On Twitter: @JamesFirth and @s_r_o_c (post feed)

Got a tip? tip@sroc.eu

Tuesday, 30 August 2011

Shock as leaked document reveals government requested Ofcom make Digital Economy Act appeals harder

Reasons for further delays to the Initial Obligations Code (IOC) - legislation which details exactly how the online copyright clamp-down under the Digital Economy Act will operate - were revealed in a document leaked online nearly a month ago, but very few seem to have noticed the leak (and I've been busy with a new arrival)!

I previously reported that further delays could be expected to the UK's 3-strikes anti-filesharing laws when I noticed only one of two remaining pieces of legislation arrived at the EC this month.

Leaked documents; or rather, sections redacted in previously-released official documents; now reveal at least one reason for further delays to the IOC is because the Government made a direct request to Ofcom that it should make it harder for people accused of copyright infringement to appeal the accusation.

The request comes under the guise of reducing costs of the scheme; however costs should not be of concern to government as the entire cost of running the measures are due to be met by copyright owners and, to a much lesser extent, by ISPs.

The request to narrow the grounds for appeal comes on top of the announcement at the start of this month that those wishing to appeal will have to pay an appeals fee before an appeal can be heard, renewing concerns from consumer groups that those on a low income will be denied access to justice.

No more public consultations, chilling effects on open public WiFi

In a further blow to public confidence in the Digital Economy Act, sources indicate the changes will be made without further public consultation, and rushed to Brussels by the end of September.

Public consultation is now essential, due to the importance of ensuring the appeals process remains fair, robust and lawful under relevant sections of the Digital Economy Act.

The appeals process is critical to an individual's right to due process under law, because accusations of copyright infringement will be made solely on evidence gathered by groups working directly for copyright owners.  The appeals process is the first time those accused of copyright infringement have a chance to examine the evidence against them and have their side heard by an independent body.

Friday, 26 August 2011

Freedom of Ignorance Act 2000: Ofcom refuses to release reasons behind redactions in policy documents

On 3rd August, Ofcom, together with the Department for Media, Culture and Sport, released two important documents relating to government internet policy.

One set out the feasibility of blocking [overseas] websites with the aim of reducing copyright infringement, and the other was a report into reducing the likely cost of the appeals process for those accused of unlawfully sharing copyrighted content under controversial measured in the Digital Economy Act 2010.

Both documents contained a surprisingly large number of redactions.  A bit of a sideshow was created when it transpired redactions in one document - the report into website blocking - were incorrectly applied, and it was possible for the original text to be recovered.  The same mistake was not made with the report into reducing the cost of appeals.

Incompetence aside, I wanted to know what had been redacted from both documents, and why.  But my request for letters and documents relating to who had requested information be redacted, and their reasons, was today refused.  As was my request for an uncensored copy of the report into reducing the cost of appeals, and TJ McIntyre's request for an official un-redacted copy of the website blocking report (even though unofficial copies of the document exist due to the prior blunder).

Pretending the horse is safely ensconced in the stable

At the time of the original release, a vague "think of the children" spiel was concocted by officials, who pointed out that knowledge of how to circumvent website blocking could be abused by children wanting to circumvent parental controls, and paedophiles wanting to circumvent child pornography blocks imposed by some (but not all**) ISPs.

I'm sorry, cloistered government officials, but this just doesn't wash.  As Trefor explains (and even Ofcom's own report acknowledges), the knowledge of how to circumvent web blocks is widely available.

It's not simply that the barn doors are open and the horse has bolted; the horse has been shot and shipped to France, and the barn has been converted into a spacious holiday let.

Thursday, 25 August 2011

Shutting-down communications at times of disaster can be counter-productive

A few months ago I had a very interesting chat with a couple of government-types about attempts to control or restrict social media in the UK.

We wandered into hypothetical territory, and I was surprised to hear senior officials voicing opinion that "even in times of war" ... "turning-off public communications can be counter-productive."

Given the riots had not yet occurred I can't say how their thinking might have changed, but their reasoning centred around the aftermath of the 7/7 London bombings.

In practice, UK authorities have very little power to restrict internet communications.

It's not that they don't have the legal power - Section 132 of the Communication Act 2003 allows for the Secretary of State to require communications providers to suspend or restrict all or part of their communications network.

