quickly became a leader in the field of social-media monitoring. It collects data from 130 million blogs, 8,000 message boards, Twitter and social networks. It sells services such as "ThreatTracker," which alerts a company if its brand is being discussed in a negative light"

In light of this case, Dominique's warning has become all the more prescient:

"The best advice for all of this is to be careful of what you put online. Only individuals are best placed to take control of what they share and when they share it. And you never know who is watching"

By Daniel Hamilton

Facebook's Privacy Problem

As someone studying Marketing, Advertising & PR at university with a special interest in Social Media I am certainly no stranger to the beast that is Facebook. Despite the heavy criticism it has received from its users I have always defended it, having the view that what you put on the internet, especially on a social website, is your responsibility.

For example when people complained that adverts on Facebook 'knew too much' I took the view (a biased marketer's one admittedly) that data intelligent adverts were a good thing. Why wouldn't you want specifically targeted adverts as oppose to the usual dating, money making and medical adverts people are often inundated with?

Increasingly though I have taken a more and more negative view to the way Facebook deals with its users and data privacy. When the founder of Facebook Mark Zuckerberg responded to data privacy concerns by stating that "the age of privacy is over" I was angered. It is one thing to inform users that they are responsible for the information they put on the internet, but another to completely disregard the basic human right to privacy that everybody deserves.

A review of the current playing field for civil liberties

I have written an extended piece for the website Critical Reaction reviewing the various outstanding civil liberties issues under the Coalition. Part 1 is here - Part 2 is here.

By Alex Deane

Schneier: invasions of privacy a "byproduction of the IT society"

The annual RSA conference of security professionals took place in London yesterday. Among the speakers is Bruce Schneier, the Chief Security Technology Officer at BT.

Addressing his remarks to the conference, Schneier outlined his belief that "invasions of privacy" have become an inevitable "byproduct of the IT society" and that individuals "are leaving digital footprints in our everyday lives".  Indeed, the "digital footprints" of BT's own customers have in the past been interpreted by the so-called Phorm software which allowed online advertisers to target their messages to individual internet users on the basis of their past surfing habits. 

The problem of individuals accumulating unfortunate digital footprints has long been a matter of concern for Big Brother Watch. Such is the scale of the problem, serious questions have been raised as to whether young people may have to change their names later in life in order that they avoid unfortunate photographs and personal information surfacing later in life.

Ignoring BT's own record, Schneier went on to single Facebook out for particular crticism, alleging that the website is sacrificing personal privacy in order to further its commercial position:

"Less privacy makes a better market for social networks. Facebook is the worst offender - not because it's evil but because its market is selling user data to its commercial partners. There's no [commercial] market for a Facebook privacy add-on but if Facebook added extra privacy controls people would want it.  Don't fool yourself that use are the user of social networks - you are the product".

When it comes to Facebook, Big Brother watch has a simple piece of advice: do not upload anything to the internet you would not wish to see in the public domain. The prescience of such a piece of advice was perfectly illustrated earlier this week following the news that personal 'phone numbers of users of the Facebook iPhone application were uploaded to the internet without their consent.

By Daniel Hamilton

As if it never happened: Xiaobo's Nobel prize victory

Democracy campaigners will have been delighted this week to learn that Liu Xiaobo has been awarded the Nobel Peace Prize for his work to draw attention to China's woeful human rights record.

In China, however, you could be forgiven for thinking it had never happened.

Perhaps unsurprisingly in a country where a Google image search of the word "Tiananmen Square massacre" brings up pictures of smiling tourists giving thumbs up gestures under the imposing image of Chairman Mao, news of Xiaobo's award has been entirely absent Chinese television and web-pages.   From personal experience, websites I was unable to access in China included the BBC News website, EBay and, oddly, Napster. 

Click here to read about the John Garnaut from the Sydney Morning Herald's efforts to cover Xiaobo's award from "behind the Great Firewall of China"

By Daniel Hamilton.

Facebook: have they got your number?

The Guardian carries a concerning story regarding the latest version of Facebook’s popular iPhone application.

As a result of the application’s new “contact sync” feature, those using the service face having both their personal phone number and those of their contacts uploaded to the internet.  When uploaded, the phone numbers will be automatically cross-checked with those of other members before allocating them to your online ‘phonebook.

