The UK Government has announced proposals for a voluntary levy on Internet companies “to raise awareness and counter internet harms”. The government has said that the levy would target issues such as cyberbullying, online abuse and children being exposed to pornography on the Internet.
The levy is one of a series of measures proposed in the Internet Safety Green Paper, which is the result of a consultation launched in February. The other measures include:
· A new social media code of practice to require more intervention by social media companies against allegedly bullying, intimidating or humiliating content
· An annual Internet safety transparency report, to help government track how fast social media companies remove material that has been the subject of a complaint
· Demands for tech and digital startups to “think safety first” – prioritising features to facilitate complaints content removal as functionality that must be into apps and products from the very start
All the measures will be voluntary although the government has not ruled out legislating if companies refuse to take part. In remarks that will be of concern to Internet companies, the Culture Secretary Karen Bradley hinted that the government could change the legal status of social media companies, to deem them publishers rather than platforms, which could mean even greater regulation of their users’ content.
“Legally they are mere conduits but we are looking at their role and their responsibilities and we are looking at what their status should be. They are not legally publishers at this stage but we are looking at these issues,” she said.
The consultation will close on 7 December, and the government expects to respond in early 2018.
“But it is not just Government who has a role here. In the aftermath of the Westminster Bridge attack, I called the internet companies together. Companies like Facebook, Google, Twitter and Microsoft. I asked them what they could do, to go further and faster.
They answered by forming an international forum to counter terrorism. This is good progress, and I attended their inaugural meeting in the West Coast.
These companies have transformed our lives in recent years with advances in technology.
Now I address them directly. I call on you with urgency, to bring forward technology solutions to rid your platforms of this vile terrorist material that plays such a key role in radicalisation.
Act now. Honour your moral obligations.”
— Home Secretary Amber Rudd
The Home Secretary announced that the government would be funding Project Arachnid, web-crawler software developed by the Canadian child protection Cybertipline, designed to search out child abuse imagery online.
“It is software that crawls, spider-like across the web, identifying images of child sexual abuse, and getting them taken down, at an unprecedented rate.
Our investment will also enable internet companies to proactively search for, and destroy, illegal images in their systems. We want them to start using it as soon as they can.
Our question to them will be ‘if not, why not’. And I will demand very clear answers.”
— Amber Rudd
Rudd also doubled down on previous attacks on end-to-end encryption in person-to-person messaging software
“But we also know that end to end encryption services like Whatsapp, are being used by paedophiles. I do not accept it is right that companies should allow them and other criminals to operate beyond the reach of law enforcement.”
— Amber Rudd
Speaking earlier at a conference fringe event, she hit back at critics who accuse her of fighting a war against mathematics, saying
“I don’t need to understand how encrpytion works”,
— Amber Rudd
And accusing tech experts of “patronising” and “sneering” at politicians who want to regulate technology.
Two websites have been discovered to be using their users’ computers and phones to mine cryptocurrency without their consent in a bid to compensate for the continuing collapse in online advertising revenues.
The two sites, BitTorrent search engine, The Pirate Bay, and US video streaming service, Showtime, have now both removed the mining code from their sites after users noticed its existence. The Pirate Bay admitted the practice in mid-September posting that the code was “just a test” and that it was carried out with a view to removing all adverts from the site. Showtime has yet to answer questions about why it was using the code.
The practice is controversial, and has been compared to running malware on user’s computers, as it slows down user’s machines and can also drain their batteries or greatly increase their electricity bills. Meanwhile, the user receives no benefit as all the revenue generated by the mining is collected by the website. The question is whether users will see this as an acceptable trade-off if sites begin to use it as an alternative solution to online ads.
The UK prime minister, Theresa May, has told internet companies that they need to go “further and faster” in removing extremist content in a speech to the United Nations general assembly. The prime minister said that terrorist material is still available on the internet for “too long” after being posted and has challenged companies to find a way to remove it within two hours. The material in question can include links to videos glorifying terrorism and material encouraging converts to commit terrorist acts.
In her speech, May said:
“Terrorist groups are aware that links to their propaganda are being removed more quickly, and are placing a greater emphasis on disseminating content at speed in order to stay ahead.
Industry needs to go further and faster in automating the detection and removal of terrorist content online, and developing technological solutions that prevent it being uploaded in the first place.”
The UK, together with France and Italy, is demanding evidence of progress by the time of a meeting of G7 interior ministers in Rome on 20 October.
