Food stamps and the database state…

The latest proposal for ‘food stamps’ has aroused a good deal of anger. It’s a policy that is divisive, depressing and hideous in many ways – Suzanne Moore’s article in the Guardian is one of the many excellent pieces written about it. She hits at the heart of the problem: ‘Repeat after me: austerity removes autonomy’.

That’s particularly true in this case, and in more ways than even Suzanne Moore brings in. This new programme has even more possibilities to remove autonomy than previous attempts at controlling what ‘the poor’ can do with their money – because it takes food stamps into the digital age…

The idea, as I understand it, is that people will be issued with food ‘cards’, rather than old fashioned food stamps. The precise details of these cards have yet to emerge, and quite how ‘smart’ they will be has yet to be seen, but the direction is clear. The cards will only work in certain shops, and only allow the purchase of certain goods. At the moment they’re talking about stopping ‘the poor’ from buying such evil goods as tobacco and alcohol, but as Suzanne Moore points out, equivalent schemes in the US have blocked the purchase of fizzy drinks. In a digital world, the control over what can or cannot be purchased can be exact and ever-changing. It allows complete control – we can determine an ‘acceptable’ list of things that people can and cannot buy.

All well and good, so people might think. Let’s make sure people only eat fresh fruit and vegetables – improve the nation’s health, instil better eating habits, force people to learn to cook. All for the better! There are, however, one or two flaws in this plan.

Firstly, it seems almost certain that the plan will be effectively subcontracted out to private companies – and limited to specific shops. In Birmingham it has already been said that these cards will only work in ASDA. Doubtless there will be tendering process, and the different supermarkets will be vying for the opportunity to stake their claims. Once they do, which products will they be directing people to buy? The most nutritious ones? The cheapest ones? The most practical ones? Or the ones that will make them the most money?

Secondly, these cards present a built-in opportunity for profiling. Just as existing supermarket loyalty cards are used primarily to profile the people who use them, monitoring shopping habits in order (amongst other things) to find ways to convince people to spend more money, these kind of food cards can be used to profile the people who use them. This may not be any different from existing supermarket loyalty cards – but at least people have a choice as to which supermarket they use, and whether they want to be profiled. This kind of a system is effectively selling the profiles of people directly to the supermarkets, without any choice at all. Now of course privacy isn’t as important as food – but is it really right that we say that poor people aren’t allowed privacy?

Thirdly, a database will be built up of those who have the cards – and it will be a database that is crying out to be used. If those selling ‘pay-day loans’ with interest rates in the thousands get access to those databases they’ve got a beautiful set of potential targets to exploit – almost certainly complete with addresses included, just in case the people need a little ‘visit’ to chivvy them along in terms of payment.

There are further implications of this kind of thing – logical extensions to the idea. Once the system is introduced, it’s almost bound to be abused. If you have a ‘food card’ but need cash – for example to pay off a loan – then if someone else says ‘I’ll buy your card for cash, but at a 40% discount’, many, many people may accept that offer. The chances of a black market growing are huge, and the implications even worse. It would make the poor poorer (by whatever discount they’re forced to accept for their cards) for starters, but there’s more. If the authorities see this kind of abuse to the system happening, they’ll try to do something about it – for example, by requiring biometrics for verification. Fingerprints are even a possibility…

…which may seem far fetched, but school canteens around the country are already using fingerprint verification to allow children access to school meals. The technology is there – and those who make it and sell it will be lobbying the government to let them have contracts to do this.

That, again, makes the situation worse – making the databases even more invasive, even more open to abuse, and so the cycle begins again.

Of course this is only a side issue compared to the main issues of divisiveness, demonisation and sheer vindictive dehumanisation that are the inevitable consequences of this kind of scheme. I’m sure, however, that these possibilities won’t have escaped the eagle eyes of those working with these kinds of schemes. It may sound like a conspiracy theory – and indeed, to an extent it is – but it isn’t nearly as far fetched as might be imagined. As well as removing autonomy, austerity provides opportunities for those unscrupulous enough to use them – and sadly, as the last few years have made far too clear, there are plenty of people and companies like that.

Don’t blame Leveson…

There’s been a lot of anger around about the new regulatory system for the press, even before the details have really been sorted out. Some in the press are calling it the end of freedom of speech. Many are angry and worried about the impact on bloggers and tweeters. Quite a few magazines and newspapers are already saying they won’t join the new regulator, even before the form of that new regulator has been announced. Some are saying that the ‘exemplary damages’ system that accompanies the Royal Charter may breach human rights – and may be challenged in the European Court on that basis.

Some of this anger may be well placed – and some of the challenges may have validity. The situation for bloggers is far from clear, and every attempt that is made to clarify it seems to make it muddier – the latest being an exemption for ‘small blogs’, without a definition of what a ‘small’ blog is. Is this blog of mine small, for example? Would it be determined by number of hits? By average hits? By number of unique visitors? All of those figures can be misleading. I still remain unconvinced that even if bloggers are covered by this law that there is really much to worry about from it. We have much bigger concerns, such as the use of public order and other speech laws (as I’ve blogged about before) but I can understand why people are concerned and agree that we need clarity and properly written law, making the situation clear and giving appropriate protection for bloggers and tweeters.

