Digital rights and how to uphold them

How is Internet privacy affected by our broadband and email providers and what is the bigger picture? Ruth Strange talks to Javier Ruiz at the Open Rights Group (ORG).

Can you tell us how the Open Rights Group fits into the digital rights campaigning scene?

Open Rights Group is a UK-based digital campaigning organisation working to protect the rights to privacy and free speech online. With over 3,000 active supporters, we are a grassroots organisation with local groups across the UK.

Digital technology has transformed the way we live and opened up limitless new ways to communicate, connect, share and learn across the world. But for all the benefits, technological developments have created new threats to our human rights, and privacy is one of the fundamental ones.

We raise awareness of these threats and challenge them through public campaigns, media commentary, legal actions, policy interventions and tech projects.

We have a unique combination of expertise and grassroots presence, including many people in the technology industry.

I know you have a campaign on targeted advertising and ‘tracking cookies’ – can you explain how broadband providers are involved, how else tracking cookies could affect people, and if it's possible to avoid them?

Internet advertising companies, such as Google and Facebook, but also a myriad of other smaller players, track pretty much everything we do online. Every time you see an advert on the Internet it is almost certain that has been personalised for you and served through a superfast real-time auction system that would have sounded like science fiction only a few years ago.

Whenever a targeted ad is served to an Internet user in this auction system – called programmatic advertising or realtime bidding (RTB) – their personal data is shared and bidded out to potentially hundreds of companies.

That data can include a user’s location, browsing habits and other intimate details collected through the use of tracking cookies.

This ‘bid request’ process involves broadcasting your personal details without proper protections, which is a violation of GDPR rules.

In September 2018, Open Rights Group Executive Director Jim Killock joined Dr Johnny Ryan of Brave and Michael Veale of University College London to file complaints to European data protection authorities against Google and IAB Europe for General Data Protection Regulation (GDPR) violations in their RTB AdTech systems.

People can avoid some of the cookies using Ad-blocking software. There is a debate on the ethics of blocking ads when they provide financial support for independent press, but consumers should not be forced to choose between their privacy and access to information.

Unfortunately, escaping this surveillance is becoming harder, as companies now use other technologies, such as ‘device fingerprinting’ to identify and track users.

Broadband providers are not involved in this kind of tracking in Europe. They are in the US, which lacks the legal protections on the confidentiality of communications we have in the EU.

How worried do you think we should be about targeted political ads?

The UK’s electoral systems are undergoing a stress test of a sort that they have rarely experienced. Political actors are using personal data to make conflicting promises to discrete demographics – with no accountability or consent.

Our Data and Democracy project seeks to mitigate this threat and prevent new technology from eroding public trust in the democratic process.

To achieve this, we aim to influence the debate, conduct research, mobilise supporters and develop principles to shape the ethical use of these technologies. One way to take action, for instance, is to use the Who Targets Me browser extension to expose micro-targeted political ads on Facebook.

Who Targets Me (WTM) is a citizen-led, non-partisan monitoring tool. The WTM browser plug-in collects data on the political ads that people see on Facebook, which can then be analysed to explain the strategies parties and campaigns are using to win votes.

Some have questioned just how effective targeted ads, even targeted political ads, are at changing hearts and minds. ORG thinks this point is moot.

Political parties may be conducting activities that are at best unethical and at worst unlawful, tramping on data protection law. More information here.

Are mobile network providers also involved in harvesting and selling data on our online movements?

Mobile providers generally will track your location through the telephony masts your phone connects to, but not the GPS location on your phone. Some will also monitor your Internet usage and sell analytics services. Technically, they are not selling your data, but insights based on your data. We did a report on this issue some years ago.

We have four smaller alternative email providers in our guide, that are specifically set up to safeguard privacy.

Why is this important?

Tech companies are starting to take privacy more seriously, including Facebook planning to bring strong encryption to their Messenger app so not even the company can read what you write. However, in most cases this is still about protecting walled gardens that will perpetuate the oligopoly of Silicon Valley firms.

Diversity of provision is really important for consumers and as we have seen since Cambridge Analytica, digital monopolies impact on democracy.

Privacy is important here but not the only criteria.

Finally, I was amazed to see that there were so many campaigns on digital rights.

What developments are you encouraged by?

I think that some of the most interesting developments come from within the tech sector itself.

People working in tech have typically been seen as white, overpaid and entitled, as holders of arcane knowledge, but we are seeing many voices come up from women, ethnic minorities and many other ‘normal’ people.

There is a questioning of the values embedded in technology and the dynamics of power in the sector, from industry and academia to the activists themselves. The recent scandal around connections between the head of the MIT Media Lab and the convicted child abuser Brian Epstein is the latest example.

For now, this debate feels quite internal, but it will be important to see if it leads to more nuanced external advocacy, with more intersectionality of digital rights issues with other social challenges, such as inequality, mass migration and climate change.

Who's leading the charge for a more humane web?

The threats to digital rights and the huge power of companies involved can be overwhelming, but there are many examples of people and organisations taking a stand to push things in a better direction. As the 2019 Mozilla Internet Health Report stated, “More people than you imagine are working to make the Internet healthier”.

Here are some examples:

Tech employees rebel

Employees at Amazon and Microsoft protest against the company’s contracts with ICE (Immigration and Customs Enforcement) due to its inhumane treatment of refugees and immigrants on the US border.

Two thousand Google workers sign a petition criticising the company for appointing the president of a conservative thinktank – with close ties to Trump’s administration – to its artificial intelligence ethics council.

In response to Trump campaign statements about creating a Muslim Registry, and in general solidarity with people most at risk from data collection in the US, over 2500 tech workers signed a ‘Never Again’ pledge in just one week in December 2016.

Cities Coalition for Digital Rights

Cities around the world are joining this coalition, started by Amsterdam, Barcelona and New York City, to protect, promote and monitor residents’ and visitors’ digital rights. https://citiesfordigitalrights.org/cities

Mayors for Net Neutrality

Mayors across the US are also signing the Cities Open Internet Pledge, which requires all Internet providers with whom they do business to follow a strong set of net neutrality principles, to keep the Internet open.

Not for profit alternatives

Groups like the Small Technology Foundation are working to develop online tools designed to increase human welfare, not corporate profits. They say we not only have to regulate the companies we’ve currently got, but also replace them.

They believe we should publicly fund stay-ups (sustainable organisations that contribute to the common good) instead of startups (temporary companies designed to either fail fast or grow exponentially and get sold).

Founder Aral Balkan says, “Surveillance capitalism cannot be reformed. No amount of regulation will magically transform a factory farm for human beings – which is what Facebook, Google, etc., are – into an animal sanctuary. What effective regulation can do is limit their harms and give ethical alternatives a chance to get off the ground.”

Contract for the web

On the 30th anniversary of the creation of the Web, in 2018, Tim Berners Lee called on governments, companies and citizens to create a Contract for the Web. The first draft was published in July 2019. It states that “The web was designed to bring people together and make knowledge freely available. Everyone has a role to play to ensure the web serves humanity.”

As the 2019 Mozilla Internet Health Report says, “it’s important that we remember the current reality is a human creation, not a technological inevitability”

Tips and tools for protecting your privacy

There are many changes you can make, or alternatives you can switch to. Here are just a few lists of possibilities: