Archive for the ‘UK Parliament’ Category

Read more uk_internet_censors.htm at MelonFarmers.co.uk

Houses of Parliament Web browser risk to child safety

We are deeply concerned that a new form of encryption being introduced to our web browsers will have terrible consequences for child protection.

The new system 204 known as DNS over HTTPS — would have the effect of undermining the work of the Internet Watch Foundation (IWF); yet Mozilla, provider of the Firefox browser, has decided to introduce it, and others may follow.

The amount of abusive content online is huge and not declining. Last year, the IWF removed more than 105,000 web pages showing the sexual abuse of children. While the UK has an excellent record in eliminating the hosting of such illegal content, there is still a significant demand from UK internet users: the National Crime Agency estimates there are 144,000 internet users on some of the worst dark-web child sexual abuse sites.

To fight this, the IWF provides a URL block list that allows internet service providers to block internet users from accessing known child sexual abuse content until it is taken down by the host country. The deployment of the new encryption system in its proposed form could render this service obsolete, exposing millions of people to the worst imagery of children being sexually abused, and the victims of said abuse to countless sets of eyes.

Advances in protecting users’ data must not come at the expense of children. We urge the secretary of state for digital, culture, media and sport to address this issue in the government’s upcoming legislation on online harms.

  • Sarah Champion MP;
  • Tom Watson MP;
  • Carolyn Harris MP;
  • Tom Brake MP;
  • Stephen Timms MP;
  • Ian Lucas MP;
  • Tim Loughton MP;
  • Giles Watling MP;
  • Madeleine Moon MP;
  • Vicky Ford MP;
  • Rosie Cooper MP;
  • Baroness Howe;
  • Lord Knight;
  • Baroness Thornton;
  • Baroness Walmsley;
  • Lord Maginnis;
  • Baroness Benjamin;
  • Lord Harris of Haringey

The IWF service is continually being rolled out as an argument against DoH but I am starting to wonder if it is still relevant. Given the universal revulsion against child sex abuse then I’d suspect that little of it would now be located on the open internet. Surely it would be hiding away in hard to find places like the dark web, that are unlikely to stumbled on by normal people. And of course those using the dark web aren’t using ISP DNS servers anyway.

In reality the point of using DoH is to evade government attempts to block legal porn sites. If they weren’t intending to block legal sites then surely people would be happy to use the ISP DNS including the IWF service.

Advertisements
Read more uk_internet_censors.htm at MelonFarmers.co.uk

house of lords red logo At the moment when internet users want to view a page, they specify the page they want in the clear. ISPs can see the page requested and block it if the authorities don’t like it. A new internet protocol has been launched that encrypts the specification of the page requested so that ISPs can’t tell what page is being requested, so can’t block it.This new DNS Over HTTPS protocol is already available in Firefox which also provides an uncensored and encrypted DNS server. Users simply have to change the settings in about:config (being careful of the dragons of course)

Questions have been raised in the House of Lords about the impact on the UK’s ability to censor the internet.

House of Lords, 14th May 2019, Internet Encryption Question

Baroness Thornton Shadow Spokesperson (Health) 2:53 pm, 14th May 2019

To ask Her Majesty ‘s Government what assessment they have made of the deployment of the Internet Engineering Task Force ‘s new ” DNS over HTTPS ” protocol and its implications for the blocking of content by internet service providers and the Internet Watch Foundation ; and what steps they intend to take in response.

Lord Ashton of Hyde The Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport

My Lords, DCMS is working together with the National Cyber Security Centre to understand and resolve the implications of DNS over HTTPS , also referred to as DoH, for the blocking of content online. This involves liaising across government and engaging with industry at all levels, operators, internet service providers, browser providers and pan-industry organisations to understand rollout options and influence the way ahead. The rollout of DoH is a complex commercial and technical issue revolving around the global nature of the internet.

Baroness Thornton Shadow Spokesperson (Health)

My Lords, I thank the Minister for that Answer, and I apologise to the House for this somewhat geeky Question. This Question concerns the danger posed to existing internet safety mechanisms by an encryption protocol that, if implemented, would render useless the family filters in millions of homes and the ability to track down illegal content by organisations such as the Internet Watch Foundation . Does the Minister agree that there is a fundamental and very concerning lack of accountability when obscure technical groups, peopled largely by the employees of the big internet companies, take decisions that have major public policy implications with enormous consequences for all of us and the safety of our children? What engagement have the British Government had with the internet companies that are represented on the Internet Engineering Task Force about this matter?