What I am clear about, however, is that many people are trying to lay the blame for all of these problems (and directing their anger) at the wrong targets.

Leveson isn’t really to blame. It seems clear that he doesn’t understand the internet very well (particularly given what scant attention he gave it in his report) and he does seem to have somewhat authoritarian tendencies where the internet is concerned, as his first speech after his report suggested. However, he was just doing his job – and in the most part doing it pretty well.

Much though it goes against the grain to say it, the politicians aren’t really to blame either: they’re just doing what politicians do. They’re following what they perceive to be public opinion, and acting in the usual way. For even David Cameron to end up backing this kind of solution, given his connections with certain elements of the press, the political pressure must have been pretty strong, and not just from the opposition and the Lib Dems. Yes, they could have drafted their proposals better, and yes they could have been more carefully thought through, and given more time rather than being hastily agreed at 2.30 am in Ed Miliband’s offices, but that’s still not the fundamental problem.

Of course they all had their parts to play, and they all should take some of the blame – but not that much. The lion’s share of the blame lies with one group, and one group alone: the press themselves. None of this would have happened if the press had not behaved abysmally – and what has happened would have been much less oppressive if some of the key elements press had shown at least some sign of humility. Instead, what we’ve seen these last few days has reminded most people of exactly why the press need regulation – and why there’s such an appetite for press regulation. The death of Lucy Meadows, so viciously monstered by Richard Littlejohn in the Daily Mail, and the hideous way that they reported her death, maintaining their transphobia even as they reported her death, was the most horrendous example, but it was not unique. They way that the Daily Mirror put a picture of actor Colin Baker, next to a story about a Dr Who sex scandal with which he had no connection was another awful example.

For those of us who study regulation it is a familiar cycle. When people or groups push the limits of bad behaviour, that’s when regulators swing into action. They often end up ‘over-regulating’, using sledgehammers to crack nuts, but if the nuts didn’t need cracking in the first place they wouldn’t do it. In my specialist field, that of internet privacy, it has happened again and again. The ‘right to be forgotten’, an idea that has caused consternation in some circles, would never have been brought into action if it hadn’t been for Facebook making it so difficult for people to delete their accounts. The ‘cookies directive’, the piece of legislation that brought about all those annoying warnings when you visit websites, would never have happened if behavioural advertisers (and in particular Phorm) hadn’t invaded our privacy again and again and again.

In all these cases, the ‘offenders’ were asked nicely to change their ways – and didn’t. All they did was metaphorically laugh in the face of the potential regulators, assuming they were out of reach, or untouchable. Regulators react to that kind of thing – and there are repercussions. Often those repercussions fall upon innocent bystanders – such is the case now with the responsible press, and many bloggers, potentially suffering as a result of the overreach of the regulators.

So yes, you can blame the regulators if you want – but don’t forget why all this came about, and remember who’s really to blame. Not Lord Justice Leveson. Not Ed Miliband. Not even David Cameron. In the end, it is the press that have brought this upon us all.

The Snoopers’ Charter: we need a new consultation

The Communications Data Bill – more commonly (and fairly accurately) known as the ‘Snoopers’ Charter’ is due to re-emerge at any moment. We have been expecting it for some time – and yet have seen nothing official, and there has been no sign of a proper public consultation on the subject. That, to me, is wholly inadequate – so I have written to the Home Office, copying in my MP, Dr Julian Huppert. The contents of the letter are below. If you feel strongly about this matter – and I hope you do – you could add to the pressure to have a proper public consultation by using the Open Rights Group’s system, which can be found at:

Here’s what I wrote – it is fairly long, but still only scratches at the surface of what is wrong with the overall approach to surveillance put forward in this bill:


Dear Home Office

Re: Draft Communications Data Bill

I write to you as a legal academic, specialising in data privacy, and as a member of the public with significant concerns over the progress of the Communications Data Bill. In my opinion we need a consultation – and a public and open consultation – on the Bill for many reasons.

The media storm – and the eventual and significant criticism levelled at the bill by the Parliamentary Committee hastily convened to discuss the bill the first time around should have made it clear to the proponents of the bill that there is a huge public interest in this area. That has a number of implications:

  1. That the criticisms levelled at the bill need to be taken seriously.
  2. That all the interested groups, including advocacy groups and academics – and indeed the public – need to be talked to up front, not after all the work has been done.
  3. That a ‘fait accompli’ is not an acceptable solution
  4. That the level of ‘proof’ provided by those putting the bill forward needs to be much more convincing – and much more open – than what has been provided to date. It is simply not sufficient to say ‘it’s dangerous and something must be done’, or ‘we can’t tell you why, but we need to do this’.

Those of us interested in the Bill have been waiting for the consultation to begin – there have been leaks to the media at intervals suggesting that it would start soon, but so far nothing has been made official or public. That is both unfortunate and ultimately unacceptable. We need that consultation to begin soon, and in an open and public way.

A targeted rather than universal approach to surveillance

Though in my view the Parliamentary Committee did a very good job in scrutinising the bill and in reviewing the huge amount of evidence submitted to it, there are a number of areas that I do not believe were sufficiently considered.