Charles Arthur makes the following observation:

“The implications are huge, and extremely worrying. All it takes is for someone's Facebook account to be hacked (perhaps via their phone being stolen) and lots of personal details are revealed. Or, as [in one case], you get your phonebook record of "Steve Car" (a garage mechanic) somehow linked to someone called "Steve Carlton" - who you don’t know”

Facebook have responded to early criticism of the "contact sync" feature and have now introduced a warning to all those opting to use the feature that their details will be uploaded "subject to Faceook's privacy policy". 

The only way, however, to ensure your telephone number is not shared in this way appears to remove this information from your Facebook profile.

Click here for the full story.

By Daniel Hamilton

Net Neutrality is Anything but Neutral

The Net Neutrality debate is just getting going here in the UK. The US has been engaged in it for some time – indeed, Google and Verizon have added combined in an attempt to influence the public debate in recent months. But what is Net Neutrality?

Net Neutrality is a misnomer for a concept that isn’t neutral at all. Proponents of net neutrality argue that regulation or some sort of government intervention is a necessary requirement in order to ensure that the traffic on the Internet remains balanced. Effectively, people looking to log onto their email or view a YouTube video should be able to do that equally. The Internet traffic to one site shouldn’t take precedence over the Internet traffic to another.

At first and in theory, this might seem like a good idea. People will be able to access content from anywhere else in the world, at the same time, with the same ability. Fantastic. But what happens when (for example) a user buys a film on iTunes and wants to download it, and another customer who gets their connection to the Internet from the same company wants to log into and check their email?  Should both of these actions be treated equally?

The answer is no. More bandwidth is required to download a film than is required to check email. Network providers like BT, Verizon, TalkTalk, and AT&T know this. They also know that if they treat all network traffic equally, they are likely to have many angry customers who are accidentally disconnected from their internet just as their film finishes downloading.

The prioritisation of Internet traffic by companies is called ‘network management’. Companies who provide access to the Internet for their customers do this all time – and have done so since the early 1990s. Managing Internet traffic is complex, but in doing so companies can provide access for all their customers specifically when they need greater or lesser bandwidth. The end result is not often seen by customers unless network speed slows to a crawl or shuts down altogether.

Proponents of net neutrality claim that all Internet traffic needs to be treated equally so that the freedom and the spirit of the Internet are preserved. Sir Tim Berners-Lee, the inventor of the world wide web weighed in on this: “there are a lot of companies who would love to be able to limit what webpages you can see, and governments would love to be able to slow down information going down to particular sites”. He went on to say, “The moment you let net neutrality go, you lose the web as it is. You lose something essential – the fact that any innovator can dream up an idea and set up a website at some random place and let it just take off from word of mouth. You can end up helping humanity and make a profit out of it once you’ve got a domain name.”

Berners-Lee is usually right in all things Internet-related, but here he is wrong for a very simple reason: this would limit access to the Internet, because net neutrality is government regulation of the Internet.  Any government – or even the EU for that matter – would have to pass a series of laws and legislation limiting the commercial ability of public and private companies who provide Internet access. This means that the management of their own business for the benefit of their customers would be regulated by the government – and not by industry standards as it is today in the UK. Furthermore, customers who today can change Internet providers if they are receiving poor service or pay more for greater broadband would no longer be able to switch to a different provider because, effectively, all providers would have the same and equal quality of service. This is "equality" achieved by dragging everyone down to the same low level.

The Internet is free and open as it is – except when governments get involved. Look at China and Iran – "net neutrality" need never be a debate in those countries because their Internet is already regulated by the government. Let’s not call this debate "net neutrality" - because it is not.  Let’s call it net regulation. The Internet will be fine without government intervention, just as it has been so far. Just look at all of the entrepreneurs who have built businesses and created jobs and contributed to the growth of the economy.

By Dominique Lazanski

Robots, GCHQ and the Intercept Modernisation Programme

Reuters has published a fascinating article/interview with Richard Aldrich, author of a study of the Government Communications Headquarters (GCHQ).

We have warned about the Intercept Modernisation Programme (IMP) before - the clandestine GCHQ plan to monitor every email, phone call and piece of electronic communication made in the UK - but as ever, details are sketchy and the controversies vigorously denied.

This latest piece of work by Richard Aldrich is fascinating because it shows the pace of change - and the accompanying dangers that are posed by this rapid technological innovation.

As the article explains:

The agency is piloting a program to sift the digital trail left by people's daily lives -- who is phoning whom, who is emailing whom -- by using powerful data mining methods to trace networks of targets like criminals and terrorists, (Aldrich) says.

