Posts Tagged ‘ICO’

Read more uk_internet_censors.htm at MelonFarmers.co.uk

information commissioners office logo The Information Commissioner’s Office has for some bizarre reason have been given immense powers to censor the internet.And in an early opportunity to exert its power it has proposed a ‘regulation’ that would require strict age verification for nearly all mainstream websites that may have a few child readers and some material that may be deemed harmful for very young children. Eg news websites that my have glamour articles or perhaps violent news images.

In a mockery of ‘data protection’ such websites would have to implement strict age verification requiring people to hand over identity data to most of the websites in the world.

Unsurprisingly much of the internet content industry is unimpressed. A six weerk consultation on the new censorship rules has just closed and according to the Financial Times:

Companies and industry groups have loudly pushed back on the plans, cautioning that they could unintentionally quash start-ups and endanger people’s personal data. Google and Facebook are also expected to submit critical responses to the consultation.

Tim Scott, head of policy and public affairs at Ukie, the games industry body, said it was an inherent contradiction that the ICO would require individuals to give away their personal data to every digital service.

Dom Hallas, executive director at the Coalition for a Digital Economy (Coadec), which represents digital start-ups in the UK, said the proposals would result in a withdrawal of online services for under-18s by smaller companies:

The code is seen as especially onerous because it would require companies to provide up to six different versions of their websites to serve different age groups of children under 18.

This means an internet for kids largely designed by tech giants who can afford to build two completely different products. A child could access YouTube Kids, but not a start-up competitor.

Stephen Woodford, chief executive of the Advertising Association — which represents companies including Amazon, Sky, Twitter and Microsoft — said the ICO needed to conduct a full technical and economic impact study, as well as a feasibility study. He said the changes would have a wide and unintended negative impact on the online advertising ecosystem, reducing spend from advertisers and so revenue for many areas of the UK media.

An ICO spokesperson said:

We are aware of various industry concerns about the code. We’ll be considering all the responses we’ve had, as well as engaging further where necessary, once the consultation has finished.

Advertisements
Read more uk_internet_censors.htm at MelonFarmers.co.uk

information commissioners office logo Elizabeth Denham, Information Commissioner Information Commissioner’s Office,

Dear Commissioner Denham,

Re: The Draft Age Appropriate Design Code for Online Services

We write to you as civil society organisations who work to promote human rights, both offline and online. As such, we are taking a keen interest in the ICO’s Age Appropriate Design Code. We are also engaging with the Government in its White Paper on Online Harms, and note the connection between these initiatives.

Whilst we recognise and support the ICO’s aims of protecting and upholding children’s rights online, we have severe concerns that as currently drafted the Code will not achieve these objectives. There is a real risk that implementation of the Code will result in widespread age verification across websites, apps and other online services, which will lead to increased data profiling of both children and adults, and restrictions on their freedom of expression and access to information.

The ICO contends that age verification is not a silver bullet for compliance with the Code, but it is difficult to conceive how online service providers could realistically fulfil the requirement to be age-appropriate without implementing some form of onboarding age verification process. The practical impact of the Code as it stands is that either all users will have to access online services via a sorting age-gate or adult users will have to access the lowest common denominator version of services with an option to age-gate up. This creates a de facto compulsory requirement for age-verification, which in turn puts in place a de facto restriction for both children and adults on access to online content.

Requiring all adults to verify they are over 18 in order to access everyday online services is a disproportionate response to the aim of protecting children online and violates fundamental rights. It carries significant risks of tracking, data breach and fraud. It creates digital exclusion for individuals unable to meet requirements to show formal identification documents. Where age-gating also applies to under-18s, this violation and exclusion is magnified. It will put an onerous burden on small-to-medium enterprises, which will ultimately entrench the market dominance of large tech companies and lessen choice and agency for both children and adults — this outcome would be the antithesis of encouraging diversity and innovation.

In its response to the June 2018 Call for Views on the Code, the ICO recognised that there are complexities surrounding age verification, yet the draft Code text fails to engage with any of these. It would be a poor outcome for fundamental rights and a poor message to children about the intrinsic value of these for all if children’s safeguarding was to come at the expense of free expression and equal privacy protection for adults, including adults in vulnerable positions for whom such protections have particular importance.

Mass age-gating will not solve the issues the ICO wishes to address with the Code and will instead create further problems. We urge you to drop this dangerous idea.