These areas hit at the very essence of the approach adopted by the bill. The whole idea of a ‘gather everything for later scrutiny’ approach misses many of the fundamental risks attached to this kind of surveillance: the risks of data and system vulnerability, of function creep, and of system misuse. Much of the evidence submitted to the committee that scrutinised the Communications Data Bill examined these risks – but the committee did not, in my opinion, see quite how fundamentally they undermined the overall approach of the Bill. Nor, in my opinion, did they look sufficiently into a genuinely alternative approach.

That alternative is to go for a targeted rather then universal surveillance. This kind of approach can significantly reduce all of these risks. Putting both the warranting and the filtration systems before the gathering stage rather than the accessing stage would reduce the amount of data that is vulnerable, make the systems harder to misuse, and reduce the likelihood – or the impact – of function creep. It is closer to the concept at the heart of British justice: that people are innocent until proven guilty.

1     Risks of data and system vulnerability.

It is a fundamental truth of computer data that wherever data exists and however it is held it can be vulnerable – to hacking, to accidental loss, to corruption, to misinterpretation, to inappropriate transfers and to many other things. By gathering all the communications data, this approach sets itself up for disaster – it is like painting metaphorical signs saying ‘hack me’ on the databases of information. If you build it, it will be hacked.

What is more, it is not only data that’s vulnerable but systems – if ‘black boxes’ are installed at ISPs, those black boxes will also have the metaphorical ‘hack me’ signs upon them. If you make a back door, the bad people as well as the good people can come in. It doesn’t matter how secure you think your system is, it can be broken into and hacked.

The government doesn’t have an inspiring record in terms of keeping data secure – from the Child Benefit data discs and the MOD laptops to the numerous NHS data breaches – but this is not really so much a reflection of government inadequacy to an underlying truth about data and systems. Stories of hack and data losses are in the news almost every day – and even those with the greatest technical ability and the greatest incentives to keep data secure have been victims, from Swiss banks to pretty much every major technology company. Facebook, Apple, Microsoft and Google have all fallen victim over recent months.

Ultimately, the only data that is not vulnerable is data that doesn’t exist at all. Furthermore, the only systems that can’t be hacked are systems that don’t exist. If targeted rather than universal surveillance is used, then the vulnerability is enormously reduced.

2      Risks of Function Creep

When data is gathered, or systems are built, for a specific purpose, that purpose can very easily end up being changed. This is a phenomenon particularly common in the field of anti-terror legislation and systems. Most people are aware of RIPA having been used for such things as dog fouling and fly-tipping, of CCTV cameras ostensibly for crime prevention actually being used to check children’s addresses for school catchment areas and so forth – but these are not myths or even particularly atypical. This has become something close to a ‘norm’ in this field.

There often appear to be good reasons for this function creep – not many people argued when the CCTV system for the London Congestion Charge started being used for crime prevention, for example – but it is a phenomenon that needs to be acknowledged. There isn’t really a legislative way to deal with it – caveats in laws can be sidestepped, laws can be amended in moments of ‘need’ and so forth. The only way to prevent it, as for data vulnerability, is to not build the systems or gather the data in the first place.

Again, this is a strong argument against universal data gathering – data gathered specifically, in a targeted and warranted way, presents less of a risk of function creep. Similarly, specifically designed and targeted systems are less susceptible to function creep than huge, universal surveillance systems.

3      Risks of System and Data Misuse

Another phenomenon familiar to those who study this field is that systems can be and are misused – whether it is databases searched for information about people against whom the searcher has a grudge, or collusion between the authorities and the press. The Leveson Inquiry should have made it entirely clear that such risks are not mythical – and if anyone believes that either the police and other authorities or the press have completely changed as a result of the exposure of the phone and email hacking then they are being extremely naïve.

The systems and data envisaged in this plan are particularly susceptible to this kind of misuse. The description of this kind of system as a ‘Google for communications data’ is entirely apt, and anyone who uses Google regularly should understand how easily the process of searching morphs from one thing to another. Human beings will use these systems – and human beings have human weaknesses, and those weaknesses lead almost inevitably to this kind of misuse. With universal data gathering built into the system, the database would be ripe for very serious misuse indeed.

Again, there is only one real way to deal with the possibility of system and data misuse – minimise the size and scope of the system and the amount of data involved. That, again, suggests that we need targeted rather than universal surveillance.

The Normalisation of Surveillance – and the Panopticon Chill

These are just a few of the problems that a system like this could bring about. There are many more – and I have written before about how this kind of surveillance impacts not only on privacy but on a whole array of human rights. By suggesting that universal surveillance is something that we should consider normal and acceptable we are ‘normalising’ – which has a whole set of implications.

Jeremy Bentham’s concept of the Panopticon, one with which I am sure you are familiar, is based on the idea that if people know that they’re being observed, they modify their behaviour. He envisaged it for a prison – to help control the behaviour of potentially violent and dangerous prisoners, put them in a position where they know that at any time they might be observed. In effect, this is what this kind of a system does – it tells everyone that whatever they do on the internet can and will be observed.

What will that mean? Well, it creates a kind of ‘chilling effect’ – what I would call the ‘Panopticon Chill’. It means people will be less free with their speech – and feel less free about what they do, where they go, and what they do online. That impacts upon many of our recognised human rights: freedom of expression, freedom of association and freedom of assembly to start with.

