FIPR - Welcome

foundation for information policy research

Welcome

The Foundation for Information Policy Research is an independent body that studies the interaction between information technology and society. Its goal is to identify technical developments with significant social impact, commission and undertake research into public policy alternatives, and promote public understanding and dialogue between technologists and policy-makers in the UK and Europe.

Hot topics: [Surveillance][Copyright][e-democracy][Health privacy]

Announcements

Standardisation and Certification of Safety, Security and Privacy in the 'Internet of Things'

21 September 2017

FIPR has written a report for the European Union Joint Research Commission which considers what will happen to safety regulation once computers are embedded invisibly everywhere. The EU already regulates many aspects of the safety of vehicles, medical devices, electrical equipment, domestic appliances and even toys. As these devices and systems are recruited to 'The Internet of Things', their vulnerabilities (whether old or new) may be remotely exploited, with consequent risks. Many regulators who previously thought only in terms of safety will have to start thinking of security as well.

The original report is available on the EU publications site here and an academic paper summarising the results, which was presented at WEIS 2017 is available here.

Measuring the effectiveness of website takedowns

12 June 2015

FIPR has written a report for the UK Home Office which examines the effectiveness of website takedown. Takedown has been used to disrupt criminal activities for well over a decade. Yet little is known about its overall effectiveness, particularly as many websites can be replaced rapidly and at little cost. We conducted lengthy interviews with a range of people actively engaged in website takedown, including commercial companies that offer specialist services, organisations targeted by criminals, UK law enforcement and service providers who respond to takedown requests. We found that law enforcement agencies are far less effective at takedown than commercial firms, who get an awful lot more practice. We conclude that the police must either raise their game, or subcontract the process.

An academic paper summarising the report was presented at APWG eCrime 2016, and is available here.

The next National Security Strategy

10 February 2015

The UK Parliament's Joint Committee on the National Security Strategy has now published their Report on "The next National Security Strategy".

FIPR's written submission can be read here. A report by the Bureau of Investigative Journalists discussing just one small aspect of our evidence is here.

Consultation Response: 'Speaker's Commission on Digital Democracy'

23 September 2014

FIPR has responded to the Speaker's Commission on Digital Democracy.

Allowing votes to be cast remotely from PCs and phones may seem an attractive way to make voting easier and increase turnout - goals that everyone can support. Electronic voting has for some years been used routinely by the Electoral Reform Society and others for many low-stakes elections, such as to the leadership of professional bodies. However this technology still has very significant issues with security, privacy, coercion resistance, auditability and comprehensibility, which preclude its use in high-stakes contests where capable and well-resourced actors (political parties, lobby groups and even foreign governments) may have an incentive to manipulate the system.

In our view, the adoption of online voting technology would present extremely grave challenges to the integrity of UK elections, and risk disadvantaging significant sections of the population., which would present a real danger of undermining public confidence in democracy rather than strengthening it as the Commission rightly seeks to do.

Finally, people who oppose the use of new technology for well-established activities are sometimes accused of being Luddites and of letting their ignorance stand in the way of perfectly acceptable change. In the case of e-voting, we believe that the more familiar people are with the technology, the more they understand the very substantial risks that it poses to the democratic process. It is ignorance that leads people to suppose that e-voting is risk-free and desirable; and it is technical experts such as ourselves (and our colleagues whose carefully-argued papers we have cited) who are cautioning against embracing evoting for the foreseeable future.

The full consultation response from FIPR can be read here.

For more on the Speaker's Commission see: here.

Consultation Response: 'ICO Draft Anonymisation Code of Practice'

23 August 2012

FIPR has responded to the Information Commissioner who was consulting on a Draft Anonymisation Code of Practice.

In our view, the Code is not balanced, or even honest. It tries to market anonymisation as a cure-all for privacy problems, ignoring the relevant science and engineering. In fact the Code is so far from what's needed that we recommend that the Commissioner should abandon it. The ICO has never had adequate technical expertise and is simply not able to undertake exercises of this kind.

