Proposals for an official definition of 'Islamophobia' were rejected by the Government yesterday.
Downing Street said the suggested definition had not been broadly accepted, adding: This is a matter that will need further careful consideration. '
The definition had been proposed by a parliamentary campaign group, the all-party parliamentary group on British Muslims. It wanted the Government to define Islamaphobia as rooted in racism or a type of racism that targets expressions of
Muslimness or perceived Muslimness.
Ministers are now expected to appoint two independent advisers to draw up a less legally problematic definition, the Times reported.
A parliamentary debate on anti-Muslim prejudice is due to be held today in Parliament.
The criticism of the definition has been published in an open letter to the Home Secretary Sajid Javid:
Open Letter: APPG Islamophobia Definition Threatens Civil Liberties
The APPG on British Muslims' definition of Islamophobia has now been adopted by the Labour Party, the Liberal Democrats Federal board, Plaid Cymru and the Mayor of London, as well as several local councils. All of this is occurring before the
Home Affairs Select Committee has been able to assess the evidence for and against the adoption of the definition nationally.
Meanwhile the Conservatives are having their own debate about rooting out Islamophobia from the party.
According to the APPG definition, "Islamophobia is rooted in racism and is a type of racism that targets expressions of Muslimness or perceived Muslimness".
With this definition in hand, it is perhaps no surprise that following the horrific attack on a mosque in Christchurch, New Zealand,
some place responsibility for the atrocity on the pens of journalists and academics who have criticised Islamic beliefs and practices, commented on or investigated Islamist extremism.
The undersigned unequivocally, unreservedly and emphatically condemn acts of violence against Muslims, and recognise the urgent need to deal with anti-Muslim hatred. However, we are extremely concerned about the uncritical and hasty adoption of
the APPG's definition of Islamophobia.
This vague and expansive definition is being taken on without an adequate scrutiny or proper consideration of its negative consequences for freedom of expression, and academic and journalistic freedom. The definition will also undermine social
cohesion -- fuelling the very bigotry against Muslims which it is designed to prevent.
We are concerned that allegations of Islamophobia will be, indeed already are being, used to effectively shield Islamic beliefs and even extremists from criticism, and that formalising this definition will result in it being employed effectively
as something of a backdoor blasphemy law.
The accusation of Islamophobia has already been used against those opposing religious and gender segregation in education, the hijab, halal slaughter on the grounds of animal welfare, LGBT rights campaigners opposing Muslim views on
homosexuality, ex-Muslims and feminists opposing Islamic views and practices relating to women, as well as those concerned about the issue of grooming gangs. It has been used against journalists who investigate Islamism, Muslims working in
counter-extremism, schools and Ofsted for resisting conservative religious pressure and enforcing gender equality.
Evidently abuse, harmful practices, or the activities of groups and individuals which promote ideas contrary to British values are far more likely to go unreported as a result of fear of being called Islamophobic. This will only increase if the
APPG definition is formally adopted in law.
We are concerned that the definition will be used to shut down legitimate criticism and investigation. While the APPG authors have assured that it does not wish to infringe free speech, the entire content of the report, the definition itself, and
early signs of how it would be used, suggest that it certainly would. Civil liberties should not be treated as an afterthought in the effort to tackle anti-Muslim prejudice.
The conflation of race and religion employed under the confused concept of 'cultural racism' expands the definition beyond anti-Muslim hatred to include 'illegitimate' criticism of the Islamic religion. The concept of Muslimness can effectively
be transferred to Muslim practices and beliefs, allowing the report to claim that criticism of Islam is instrumentalised to hurt Muslims.
No religion should be given special protection against criticism. Like anti-Sikh, anti-Christian, or anti-Hindu hatred, we believe the term anti-Muslim hatred is more appropriate and less likely to infringe on free speech. A proliferation of
'phobias' is not desirable, as already stated by Sikh and Christian organisations who recognise the importance of free discussion about their beliefs.