There are some who would welcome this kind of Panopticon Chill – some who think that we need to control the internet more. That, however, is to treat us as though we are prisoners in an enormous online jail. Bentham’s idea was not for ordinary peoples, but for potentially violent and dangerous prisoners. Is that how we all want to be treated? Is that the kind of society that we want to live in?

What kind of society do we want to live in?

That is the bottom line for the Communications Data Bill. Putting this kind of bill into place would be to set up precisely the kind of surveillance society that Orwell warned us of in 1984. Is that what we want to do?

There are other huge questions – not least the question of whether it will work at all. As the huge quantity of evidence submitted in the initial consultation revealed, few real experts believe that it will – anyone with expertise will be able to sidestep the system, leaving the rest of us to suffer the downsides of this kind of surveillance without the upsides even existing.

What is more, by promoting such a system in this country we not only give permission for the more oppressive of regimes to do the same (and leaders from Putin in Russia to Assad in Syria will be watching us with eagle eyes) but we would also be kick-starting the surveillance technology industry. Whichever companies win the contracts to supply the tech to enable the Bill will be looking to exploit that technology – who will they sell their systems to? What will the next systems they apply their learning and experience to? The £1.8 billion (and probably more) that the UK government spends on this will reap benefits to dictators and oppressors worldwide in coming decades.

A new draft of the Communications Data Bill?

As I understand it, only people close to the Home Office have yet seen how the Communications Data Bill will look in its new draft. I have been told that I won’t be upset when I see it – but without more information it is hard for me to be optimistic. Unless there is a fundamental change – most importantly a shift from the universal to the targeted approach, and an application of warrants and filters at the gathering rather than the accessing stage – it is hard to imagine that it will be something that I do like, and something that will inspire public trust.

A bill based on targeted rather than universal surveillance is possible. If it is brought about I believe it could not only be more compatible with human rights, send better messages to the rest of the world and be more cost effective – but it could also be more effective and less wasteful of the scarce resources of the police and intelligence services.

It does, however, require a big shift in attitudes. I hope that shift in attitudes is possible – and, at the very least, that we can have this debate in public, on reasonable and sensible terms, and without the feeling that we are being railroaded into a particular solution without any real options being presented.

A proper consultation

That, ultimately, is why we need a proper consultation. I have a perspective to present – and very particular views to put forward. I believe they are worthy of consideration – and I am very much open to discuss them. That discussion has not yet taken place. We need it to happen – and we have a right to have it happen. A proper consultation should happen now – at the drafting stage – not after everything has been already set in stone.

One real key here is that the public has not been properly informed over this debate. Initially, it appeared as though the government wanted to get this bill passed so quickly there wouldn’t even be time for Parliamentary scrutiny – it was only when the issue caused outrage that the committee was set up, and even then the consultation period was very brief and at a time when many academics in particular were not in a position to submit. We need more time – this is a crucial issue, and the public needs to have confidence that an appropriate decision is being made. The debate was characterised at times by language that should have no place in a serious debate, with opponents of the bill being accused of having blood on their hands.

This time around, we need proper consultation, with sufficient time and sufficient opportunity for all stakeholders to have their say. All options need to be considered, and in a way that both encourages and supports public participation, and develops a greater level of trust.

I am copying this letter to my MP, Dr Julian Huppert, who was on the Parliamentary Committee that scrutinised the bill, and to the Open Rights Group as well as making it public on my blog.

Kind regards

Dr Paul Bernal

Lecturer in Information Technology, Intellectual Property and Media Law
UEA Law School
University of East Anglia
Norwich NR4 7TJ

An angry rant… about Workfare, Labour, and politics….

I’m angry. I haven’t been this angry for some time. The trigger for this anger was the appalling behaviour of the Labour Party, led by Ed Miliband and Liam Byrne, in allowing the fast tracking of the bill enabling the retrospective rewriting of the Workfare rules, but in truth this anger has been growing for a while. It’s an anger born of frustration and disappointment in the behaviour of our entire political elite – but in particular the Labour Party.

The Tories are substantially behaving like Tories, and the Lib Dems are behaving in the way that Lib Dems have pretty much since they joined the Coalition – supporting their ‘coalition parties’ but occasionally wringing their hands about how hard it all is. Labour, I thought, might be different. I hoped they would be different. What’s becoming all too clear is that I was pretty much entirely wrong in those hopes.

I’ve been a Labour supporter all my adult life – indeed, I was campaigning on the doorstep for Labour as a fourteen-year-old, back in the late 70s – and for much of that time I’ve been a member of the Party. I left during the Blair years – mostly, in truth, because I left the country – but I remained a supporter. That support is now on its very last legs. It’s hanging by a thread.

My anger is on many levels – but the biggest one is about the failure of the Labour Party to challenge any of the ideological agendas that are being put forward. That’s not just a theoretical problem – the results of it are becoming manifest in almost every policy area.

In education there’s almost nothing from the Labour Party to challenge the evidence-free and ideologically-driven policies of Michael Gove – though those working in education, those in academia who study education and the empirical evidence from all around the world are all lined up against what he says and does. What does the Labour Party have? Stephen Twigg meekly accepting and even supporting much of what Gove says – and supporting such absurdities as military schools!