The danger is, such programs may mistake good guys for bad guys, he argues. "Once you go over to data mining you are essentially handing the process over to robots, who roam through this material looking for patterns of suspicious activity," he says.

"The danger is false positives -- people who have done a series of random things but when a machine looks at it, it says that person has done something bad."

Placed side-by-side with the horrible invasion of privacy, the danger of false positives makes the IMP a doubly scary prospect that should be resisted at all costs.

A Government 'committed to restoring civil liberties' as the Coalition has claimed, must reveal the full details of the IMP before promptly scrapping it.

By Dylan Sharpe

Once again - journalists allowed in where bloggers may not tread

In a story that echoes the exclusion of VentnorBlog from the Isle of Wight Coroners' Court (an issue with which, BTW, we are not finished), Tameside council has decided to have a formal Twitter accreditation programme; they have restricted those fortunate enough to make the approved Twitterers list to professional journalists, excluding bloggers. It's not just theoretical, either - they've already evicted the first blogger from Council proceedings.

Twittercrats.

By Alex Deane

Government to disconnect entire families for alleged illegal downloading

Florian Leppla is a Campaigner with the Open Rights Group, a non-profit company working to defend freedom of expression, privacy, innovation, consumer rights and creativity on the net.

The Digital Economy Bill, currently being debated in the House of Lords, would give the Government the power to disconnect people from the internet if copyright files are downloaded without permission. The Government, heavily lobbied by the music industry, seems convinced that's the way to stop illicit file sharing and downloading of music. What's certain is that entire families could be be disconnected if only one member (or lodger or guest) is accused of illegal downloading.

The bill doesn't acknowledge that account holder and infringer can be different people. That's the problem. The account holder will be liable for any infringement, whether he or she has infringed or not. That means that a whole family is punished because of the action of one person. This person can be anyone using their internet: a family member, a guest visiting, a lodger or a neighbour using their open wifi.

A lot of people need the internet for work or depend on if for their eduction. The Government has encouraged that and has pledged to connect citizens to the web, not disconnect them.

Gordon Brown said last year that "the internet is as vital as water and gas". Would he then consider cutting off people's water supply if their kids had shoplifted?

Disconnection is collective punishment. It is unacceptable. It is unfair and it is disproportionate.

What can you do?

1) Ask your MP to help remove the disconnection from the bill. Contact your MP now!

2) Write to your local paper and let people know that disconnection is wrong.

3) Sign up with the Open Rights Group to support our work.

Loppsi Offsi

In what may be one of the early skirmishes in the battle by governments to master the internet, the French are currently debating Loppsi II, a draft law to filter Internet traffic (amongst other things).

The bill was approved last week by the National Assembly (where the government has a large majority) and will now go on for a second and final reading in the Senate (where the government also has a majority). If the Senate makes no amendments that will be the final reading, as the government has declared the bill "urgent," which reduces the usual cycle of four readings to two.

The bill contains a number of unrelated measures:

• boosting police spending on "security" increasing

• penalties for counterfeiting checks or credit cards,

• increasing CCTV

• extending access to the police national DNA database

• authorizing the seizure of vehicles driven without a license

• criminalising online identity theft

• allow police to tap Internet connections as well as phone lines

• ordering ISPs to filter Internet connections to target child pornography

Plenty for our freedom-loving French friends to worry about, no? Let's hope les amis don't allow the rugby to distract them from this issue...

Vis a vis filtering, ISPs will be required to block access to any Internet address the authorities consider "necessary to prevent distribution of child pornography."

Blocking sites suspected of hosting child pornography is likely to affect blameless sites at the same IP address. Opposition amendments - that a judge would review the list of blocked URLs each month to ensure that sites were not needlessly blocked, and to make the filters a temporary measure until their effectiveness was proven - were rejected.

Of course, filtering won't stop the spread of child pornography - distributors already use encrypted peer-to-peer systems. Indeed, the French Federation of Telecommunications has said that filtering would cost up to €140 million but would be largely ineffective against the main child pornography distribution channels.

Once installed, the filter system could be used to censor other materials or limit access to other Internet sites. Which appeals to President Sarkozy - in a speech in January, he said that authorities should experiment with filtering in order to automatically remove all forms of piracy from the Internet.

Zut alors!

By Alex Deane

TalkTalk CEO sticks two fingers up at Mandy

It was reported yesterday that Charles Dunstone, Chief Executive of Carphone Warehouse, said if the Digital Economy Bill is enacted he would be prepared to fight the Government in court.