As just one example of its failings, the Code's explanation of anonymisation is totally inadequate. It fails to communicate even the basics of security engineering let alone the subtleties of the underlying computer science. It may convince the untutored reader that they can make private data fit for release by choosing from among a few technical tweaks described in an appendex; it fails to emphasise that this is a complex engineering problem for which high-quality professional advice is necessary.

The full consultation response from FIPR can be read here, and Ross Anderson has also written (29 Aug 2012) an opinion article for The Guardian newspaper.

For the ICO Draft Code see here and the ICO consultation document see here.

ADDITIONALLY: FIPR is today publishing the response sent in October 2011 to the Cabinet Office consultation on ' Making Open Data Real'.

That response made similar points about the very substantial difficulties in anonymising data. The official summary of the consultation results mentions privacy a number of times and did at least understand that there was an issue here saying "There was a sense that the potential for deanonymisation (or 'jigsaw' reidentification) is an issue which government is yet to address and one that will become more pressing as the open data agenda evolves." As the recent consultation response makes quite clear -- the ICO has failed to address it either.

Consultation Response: 'An Information Revolution'

12 January 2011

FIPR has responded to the Department of Health consultation on their proposals for a new IT strategy for the NHS. In our view, the strategy is 80% correct, and the bulk of the response outlines potential traps along the road to implementation.

In order to demonstrate how little has changed since 1997, we are also publishing (with the permission of all of its authors) a briefing paper written for the then incoming Labour Government. Its advice remains valid today, because little heed was paid to it by the previous administration -- causing significant opportunity costs to health in Britain; centralised mismanagement has done serious damage to Britain's healthcare IT industry, which hopefully can now start to regain its former world-leading position.

For the original consultation document see here; for FIPR's consultation response see here, and for the 1997 briefing document, see here.

NHS SCR project should be abandoned

17 June 2010

Today the Department of Health launches the long-awaited report by Professor Trisha Greenhalgh into the Summary Care Record (SCR). This report, whose contents have been widely trailed and leaked (see Tony Collins' blog in Computer Weekly), will show that the SCR does not deliver much benefit to the health service; that it does not work very well; and that it was yet another spectacularly badly-managed public-sector IT project. It cost a lot of money, and is not much used. The Foundation for Information Policy Research calls for the SCR project to be abandoned.

Last year, The Joseph Rowntree Reform Trust published a report, 'Database State', written by FIPR members. This report looked at 46 large public-sector IT systems that hold information on all of us, or at least on a substantial minority of us. It rated eleven as 'red', meaning that they were almost certainly illegal under human-rights law; most of the others were 'amber' meaning that they had serious privacy or safety problems.

The SCR was rated 'amber' in the Database State report. However, in view of Professor Greenhalgh's findings, it should now be rated as 'red', said the report's lead author, Ross Anderson, Professor of Security Engineering at Cambridge University. It brings very few benefits and has the potential to do serious harm.

The full press release, along with Professor Anderson's BMJ "op-ed" article can be read here.

Consultation Response: 'Smart Meters'

10 January 2010

In the Spring and Summer of 2009 there was a consultation on 'Smart Metering' for electricity and gas.

There has recently been a reconsultation on this issue, and FIPR's consultation response is less than enthusiastic:

The government now proposes to build a system to read 46 million new gas and electricity meters every 30 minutes and collect the data centrally for billing, demand management and other purposes. Our reaction is: yet another 10-year £10bn government IT project, driven by political targets, and being started in a hurry without a clear specification of what the system should actually do. It will probably not work; if it does, it will be privacy-intrusive, to the extent that it will probably be in breach of European human-rights law (regardless of any legislation the UK parliament may pass).

The full consultation response can be read here.

Consultation Response: 'Keeping the right people on the DNA database: science and public protection'

8 August 2009

FIPR's consultation response to the Home Office consultation on reforming the law as regards the retention of DNA samples can be read here. It concludes:

"FIPR therefore strongly urges that the Home Office should use this consultation only as a preliminary exercise. A revised retention policy should be drawn up based on responses received and higher quality, peer-reviewed evidence. The public and Parliament should then be consulted on a Green Paper describing primary legislation that would properly control the National DNA Database and associated procedures for the retention, use and governance of profiles. This would ensure that the UK meets the "special responsibility for striking the right balance" found by the European Court where there is such a strong potential for damage to citizens' human rights."