The welfare agenda has been pretty much set by the Tories – where is the challenge to the false, damaging and hideously ugly ‘strivers vs scroungers’ agenda dictated by Iain Duncan-Smith, the Daily Mail and Daily Express? What does Labour do? Apes the Tories by going on about ‘hard-working families’ and not just accepting the whole concept of Workfare but fast-tracking it, and riding roughshod over so many legal principles it’s hard to keep count. Indeed, as many people have pointed out to me, the ‘workfare’ agenda was actually set up by Labour under Blair and Brown – but that doesn’t make it any better. The ‘divide and rule’ tactics of the Coalition should have made it clear to the Labour Party the real damage of this kind of policy – and the break from power should have given them a chance to see that another direction was possible.

One of the other pieces of ugliness of the welfare system is that it will hit the disabled particularly hard – when combined with the rest of the ‘reforms’ which have already begun to bite in horrible ways. Add in the Bedroom Tax (and yes, as a former accountant I know it isn’t a tax, but the effect is very similar) and you get an anti-disabled agenda that hasn’t been seen for decades – and reveals an ugliness of spirit that’s deeply depressing. Egged on by the tabloids, the way that the disabled are portrayed as the worst of the scroungers, as fakers, as liars and cheats is one of the worst things seen in this country in my lifetime. Even Thatcher at her worst didn’t do things like this. And where is Labour in opposing this? Yes, they’ve done a reasonable job over the Bedroom Tax – but up until that point they largely accepted the agenda – and certainly didn’t fight it. It’s not just the measures that are wrong, but the messages behind them. Labour should have been fighting them at EVERY level – saying NO! This is WRONG. Instead they’re largely supine, as spineless as the Lib Dems – and without even the excuse of a Coalition agreement.

On immigration it’s even worse – Ed Miliband himself takes up the agenda set by the bigots and runs with it, though both the empirical evidence and the moral arguments are very much on the pro- rather than anti-immigrant side. Yes, you can argue that ‘people’ are anti-immigration – but why are they? In part at least because there’s been no real opposition to the arguments put forward against immigration. Even in power, though Blair and Brown didn’t pursue anti-immigration policies they didn’t engage with the debate but hid it away. By now it may be too late – the bigots have the upper hand – and it makes me cry sometimes to see what an opportunity was missed, and how much hatred has been generated as a result.

There are more examples – the privatisation of the NHS hasn’t been properly opposed, and indeed was to a great extent started by the Labour Party. The ‘anti-terror’ agenda is one pretty much entirely of Blair’s making, but with him gone there’s a chance to find a position of soul, conscience and effect – but it’s a chance that doesn’t seem to be able to be taken….

…and that’s my biggest cause of anger. Now is a historical opportunity to change the agenda. The failures of the current system are becoming clearer and clearer – and the chance to find a new way should be bigger and clearer than ever. In the past, it might have been possible to argue that there is no alternative – but now? We shouldn’t have to accept the same old stuff. We shouldn’t. And yet we’re offered no alternative at all. None in any substantial form.

It makes me very, very angry. I’d love to have a Labour Party that I could support. I’ve got a huge amount of energy. I even have expertise of a sort – I’m a former Chartered Accountant, I teach Law at a good University, I understand technology and all kinds of other things of importance today. I can even write a bit when the muse descends. All of this could be at the Labour Party’s disposal – and there are many, many more like me. Do they want us? Right now they’re going exactly the wrong way about it.

Leveson: Bloggers and the Royal Charter

One of the immediate reactions to the last minute deal over the implementation of the Leveson recommendations was that it would hit bloggers and tweeters very hard. I’m not sure that’s really true – and will set out here why. I should say these are just a few first thoughts – it will be quite some time before everything becomes clear, partly because the Royal Charter itself needs careful and detailed analysis and partly because it’s not just the Charter itself that matters, but the documents and guidelines that follow. The Royal Charter is only part of the story. It sets out terms for a ‘recognition panel’ that ‘recognises’ regulators – it doesn’t set up the regulators themselves. As Cameron and others have been at pains to point out, the idea is that the ‘press’ sets up the regulator(s) itself.  We have yet to see what form any regulator the press sets up will take. It has to be good enough for the recognition panel to accept – that’s the key…

So what about bloggers?

Attention has been focused on Schedule 4 of the Royal Charter (which can be found here), which sets out two definitions:

relevant publisher” means a person (other than a broadcaster) who publishes in the United Kingdom:

i. a newspaper or magazine containing news-related material, or

ii. a website containing news-related material (whether or not related to a newspaper or magazine);”

news-related material” means:

i. news or information about current affairs;

ii. opinion about matters relating to the news or current affairs; or

iii. gossip about celebrities, other public figures or other persons in the news.”

So, according to those definitions, many – perhaps most – bloggers would count as ‘relevant publishers’. Certainly I would say that my own blog – this one – would fit the definition. This seems to have caused many people to panic – but you need to look a little further: in particular, what does it mean to say that I’m a ‘relevant publisher’?

On a quick review of the Royal Charter, all it appears to mean at present is whether I would be eligible to part of the ‘recognition’ panel, or employed by that recognition panel – part of the rules intended to keep the recognition panel independent of the press, one of the key parts of the Leveson recommendations.