In an interview with the Daily Telegraph, he said:

he refused to send his customers who were suspected file-sharers warning letters about their supposed activity or disconnect them, even if these clauses of the bill became law.

He explained that he may choose instead to fight the Government in court, if his lobbying fails and that his company would “consider all its options” should these clauses in the Digital Economy Bill go through.

Why the fuss? The Digital Economy bill is now close to the committee stage at the House of Lords, and aims to implement a government report called Digital Britain. Mr Dunstone also heads the ISP, TalkTalk – and under the Bill, all ISP’s will have a legal obligation to firstly warn those suspected of illegal filesharing – and if it persists, to disconnect them.

TalkTalk have launched a petition against the Bill called ‘DontDisconnectUs’ which now has nearly 32,000 signatures and has drawn praise from several quarters, not least from Stephen Fry. It must be said, Mr Dunstone’s stance is as bold as it is morally praiseworthy. Is it sustainable though? What are other ISP’s going to do?

In an earlier interview with the Daily Telegraph, Dunstone claimed that:

“we don't support copyright infringement in any way but we live in the real world and understand that no amount of policing and censorship will solve the problem.

“It doesn't matter how many websites are blocked, how many services are shut down or how many individuals are pursued, people will always find ways to access copyrighted content for free.”

Moving away from Dunstonian heroism, but not from the Bill itself: Francis Davey - a Barrister specialising in computer and internet law - wrote a piece for the Open Rights Group, warning that the Bill goes much further than seeking to implement provisions relating to copyright infringement.

The bill gives enormous powers - exercisable with no Parliamentary oversight - to the Secretary of State to require the disconnection of individuals' internet access for any reason. Not only is there no requirement for such disconnections to relate to a number of "strikes" there is no need for disconnection to be linked to infringement of copyright.

In short, if the Bill goes through, it would appear to grant Lord Mandelson massive powers to control and meddle with the internet usage of UK residents. Digital Britain, it would seem, has its emperor.

By Edward Hockings

Privacy International deserves your support

Our friends at Privacy International are taking Virgin to the European Commission over their file snooping software.

I've expressed my doubts about the Virgin approach to privacy previously and you will see from this BBC report that PI are entirely in the right.

Big Brother Watch will be thinking about ways we can help in the fight against internet surveillance in the weeks and months to come. If you care about your privacy online, head over to PI and drop them a line.

By Alex Deane

Good for Google

In the past, criticisms have been made (rightly, in my view) about the extent to which Google has been willing to be complicit in China's repression of human rights activists and protestors, and suppression of free speech.  Well, no more. 

In a remarkably robust article, the Chief Legal Officer at Google has stated that

we have discovered that the accounts of dozens of U.S.-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers.

Moreover, he goes on to say that

We have taken the unusual step of sharing information about these attacks with a broad audience not just because of the security and human rights implications of what we have unearthed, but also because this information goes to the heart of a much bigger global debate about freedom of speech. In the last two decades, China's economic reform programs and its citizens' entrepreneurial flair have lifted hundreds of millions of Chinese people out of poverty. Indeed, this great nation is at the heart of much economic progress and development in the world today.

We launched Google.cn in January 2006 in the belief that the benefits of increased access to information for people in China and a more open Internet outweighed our discomfort in agreeing to censor some results. At the time we made clear that "we will carefully monitor conditions in China, including new laws and other restrictions on our services. If we determine that we are unable to achieve the objectives outlined we will not hesitate to reconsider our approach to China."

These attacks and the surveillance they have uncovered--combined with the attempts over the past year to further limit free speech on the web--have led us to conclude that we should review the feasibility of our business operations in China. We have decided we are no longer willing to continue censoring our results on Google.cn, and so over the next few weeks we will be discussing with the Chinese government the basis on which we could operate an unfiltered search engine within the law, if at all. We recognize that this may well mean having to shut down Google.cn, and potentially our offices in China.

Emphasis added.

By Alex Deane

Snooper's charter breathes again

Two stories today on the dreadful 'Intercept Modernisation Programme' otherwise known as the Home Office plan to monitor all of our emails, phone calls and other forms of private communications.

The first, courtesy of Kable, is that Phil Woolas MP has said that the £2bn Programme is due for completion in 2016; despite the bill being dropped from the Queen's Speech earlier this week.

As they report:

the information from Woolas shows the Home Office does not anticipate that this will delay the IMP, with 2016 as both the original and the current planned date for completion.

