🧵You're going to read a lot today about the government's plans for the Online Safety Bill on #onlineharms, a regulatory process which has eaten up much of the past two years of my professional work. I suppose if I had a hot take to offer after two years, it's this:
1) If you see the bill being presented as being about "social media" "tech giants" "big tech" etc, that's bullshit. It impacts *all services of all sizes, based in the UK or not. Even yours.* Bonus: take a drink every time a journo or MP says the law is about reining in Facebook.
2) If you see the Bill being presented as being about children's safety, that's bullshit. It's about government compelling private companies to police the legal speech and behaviour of everyone who says or does anything online. Children are being exploited here as the excuse.
3) So as you read the Bill, consider how altruistic any government initiative must be if it requires two layers of A/B tested messaging disinformation.
I've said lots more on our work blog and my personal blog too. I'm off this week recharging so get yer other hot takes there. 👍
Our work blog, where you'll find ones I made earlier on this Bill, is openrightsgroup.org/blog/
Contact @GhaffAl for ORG press quotes today.
Personal thoughts also available in the usual spot.
If anyone really wants an interview today, you're going to have to meet me in person next to the Alan Turing statue in Sackville Gardens, and we're going to stay there until you get the point of why we're there.
Last one before I do my thing today: if the Bill strikes you as the government outsourcing the social safety net to private companies, after a decade of austerity and hostile environments, that's exactly what it is. Here's a podcast on that. techdirt.com/articles/20210…
It's taken less than three weeks for India to go from this to taking down posts critical of the government in a national emergency. Think that couldn't happen here too?
We, and other groups, have been very clear on how the UK's plans would hand a gift to authoritarian regimes. One MP's response to that, last week, in a Parliament committee: to hell with other countries.
So to recap, the British Internet for British People should set a "world-leading" example for other nations to follow, up to the point where other nations use our model to justify their authoritarianism, at which point we wash our hands of our "world-leading" influence.
I know we talk a lot lately about the UK's assault on e2e encryption, and it may seem a bit over the top, but it's important to understand what's on the table, and what policymakers are being told. Here a thread about e2e in the #onlineharms context.
It centres on a report released last month by the Centre for Social Justice, and endorsed by the former Home Secretary, Sajid Javid. Folks in power read these reports and follow their recommendations. Have a look at page 52. centreforsocialjustice.org.uk/wp-content/upl…
It calls for, as we've warned was likely, the use of e2e encryption to qualify as a violation of the "duty of care" in the Online Safety Bill. They note: "It will be insufficient for a platform to argue that introducing such a high-risk design feature will have benefits in other
For years, the US has defiantly refused to reform its surveillance powers, or implement a Federal-level privacy law which respects privacy as a human right and safeguards the data of non-Americans. The CJEU has just ruled that enough is enough.
Today's ruling could have had implications for the Brexit transition, had SCCs been invalidated. That part remains. The ruling is, however, a warning shot to the UK's process of securing an adequacy decision. We are a Five Eyes ally with domestic surveillance issues of our own.
The UK, as I've said for years, was barely an adequate country in terms of domestic surveillance while *within* the EU. To secure adequacy, the UK's privacy practices will need to be better outside the EU than they were in it. Where does this go next? Trade deals.
Um, yes, yhat's exactly how trade deals work. For the 1,000th time: the UK cannot have a data adequacy agreement until it is a third country outside the EU, not before; and because of surveillance & human rights issues there's no way in hell we'll get one. thetimes.co.uk/edition/news/b…
Watch out for a lot of this: journalism painting the lack of a adequacy agreement as EU intransigence, when it's entirely the UK demanding the entitlement to remain a member of a club it's leaving without the club's rules applying to it.
There is no means of independently auditing social media companies' self-regulation - co-regulation may be the way forward. Focus tends to be quantitative (how many offensive posts taken down) than qualitative (how many takedown requests were accurate.)
Over-reliance on criminal mechanisms e.g. twitter joke trial - should we be looking at less intrusive regualtion as in self-regulation or something more industry driven like ASA, BBFC.
This is a thread for those of you who say coders and developers should take no role in politics. Those of you who watched my #WCLDN talk last year already heard this story. You can hear it again.
This was Rene Carmille, and that is a punch card.
Rene Carmille was the comptroller general of the French army. He eventually headed up the French census. Census data - innocuous, straightforward facts about people - was tabulated on IBM punch cards. Then the Nazis came.
Rene Carmille had all the data about all the people. He saw what the Nazis wanted to do with that data. So he made a decision about what to do with it. He did his job, externally, for the Nazis, of course.