It may of course mean more than that in time – but we don’t know. We need to see more – the real details of how this will work have yet to emerge beyond the initial Royal Charter Draft. The fact that the definitions are there doesn’t mean much – though it could be a pointer as to the direction that the new regulatory regime is headed. It may indeed be that the new scheme is intended to ‘regulate the web’ but it doesn’t do so yet.

What’s the difference between a newspaper’s website and a blog?

That’s the big question that has yet to be answered. There’s a clear difference between the Guardian Online and my little blog – but where does things like Conservative Home, Liberal Conspiracy and Guido’s Order Order fit into the spectrum? There were even rumours last year that the Guardian was going to abandon its ‘real’ paper and focus only on its online version – they were quickly scotched, but they were believable enough for a lot of people to accept them. If they had happened, should the Guardian Online have been regulated as though it were a newspaper?

If the press is to be regulated at all – and the consensus between the political parties that lay behind yesterday’s deal suggests that non-regulation is not an option – then online newspapers that are effectively the same as ‘paper’ newspapers should have to be regulated too. Small blogs shouldn’t – and Cameron and others have been quick to say that social media won’t be covered, though quite how they bring that into action has yet to be seen. The difficulty lies in the greyer areas, and that’s where we have to be vigilant – the devil will be in the detail.

What about those huge fines?

The Charter actually says the body should have “…the power to impose appropriate and proportionate sanctions (including but not limited to financial sanctions up to 1% of turnover attributable to the publication concerned with a maximum of £1,000,000)…”

Appropriate and proportionate sanctions for a non-profit blogger would therefore be likely to be qualitative – remedies like proper and prominent apologies come to mind. The fining capability – the £1,000,000 that has made its way into press headlines – may mean something to big newspapers, but it’s effectively irrelevant to bloggers. We don’t have ‘turnovers’ of any significance – and big fines would (in general) be inappropriate and disproportionate.

The real key is the idea of ‘exemplary damages’, introduced by the Crime and Courts Bill. That, however, introduces a different definition of ‘relevant publisher’. It says:

“(1) In sections (Awards of exemplary damages) to (Awards of costs), “relevant publisher” means a person who, in the course of a business (whether or not carried on with a view to profit), publishes news-related material—

(a) which is written by different authors, and

(b) which is to any extent subject to editorial control.”

That means that individual bloggers are automatically exempt – but leaves the bigger bloggers like Conservative Home, Liberal Conspiracy and Guido’s Order Order subject to possible exemplary damages.

Personally I don’t think the risk is at all high – exemplary damages are highly unlikely to apply except in the most extreme of circumstances, but it is still something to be alert to.

…and anyway, blogs are already subject to the law

This is a key point that many seem to miss. This regulatory framework isn’t acting in a vacuum. Bloggers and tweeters are already subject to the law – to defamation law, to privacy law, to copyright law, to public order law, to laws concerning hate speech, to obscenity law. This framework would do nothing to change that. Those laws are complex and variably effective – and variably enforced.

Personally that’s what I’d be concerned about, much more than Leveson. The illiberality of the use of public order and related law on tweeters and bloggers is something that, for me, is far more dangerous a trend than anything this Royal Charter could bring about.

Keep vigilant

These are just some first thoughts – there’s a long way to go with this. Monday wasn’t the last word in this. Far from it – we need to watch very carefully and lobby very strongly if things seem to be moving the wrong way, but we shouldn’t be distracted and forced into a panic over anything at this stage.

Personally, I wonder whether those who are against the regulation for their own reasons are just trying to scare bloggers and tweeters, and enlist them on their side. Not me. Not yet.

Leveson: don’t believe the hype….

With Monday’s debate and vote looming, the hype over Leveson seems to be ratcheting up a few notches. Nick Cohen’s acerbic piece in the Observer, headlined ‘Leveson’s liberal friends bring shame upon the left’ is just one example. Given that those most closely involved in the debate on both sides are journalists, politicians and ‘media folk’ it should not come as a surprise that the contributions (again on both sides) are well-written, in prominent places in the media, and tending towards the hyperbolic.

If you believe Cohen and those on his side, the ‘pro-Leveson lobby’ are risking centuries of precious free speech just to make a political point, whilst if you believe Cathcart, Hugh Grant and the Hacked Off team, if we don’t implement Leveson we will be missing a historical opportunity to rein in the evils of the press barons and their abominable practices. Who’s right? The points made by both sides are well-put and seductive. Cohen’s right that we shouldn’t allow an opportunity to humiliate David Cameron and give the likes of Murdoch and Dacre a bloody nose to blind us to the risks to free speech of giving politicians control over the press. Hacked Off are quite right that what the press have done – and indeed continue to do – is often hideous and hugely reprehensible, and that just allowing it to go on without any action would be ridiculous. And yet I find it hard to get wholly enthused by either side of the debate.

Leveson wouldn’t be the end of free speech…

I don’t believe the ‘anti-Leveson’ argument for a number of reasons. First of all, because as I’ve argued before I don’t think the mainstream press that we have now bears much resemblance to a ‘free press’ – it’s just a question of who or what controls it, rather than whether it’s free. Secondly, I don’t think that what’s being proposed by either side will actually do much to fetter the press. It may control one or two excesses, but it won’t do anything that’s not already being done. We already have defamation and privacy law that impacts upon free speech, we already have huge editorial control that prevents some of the really important debates ever reaching the public eye – what’s proposed by Leveson won’t make as much difference as his opponents might think.