Consultation Response: 'Civil Litigation Costs Review'

30 July 2009

In May, Lord Justice Jackson published a prelimary report from his review of civil litigation costs. FIPR has long observed that much of the difficulty that UK citizens have in enforcing their rights stem from risks of massive cost orders against them if they should lose. Chapter 11 of the report solidly backs up what FIPR has been saying.

FIPR has submitted a short response to Lord Jackson, readable here, that concludes:

"The FIPR position is simple. We advocate a move to the American rule that each side pays its own costs. If there is insufficiently broad support for that, then at the very least, claimants who bring cases founded on the European Convention on Human Rights should be shielded from costs orders, while claimants in other cases should be shielded from costs orders that exceed the amount in dispute, as in Germany. We would not object to the courts being permitted to award costs against anyone whose behaviour has been manifestly unreasonable; however we want an end to the threat of huge costs orders causing manifest injustice."

Consultation Response: 'Interception Modernisation or "Protecting the Public"'

22 July 2009

FIPR has jointly submitted a response, along with the Open Rights Group (ORG), to the Home Office consultation on the Interception Modernisation Programme.

We reject the claim that the ability of the police and intelligence services to collect intelligence and evidence is under threat.
In view of the UK government's terrible record in dealing with large IT systems, GCHQ and the Home Office should simply abandon any idea of a `moon shot' to `fix' surveillance. Indeed, their attempt to sell such a project to ministers calls their judgment of realities seriously into question.
From the police point of view, what's actually needed is a lot more money for politically unglamorous operational stuff -- better computer forensics, better training, and more international cooperation. Although the proposed database would make complex enquiries faster and cheaper, there aren't enough of them to justify it.
The wide deployment of Deep Packet Inspection equipment by a democracy for internal policing, as opposed to its use on international links for foreign intelligence, would provide less intelligence and evidence than one might think, while causing serious legal and political problems.
The consultation suggests that GCHQ sees its future in domestic rather than external intelligence. This shift is at least as important as any of the technical matters raised. The next Government should conduct an ab initio strategic review of the intelligence services.
We do not agree with the Home Office rhetoric that they must "protect the public" and that "doing nothing is not an option": we reject the premise that "terrorism" is a serious or existential threat to the UK that justifies the infringement of human and other rights.

The detailed reponse can be read here.

Consultation Response: 'Regulation of Investigatory Powers Act 2000 Consolidating Orders and Codes of Practice'

14 July 2009

FIPR has jointly submitted a response, along with the Open Rights Group (ORG), to the Home Office consultation on revising the way that the Regulation of Investigatory Powers Act (2000) is operated.

Our consultation reponse recommends a new regulatory structure, and the detail can be read here.

'Database State' report

23 March 2009

'Database State' is a report written by FIPR for the Joseph Rowntree Reform Trust on the failings of public-sector IT in Britain, and how to fix them.

In recent years, the Government has built or extended many central databases that hold information on every aspect of our lives, from health and education to welfare, law-enforcement and tax. This 'Transformational Government' programme was supposed to make public services better or cheaper, but it has been repeatedly challenged by controversies over effectiveness, privacy, legality and cost. The report charts these databases, creating the most comprehensive map so far of what has become Britain's 'Database State'. All of these systems had a rationale and purpose. But this report shows how, in too many cases, the public are neither served nor protected by the increasingly complex and intrusive holdings of personal information invading every aspect of our lives.

Follow the links for the Full Report and Executive Summary.

Further legal problems for Phorm

25 November 2008

The November 2008 issue of "Computers and Law", the highly respected publication of the Society for Computers and Law, carries an article by Nicholas Bohm, General Counsel for FIPR, and Joel Harrison, an associate at Milbank, Tweed, Hadley & McCloy LLP.

The article explains how the Phorm system will infringe the database right for some website owners. It further shows that the Phorm system will infringe almost all website owners' copyright. The way that the Phorm system works means that it will make an infringing copy of the website content; and none of the statutory exceptions in the Copyright Designs and Patents Act 1988 are applicable.

Read the full press release here, and the article here.