Yours sincerely,

Open Rights Group
Index on Censorship
Article19
Big Brother Watch
Global Partners Digital

Read more uk_internet_censors.htm at MelonFarmers.co.uk

information commissioners office logo New proposals to safeguard children will require everyone to prove they are over 18 before accessing online content.

These proposals – from the Information Commissioner’s Office (ICO) – aim at protecting children’s privacy, but look like sacrificing free expression of adults and children alike. But they are just plans: we believe and hope you can help the ICO strike the right balance, and abandon compulsory age gates, by making your voice heard.

The rules cover websites (including social media and search engines), apps, connected toys and other online products and services.

The ICO is requesting public feedback on its proposals until Friday 31 May 2019. Please urgently write to the consultation to tell them their plan goes too far! You can use these bullet points to help construct your own unique message:

  • In its current form, the Code is likely to result in widespread age verification across everyday websites, apps and online services for children and adults alike.

  • Age checks for everyone are a step too far. Age checks for everyone could result in online content being removed or services withdrawn. Data protection regulators should stick to privacy. It’s not the Information Commissioner’s job to restrict adults’ or children’s access to content.

  • With no scheme to certify which providers can be trusted, third-party age verification technologies will lead to fakes and scams, putting people’s personal data at risk.

  • Large age verification providers will seek to offer single-sign-in across a wide variety of online services, which could lead to intrusive commercial tracking of children and adults with devastating personal impacts in the event of a data breach.

Read more me_ico.htm at MelonFarmers.co.uk

ico censorship proposal This is the biggest censorship event of the year. It is going destroy the livelihoods of many. It is framed as if it were targeted at Facebook and the like, to sort out their abuse of user data, particularly for kids.However the kicker is that the regulations will equally apply to all UK accessed websites that earn at least earn some money and process user data in some way or other.  Even small websites will then be required to default to treating all their readers as children and only allow more meaningful interaction with them if they verify themselves as adults. The default kids-only mode bans likes, comments, suggestions, targeted advertising etc, even for non adult content.

Furthermore the ICO expects websites to formally comply with the censorship rules using market researchers, lawyers, data protection officers, expert consultants, risk assessors and all the sort of people that cost a grand a day.

Of course only the biggest players will be able to afford the required level of red tape and instead of hitting back at Facebook, Google, Amazon and co for misusing data, they will further add to their monopoly position as they will be the only companies big enough to jump over the government’s child protection hurdles.

Another dark day for British internet users and businesses.

The ICO write in a press release

Today we’re setting out the standards expected of those responsible for designing, developing or providing online services likely to be accessed by children, when they process their personal data.

Parents worry about a lot of things. Are their children eating too much sugar, getting enough exercise or doing well at school. Are they happy?

In this digital age, they also worry about whether their children are protected online. You can log on to any news story, any day to see just how children are being affected by what they can access from the tiny computers in their pockets.

Last week the Government published its white paper covering online harms.

Its proposals reflect people’s growing mistrust of social media and online services. While we can all benefit from these services, we are also increasingly questioning how much control we have over what we see and how our information is used.

There has to be a balancing act: protecting people online while embracing the opportunities that digital innovation brings.

And when it comes to children, that’s more important than ever. In an age when children learn how to use a tablet before they can ride a bike, making sure they have the freedom to play, learn and explore in the digital world is of paramount importance.

The answer is not to protect children from the digital world, but to protect them within it.

So today we’re setting out the standards expected of those responsible for designing, developing or providing online services likely to be accessed by children, when they process their personal data. Age appropriate design: a code of practice for online services has been published for consultation.

When finalised, it will be the first of its kind and set an international benchmark.

It will leave online service providers in no doubt about what is expected of them when it comes to looking after children’s personal data. It will help create an open, transparent and protected place for children when they are online.

Organisations should follow the code and demonstrate that their services use children’s data fairly and in compliance with data protection law. Those that don’t, could face enforcement action including a fine or an order to stop processing data.

Introduced by the Data Protection Act 2018, the code sets out 16 standards of age appropriate design for online services like apps, connected toys, social media platforms, online games, educational websites and streaming services, when they process children’s personal data. It’s not restricted to services specifically directed at children.

The code says that the best interests of the child should be a primary consideration when designing and developing online services. It says that privacy must be built in and not bolted on.

