United Kingdom
A Obstacles to Access | 22 25 |
B Limits on Content | 30 35 |
C Violations of User Rights | 25 40 |

Users in the United Kingdom (UK) generally enjoy substantial internet freedom, with few major constraints on access or content. However, following the lead of its European counterparts, the government has grown increasingly interested in regulating online platforms and content hosts in an effort to limit disinformation and curb material that is deemed harmful. Such policymaking efforts culminated in the release of two reports during the coverage period, most notably the controversial Online Harms White Paper. In a novel form of restriction on access, police ordered Wi-Fi connections to be suspended in some of London’s Underground mass-transit train stations amid peaceful civil-disobedience protests.
The UK—comprising England, Scotland, Northern Ireland, and Wales—is a long-standing democracy that regularly holds free elections and is home to a vibrant media sector. While the government enforces robust protections for political rights and civil liberties, recent years have featured concerns about increased government surveillance of residents as well as rising Islamophobia and anti-immigrant sentiment. UK referendum voters in 2016 narrowly supported leaving the European Union (EU), a process known colloquially as Brexit, but political disagreement about the details of the withdrawal continued to stall implementation during the coverage period.
- British transport police ordered internet service provider (ISP) Virgin Media to shut off Wi-Fi service in some London Underground stations in April 2019 amid protests and peaceful civil-disobedience actions by the environmentalist group Extinction Rebellion (see A3).
- Also in April 2019, the government released its Online Harms White Paper, aimed at creating a new regulatory framework to tackle not only illegal online content, but also content that the government views as legal yet harmful (see B3).
- Parliament’s Digital, Culture, Media, and Sport Committee released its report on disinformation and “fake news” in February 2019, recommending the establishment of new forms of legal liability to address the problem (see B3 and B5).
- Separately in February 2019, the Counter-Terrorism and Border Security Act was approved, including several provisions that could affect online free expression and privacy (see C2 and C5).
- In September 2018, the European Court of Human Rights found that parts of the UK’s bulk surveillance regime under the Regulation of Investigatory Powers Act 2000 violated the European Convention on Human Rights (see C5).
Information and communication technology (ICT) infrastructure is generally strong, and government policies and regulations tend to favor access. The overwhelming majority of UK residents use the internet frequently on a variety of devices, particularly smartphones, and substantial government-backed infrastructure investments have led to better service over time.
Do infrastructural limitations restrict access to the internet or the speed and quality of internet connections? | 6.006 6.006 |
Access to the internet is considered a key element of societal and democratic participation in the UK. Broadband access is almost ubiquitous, and nearly 100 percent of households are within range of ADSL (asymmetric digital subscriber line) connections. All national mobile service providers offer fourth-generation (4G) network technology.
The Digital Economy Act 2017 obliges service providers to offer minimum connection speeds of 10 Mbps.1 Access to “superfast” broadband connections, with an advertised speed of at least 30 Mbps, continues to expand.2 While the geographical coverage of superfast broadband networks has reached more than 90 percent of the UK, the communications regulator—the Office of Communications (Ofcom)—has noted that the country lags behind in fully fiber-optic broadband.3 In March 2018, the government launched a new voucher scheme that provides up to ₤3,000 ($3,800) toward installation costs for full-fiber broadband connections serving small and medium-sized enterprises.4 In October 2018, ₤200 million ($260 million) was allocated to enable an “outside-in” approach to providing full-fiber broadband in rural areas.5
Mobile telephone penetration is extensive. In 2017, some 73 percent of surveyed adults used mobile phones to access the internet, up from 36 percent in 2011.6 In 2018, 78 percent of adults viewed their mobile device as their primary means of internet access.7 For those over age 54, laptop computers remained the most popular devices.8
In 2010, the UK government awarded contracts to the Chinese telecommunications company Huawei to provide infrastructure for fixed-line and mobile internet service, including fifth-generation (5G) mobile technology. In order to allay security concerns, national security and intelligence agencies such as Government Communications Headquarters (GCHQ) arranged to monitor for any problems through regular audits and other measures. In July 2018, the fourth annual report on this monitoring raised significant concerns about Huawei-provided infrastructure, especially with respect to third-party equipment suppliers such as ZTE, another Chinese telecommunications firm.9 In 2017, China had passed national intelligence legislation that gave government agencies significant authority to interfere with Chinese manufacturers of telecommunications hardware.10 In April 2019, the UK decided to bar Huawei from providing “core” elements of the country’s developing 5G network.11
- 1United Kingdom, Digital Economy Act 2017 http://www.legislation.gov.uk/ukpga/2017/30/contents/enacted ; Jamie Rigg, “How the Digital Economy Act will come between you and porn and everything else you need to know about the new legislation,” Engaget, March 5, 2017, https://www.engadget.com/2017/05/03/digital-economy-act-explainer/