Surveillance, the Database State, Online Crime ... What Next?

27 May 2008

The Foundation for Information Policy Research was set up in May 1998 to bring together engineers, lawyers, economists, policy people and others who are interested in the interaction between technology and society. It has become the UK's leading Internet policy think tank.

On May 27th 2008 we will be celebrating our tenth birthday with a conference at the JZ Young Lecture Theatre, University College London, from 2:00 -- 5:30pm, followed by a reception. The first two sessions will discuss the big information policy challenges of the last ten years, while the third may attempt some crystal ball gazing. Admission is free to the public, but space is limited: registration details are here.

Home Office Guidance "misleading"

23 April 2008

The Foundation for Information Policy Research (FIPR) has written to the Home Office, asking them to withdraw their incomplete and misleading guidance on the controversial behavioural advertising system developed by Phorm Inc.

FIPR's has published its own legal analysis of the Phorm system, which show that the operation of Phorm's systems involves illegal interception of communications, fraud, and unlawful processing of sensitive personal data.

Read the letter, and the Press Release.

Continuing concerns about Phorm

6 April 2008

The Foundation for Information Policy Research (FIPR) has responded to the Information Commissioner's Office (ICO) recent statement on the controversial behavioural advertising system developed by Phorm Inc.

The ICO has acknowledged that there was "considerable public concern" about the user profiling system, but their statement appeared to give the go-ahead for upcoming trials of the system by BT, the country's largest Internet Service Provider.

FIPR has reiterated its opinion that the Phorm system involves illegal interception, and sincerely hopes that the Information Commissioner will reconsider what appears to be a green light for lawbreaking.

Read the full press release here.

Open Letter to the Information Commissioner on the legality of Phorm's advertising system

17 March 2008

FIPR has today released the text of an open letter to Richard Thomas, the Information Commissioner (IC) on the legality of Phorm Inc's proposal to provide targeted advertising by snooping on Internet users' web browsing.

The controversial Phorm system is to be deployed by three of Britain's largest ISPs, BT, Talk Talk and Virgin Media. However, in FIPR's view the system will be processing data illegally.

Read the letter, and the Press Release.

Submission to Thomas/Walport Data Sharing Review

15 February 2008

FIPR has submitted a response to the Data Sharing Review being conducted by Richard Thomas and Dr Mark Walport

FIPR does not accept the apparent assumptions of this review. We do not agree that data sharing is simply a matter of utilitarian tradeoffs, supervised by national governments. Privacy is founded in human rights -- specifically in the European Convention on Human Rights, as refined in the Data Protection Directive and imported into UK law by the Human Rights Act. The Government of the day cannot extinguish these rights short of withdrawing from the ECHR, repealing the Human Rights Act, and quite possibly withdrawing from the European Union. Britain is going out on a limb by sharing data between public-sector databases far beyond the limits of what other European countries consider acceptable or even useful.

Read the full response here.

Submission to consultation on the National Payments Plan

4 February 2008

The UK Payments Council have set out a National Payments Plan as a strategic vision for the UK payments industry. FIPR's view is that the protection that bank customers enjoy against fraud and error is being eroded; there are growing problems with payment system security and resilience -- and these two issues are linked.

When payment service providers are able to externalise fraud risks by transferring them to customers, the incentives to protect systems properly are undermined. Further complications include the breakdown of the system of evaluation and accreditation of security systems. The problems extend from card payments to online financial services, and affect not just retail customers but also SMEs.

This is an example of regulatory failure. Payment service providers act in what they perceive to be their own best interests by minimising liability for transaction disputes, However the global result is far from socially optimal. Card fraud is rising; customer complaints are rising; consumer confidence is being eroded; and ultimately the UK will become a less attractive place to do business.

FIPR is concerned that the National Payments Plan, as outlined in the consultation document, will make matters worse. Read the full reponse here.

Submission to the Hunt Review of the Financial Ombudsman Service

16 January 2008

The Hunt Review of the Financial Ombudsman Service (FOS) is the latest three-yearly review of the FOS, looking particularly at the quality and effectiveness of its engagement with the public and industry. FIPR believes that the service is "quite unsatisfactory" and the decisions made are "an affront to reason and justice".