Leveson wouldn’t do much to control press excesses…

Similarly, I don’t believe the ‘pro-Leveson’ group either. Firstly, as noted above I suspect they’re deeply naïve if they believe that even the full implementation of Leveson would really do that much to curb the practices of the press – regulation rarely has the effects that people might desire, either way. What’s more, if they imagine that implementation of Leveson would turn the likes of the Sun, Mail and Express into responsible papers, they’re really living in cloud cuckoo-land. Regardless of Leveson, the Sun will still be full of rampant misogyny, the Mail full of vile anti-immigrant and anti-European rants and the Express will still billow out homophobia and Islamophobia. They’ll continue to demonise the disabled and those on benefits, twist the debate on Europe and shift the blame for all our problems onto the vulnerable and the innocent. They may not hack our phones, but they’ll still find a way to dig out secrets and private information – and ways that are technically legal, too. The data is out there – and they’ll find a way to dig it out and to use it in all kinds of horrible ways. If we think statutory press regulation will stop this, we’re deluding ourselves.

This debate is about politics…

The reality, it seems to me, is that this debate is primarily a political one – and almost nothing to do with free speech. It’s a chance for David Cameron to put clear blue water between himself and the Lib Dems – and a chance for Ed Miliband to give Cameron a good hiding. It’s Nick Clegg staking claim to a liberalism that his behaviour over the last two years in coalition have vigorously denied. It’s a chance for all three to position themselves in preparation for the long run-up to the 2015 election. Nothing to do with free speech at all. But then, to a great extent, free speech is moving on from the ‘press’…

Free speech matters…

All this is happening while the real ‘cutting edge’ of free speech is somewhere other than the papers – and is under threat in ways that Leveson doesn’t get close to. Free speech is in the hands of the bloggers and tweeters – and the question of how to ‘regulate’ them is still up in the air. Social media prosecutions are still happening – and though the DPP has issued new guidance that might liberalise it a bit, the proof will still be in the pudding. We don’t know what will happen – but none of the political parties has taken a good, free speech stance, obsessed as they are by Leveson.

Free speech is also in the hands of the protestors – and there are also few signs that any of the politicians are coming out properly in support of the rights of people to protest. Instead, there are prosecutions and crackdowns. If politicians of any side of the debate are really in favour of free speech, they’d be talking about this a lot more. Are they? Not really – and certainly not at anywhere near the level that they talk about Leveson.

For me, Leveson is to a great extent a distraction. However the vote goes on Monday, it won’t be disastrous for either side. There will be much more hype over the next few days – but we should take it all with a huge pinch of salt. We shouldn’t believe the hype – we should focus more on the real threats to free speech that are out there.

Internet Surveillance: a despot’s dream…

Imagine you’ve just been appointed the head of the online secret police for an oppressive dictatorship. Your leader comes to you with a worried expression. The internet bothers him, he tells you. People get to say whatever they want, to talk to whoever they want, and it’s spreading dissent and destabilising the government. ‘It’s a disaster,’ he says. ‘What are you going to do about it? We need to keep this under control.’

You think about it a bit and then come up with a plan. Our main problem, you tell him, is that we don’t know enough about what is going on. We need to monitor everything. ‘If we know who is talking to who, what sites they’re visiting on the internet, which social networking systems they’re using, and for what, then we can start to take back control.’

A smile starts to appear on the leader’s face. ‘What next?’ he asks.

‘Next we need to set up a system to be able to search through all that information – some kind of filtering system to find what we want to find.’

‘You mean like a kind of Google for private communications and internet activities?’

‘Exactly. We can search for whatever we want – and whoever we want. But there’s more: we can use that information to do much more. They think the internet’s a tool for their free speech – we can turn it into a way to find them, to arrest them, to block them, to find out who likes what they say. We can access their activities in real time and respond to them before they know what’s happening. We can turn the tables on them.’

Your leader smiles and rubs his hands together. ‘Go for it,’ he says.


A dystopian vision?

This may seem like a dystopian vision – but it is, in essence, exactly what the Communications Data Bill is designed to do. It is set up to allow full access to all internet activities, both in a stored form for later access and analysis and a ‘real-time’ feed, allowing monitoring of what people are doing while they’re doing it. It then legislates for a filtering system to be created, a system by which those in authority can search through all the data gathered to find what they want, using whatever terms they want. No warrants are required so long as the person mandating the search is sufficiently senior – and currently, precisely what level of seniority is required in each relevant authority is not specified in the bill, leaving it to the discretion of the authorities concerned.

There are similar initiatives around the world: two prime examples are those proposed in the current review of Australia’s National Security laws and, to a certain extent, the existing Swedish FRA-Law. The United States does it a bit differently: it seems that the National Security Agency (NSA) is just doing all the surveillance, if a key whistleblower is to be believed, without an official legal basis. It’s something that ‘authorities’ seem to have decided is well worthwhile – primarily, it seems, for reasons described above.