Settings must be “high privacy” by default (unless there’s a compelling reason not to); only the minimum amount of personal data should be collected and retained; children’s data should not usually be shared; geolocation services should be switched off by default. Nudge techniques should not be used to encourage children to provide unnecessary personal data, weaken or turn off their privacy settings or keep on using the service. It also addresses issues of parental control and profiling.

The code is out for consultation until 31 May. We will draft a final version to be laid before Parliament and we expect it to come into effect before the end of the year.

Our Code of Practice is a significant step, but it’s just part of the solution to online harms. We see our work as complementary to the current initiatives on online harms, and look forward to participating in discussions regarding the Government’s white paper.

The proposals are now open for public consultation:

The Information Commissioner is seeking feedback on her draft code of practice Age appropriate design — a code of practice for online services likely to be accessed by children (the code).

The code will provide guidance on the design standards that the Commissioner will expect providers of online ‘Information Society Services’ (ISS), which process personal data and are likely to be accessed by children, to meet.

The code is now out for public consultation and will remain open until 31 May 2019. The Information Commissioner welcomes feedback on the specific questions set out below.

You can respond to this consultation via our online survey , or you can download the document below and email to ageappropriatedesign@ico.org.uk .

lternatively, print off the document and post to:

Age appropriate design code consultation
Policy Engagement Department
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Read more ow.htm at MelonFarmers.co.uk

ico ad snooping The ICO has commissioned research into consumers’ attitudes towards and awareness of personal data used in online advertising.

This research was commissioned by the Information Commissioner’s Office. Ofcom provided advice on the research design and analysis. The objective of this research was to understand the public’s awareness and perceptions of how online advertising is served to the public based on their personal data, choices and behaviour.

Advertising technology — known as adtech — refers to the different types of analytics and digital tools used to direct online advertising to individual people and audiences. It relies on collecting information about how individuals use the internet, such as search and browsing histories, and personal information, such as gender and year of birth, to decide which specific adverts are presented to a particular person. Websites also use adtech to sell advertising space in real-time.

The research finds that more than half (54%) of participants would rather see relevant online adverts. But while 63% of people initially thought it acceptable for websites to display adverts, in return for the website being free to access, this fell to 36% once it was explained how personal data might be used to target adverts.

Read more uk_internet_censors.htm at MelonFarmers.co.uk

House of Commons logo The government has published Online Pornography (Commercial Basis) Regulations 2019 which defines which websites get caught up in upcoming internet porn censorship requirements and how social media websites are excused from the censorship.These new laws will come into force on the day that subsection (1) of section 14 of the Digital Economy Act 2017 comes fully into force. This is the section that introduces porn censorship and age verification requirements. This date has not yet been announced but the government has promised to give at least 3 months notice.

So now websites which are more than one-third pornographic content or else those that promote themselves as pornographic will be obliged to verify the age of UK visitors under. However the law does not provide any specific protection for porn viewers’ data beyond the GDPR requirements to obtain nominal consent before using the data obtained for any purpose the websites may desire.

The BBFC and ICO will initiate a voluntary kitemark scheme so that porn websites and age verification providers can be audited as holding porn browsing data and identity details responsibly. This scheme has not yet produced any audited providers so it seems a little unfair to demand that websites choose age verification technology before service providers are checked out.

It all seems extraordinarily dangerous for porn users to submit their identity to adult websites or age verification providers without any protection under law. The BBFC has offered worthless calls for these companies to handle data responsibly, but so many of the world’s major website companies have proven themselves to be untrustworthy, and hackers, spammers, scammers, blackmailers and identity thieves are hardly likely to take note of the BBFC’s fine words eg suggesting ‘best practice’ when implementing age verification.

Neil Brown, the MD of law firm decoded.legal told Sky News:

It is not clear how this age verification will be done, and whether it can be done without also have to prove identity, and there are concerns about the lack of specific privacy and security safeguards.

Even though this legislation has received quite a lot of attention, I doubt most internet users will be aware of what looks like an imminent requirement to obtain a ‘porn licence’ before watching pornography online.

The government’s own impact assessment recognises that it is not guaranteed to succeed, and I suspect we will see an increase in advertising from providers in the near future.

It would seem particularly stupid to open one up to the dangers of have browsing and identity tracked, so surely it is time to get oneself protected with a VPN, which enables one to continue accessing porn without having to hand over identity details.