- 2For local area progress in broadband provision, see Building Digital UK (BDUK), Table of local broadband projects, October 2014, https://docs.google.com/spreadsheet/ccc?key=0Ah3sVRjT82kKdEltX0lJNjNVWW…
- 3Ofcom, “UK Home Broadband Performance: The performance of fixed-line broadband delivered to UK residential consumers,” May 9, 2018 , https://www.ofcom.org.uk/__data/assets/pdf_file/0027/113796/home-broadb…
- 4Department for Digital, Culture, Media & Sport, “Gigabit Broadband Voucher Scheme” https://gigabitvoucher.culture.gov.uk/
- 5Gov.uk, “£200 million to kickstart full fibre broadband across UK”, October 31, 2018; https://www.gov.uk/government/news/200-million-to-kickstart-full-fibre-…
- 6Office for National Statistics, “Internet access – households and individuals: 2017,” https://www.ons.gov.uk/peoplepopulationandcommunity/householdcharacteri…
- 7Ofcom, “The Communications Market Report 2018”, https://www.ofcom.org.uk/__data/assets/pdf_file/0022/117256/CMR-2018-na…
- 8Ofcom, “The Communications Market Report 2017,” https://www.ofcom.org.uk/research-and-data/multi-sector-research/cmr/cm…
- 9Gov.uk, “Huawei cyber security evaluation centre oversight board: annual report 2018,” July 19, 2018 https://www.gov.uk/government/publications/huawei-cyber-security-evalua…
- 10Parliament All Select Committee, Foreign Affairs (2017). “China and the Rules-Based International System, 6 Engagement and interference, Cyber security and critical national infrastructure” at para 100 https://publications.parliament.uk/pa/cm201719/cmselect/cmfaff/612/6120… ; Yuan Tang, “Is Huawei compelled by Chinese law to help with espionage?” Financial Times, March 5, 2019 https://www.ft.com/content/282f8ca0-3be6-11e9-b72b-2c7f526ca5d0
- 11Dan Sabbagh, “May to ban Huawei from providing 'core' parts of UK 5G network,” The Guardian, April 23, 2019 https://www.theguardian.com/technology/2019/apr/24/may-to-ban-huawei-fr…
Is access to the internet prohibitively expensive or beyond the reach of certain segments of the population for geographical, social, or other reasons? | 2.002 3.003 |
Internet access continues to expand, gradually reducing regional and demographic disparities.
The UK provides a competitive market for internet access, and prices for communications services compare favorably with those in other countries. The average monthly price for a typical mobile data package was ₤18.36 in 2017.1 The most affordable fixed-line broadband packages cost a little over ₤30 ($38) a month.2 Median gross weekly earnings for full-time workers were ₤569 ($730).3
According to the UK’s Office of National Statistics, 90 percent of households have access to the internet.4 However, those in the lowest income groups are significantly less likely to have home internet subscriptions, with the gap between socioeconomic groups remaining the same for the past few years. Some 22 percent of people with disabilities have no internet access.5 There is a no general gender gap in internet use, though about two-thirds of women over 75 have never used the internet. Women between 65 and 74 years old have experienced the largest rise in internet usage, from 47 percent in 2011 to 82 percent in 2019.
- 1Ofcom, “Pricing trends for communications services in the UK,” May 17, 2018 https://www.ofcom.org.uk/__data/assets/pdf_file/0030/113898/pricing-rep…
- 2Mobile SIM-only plan from BT. BT, “SIM-Only deals, Value Starter Plan” https://www.productsandservices.bt.com/mobile/sim-only-deals. For fixed-lined service, see: Broadband Choices, “BT announces price increases from 3 July 2016”, May 3 2016 https://www.broadbandchoices.co.uk/news/broadband/bt-announces-price-in…; BT, “Broadband Deals” https://www.productsandservices.bt.com/products/broadband-packages/. BT prices include line rental, which was GBP 18.99 in 2017.
- 3Office for National Statistics, “Annual Survey of Hours and Earnings October 2018” https://www.ons.gov.uk/employmentandlabourmarket/peopleinwork/earningsa…
- 4Office of National Statistics, “Internet access – households and individuals, Great Britain: 2018” https://www.ons.gov.uk/peoplepopulationandcommunity/householdcharacteri…
- 5Office of National Statistics “Internet users in the UK 2019” https://www.ons.gov.uk/businessindustryandtrade/itandinternetindustry/b…
Does the government exercise technical or legal control over internet infrastructure for the purposes of restricting connectivity? | 5.005 6.006 |
The government does not exercise control over the internet infrastructure and does not routinely restrict connectivity. On April 17, 2019, however, British transport police ordered the ISP Virgin Media to shut off Wi-Fi service in some London Underground stations.1 The restriction came in response to protests and peaceful civil-disobedience actions by the environmentalist group Extinction Rebellion, which called on the government to reduce carbon emissions and combat climate change more aggressively.2 The group had publicized its plans to peacefully disrupt Underground service. Appendix 1 of the Wi-Fi Operational Agreement between Virgin Media and Transport for London details the process for implementing orders from police or security agencies to temporarily cut or restrict Wi-Fi service.3
The government does not place limits on the amount of bandwidth that ISPs can supply, and the use of internet infrastructure is not subject to direct government control. ISPs regularly engage in traffic shaping or slowdowns of certain services, such as peer-to-peer file sharing and television streaming. Mobile providers have cut back on previously unlimited access packages for smartphones, reportedly because of concerns about network congestion.