Current legislative provisions are sufficient, as the law already protects individuals against attacks and unlawful discrimination on the basis of their religion. Rather than helping, this definition is likely to create a climate of
self-censorship whereby people are fearful of criticising Islam and Islamic beliefs. It will therefore effectively shut down open discussions about matters of public interest. It will only aggravate community tensions further and is therefore no
long term solution.
If this definition is adopted the government will likely turn to self-appointed 'representatives of the community' to define 'Muslimness'. This is clearly open to abuse. The APPG already entirely overlooked Muslims who are often considered to be
"insufficiently Muslim" by other Muslims, moderates, liberals, reformers and the Ahmadiyyah, who often suffer persecution and violence at the hands of other Muslims.
For all these reasons, the APPG definition of Islamophobia is deeply problematic and unfit for purpose. Acceptance of this definition will only serve to aggravate community tensions and to inhibit free speech about matters of fundamental
importance. We urge the government, political parties, local councils and other organisations to reject this flawed proposed definition.
Emma Webb, Civitas
Hardeep Singh, Network of Sikh Organisations (NSOUK)
Lord Singh of Wimbledon
Tim Dieppe, Christian Concern
Stephen Evans, National Secular Society (NSS)
Sadia Hameed, Council of Ex-Muslims of Britain (CEMB)
Prof. Paul Cliteur, candidate for the Dutch Senate, Professor of Law, University of Leiden
Brendan O'Neill, Editor of Spiked
Maajid Nawaz, Founder, Quilliam International
Rt. Rev'd Dr Gavin Ashenden
Pragna Patel, director of Southall Black Sisters
Professor Richard Dawkins
Rahila Gupta, author and Journalist
Peter Whittle, founder and director of New Culture Forum
Trupti Patel, President of Hindu Forum of Britain
Dr Lakshmi Vyas, President Hindu Forum of Europe
Harsha Shukla MBE, President Hindu Council of North UK
Tarang Shelat, President Hindu Council of Birmingham
Ashvin Patel, Chairman, Hindu Forum (Walsall)
Ana Gonzalez, partner at Wilson Solicitors LLP
Baron Desai of Clement Danes
Baroness Cox of Queensbury
Lord Alton of Liverpool
Bishop Michael Nazir-Ali
Ade Omooba MBE, Co-Chair National Church Leaders Forum (NCLF)
Wilson Chowdhry, British Pakistani Christian Association
Ashish Joshi, Sikh Media Monitoring Group
Satish K Sharma, National Council of Hindu Temples
Rumy Hasan, Academic and author
Amina Lone, Co-Director, Social Action and Research Foundation
Peter Tatchell, Peter Tatchell Foundation
Seyran Ates, Imam
Gina Khan, One Law for All
Mohammed Amin MBE
Michael Mosbacher, Acting Editor, Standpoint Magazine
Lisa-Marie Taylor, CEO FiLiA
Julie Bindel, journalist and feminist campaigner
Dr Adrian Hilton, academic
Neil Anderson, academic
Tom Holland, historian
Prof. Dr. Bassam Tibi, Professor Emeritus for International Relations, University of Goettingen
Jackie Doyle-Price is the government's first suicide prevention minister. She seems to believe that this complex and tragic social problem can somehow be cure by censorship and an end to free speech.
She said society had come to tolerate behaviour online which would not be tolerated on the streets. She urged technology giants including Google and Facebook to be more vigilant about removing harmful comments.
Doyle-Price told the Press Association:
It's great that we have these platforms for free speech and any one of us is free to generate our own content and put it up there, ...BUT... free speech is only free if it's not abused. I just think in terms of implementing their
duty of care to their customers, the Wild West that we currently have needs to be a lot more regulated by them.
Today, after a five year battle with the UK government, Privacy International has won at the UK Supreme Court. The UK Supreme Court
has ruled that the Investigatory Powers Tribunal's (IPT) decisions are subject to judicial review in the High Court. The Supreme Court's judgment is a major endorsement and affirmation of the rule of law in the UK. The decision guarantees
that when the IPT gets the law wrong, its mistakes can be corrected.