To make matters worse Keir Starmer, the Director of Public Prosecutions - a role that ought to be entirely separate from politics - has come out today and said that monitoring all of our calls and emails is 'vital' in the fight against crime.

As reported by the Daily Telegraph:

Keir Starmer said the controversial plan, which would see the communications activity of every citizen stored for a year, was essential for establishing links with suspects.

His support is in contrast to his predecessor, Sir Ken Macdonald, who last year warned against the expansion of technology by the state into everyday life which could create a world future generations "can't bear''.

Sir Ken is right and it simply isn't the government’s job to monitor our private communications. We hear of too many cases of private and personal data being lost, sold or misused by the state to trust that our phone calls and emails won’t end up in the wrong hands.

In addition, the DPP should not be going around doing the government's dirty work - plugging a policy that the majority of British people find deeply worrying. And remember, Keir Starmer has previous in this field.

By Dylan Sharpe

There's a lot of bytes in a yottabyte

News comes that the NSA in the United States is in the process of building a new data storage facility in Utah. Not just any facility - one capable of storing “yottabytes of surveillance data”.

A yottabite is about 1,000,000,000,000,000 Gigabytes of data.

They put it in perspective over at Erictric:

A typical modern computer hard disk drive is capable of storing into the lower hundreds of gigabytes. To put this in perspective, if you were to download a yottabyte with a standard 10 Mbps cable connection, it would take longer than your entire life — and that of your children, and grandchildren.

So, what kind of information might that be?  Well,

The amount of data ... is that which is more than all computers in the entire world combined — thousands of times over.

Perhaps that's a clue.

Again, as they put it over at Erictric, it's time to stop wondering if Big Brother might be watching you - with this sort of capacity, it's highly unlikely Big Brother isn't watching you.

By Alex Deane

Britain in the dock over internet privacy

A shocking story in the Independent today which reports that Ministers from the Home Office could find themselves hauled in front of the European Court of Justice after the European Commission accused Britain of failing to protect its citizens from secret surveillance on the internet.

The article states that:

the legal action is being brought over the use of controversial behavioural advertising services which were tested on BT's internet customers without their consent to gather commercial information about their web-shopping habits.

Under the programme, the UK-listed company Phorm has developed technology that allows internet service providers (ISPs) to track what their users are doing online.

The Commission said the UK had failed to comply with both the European e-Privacy Directive and the Data Protection Directive. The Commission also criticised the Regulation of Investigatory Powers Act (Ripa) as it does not require that people give informed, specific consent to their communications being intercepted for purposes such as behavioural advertising

I never really thought I'd say it, but congratulations to the EU. As I have written before, there is much wrong with Brussels' approach to individual privacy; but on this matter they are entirely correct.

At Big Brother Watch we are very concerned by Government attempts to regulate the internet or track users' habits. This story confirms that we should be concerned and we will continue to watch this case with interest.

By Dylan Sharpe

The "Digital Economy Bill" expands government control over the internet

This is our second guest post. The first is available here.

Dominique Lazanski is an experienced digital consultant and a regular writer and commentator on Internet policy and regulation from a free market perspective. She has over 10 years of experience in Silicon Valley with spells at Yahoo! and Apple and has spent the last several years in London as a consultant to the music industry and media agencies.

The Times reports that Lord Mandelson will use today's debate on the Digital Economy Bill to announce his intention to continue with government plans to cut off internet access for users who illegally download music.

The Digital Britain report, released in June of this year, outlined the government’s plans to make the UK more "digitally competitive and engaged".  A crackdown on illegal file sharing was among its many proposals.  In short, the government would mandate that all ISPs (Internet Service Providers) monitor file sharing activity on their networks and cut off those who engage in illegal activites.

This may not seem like a big deal.  But when one looks at the implementation proposals in the Digital Britain plan (which is, perhaps deliberately, very long and very obscure) this is in fact a gross expansion of government power for several reasons:

• First, in order to implement network monitoring the ISPs themselves must incur the costs of making the monitoring happen. The government is now telling businesses how they must spend their money. ISPs will be forced to change how they conduct their business too – ISPs will move from being simply Internet providers and become Internet monitors as well

• Second, and much more worrying, is that the government intends to “provide for backstop powers for Ofcom to place additional conditions on ISPs to reduce or prevent copyright infringement …” Essentially, the government will allow Ofcom to dictate and control how the ISPs monitor and cut off their users.