The particular problem that FIPR has concentrated on is the handling of disputes about cash machine (ATM) withdrawals -- in a number of cases the Ombudsman has been accepting at face value secondary and inaccurate evidence (provided by the banks) and applying the doctrine "bank systems are secure", before finding against the customers. In a world in which criminals attach skimmers to ATMs, or rig chip and pin terminals to capture transaction information, this shows "ignorance of technical detail". When combined with "defective" legal reasoning about the burden of proof, this creates an "unsustainable system".

The full version of the FIPR submission including (with permission) case papers from the case of Donald and Hazel Reddell, can be read here.

The Government misses the point on Poynter

17 December 2007

The Government's response to the interim Poynter report shows that they just don't understand what has gone wrong. Their refusal to abandon the headlong rush towards Transformational Government -- the enormous centralised databases being built to regulate every walk of life -- is not just pig-headed but profoundly mistaken.

Read the full press release here.

Evidence submitted to the House of Commons Select Committee on Health

25 April 2007

FIPR has submitted evidence to Select Committee on Health Inquiry into the Electronic Patient Record. FIPR believes that electronic medical records already bring many benefits, via faster communications, better record availability, and reduced errors. However, the Committee is warned not to confuse these benefits with the centralisation agenda.

"Centralisation is principally about power and control in the management of the health service. It is driven by the conflict between administrative convenience and professional autonomy. The Department seeks to resolve this conflict by controlling all information systems. The inevitable side-effects -- mediocre systems and the destruction of patient privacy -- would be severe. Patient trust in the medical profession will be undermined, and the Department would be vulnerable to challenges under European law. However, the strategy is not working, and is not likely to. It is time for it to be abandoned, and for CfH to return to providing the standards and infrastructure for interoperable systems, as its equivalents do elsewhere."

The evidence is available here, on Parliament's web pages.

Response to the e-Government Framework for Information Assurance

14 March 2007

FIPR has responded to the UK Government's recent consulation on its e-Government Framework for Information Assurance.

There are four things seriously wrong with this Framework: an obsolete model of online threats, a failure to treat harm to government employees on the same basis as harm to other citizens, a failure to draw a clear distinction between identity and authority, and a security policy model that is often inappropriate.

Read the full response here.

IT systems designed to protect kids will put them at risk instead

22 November 2006

New government policies designed to safeguard children could put them at increased risk by diverting resources and creating a surveillance culture where parents are sidelined, according to a report produced by FIPR and published today by the Information Commissioner.

The report, "Children's Databases: Safety and Privacy", analyses the databases being built to collate information on children in education, youth justice, health, social work and elsewhere. These systems are linking up through the new Information Sharing Index.

Read the full press release and the report itself (PDF format).

Opting out of the Central NHS Database

3 November 2006

The Guardian ran major stories on Wednesday and Thursday on how the government is trying to centralise the nation's medical records. As an example of the harm that thoughtless centralisation can do, read the story of Helen Wilkinson who was falsely labelled as an alcoholic by existing central systems. FIPR has since last year encouraged patients to refuse consent to the uploading of your records; a similar opt-out campaign in Iceland derailed a similar plan to centralise everything there.

In June 2005, FIPR developed an opt-out letter to send to the Secretary of State. People who sent this off have been fobbed off. We now recommend that you opt out via your GP. Ask your GP to enter into your record the code 93C3 ("refused consent for upload to national shared electronic record"). You can also ask for your address and phone number to be kept off the NHS internal directory, and for your hospital records also to not be uploaded to central systems: see here for details. We encourage you to opt out even if you have nothing to hide; if only people who do have something embarrassing in their records opt out, then doing so will carry a stigma.

Response to Select Committee Inquiry into 'Personal Internet Security'

23 October 2006

The House of Lords Select Committee on Science and Technology are holding an inquiry into 'Personal Internet Security'. You can read FIPR's written evidence, which suggests that misaligned incentives are the underlying cause of the harms that can occur when using the Internet. The Government cannot micromanage the information security business, most of which is in any case outside the UK. What it can do, and should do, is to ensure that people and companies have the necessary incentives to take responsibility for the consequences of their actions, online as well as offline.

