WELCOME to Connected Rights, your bug in the light fitting of digital rights news and analysis.
DANGER! THE EU’S UNDER-DEVELOPMENT COPYRIGHT REFORM may turn out very grim indeed. The European Parliament’s industry and culture committees voted on Tuesday to make online platforms liable for the copyright violations of their users, and, in the case of the industry committee, also to extend the absurd concept of “ancillary copyright” (originally intended to make Google pay news publishers for linking to their articles) to academic journals.
Julia Reda, the Parliament’s sole Pirate Party representative and the author of its major copyright reform assessment last year, correctly warns that these changes would cripple research and the EU’s startup industry: http://bit.ly/2tHR8W4. Though to be fair, it would also cripple any online company that accepts user-generated content and operates in the EU, so it’s bad news for everyone really.
It’s important to note that the European Parliament’s main team handling this reform, the legal affairs committee, is yet to vote on what it wants to see. However, it has to take into account what the other committees say. This is looking really bad, and I see protests ahead.
CUSTOMERS OF INDIAN MOBILE OPERATOR RELIANCE JIO have reportedly been caught up in an horrendous leak of their personal details, possibly including their numbers for the state ID system, Aadhaar. One man has been arrested over the leak. The details that have appeared online, covering more than 100 million people, also include names, phone numbers and email addresses.
As The Next Web points out, the incident highlights India’s lack of strong privacy laws that might hold companies accountable for the data they hold. “People can’t even take Jio to court over the leaked data,” the article notes: http://bit.ly/2v6Lt9V
THE DUTCH SECRET SERVICES HAVE BEEN GRANTED what local digital rights group Bits of Freedom describes as “untargeted surveillance [powers] for the systematic and large-scale interception and analysis of citizens’ online communications”: http://bit.ly/2t36Pbm
The so-called tapping law will allow the Dutch secret services to intercept internet traffic on a broad scale, with data being stored for up to three years in order to allow retrospective analysis. It also allows for the hacking of people who are connected to criminal suspects, in order to help investigators get at the suspects themselves. Critics say the promised oversight is insufficient: http://bit.ly/2vbNkKx
MEANWHILE, A FORMER UK SPY CHIEF has decided that backdoors are not the answer to the problems posed by the widespread end-to-end encryption of communications. Robert Hannigan, the erstwhile head of British spy agency GCHQ, says strong encryption “is overwhelmingly a good thing” that cannot be un-invented: http://bit.ly/2u3KjyN
As Glyn Moody notes in that piece, Hannigan has hardly been a friend to the tech industry on this issue, but even he is now explicitly adopting the line, advocated by some security experts, that the way round the privacy of modern messaging apps is not to compromise the security mechanisms themselves, but instead to hack into the phone or computer of the suspect who’s using them (see above).
Properly targeted device hacking is indeed a good compromise – similar to allowing cops to break into someone’s apartment to plant bugs. However, problems arise when mass hacking is allowed (as in recent UK legislation), as innocent people get caught up (again, see above).
WANT TO ESCAPE ONLINE SURVEILLANCE? Good luck if you’re in Russia or China. Both countries are cracking down on the use of virtual private networks (VPNs), which are the most common tools that people use to hide their tracks online. VPNs are particularly useful if you’re using an insecure public connection, such as a café’s Wi-Fi, and should really be encouraged if anything, in order to keep the general public safe from criminals. But in authoritarian countries, it’s no surprise that they’re seen as posing a threat: http://bit.ly/2tHHVgi
WHO REALLY BENEFITS FROM SMART CITIES? If programs underway in Barcelona and (on a smaller scale) Bristol have the desired effect, urban sensor and big-data technologies may actually end up being controlled by citizens themselves (I know, crazy, right?). Here’s a piece I wrote for Alphr, describing the burgeoning second wave of smart city developments, which are this time being driven from the ground up rather than by tech giants looking for new business: http://bit.ly/2t4xPCJ
CAN EUROPEANS TRUST AMERICAN COMPANIES TO PROTECT THEIR DATA? According to two American NGOs, the Center for Digital Democracy and Access Now, not really. September will bring the first annual review of the “Privacy Shield” deal that’s supposed to ensure privacy protections for EU citizens when their data heads across the Atlantic, and these organisations say the program should be found insufficient: http://bit.ly/2t9peOT
“EU citizens and consumers who deal with companies enrolled in the Privacy Shield program confront a serious erosion of their data protection and privacy rights,” wrote CDD executive director Jeffrey Chester in a letter to the European Commission’s justice directorate. “The rights of EU citizens under the Privacy Shield program are not equivalent to how they would be protected by EU law.”
Meanwhile, Access Now points to failures from dysfunctional oversight bodies to the authoritarian tone of the Trump administration.
It would take a lot to turn the Commission against the deal that it, after all, signed off on. There would be dire implications for the tech industry, transatlantic relations and indeed Europeans who like using US-based online tech – for a lot of US services that have signed up to the Privacy Shield register, their legality in the EU may suddenly evaporate.
Then again, few experts see Privacy Shield as a sturdy arrangement, and it’s not just the Commission that needs to keep up its approval – EU privacy regulators, who don’t roll over easily, also need to give it a thumbs-up later this year. This will probably get messy, as Privacy Shield itself has arguably been since its desperate inception as a replacement for the struck-down Safe Harbour deal. (Here’s my article on that, from what already feels like decades ago: http://for.tn/2v8g1Ii.)
ARE YOU A “DEPENDENT CONTRACTOR”? That’s the new classification that’s been suggested for those working for firms such as Uber and Deliveroo, by the author of a major review into British working practices, Matthew Taylor. The Taylor review says online platforms that have a “controlling and supervisory” relationship with workers – the service providers that the platforms link with customers, on the platforms’ terms – should be paying things like National Insurance benefits: http://bit.ly/2udwhLx
“‘Dependent contractors’ are the group most likely to suffer from unfair onesided flexibility and therefore we need to provide additional protections for this group and stronger incentives for firms to treat them fairly,” the review noted.
FACIAL RECOGNITION is being used in public bathrooms in China to stop people taking more than their fair share of toilet paper. There is so much wrong with this that I’m not sure where to start, so I’ll just leave the dystopian implications to your imagination. However, if you want a jauntily-soundtracked video to start a fun conversation about modern technology’s applicability in a communist setting, here you go: http://bit.ly/2ud7tU9