Lord Ashton of Hyde The Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport

My Lords, I thank the noble Baroness for discussing this with me beforehand, which was very welcome. I agree that there may be serious consequences from DoH. The DoH protocol has been defined by the Internet Engineering Task Force . Where I do not agree with the noble Baroness is that this is not an obscure organisation; it has been the dominant internet technical standards organisation for 30-plus years and has attendants from civil society, academia and the UK Government as well as the industry. The proceedings are available online and are not restricted. It is important to know that DoH has not been rolled out yet and the picture in it is complex–there are pros to DoH as well as cons. We will continue to be part of these discussions; indeed, there was a meeting last week, convened by the NCSC , with DCMS and industry stakeholders present.

Lord Clement-Jones Liberal Democrat Lords Spokesperson (Digital)

My Lords, the noble Baroness has raised a very important issue, and it sounds from the Minister ‘s Answer as though the Government are somewhat behind the curve on this. When did Ministers actually get to hear about the new encrypted DoH protocol? Does it not risk blowing a very large hole in the Government’s online safety strategy set out in the White Paper ?

Lord Ashton of Hyde The Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport

As I said to the noble Baroness, the Government attend the IETF . The protocol was discussed from October 2017 to October 2018, so it was during that process. As far as the online harms White Paper is concerned, the technology will potentially cause changes in enforcement by online companies, but of course it does not change the duty of care in any way. We will have to look at the alternatives to some of the most dramatic forms of enforcement, which are DNS blocking.

Lord Stevenson of Balmacara Opposition Whip (Lords)

My Lords, if there is obscurity, it is probably in the use of the technology itself and the terminology that we have to use–DoH and the other protocols that have been referred to are complicated. At heart, there are two issues at stake, are there not? The first is that the intentions of DoH, as the Minister said, are quite helpful in terms of protecting identity, and we do not want to lose that. On the other hand, it makes it difficult, as has been said, to see how the Government can continue with their current plan. We support the Digital Economy Act approach to age-appropriate design, and we hope that that will not be affected. We also think that the soon to be legislated for–we hope–duty of care on all companies to protect users of their services will help. I note that the Minister says in his recent letter that there is a requirement on the Secretary of State to carry out a review of the impact and effectiveness of the regulatory framework included in the DEA within the next 12 to 18 months. Can he confirm that the issue of DoH will be included?

Lord Ashton of Hyde The Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport

Clearly, DoH is on the agenda at DCMS and will be included everywhere it is relevant. On the consideration of enforcement–as I said before, it may require changes to potential enforcement mechanisms–we are aware that there are other enforcement mechanisms. It is not true to say that you cannot block sites; it makes it more difficult, and you have to do it in a different way.

The Countess of Mar Deputy Chairman of Committees, Deputy Speaker (Lords)

My Lords, for the uninitiated, can the noble Lord tell us what DoH means –very briefly, please?

Lord Ashton of Hyde The Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport

It is not possible to do so very briefly. It means that, when you send a request to a server and you have to work out which server you are going to by finding out the IP address, the message is encrypted so that the intervening servers are not able to look at what is in the message. It encrypts the message that is sent to the servers. What that means is that, whereas previously every server along the route could see what was in the message, now only the browser will have the ability to look at it, and that will put more power in the hands of the browsers.

Lord West of Spithead Labour

My Lords, I thought I understood this subject until the Minister explained it a minute ago. This is a very serious issue. I was unclear from his answer: is this going to be addressed in the White Paper ? Will the new officer who is being appointed have the ability to look at this issue when the White Paper comes out?

Lord Ashton of Hyde The Parliamentary Under-Secretary of State for Digital, Culture, Media and Sport

It is not something that the White Paper per se can look at, because it is not within the purview of the Government. The protocol is designed by the IETF , which is not a government body; it is a standards body, so to that extent it is not possible. Obviously, however, when it comes to regulating and the powers that the regulator can use, the White Paper is consulting precisely on those matters, which include DNS blocking, so it can be considered in the consultation.