Response to Home Office Consultation on 'New Powers Against Organised and Financial Crime'

17 October 2006

The FIPR response to the Home Office consultation on 'New Powers Against Organised and Financial Crime' is generally critical of the proposals. The consultation seems to view consent to data sharing to be irrelevant, which is wrong as a matter of Data Protection Law and Human Rights Law. The mechanisms proposed for dealing with problems such as 'phishing' websites are opaque, allocate legal risks incorrectly, will erode consumer confidence and deepen the digital divide. The surrogate offences put forward for those who encourage or assist crime are bad policy, and the proposals to 'take away the computers' of criminals will be of limited impact. Finally, FIPR strongly advises against pursuing ideas requiring client services to be suspended without making those clients suspicious.

Read the full reponse here

Responses to Home Office Consultations on the RIP Act 2000

1 September 2006

The FIPR responses to the two Home Office consultations relating to the Regulation of Investigatory Powers Act 2000 have now been submitted.

The response on the Code of Practice for accessing communications data under RIP s22 makes a number of detailed criticisms of what is in the Code of Practice, and what -- such as a requirement to ensure that misuse of powers is appropriately punished -- is entirely missing. You can read the response here.

The second consultation was on bringing Part III into force -- permitting Law Enforcement to request encrypted material be put into an "intelligible form" and, sometimes, requiring that encryption keys be handed over. The response here is far simpler -- we do not believe it should be activated at all! and if ministers are determined to be seen to be "doing something" by activating Part III, they should not mandate access to keys. You can read our reasoning here.

Scrambling for Safety 8

14 August 2006

'Scrambling for Safety 8' is an open meeting on the current Home Office consultations relating to the Regulation of Investigatory Powers Act 2000. One consultation is on the Code of Practice for accessing communications data under RIP s22 and the other is on bringing Part III into force -- permitting Law Enforcement to request encrypted material be put into an "intelligible form" and, sometimes, requiring that encryption keys be handed over. A number of FIPR Advisory Council members will be speaking.

Full details of this free event (including the speaker presentations) are here.

FIPR supports WEIS, PET & WOTE

June 2006

FIPR is providing sponsorship and assistance to the Fifth Workshop on the Economics of Information Security (WEIS 2006), the Sixth Workshop on Privacy Enhancing Technologies (PET 2006) and the IAVoSS Workshop On Trustworthy Elections (WOTE 2006). These academic conferences all run in the week of 26--30 June at Robinson College, Cambridge.

FIPR evidence to the Gowers Inquiry

27 April 2006

FIPR has submitted evidence to the Gowers Review of Intellectual Property. FIPR's view is that the balance between rightsholders' interests and the public domain has swung too far towards the rightsholders. This is hampering innovation and growth in a number of ways.... read more.

FIPR evidence to the Home Affairs Select Committee

14 February 2006

FIPR will be giving oral evidence today to the Home Affairs Select Committee inquiry into Terrorism Detention Powers. The Home Affairs Committee Press Release gives details and provides links to other material on the inquiry.

FIPR's written evidence is available online; FIPR does not believe there is a sound technological argument for increasing detention time limits -- what is necessary instead is for the police to be funded (and adopt the necessary cultural changes) to get abreast of the opportunities that digital evidence provides.

FIPR evidence to the APIG Inquiry into DRM

13 January 2006

The All Party Internet Group (APIG) is holding an inquiry into Digital Rights Management. FIPR has submitted evidence to the inquiry. The FIPR/EDRI copyright report which is cited can also be found at http://www.edri.org/campaigns/copyright.

Drop IPR Enforcement Directive, says FIPR

26 September 2005

IPRED2, the second "Intellectual Property" Rights Enforcement Directive, mandates the following:

"Member States shall ensure that all intentional infringements of an intellectual property right on a commercial scale, and attempting, aiding or abetting and inciting such infringements, are treated as criminal offences."
(Article 3. Page 6 of the dossier: com(2005)276)

There are many reasons why this is a bad idea.