But in practice, given the technical complexity of blocking some websites and leaving others visible, and the vastly distributed nature of the internet - utilising resources controlled by thousands of private companies; in practice, the government's powers are pretty blunt.

They could probably shut down the internet in the UK if they wanted, but they would struggle to impose a rapid block on a handful of social networking websites whilst leaving the remainder of the internet - critical to many operations (power generation, healthcare monitoring, etc) - functioning.

Tuesday, 23 August 2011

CONSENT Project: research into online privacy and consent

If you have 15 minutes spare, a researcher from Queen's University would welcome input from readers of this blog as part of the CONSENT project - an EU-funded research project on social networking and information gathering.

To start the questionnaire, click here.

The project will look at the use of personal information, privacy, and giving consent online across Europe, and the findings will be made available to European policy makers and legal experts aimed at encouraging the strengthening of the legal protection of consumers and online users.

Whilst Open Digital generally views legislation as a solution of last resort, preferring instead to focus on consumer education of privacy risks in order to harness consumer-brand trust as a driver for improving corporate responsibility towards personal data, we welcome all research in this important area.


Monday, 22 August 2011

More Digital Economy Act delays? Cost Sharing Order goes to EC, no sign of IOC

Only one of two remaining pieces of legislation required for the digital copyright clampdown under the Digital Economy Act was notified to the European Commission (EC) at the start of August, indicating progress enacting the anti-filesharing measures may have been hit by further delays.

The UK is obliged to notify Europe of legislation that may affect cross-border competition, such as technical requirements placed on ISPs under the Digital Economy Act.  At the time of publication, the EC database of such notifications, TRIS, showed only the so-called Cost Sharing Order had been notified.

The counterpart Initial Obligations Code, the main body of legislation that describes in detail how the copyright infringement notification and appeals process will run, is not currently listed in TRIS.

EC notification is significant as it adds a 3-month delay to enactment of legislation in order to give other EC member states a chance to comment or object.  The absence of the main Initial Obligations Code means the Code is unlikely to get a vote in the UK parliament until early 2012 at best.

Even when passed by both Houses of Parliament, it will take several months to establish the notification and appeals bodies, meaning it's now highly unlikely the first copyright infringement notifications will hit the doormats of alleged pirates before 2013 - nearly 3 years after the Digital Economy Act was passed.

Wednesday, 3 August 2011

Redactions make a mockery of the public consultation process

Today Ofcom released its long-awaited report into the feasibility of blocking overseas websites accused of carrying copyright-infringing content under dormant powers contained in Sections 17 and 18 of the Digital Economy Act.

Or rather, the Department for Media, Culture and Sport published the report. Then quickly removed it as it became clear that large sections of the document which discuss technical workarounds for web-blocking provisions were incorrectly redacted and therefore readable to anyone outside of a government-controlled computer network.

Note the irony here - I'm told by a government insider it's not possible to read the redacted text on a government-controlled IT system, because the government's preferred PDF reader doesn't allow the workaround used to reveal the redacted text!

@TJMcIntyre has published all the redacted text on his blog IT Law in Ireland and since the report is not currently available anywhere else, I've lodged a copy on my publisher's system here.

But the story isn't one of bad redactions - the bad redactions show just how absurd the government redaction policy is.  Literally anything to do with workarounds - all of it already in the public domain - is redacted.  Proxy servers, VPNs and TOR - all mentions redacted.

Noting that we the taxpayer paid Ofcom £100,000 for this report it's a scandal that large sections are hidden from public view.

Behind the scenes in the government's digital economy soup factory

You will have to pay an appeals fee of £20 if you want to challenge a copyright infringement warning letter you receive under the Digital Economy Act.  The fee will be refunded if the appeal is successful.

This was the surprise announcement made this morning, as the government made its welcome response to the Hargreaves review into copyright reform.  I welcome the government response to Hargreaves, but that's not the story I want to tell.

Web blocking (under Section 17) of the Digital Economy Act has been ruled out by Ofcom (pdf) (see update below) as unworkable, but Ed Vaizey tried to sweeten this for rights holders by saying that it had "not said no to site blocking forever" (not sure I agree with the minister's take) and went on to mention the Newzbin ruling which allows court-ordered blocking of websites infringing copyright when an ISP already has an existing blocking mechanism installed.