• Finally, there will be a “trigger mechanism” which would give ISPs and rights holders incentives to make this whole thing work. The idea of “trigger mechanism” was vague enough that a consultation by the Department for Business, Innovation & Skills (BIS) was held to further define what this is. In flushing this out in the consultation BIS decided that it would be best to give the Secretary of State the power to grant Ofcom the necessary power it needs to not only demand the suspension of user accounts, but to force ISPs to give over data and information of those users. This means that the government would circumvent due process and give power directly to Ofcom to make legal decisions about how we use the Internet.

If passed in November, the Digital Economy Bill will allow for the legal implementation of Digital Britain – including the discussed file sharing proposals. Let us hope that it doesn’t pass because the government shouldn't control our Internet access. If it does pass, then a Tory government should repeal it.

If you would like to contribute a guest post, please contact us.

Belgium fights EU Data Retention Directive

Hurrah for the land of waffles, sublime chocolates and "Ceci n'est pas une pipe" for it is the civil liberties groups of this diminutive nation, and they alone, who have so far had the brussels sprouts to stand up and oppose the pernicious EU Data Retention Directive.

For those unaware, the aforementioned DRD is an unnecessarily intrusive piece of EU legislation which came into force on 15th March this year, forcing internet service providers across the continent to store all the communication information they get from customers for 12 months at a time.

Under the directive, details of every email, phone call and text message sent or received - including information such as IP address and time of use - have to be recorded. In addition, police and security forces will be able to request access to the information using a court order.

Well, now several Belgian organisations including the League for Human Rights, the Flemish Association of Journalists and the Flemish Bar, have launched a website petition against the directive. Hurrah.

Last word to the organisers of the petition (approx translation!):

This campaign stems from the sincere conviction of the promoting organisations that a general data retention programme can not bring a solution to the security problem...data retention is a serious violation of the right to privacy...

...there is no need for data retention at either a European or Belgian level and we point to the fact that many experts have demonstrated that a policy of general data retention in is practice no guarantee against terrorism or crime.

By Dylan Sharpe 

Hat tip to the fantastic Open Europe

Every click recorded

As per the Daily Mail today, as part of the delightfully euphemistic "Intercept Modernisation Programme" the government is going to use our own money to monitor everything we do online.  So - not only are we going to be e-spied on by some group of faceless bureaucrats, we're going to have to pay through the nose for the privilege.

Britain owes a debt of gratitude to the Liberal Democrats for exposing the Government’s intrusive proposals, which represent a remarkable 1,700% increase on surveillance spending.

653 bodies would have the power to access this material.  Let us remember that surveillance powers under RIPA were used over half a million times last year,on everything from dog fouling to school catchment areas to putting bins out on the wrong day.  We don't even need to doubt whether the bureaucrats will use and abuse the intrusive powers being granted to them in law - we already have the proof of it.

By Alex Deane

In case you missed it...Project Indect

Project Indect – the very name sounds Orwellian – was revealed last weekend by Open Europe and the Sunday Telegraph to be a five year research programme ‘to develop computer programmes which act as "agents" to monitor and process information from web sites, discussion forums, file servers, peer-to-peer networks and even individual computers.’

As well as receiving close to £10 million in funding from the EU (which means from you) this sinister enterprise also forms part of a call from the European Commission for a “common culture” of law enforcement which includes sending batches of our own police out to Brussels for training in the European Union’s new enforcement methods.

The Project, despite the far-reaching implications for individual privacy, seems to have met with little opposition within the current UK government. Although this is hardly surprising given that a recent report from Sir Daivd Varney, close adviser to Gordon Brown, called for the creation of 'a single source of truth' on the citizen.

However, Stephen Booth from Open Europe sensibly questioned the project saying "there is no evidence that anyone has ever asked 'is this actually in the best interests of our citizens?'" While the ever vigilant Shami Chakrabarti said "Profiling whole populations instead of monitoring individual suspects is a sinister step in any society. It's dangerous enough at national level, but on a Europe-wide scale the idea becomes positively chilling."

But the chorus of disapproval, to which Big Brother Watch today adds its voice in the strongest possible way, could well be ignored as the EU seeks to economise in a credit crunch. A spokesman from the Police Service of Northern Ireland, who are involved in Project Indect’s development, said: “Our budgets are shrinking, our human resources are shrinking and we are looking for IT technology that will help us five years down the line.”

Scary stuff and proof that it isn’t only the British government BBW needs to be watching.

By Dylan Sharpe