See also the Press Release, 4 October 2005

NHS data sharing opt-out letter

29 June 2005

The NHS is storing more and more of your personal health information centrally. However you now have the right to opt out, and ensure that your medical records are only available to your GP and to any hospital doctors who may treat you. FIPR has been involved in drafting a letter you can use to exercise your right to health privacy, while ensuring that your doctors can continue to look after you.

The letter is available in PDF format and as a Word document. Print it out, fill in your details, sign it and post it off to Whitehall. You should also give a copy to your GP or, in the case of a hospital, its Medical Director. Medical privacy has been a long-running FIPR campaign; health minister Caroline Flint finally acknowledged your opt-out right in Parliament on the 16th June 2005.

The Crypto Wars are Over!

25 May 2005

The "Crypto Wars" are finally over -- and we've won! Read our press release as the sunset clause in the Electronic Communications Act removes the last vestiges of Government control over cryptography from the statute book.

Response to OFCOM Spectrum Framework Review Consulation

15 February 2005

FIPR, along with a number of other organisations, has signed the Consultation Response produced by OpenSpectrumUK, an ad hoc coalition of non-profit organisations engaged in community wireless networking and the promotion of license-free access to the public airwaves.

Response to Copyright Consultation

1 November 2004

As a direct result of the workshop that FIPR recently organised on Copyright in Europe, FIPR was able to develop a response to the European Commission consultation on the review of copyright law. This response was then endorsed by 20 other organisations under the banner of EDRI (European Digital Rights) and has now been jointly submitted to the Commission.

The response effectively sets out an agenda for NGO activity on copyright issues in Europe for the next five years and is therefore of considerable significance.

Further information is available on the EDRI site, along with the text of the response itself (and the list of supporting organisations). The text is also available as a PDF and translated into Italian.

Workshop: Copyright in Europe

9-10 October 2004

The Foundation for Information Policy Research (FIPR) will host a European workshop on the consultation currently being run by the European Commission on the EU legal framework in the field of copyright and related rights (whose deadline is at the end of October).

This workshop is supported by the OSI IPR and Public Domain Program.

This is an opportunity to discuss our responses with consumer and user interest groups, academics and other European partners in an open, informal forum. Participants from the new EU member states are especially welcome. Please forward this message as appropriate.

As well as discussing the issues in the Commission Staff Working Paper, we have an opportunity to put forward our own vision of the future. Topics might include the repeal of the Database Directive, DRM and competition policy, the relationship between contract and copyright, compulsory licensing, a fruit-of-the-poisoned-tree clause, the reform of collecting societies, the term of protection, and a campaign for a Digital Rights Directive.

The seminar will take place in Cambridge, UK on 9-10 October 2004. An agenda and further information is now available -- click here.

NB: Thanks to the generosity of our sponsors, attendance at the Conference is FREE.

EU pushes for more expensive electronics

21 September 2004

The European Commission was criticised today by the Foundation for Information Policy Research (FIPR) for making a great flourish of liberalising the market in car components, such as exhausts and door panels, while quietly pushing for law changes that will make the more expensive electronic accessories pricier still.

FIPR's views were expressed in a response to an EU consultation on rights-management technology, which is available in full online at: http://www.fipr.org/copyright/ipr-consult.html
and the full press release is here.

Mistaken Identity: public meeting on ID card proposals

4 May 2004

The government has introduced draft legislation for a national identity card. The card system will cost at least £3 billion and is likely to become an essential part of life for everyone residing in the UK. If the draft legislation is accepted by Parliament, everyone will be required to register for a card. Biometric scans of the face, fingers and eye will be taken. Personal details will be stored in a central database. A unique number will be issued that will become the basis for the matching of computer systems.

Join us at this free public meeting to hear from key figures in the fields of law, politics, security, technology and human rights. Decide for yourself whether this is a plan that should be supported.

ID card scheme an expensive flop

26 April 2004

The Home Office has today published plans for a compulsory national ID card scheme. Its 120-page consultation document again contains no evidence that the scheme will help prevent terrorism or illegal immigration. But it is full of evidence that the scheme will cost many billions of pounds that might be better spent on targeted investigations by the intelligence agencies and police.