Read more uk_internet_censors.htm at MelonFarmers.co.uk

new filters An informal group of MPs, the All Party Parliamentary Group on Social Media and Young People’s Mental Health and Wellbeing has published a report calling for the establishment of an internet censor. The report clams:

  • 80% of the UK public believe tighter regulation is needed to address the impact of social media on the health and wellbeing of young people.
  • 63% of young people reported social media to be a good source of health information.
  • However, children who spend more than three hours a day using social media are twice as likely to display symptoms of mental ill health.
  • Pressure to conform to beauty standards perpetuated and praised online can encourage harmful behaviours to achieve “results”, including body shame and disordered eating, with 46% of girls compared to 38% of all young people reporting social media has a negative impacted on their self-esteem.

The report titled, #NewFilters to manage the impact of social media on young people’s mental health and wellbeing , puts forward a number of policy recommendations, including:

  • Establish a duty of care on all social media companies with registered UK users aged 24 and under in the form of a statutory code of conduct, with Ofcom to act as regulator.
  • Create a Social Media Health Alliance, funded by a 0.5% levy on the profits of social media companies, to fund research, educational initiatives and establish clearer guidance for the public.
  • Review whether the “addictive” nature of social media is sufficient for official disease classification.
  • Urgently commission robust, longitudinal research, into understanding the extent to which the impact of social media on young people’s mental health and wellbeing is one of cause or correlation.

Chris Elmore MP, Chair of the APPG on Social Media on Young People’s Mental Health and Wellbeing said:

“I truly think our report is the wakeup call needed to ensure – finally – that meaningful action is taken to lessen the negative impact social media is having on young people’s mental health.

For far too long social media companies have been allowed to operate in an online Wild West. And it is in this lawless landscape that our children currently work and play online. This cannot continue. As the report makes clear, now is the time for the government to take action.

The recommendations from our Inquiry are both sensible and reasonable; they would make a huge difference to the current mental health crisis among our young people.

I hope to work constructively with the UK Government in the coming weeks and months to ensure we see real changes to tackle the issues highlighted in the report at the earliest opportunity.”

Read more uk_internet_censors.htm at MelonFarmers.co.uk

regulating in a digital world The House of Lords Communications Committee has called for a new, overarching censorship framework so that the services in the digital world are held accountable to an enforceable set of government rules.The Lords Communications Committee writes:

Background

In its report ‘Regulating in a digital world’ the committee notes that over a dozen UK regulators have a remit covering the digital world but there is no body which has complete oversight. As a result, regulation of the digital environment is fragmented, with gaps and overlaps. Big tech companies have failed to adequately tackle online harms.

Responses to growing public concern have been piecemeal and inadequate. The Committee recommends a new Digital Authority, guided by 10 principles to inform regulation of the digital world.

Chairman’s Comments

The chairman of the committee, Lord Gilbert of Panteg , said:

“The Government should not just be responding to news headlines but looking ahead so that the services that constitute the digital world can be held accountable to an agreed set of principles.

Self-regulation by online platforms is clearly failing. The current regulatory framework is out of date. The evidence we heard made a compelling and urgent case for a new approach to regulation. Without intervention, the largest tech companies are likely to gain ever more control of technologies which extract personal data and make decisions affecting people’s lives. Our proposals will ensure that rights are protected online as they are offline while keeping the internet open to innovation and creativity, with a new culture of ethical behaviour embedded in the design of service.”

Recommendations for a new regulatory approach Digital Authority

A new ‘Digital Authority’ should be established to co-ordinate regulators, continually assess regulation and make recommendations on which additional powers are necessary to fill gaps. The Digital Authority should play a key role in providing the public, the Government and Parliament with the latest information. It should report to a new joint committee of both Houses of Parliament, whose remit would be to consider all matters related to the digital world.

10 principles for regulation

The 10 principles identified in the committee’s report should guide all regulation of the internet. They include accountability, transparency, respect for privacy and freedom of expression. The principles will help the industry, regulators, the Government and users work towards a common goal of making the internet a better, more respectful environment which is beneficial to all. If rights are infringed, those responsible should be held accountable in a fair and transparent way.

Recommendations for specific action Online harms and a duty of care

  • A duty of care should be imposed on online services which host and curate content which can openly be uploaded and accessed by the public. Given the urgent need to address online harms, Ofcom’s remit should expand to include responsibility for enforcing the duty of care.