It's a subtle point, but vitally important to note that the Ofcom report into web blocking was completed months ago.  I have it on excellent authority, confirmed from insiders in both Ofcom and the Department for Media, Culture and Sport (DCMS), that DCMS have been sat on this report for at least 2 months.  The first court hearing to block Newzbin was heard on 28th June this year and Ofcom could not have known how the courts would rule on using S97A of the Copyrights, Designs and Patents Act to block infringing websites.

Aside: note how large sections of the Ofcom report into website blocking have been redacted.  Is this good for transparency?  The aim is to hide technical discussion of how web blocking can be circumvented.  I'm not aware this is - as yet - a crime, so I'll do my best to fill in the gaps over the next few weeks.

UPDATE: a commentator points out the Ofcom blocking document was badly redacted, and the blacked-out text is visible with some PDF viewers.  DCMS have taken their copy down, but it's still available direct from Ofcom for the moment.

UPDATE2: All government copies of the document have been pulled, however I've put a copy of the consultation on my publisher's server here (pdf) and @tjmcintyre provides easy access to the redacted text on his blog.

Tuesday, 2 August 2011

Parliament needs to act to stop the worst-of-all-worlds UK net censorship

The 'Newzbin' ruling finally brings state-mandated web censorship to the UK.  But it's all OK and above board, we're told, because a court order is required for each website blocked.

Which might just appease all but ardent civil liberties advocates, until you factor in money.

The problem with this back door web censorship lies in the way legal challenges are funded and costs awarded in the UK court, making this particular court-orientated approach entirely unsuitable to assess the incredibly complex and delicate balance between 'protection' and public interest.

Essentially, the public interest is not represented under the 'Newzbin' arrangement, and it needs to be.  A public defence against each such blocking order must be funded on a statutory basis.

Without a statutory public interest defender,  many blocking orders will go unchallenged.  Each order is made between the applicant and the individual ISP, and it's not in the ISPs interest to fight each and every order as they risk having to pay the legal fees of both sides, as cyber law blogger and professor of e-governance at Strathclyde University Lilian Edwards points out in her post here.

Courts and judges don't and often can't assess the wider impact of such orders, as they can only consider (a) the evidence put before them; and, (b) the law.

If a blocking order is unchallenged, and the law does not call for a stringent public interest test, so long as the evidence presented by the applicant meets precursory inspection by the court the order will most likely succeed.

I'm calling on parliament now to stand up and decide whether we want to keep censorship, or not.  Whatever parliament does, I implore our elected representatives not to sit back and let such a worrying development creep by unchallenged.

And if parliament does decide to keep web censorship, it is essential that the law is amended to resolve the public interest issue.  It should also consider whether aspects of the Newzbin ruling - namely that an ISP with an existing blocking system can reasonably be required to block unlawful content when the court has existing powers of injunction - might be expanded in a future case to other areas where e.g. press injunctions are used to muzzle print media.

Monday, 1 August 2011

Info Commissioner suggests shooting messenger, overlooks organised crime etc

Who am I more worried about getting hold of my personal details; journalists? Or criminals?

In an interview with Bloomberg the Information Commissioner Christopher Graham once again calls for prison sentences as a deterrent for those who make use of stolen personal data.

I don't disagree with his aims, nor his observation of the general lack of respect for personal data.  But I take issue with his quoted assertion:
"Unless people realize they can go to prison, it seems like a victimless crime"
I take serious issue with a policy that would send the likes of journalists to prison for exploiting weaknesses in the security of organisations entrusted with our personal data.

It smacks of an attempt to provide a false sense of security, making it illegal to exploit a loophole; papering over the gaping data leak and allowing serious and organised criminals to continue to exploit such loopholes until they get caught.

Is jail always a deterrent?

The Information Commissioner himself seems aware that journalists aren't the largest consumers of black-market personal data:
"While most violations aren’t done by journalists, the newspapers were the ones who objected the loudest, Graham said"
Jail is not a deterrent to one group - criminals - who already have a thirst for personal data; to facilitate ID theft, bank and credit card fraud.