UK Supreme Court rules that the UK spying tribunal - the IPT - cannot escape the oversight of the ordinary UK courts
The leading judgment of Lord Carnwath confirms the vital role of the courts in upholding the rule of law. The Government's reliance on an 'ouster clause' to try to remove the IPT from judicial review failed. The judgment confirms hundreds of
years of legal precedent condemning attempts to remove important decisions from the oversight of the courts.
Privacy International's case stems from a 2016 decision by the IPT that the UK government may use sweeping 'general warrants' to engage in computer hacking of thousands or even millions of devices, without any approval from by a judge or
reasonable grounds for suspicion. The Government argued that it would be lawful in principle to use a single warrant signed off by a Minister (not a judge) to hack every mobile phone in a UK city - and the IPT agreed with the Government.
Privacy International challenged the IPT's decision before the UK High Court. The Government argued that even if the IPT had got the law completely wrong, or had acted unfairly, the High Court had no power to correct the mistake. That question
went all the way to the UK Supreme Court, and resulted in today's judgment.
In his judgment, Lord Carnwath wrote:
"The legal issue decided by the IPT is not only one of general public importance, but also has possible implications for legal rights and remedies going beyond the scope of the IPT's remit. Consistent application of the rule of law requires
such an issue to be susceptible in appropriate cases to review by ordinary courts."
Caroline Wilson Palow, Privacy International's General Counsel, said:
"Today's judgment is a historic victory for the rule of law. It ensures that the UK intelligence agencies are subject to oversight by the ordinary UK courts.
Countries around the world are currently grappling with serious questions regarding what power should reside in each branch of government. Today's ruling is a welcome precedent for all of those countries, striking a reasonable balance between
executive, legislative and judicial power.
Today's ruling paves the way for Privacy International's challenge to the UK Government's use of bulk computer hacking warrants. Our challenge has been delayed for years by the Government's persistent attempt to protect the IPT's decisions from
scrutiny. We are heartened that our case will now go forward."
Simon Creighton, of Bhatt Murphy Solicitors who acted for Privacy International, said:
"Privacy International's tenacity in pursuing this case has provided an important check on the argument that security concerns should be allowed to override the rule of law. Secretive national security tribunals are no exception. The
Supreme Court was concerned that no tribunal, however eminent its judges, should be able to develop its own "local law". Today's decision welcomes the IPT back from its legal island into the mainstream of British law."
Watching pornography on buses is to be banned, ministers have announced. Bus conductors and the police will be given powers to tackle those who watch sexual material on mobile phones and tablets.
Ministers are also drawing up plans for a national database of claimed harassment incidents. It will record incidents at work and in public places, and is likely to cover wolf-whistling and cat-calling as well as more serious incidents.
In addition, the Government is considering whether to launch a public health campaign warning of the effects of pornography -- modelled on smoking campaigns.
As of 15 July, people in the UK who try to access porn on the internet will be required to verify their age or identity online.
The new UK Online Pornography (Commercial Basis) Regulations 2018 law does not affect the Channel Islands but the States have not ruled out introducing their own regulations.
The UK Department for Censorship, Media and Sport said it was working closely with the Crown Dependencies to make the necessary arrangements for the extension of this legislation to the Channel Islands.
A spokeswoman for the States said they were monitoring the situation in the UK to inform our own policy development in this area.
Foreign secretary Jeremy Hunt declared that the Russian government-owned propaganda channel RT to be a weapon of disinformation in a speech to mark World Press Freedom Day.
The UK government is particularly annoyed at the channel for repeatedly deflecting blame from Russia for the poisoning attack in Salisbury.
Hunt noted that the Kremlin came up with over 40 separate narratives to explain that incident which RT broadcast to the world.
The foreign secretary said it remained a matter for Ofcom to independently decide whether the station should be closed down. At the end of last year RT was found guilty of seven breaches of the British broadcasting code in relation to programmes
broadcast in the aftermath of the Salisbury novichok poisoning .
TV censor Ofcom has yet to announce sanctions for the breaches of the code.