  • Online platforms should make community standards clearer through a new classification framework akin to that of the British Board of Film Classification. Major platforms should invest in more effective moderation systems to uphold their community standards.

Ethical technology

  • Users should have greater control over the collection of personal data. Maximum privacy and safety settings should be the default.

  • Data controllers and data processors should be required to publish an annual data transparency statement detailing which forms of behavioural data they generate or purchase from third parties, how they are stored, for how long, and how they are used and transferred.

  • The Government should empower the Information Commissioner’s Office to conduct impact-based audits where risks associated with using algorithms are greatest. Businesses should be required to explain how they use personal data and what their algorithms do.

Market concentration

  • The modern internet is characterised by the concentration of market power in a small number of companies which operate online platforms. Greater use of data portability might help, but this will require more interoperability.

  • The Government should consider creating a public-interest test for data-driven mergers and acquisitions.

  • Regulation should recognise the inherent power of intermediaries.

Read more uk_internet_censors.htm at MelonFarmers.co.uk

dcms facebook The Digital, Culture, Media and Sport Committee has published its final report on Disinformation and ‘fake news’. The report calls for:

  • Compulsory Code of Ethics for tech companies overseen by independent regulator

  • Regulator given powers to launch legal action against companies breaching code

  • Government to reform current electoral communications laws and rules on overseas involvement in UK elections

  • Social media companies obliged to take down known sources of harmful content, including proven sources of disinformation

Further finds that:

  • Electoral law ‘not fit for purpose’

  • Facebook intentionally and knowingly violated both data privacy and anti-competition laws

Chair’s comment

Damian Collins MP, Chair of the DCMS Committee said:

“Our inquiry over the last year has identified three big threats to our society. The challenge for the year ahead is to start to fix them; we cannot delay any longer.

“Democracy is at risk from the malicious and relentless targeting of citizens with disinformation and personalised ‘dark adverts’ from unidentifiable sources, delivered through the major social media platforms we use everyday. Much of this is directed from agencies working in foreign countries, including Russia.

“The big tech companies are failing in the duty of care they owe to their users to act against harmful content, and to respect their data privacy rights.

“Companies like Facebook exercise massive market power which enables them to make money by bullying the smaller technology companies and developers who rely on this platform to reach their customers.

“These are issues that the major tech companies are well aware of, yet continually fail to address. The guiding principle of the ‘move fast and break things’ culture often seems to be that it is better to apologise than ask permission.

“We need a radical shift in the balance of power between the platforms and the people. The age of inadequate self regulation must come to an end. The rights of the citizen need to be established in statute, by requiring the tech companies to adhere to a code of conduct written into law by Parliament, and overseen by an independent regulator.

“We also have to accept that our electoral regulations are hopelessly out of date for the internet age. We need reform so that the same principles of transparency of political communications apply online, just as they do in the real world. More needs to be done to require major donors to clearly establish the source of their funds.

“Much of the evidence we have scrutinised during our inquiry has focused on the business practices of Facebook; before, during and after the Cambridge Analytica data breach scandal.

“We believe that in its evidence to the Committee Facebook has often deliberately sought to frustrate our work, by giving incomplete, disingenuous and at times misleading answers to our questions.

“Even if Mark Zuckerberg doesn’t believe he is accountable to the UK Parliament, he is to the billions of Facebook users across the world. Evidence uncovered by my Committee shows he still has questions to answer yet he’s continued to duck them, refusing to respond to our invitations directly or sending representatives who don’t have the right information. Mark Zuckerberg continually fails to show the levels of leadership and personal responsibility that should be expected from someone who sits at the top of one of the world’s biggest companies.

“We also repeat our call to the Government to make a statement about how many investigations are currently being carried out into Russian interference in UK politics. We want to find out what was the impact of disinformation and voter manipulation on past elections including the UK Referendum in 2016 and are calling on the Government to launch an independent investigation.”

Final Report

This Final Report on Disinformation and ‘Fake News’ repeats a number of recommendations from the interim report published last summer. The Committee calls for the Government to reconsider a number of recommendations to which it did not respond and to include concrete proposals for action in its forthcoming White Paper on online harms.
Independent regulation of social media companies.