Ian Brown, Director of FIPR, commented: "It is unfortunate that the Home Office is fixated on ID cards when there are many more workable measures that could be taken to fight terrorism. We can only hope that the Cabinet members that have opposed these plans take this last opportunity to stop this legislation going forward."

IPR enforcement directive improved, but could be better

9 March 2004

The European Parliament has today passed an improved but still problematic version of the Intellectual Property Rights enforcement directive. FIPR has been producing briefings and analyses of the directive for MEPs and other interested groups since last summer, and is pleased that some of its concerns have been taken on board. The problematic section on Technical Protection Measures, which have caused controversy in related US and EU legislation, has been removed from the final legislation. Criminal sanctions have also been deleted. But the scope of other parts of the Directive have unfortunately been widened to cover non-commercial infringement.

FIPR will continue to monitor the progress of the Directive as it is implemented into Member State laws. You can read our briefing for EDRi on remaining problems with the Directive, along with our press archive.

FIPR responds to medical privacy consultation

30 January 2004

In a response to a NHS consultation, FIPR has commented that the NHS must desist from centralising all personal health information, leave the information in the hands of its natural custodians (the general practices, hospitals or other carers), redesign payment systems so that settlement occurs locally, and delete transient administrative data (such as payment details) promptly. The guiding principles for regulation in this field must be ethical, and founded on informed consent. They should be enunciated clearly and in public, and applied in a consistent and joined-up way across health research and administration, so that the law continues to uphold the principle of patient consent...

FIPR gives evidence on ID cards to Home Affairs Committee

8 January 2004

In written and oral evidence to the Home Affairs Committee hearings on ID cards, FIPR has commented that the Home Office proposals seek to create an authentication token with the flexibility of a Swiss Army Knife. But a Swiss Army Knife is not a very good knife, nor a very good screwdriver, nor a very good corkscrew. If a tool is going to be used at all often, it is best to have one designed for the job. A one-card-fits-all solution to all authentication and fraud prevention problems across many public and private services is likely to be second-best for all of them, as well as more expensive... We therefore urge the Committee to advise the Home Secretary to either abandon the proposed scheme, or come back with a modified proposal that focuses exclusively on identity cards, that has a clear specification, whose benefits are shown to be achievable on a preponderance of all the empirical evidence. Finally, these benefits must show that ID cards are a better use of Home Office funds than an equivalent increase in the police budget.

FIPR calls for "spychip" moratorium

20 November 2003

FIPR and over 30 other European and US consumer, privacy, and civil liberties organizations have endorsed a position statement on the deployment and uses of RFID tags. These tiny devices can be embedded in all kinds of consumer products and scanned from 5-10 feet away, revealing information about the product and potentially other information about the product owner. We are calling for a voluntary moratorium on RFID tagging of consumer items until a formal technology assessment process involving all stakeholders, including consumers, can take place.

New campaign calls for safe e-voting

4 November 2003

A coalition of technical, legal and political experts including FIPR has today launched a campaign to ensure that electronic voting can be trusted by voters and politicians across Europe. You can sign-up to our campaign and and get more information from our e-democracy pages.

"Electronic life records" must support not attack human rights

30 October 2003

FIPR has called on the government to ensure that a new electronic database of life events — births, marriages, deaths etc. — supports rather than reduces privacy and liberty. Read our response to the Office of National Statistics' consultation on these plans...

New FIPR report finds problems with EU copyright law

8 September 2003

European citizens could find many common activities banned as the EU Copyright Directive becomes law, a new FIPR report reveals. Transferring songs from a copy-protected CD to a Walkman or computer could be illegal, as could watching a DVD on a computer running Linux.

"Implementing the EU Copyright Directive", published today, reports on legal developments across the EU as member states change their laws to comply with the Directive...

NHS Systems Fail to Protect Patient Confidentiality

5 February 2003

FIPR has called for much greater privacy protection for patients' medical information in a response to a National Health Service (NHS) consultation.

Current NHS strategy is focused on creating a central electronic patient record. There is already a "clearing" database that records payments made for all hospital treatment, along with the names and addresses of patients. Other medical databases available to ministers and civil servants contain enough information to identify the vast majority of the patients. FIPR believes that making this information available to so many NHS administrators and civil servants is unethical and will lead to growing abuse.