It seems bizarre that the government should let the TV censor determine sanctions when these could have serious diplomatic consequences. Surely it is the government that should be leading the censorship of interference by a foreign power.
Hunt seems to have been doing a bit of anti-British propaganda himself. In a press release ahead of the speech he seemed to suggest that Britain and the west have fragile democracies. In the news release Hunt states:
Russia in the last decade very disappointingly seemed to have embarked on a foreign policy where their principal aim is to sow confusion and division and destabilise fragile democracies.
A DNS server translates the text name of a website into the numerical IP address. At the moment ISPs provide the DNS servers and they use this facility to block websites. If you want to access bannedwebsite.com the ISP simply refuses to tell your
browser the IP address of the website you are seeking. The ISPs use this capability to implement blocks on terrorist/child abuse, copyright infringing websites, porn websites with out age verification, network level parental control blocking and
many more things envisaged in the Government's Online Harms white paper.
At the moment DNS requests are transmitted in the clear so even if you chose another DNS server the ISP can see what you are up to, intercept the message and apply its own censorship rules anyway.
This is all about to change, as the internet authorities have introduced a change meaning that DNS requests can now be encrypted using the web standard encryption as used by https. The new protocol option is known is DNS Over HTTPS or DOH.
The address being requested cannot be monitored under several internet protocols, DNS over TLS and DNSCrypt but DNS Over HTTPS goes one step further in that ISPs cannot even detect that it is DNS request at al. It appears exactly the same as a
standard HTTPS request for the website content. This prevents the authorities from refusing to allow DNS Over HTTPS at all by blocking all such requests. If they tried they would have to block all https websites.
There's nothing to stop users from sticking with their ISPs DNS and submitting to all the familiar censorship policies. However if your browser allows, you can ask the browser to ask to use a non censorial DNS server over HTTPS. There are already
plenty of servers out there to choose from, but it is down to the browser to define the choice available to you. Firefox already allows you to select their own encrypted DNS server. Google is not far behind with its Chrome Browser.
At the moment Firefox already allows those with techie bent to opt for the Firefox DOH, but Firefox recently made waves by suggesting that it would soon default to using its own server and make it a techie change to opt out and revert to ISP DNS.
Perhaps this sounds a little unlikely.
The Government have got well wound up by the fear of losing censorship control over UK internet users so no doubt will becalling in people from Firefox and Chrome to try to get them to enforce state censorship. However it may not be quite
so easy. The new protocol allows for anyone to offer non censorial (or even censorial) DOH servers. If Firefox can be persuaded to toe the government line then other browsers can step in instead.
The UK Government broadband ISPs and the National Cyber Security Centre (NCSC) are now set to meet on the 8th May 2019 in order to discuss Google's forthcoming implementation of encrypted DOH. It should be an interesting meeting but I bet they'll
never publish the minutes.
I rather suspect that the Government has shot itself in the foot over this with its requirements for porn users to identify themselves before being able to access porn. Suddenly they have will have spurred millions of users to take an interest in
censorship circumvention to avoid endangering themselves, and probably a couple of million more who will be wanting to avoid the blocks because they are too young. DNS, DOH, VPNs, Tor and the likes will soon become everyday jargon.
The BBFC has published a detailed standard for age verifiers to get tested against to obtain a green AV kite mark aiming to convince users that their identity data and porn browsing history is safe.
I have read through the document and conclude that it is indeed a rigorous standard that I guess will be pretty tough for companies to obtain. I would say it would be almost impossible for a small or even medium size website to achieve the
standard and more or less means that using an age verification service is mandatory.
The standard has lots of good stuff about physical security of data and vetting of staff access to the data.
Age verifier AVSecure commented:
We received the final documents and terms for the BBFC certification scheme for age verification providers last Friday. This has had significant input from various Government bodies including DCMS (Dept for Culture, Media & Sport), NCC Group
plc (expert security and audit firm), GCHQ (UK Intelligence & Security Agency) ICO (Information Commissioner's Office) and of course the BBFC (the regulator).
The scheme appears to have very strict rules.