One of the characteristics of these laws and systems is that the politicians who put them forward and vote for them appear to be ignorant of both what they do and what they imply. Indeed, politicians often appear not to understand the digital world much, which is one of the reasons we end up with messes such as the Digital Economy Act – but their secret policemen are not in the dark. That’s why it is the ‘intelligence services’ that seem to be the driving force behind the Communications Data Bill, more so even than the police, and why the NSA in the US, as noted above, appears to do pretty much exactly the same, without even a pretence of a legal basis.

Panicking about the Internet

In many ways, the authorities are panicked about the internet. It seems to be too much out of control – and too much beyond their understanding. They used to be able to tap phones and intercept mail, to watch people on the street and to interrogate their friends and connections – now that seems to be much harder. When they sort out systems to tap into one form of communication, the internet develops another – so laws like the Data Retention laws cover email and phones, but they don’t cover social networking sites or instant messaging, because those weren’t sufficiently understood or developed when the laws were drafted. They’ve learned a lesson from that: don’t try to specify too carefully. Instead, gather everything.

There is a logic to it – new forms of communication are being developed all the time and people will find new ways to use existing forms. Conversations can develop in the comments on a blog or even a newspaper article – so all that would need to be monitored. Even reviews of products on Amazon are being used for creative conversations – so that needs to be monitored too. In the end, if you follow this path, the only conclusion is to monitor everything.

One particular red herring in the bill is that it won’t monitor the ‘content’ of communications. That’s fine if you’re looking at conventional forms of communication – emails and phone calls etc – but when you start looking at websites, even a site’s URL can indicate its contents. More to the point, by monitoring people’s behaviour you can profile them – and tap into already highly-developed behavioural-targeting systems. These have been created for advertising, but can be used just as effectively for political, racial and religious profiling.

This kind of universal data gathering, from the perspective of the secret policeman, is both logical and necessary – but it has huge implications, and not just for the obvious issue of privacy. The first and most important effect is a real and direct one: people can be located and prevented from exercising their freedom of expression. Two immediate examples spring to mind. The first is the Nightjack blogger, whose blog provided rare insight into the real life of the police, as well as being fascinating and well enough written to win the Orwell Prize for blogging. His blog was shut down because he was ‘outed’ by The Times – nefariously – and he was unable to operate without the anonymity that his blog provided. If there is universal surveillance, and if we know there is universal surveillance, it will be much easier to break people’s anonymity and pseudonymity. That alone will have a chilling effect, deterring people from blogging if they feel they’re likely to be easy to locate. For some, of course, it’s more than a chilling of speech – it can be deadly. Bloggers in Mexico regularly face very real danger and anonymity is crucial to their safety. Many have been hunted down and executed by drugs cartels. Systems like the one being proposed would make it far easier for them to be found, and given the likelihood of collusion between the cartels and certain elements of the police, the consequences could be hideous.

Function creep – and other risks…

The legal implications may just be the tip of the iceberg. The idea that the police and others authorised to take action under this kind of legislation will only use it for the purpose originally specified is naïve to say the least. Have we learned nothing from the phone-hacking saga, particularly about the way the police can potentially be subverted by other ‘interests’? Function creep is real, both in terms of legislation and in the use of the technology itself.

It is also important to understand that this kind of profiling could be extended to other areas of the internet. People could be ‘steered away’ from particular sites without knowing it. If a large number of ‘suspicious’ people visit a particular website, the site could end up being blocked – or worse, those who create and support that site could be located and arrested. Other forms of data can make the whole thing even worse – from facial profiling of photos on the net to geo-location data that can be used not just to locate people in real time but to analyse their movements over a period in order to predict where they might be. When you combine that with the kind of social networking and related data that might also be gathered, the opportunity to control and even shut down protests or other gatherings becomes more extreme – again, the effect on free expression, on political discourse both offline and online, could be significant.

Experts doubt whether systems like this will even work. The real ‘villains’ – the terrorists and paedophiles that are generally used to justify such proposals – are likely to know how to evade the surveillance. They often have a great deal of practice in covering their tracks and generally take more precautions to avoid being caught.

Stimulating a trade in surveillance technology?

There is another key potential impact of the Communications Data Bill: the law supports the development of technology for surveillance and control. The bill currently estimates that it will cost £1.8bn (US$2.9bn) to implement: that’s £1.8bn on research, development and production of surveillance technologies. Companies will be queuing up for a share of that money – and when they use it, what will they do with it? The products developed – both hardware and software – won’t only be used by our ‘good’ government. Companies will want to sell them elsewhere – or at the very least use the expertise that they’ve developed while building them in further contracts. Who will those contracts be with? There will be a ready market for this kind of surveillance system in any regime with even the smallest degree of an authoritarian streak. Not only will free speech be chilled in our own country, but elsewhere around the world. The concept of universal surveillance will be given the green light.

Universal internet surveillance not only impacts upon privacy, it impacts upon our whole lives – particularly as more aspects of our lives either take place online or have an online element. It chills speech. It can block free association and free assembly. It allows each and every one of us to be pro- filed in great detail. It puts tools of immense power into the hands of exactly those people who can be least trusted to use it – and it should be stopped. The question we must ask is what kind of a society do we want – one with freedom, or one where all the power is in the hands of the authorities?


51DW9DbldKL._SL500_AA300_(This story first appeared in Index on Censorship – Digital Frontiers – which you can buy here)