The Report repeats a recommendation from the Interim Report for clear legal liabilities to be established for tech companies to act against harmful or illegal content on their sites, and the report calls for a compulsory Code of Ethics defining what constitutes harmful content. An independent regulator should be responsible for monitoring tech companies, backed by statutory powers to launch legal action against companies in breach of the code.

Companies failing obligations on harmful or illegal content would face hefty fines. MPs conclude: “Social media companies cannot hide behind the claim of being merely a ‘platform’ and maintain that they have no responsibility themselves in regulating the content of their sites.”

The Report’s recommendation chimes with recent statements by Ministers indicating the Government is prepared to regulate social media companies following the death of teenager Molly Russell. The Committee hopes to see firm recommendations for legislation in the White Paper to create a regulatory system for online content that is as effective as that for offline content.

It repeats its recommendation for new independent regulation to be funded by a levy on tech companies operating in the UK.

Data use and data targeting

The Report highlights Facebook documents obtained by the Committee and published in December 2018 relating to a Californian court case brought by app developer Six4Three. Through scrutiny of internal Facebook emails between 2011 and 2015, the Report finds evidence to indicate that the company was willing to: override its users’ privacy settings in order to transfer data to some app developers; to charge high prices in advertising to some developers, for the exchange of data, and starve some developers–such as Six4Three–of that data, contributing to them losing their business. MPs conclude: “It is evident that Facebook intentionally and knowingly violated both data privacy and anti-competition laws.”

It recommends that the ICO carries out a detailed investigation into the practices of the Facebook platform, its use of users’ and users’ friends’ data, and the use of ‘reciprocity’ of the sharing of data. The CMA (Competition and Markets Authority) should conduct a comprehensive audit of the advertising market on social media and investigate whether Facebook has been involved in anti-competitive practices.

MPs note that Facebook, in particular, is unwilling to be accountable to regulators around the world: “By choosing not to appear before the Committee and by choosing not to respond personally to any of our invitations, Mark Zuckerberg has shown contempt towards both our Committee and the ‘International Grand Committee’ involving members from nine legislators from around the world.”

Read more parl.htm at MelonFarmers.co.uk

home affairs committee People convicted of insulting people online should be named and shamed on a government register of offenders under new laws to censor social media, says an all-party committee of MPs.The Commons petitions committee claimed new laws were needed to combat online harms because current legislation was not fit for purpose and self-regulation by the social media firms had failed.

The committee was responding to a petition, backed by more than 220,000 people, from reality TV star and model Katie Price who demanded new online laws and a register of offenders after her disabled son, Harvey, was viciously trolled for his condition, colour and size.

The MPs believe a criminal law, which covered online abuse and included proper recognition of hate crimes against disabled people, will achieve what the petition is looking for from a register, as criminal convictions will show up as part of a Disclosure and Barring Service check, said the MPs.

The committee said a high proportion of abusive content related to football with most shockingly the name of Harvey Price used by fans as an insult for someone’s ability as a footballer.

Read more uk_internet_censors.htm at MelonFarmers.co.uk

regulatory policy commitee logo Parliament’s Regulatory Policy Committee (RPC) has reported that the government’s approach to internet porn censorship and age verification is fit for purpose, but asks a few important questions about how safe it is for porn viewers.The RPC was originally set up a decade ago to help cut red tape by independently checking government estimates of how much complying with new laws and regulations would cost the private sector. Of curse all it has achieved is to watch the western world suffocate itself in accelerating red tape to such a point that the west seems to be on a permanent course to diminishing wealth and popular unrest. One has to ask if the committee itself is fit for purpose?

Anyway in the subject of endangering porn users by setting them up for identity thieves, blackmailers and scammers, the authors write:

Risks and wider impacts. The Impact Assessment (IA) makes only limited reference to risks and wider impacts of the measure. These include the risk that adults and children may be pushed towards the dark web or related systems to avoid AV, where they could be exposed to illegal activities and extreme material that they otherwise would never have come into contact with. The IA also recognises numerous other wider impacts, including privacy/fraud concerns linked to inputting ID data into sites and apps.

Given the potential severity of such risks and wider impacts, the RPC believes that a more thorough consideration of each, and of the potential means to mitigate them, would have been appropriate. The RPC therefore recommends that the Department ensures that it robustly monitors these risks and wider impacts, post-implementation.