It is a multi-disciplined scheme which includes penetration testing, full and detailed audits, operational procedures over and above GDPR and the DPA 2018 (Data Protection Act). There are onerous reporting obligations with inspection rights
attached. It is also a very costly scheme when compared to other quality standard schemes, again perhaps designed to deter the faint of heart or shallow of pocket.
Consumers will likely be advised against using any systems or methods where the prominent green AV accreditation kitemark symbol is not displayed.
But will the age verifier be logging your ID data and browsing history?
And the answer is very hard to pin down from the document. At first read it suggests that minimal data will be retained, but a more sceptical read, connecting a few paragraphs together suggests that the verifier will be required to keep extensive
records about the users porn activity.
Maybe this is a reflection of a recent change of heart. Comments from AVSecure suggested that the BBFC/Government originally mandated a log of user activity but recently decided that keeping a log or not is down to the age verifier.
As an example of the rather evasive requirements:
8.5.9 Physical Location
Personal data relating to the physical location of a user shall not be collected as part of the age-verification process unless required for fraud prevention and detection. Personal data relating to the physical location of a user shall only be
retained for as long as required for fraud prevention and detection.
Here it sounds like keeping tabs on location is optional, but another paragraph suggest otherwise:
8.4.14 Fraud Prevention and Detection
Real-time intelligent monitoring and fraud prevention and detection systems shall be used for age-verification checks completed by the age-verification provider.
Now it seems that the fraud prevention is mandatory, and so a location record is mandatory after all.
Also the use off the phrase only be retained for as long as required for fraud prevention and detection. seems a little misleading too, as in reality fraud prevention will be required for as long as the customer keeps on using it. This may
as well be forever.
There are other statements that sound good at first read, but don't really offer anything substantial:
8.5.6 Data Minimisation
Only the minimum amount of personal data required to verify a user's age shall be collected.
But if the minimum is to provide name and address + eg a drivers licence number or a credit card number then the minimum is actually pretty much all of it. In fact there are only the porn pass methods that offer any scope for 'truely minimal'
data collection. Perhaps the minimal data also applies to the verified mobile phone method as although the phone company probably knows your identity, then maybe they won't need to pass it on to the age verifier.
What does the porn site get to know
The rare unequivocal and reassuring statement is
8.5.8 Sharing Results
Age-verification providers shall only share the result of an age-verification check (pass or fail) with the requesting website.
So it seems that identity details won't be passed to the websites themselves.
However the converse is not so clear:
8.5.6 Data Minimisation
Information about the requesting website that the user has visited shall not be collected against the user's activity.
Why add the phrase, against the user's activity. This is worded such that information about the requesting website could indeed be collected for another reason, fraud detection maybe.
Maybe the scope for an age verifier to maintain a complete log of porn viewing is limited more by the practical requirement for a website to record a successful age verification in a cookie such that the age verifier only gets to see one
interaction with each website.
No doubt we shall soon find out whether the government wants a detailed log of porn viewed, as it will be easy to spot if a website queries the age verifier for every film you watch.
And what about all this reference to fraud detection. Presumably the BBFC/Government is a little worried that passwords and accounts will be shared by enterprising kids. But on the other hand it may make life tricky for those using shared
devices, or perhaps those who suddenly move from London to New York in an instant, when in fact this is totally normal for someone using a VPN on a PC.
The BBFC/Government have moved on a long way from the early days when the lawmakers created the law without any real protection for porn users and the BBFC first proposed that this could be rectified by asking porn companies to voluntarilyfollow
'best practice' in keeping people's data safe.
A definite improvement now, but I think I will stick to my VPN.
A TV channel, a porn producer, an age verifier and maybe even the government got together this week to put out a live test of age verification. The test was implemented on a specially created website featuring a single porn video.
The test required a well advertised website to provide enough traffic of viewers positively wanting to see the content. Channel 4 obliged with its series Mums Make Porn. The series followed a group of mums making a porn video that
they felt would be more sex positive and less harmful to kids than the more typical porn offerings currently on offer.