21. In some instances, electoral law does specify offences in respect of behaviour that could also amount to an offence under the general criminal law. This is often because electoral offences have special consequences, in that their commission could invalidate the election result and result in the person convicted losing their elected office and/or being subject to a period of disqualification from being registered as an elector, voting in an election and standing for election (section 173 RPA 1983). It may be that similar special electoral consequences could act as a deterrent to abusive behaviour in relation to candidates and campaigners.
Yesterday, Cloudflare ceased to provide caching and DDoS protection services for a far-right blog, the Daily Stormer, following claims by the latter that Cloudflare secretly support their ideology. Cloudflare’s CEO has published a lengthy and thoughtful analysis of their decision, beginning
Now, having made that decision, let me explain why it’s so dangerous.
One interesting tidbit concerns the nature of the pressure Cloudflare was under
“In fact, in the case of the Daily Stormer, the initial requests we received to terminate their service came from hackers who literally said: “Get out of the way so we can DDoS this site off the Internet.”
In an internal e-mail obtained by Gizmodo, Prince was blunt about his reasons for terminating Daily Stormer:
This was my decision. Our terms of service reserve the right for us to terminate users of our network at our sole discretion. My rationale for making this decision was simple: the people behind the Daily Stormer are assholes and I’d had enough.
Let me be clear: this was an arbitrary decision. It was different than what I’d talked talked with our senior team about yesterday. I woke up this morning in a bad mood and decided to kick them off the Internet. I called our legal team and told them what we were going to do. I called our Trust & Safety team and had them stop the service. It was a decision I could make because I’m the CEO of a major Internet infrastructure company.
Having made that decision we now need to talk about why it is so dangerous. I’ll be posting something on our blog later today. Literally, I woke up in a bad mood and decided someone shouldn’t be allowed on the Internet. No one should have that power.
Update note: This article was updated on 18th August to add the quotes from and link to the e-mail obtained by Gizmodo.
The Mayor of London Sadiq Khan announced plans to help improve connectivity across London. One plan involves the creation of a “Not-Spot team” that will specifically target areas in London with low connectivity.
Another initiative entails encouraging local authorities to apply for the Government’s Digital Infrastructure Fund, which was set up to aid investment in full-fibre rollout. Relatedly, the announcement also encourages them to convene a Digital Connectivity Funding Forum that will support them in the application process and provide them with an avenue to share ideas on connectivity.
The plans will also highlight the role that Transport for London (TfL) has in bringing mobile connectivity to London Underground tunnels.
The announcement can be read here.
The UK Government has launched a consultation on its plans to implement the Security of Network and Information Systems Directive (“NIS Directive”). The NIS Directive was adopted by the European Parliament on 6 July 2016 and Member States have until 9 May 2018 to transpose the Directive into domestic legislation. The Government has emphasised that it supports the overall aim of the NIS Directive and that its intention is that this legislation will continue to apply in the UK even after the UK has left the EU.
The NIS Directive imposes obligations on two groups of businesses: “operators of essential services” and digital service providers. However, it does not affect network providers as they are already subject to similar obligations in the UK under Section 105 of the Communications Act 2003.
Under the Directive, operators of essential services including those in the energy, transport, water, healthcare and digital infrastructure sectors will have to take “appropriate and proportionate” security measures to manage the risks to their network and information systems. Operators of essential services will also be required to notify serious incidents to the relevant authority.
Key digital service providers (search engines, cloud computing services and online marketplaces) will also have to comply with the security and incident notification requirements established under the Directive.
Organisations who fall in scope of the Directive will be required to develop a strategy and policies to understand and manage their risk; to implement security measures to prevent attacks or system failures, including measures to detect attacks, develop security monitoring, and to raise staff awareness and training; to report incidents as soon as they happen; and to have systems in place to ensure that they can recover quickly after an event, with the capability to respond and restore systems. The Government has stated that “any operator who takes cyber security seriously should already have such measures in place.”
Organisations who fail to implement effective security measures could be fined as much as £17 million or 4 per cent of global turnover. The Government has said, however, that fines would be a last resort, and will not apply to operators that have “assessed the risks adequately, taken appropriate security measures, and engaged with competent authorities but still suffered an attack.”
The NIS Directive relates to loss of service rather than loss of data, which falls under the General Data Protection Regulations (GDPR).
The consultation closes on 30 September 2017.
For more information, see: Consultation on the Security of Network and Information Systems Directive