The mums did a good job and produced a decent video with a more loving and respectful interplay than is the norm. The video however is still proper hardcore porn and there is no way it could be broadcast on Channel 4. So the film was made
available, free of charge, on its own dedicated website complete with an age verification requirement.
The website was announced as a live test for AgeChecked software to see how age verification would pan out in practice. It featured the following options for age verification
entering full credit card details + email
entering driving licence number + name and address + email
mobile phone number + email (the phone must have been verified as 18+ by the service provider and must must be ready to receive an SMS message containing login details)
Nothing has been published in detail about the aims of the test but presumably they were interested in the basic questions such as:
What proportion of potential viewers will be put off by the age verification?
What proportion of viewers would be stupid enough to enter their personal data?
Which options of identification would be preferred by viewers?
The official test 'results'
Alastair Graham, CEO of AgeChecked provided a few early answers inevitably claiming that:
The results of this first mainstream test of our software were hugely encouraging.
He went on to claim that customers are willing to participate in the process, but noted that verified phone number method emerged as by far the most popular method of verification. He said that this finding would be a key part of this
process moving forward.
Reading between the lines perhaps he was saying that there wasn't much appetite for handing over detailed personal identification data as required by the other two methods.
I suspect that we will never get to hear more from AgeChecked especially about any reluctance of people to identify themselves as porn viewers.
The unofficial test results
Maybe they were also interested in other questions too:
Will people try and work around the age verification requirements?
if people find weaknesses in the age verification defences, will they pass on their discoveries to others?
Interestingly the age verification requirement was easily sidestepped by those with a modicum of knowledge about downloading videos from websites such as YouTube and PornHub. The age verification mechanism effectively only hid the start button
from view. The actual video remained available for download, whether people age verified or not. All it took was a little examination of the page code to locate the video. There are several tools that allow this: video downloader addons, file
downloaders or just using the browser's built in debugger to look at the page code.
Presumably the code for the page was knocked up quickly so this flaw could have been a simple oversight that is not likely to occur in properly constructed commercial websites. Or perhaps the vulnerability was deliberately included as part of the
test to see if people would pick up on it.
However it did identify that there is a community of people willing to stress test age verification restrictions and see if work rounds can be found and shared.
I noted on Twitter that several people had posted about the ease of downloading the video and had suggested a number of tools or methods that enabled this.
There was also an interesting article posted on achieving age verification using an expired credit card. Maybe that is not so catastrophic as it still identifies a cardholder as over 18, even if cannot be used to make a payment. But of course it
may open new possibilities for misuse of old data. Note that random numbers are unlikely to work because of security algorithms. Presumably age verification companies could strengthen the security by testing that a small transaction works, but
this intuitively this would have significant cost implications. I guess that to achieve any level of take up, age verification needs to be cheap for both websites and viewers.
It was very heartening to see how many people were helpfully contributing their thoughts about testing the age verification software.
Over the course of a couple of hours reading, I learnt an awful lot about how websites hide and protect video content, and what tools are available to see through the protection. I suspect that many others will soon be doing the same... and I
also suspect that young minds will be far more adept than I at picking up such knowledge.
A final thought
I feel a bit sorry for small websites who sell content. It adds a whole new level complexity as a currently open preview area now needs to be locked away behind an age verification screen. Many potential customers will be put off by having to
jump through hoops just to see the preview material. To then ask them to enter all their credit card details again to subscribe, may be a hurdle too far.
Update: The Guardian reports that age verification were easily circumvented
The Guardian reported that the credit card check used by AgeChecked could be easily fooled by generating a totally false credit card number. Note that a random number will not work as there is a well known sum check algorithm which invalidates a
lot of random numbers. But anyone who knows or looks up the algorithm would be able to generate acceptable credit card numbers that would at least defeat AgeChecked.
Or they would have been had AgeChecked not now totally removed the credit card check option from its choice of options.
Still the damage was done when the widely distributed Guardian article has established doubts about the age verification process.
Of course the workaround is not exactly trivial and will stop younger kids from 'stumbling on porn' which seems to be the main fall back position of this entire sorry scheme.