- 1James Vincent, “UK police shut off Wi-Fi in London Tube stations to deter climate protestors,” The Verge, April 17, 2019 https://www.theverge.com/2019/4/17/18411820/london-underground-tube-wi-…
- 2Matthew Taylor, Damien Gayle, Libby Brooks, “Extinction Rebellion keep control of major London sites into a third day,” The Guardian, April 17, 2019 https://www.theguardian.com/environment/2019/apr/16/extinction-rebellio…
- 3Transport for London, Principles of the London Underground Public Wi-Fi Operational Agreement http://content.tfl.gov.uk/wifi-enabling-agreement-appendix-1.pdf
Are there legal, regulatory, or economic obstacles that restrict the diversity of service providers? | 5.005 6.006 |
There are few obstacles to the establishment of service providers in the UK, allowing for a competitive market that benefits users.
Major ISPs include BT (formerly British Telecom) with a 37 percent market share, Sky (24 percent), Virgin Media (20 percent), TalkTalk (12 percent), and others (8 percent).1 Ofcom continues to develop regulations to promote the unbundling of services so that incumbent owners of infrastructure continue to invest in their networks while also allowing competitors to make use of them.2
ISPs are not subject to licensing, but they must comply with general conditions set by Ofcom, such as having a recognized code of practice and being a member of a recognized alternative dispute-resolution scheme.3
Among mobile service providers, EE (owned by BT since 2016) leads the market with 29 percent of subscribers, followed by O2 (27 percent), Vodafone (19 percent), Three (11 percent), and Tesco (8.5 percent).4 Mobile virtual network operators including Tesco provide service using the infrastructure owned by one of the other companies.
- 1Ofcom, “The Communications Market Report 2017,” August 3, 2017 p.147 https://www.ofcom.org.uk/__data/assets/pdf_file/0017/105074/cmr-2017-uk…
- 2Ofcom, “Wholesale Local Access Market Review: Statement–Volume 1,” March 28,2018 https://www.ofcom.org.uk/__data/assets/pdf_file/0020/112475/wla-stateme…
- 3Ofcom, Consolidated Version of General Conditions of Entitlement (London: Ofcom), December 16, 2013, https://web.archive.org/web/20140717212346/http://stakeholders.ofcom.or…
- 4Ofcom, “The Communications Market Report 2016,” p.153, https://www.ofcom.org.uk/research-and-data/multi-sector-research/cmr/cm…
Do national regulatory bodies that oversee service providers and digital technology fail to operate in a free, fair, and independent manner? | 4.004 4.004 |
The various entities responsible for regulating internet service and content in the UK generally operate impartially and transparently.
Ofcom, the primary telecommunications regulator, is an independent statutory body. It has broadly defined responsibility for the needs of “citizens” and “consumers” regarding “communications matters” under the Communications Act 2003.1 It is overseen by Parliament and also regulates the broadcasting and postal sectors.2 Ofcom has some authority to regulate content with implications for the internet, such as regulating video content in keeping with the EU AudioVisual Media Services Directive.3
Nominet, a nonprofit company operating in the public interest, manages access to the .uk, .wales, and .cymru country domains. In 2013, Nominet implemented a postregistration domain name screening to suspend or remove domain names that encourage serious sexual offenses.4
Other groups regulate services and content through voluntary ethical codes or co-regulatory rules under independent oversight. In 2012, major ISPs published a Voluntary Code of Practice in Support of the Open Internet.5 The code commits ISPs to transparency and confirms that traffic management practices will not be used to target and degrade the services of a competitor. The code was amended in 2013 to clarify that signatories could deploy content filtering or provide such tools where appropriate for public Wi-Fi access.6 Ofcom also maintains voluntary codes of practice related to internet speed provision, dispute resolution, and the sale and promotion of internet services.7
Criminal online content is addressed by the Internet Watch Foundation (IWF), an independent self-regulatory body funded by the EU and industry associations (see B3).8 The Advertising Standards Authority and the Independent Press Standards Organization regulate newspaper websites. With the exception of child-abuse content, these bodies eschew prepublication censorship and operate postpublication notice and takedown procedures within the E-Commerce Directive liability framework (see B3).
- 1Communications Act 2003, Part 1, Section 3, http://www.legislation.gov.uk/ukpga/2003/21/contents.
- 2Ofcom, “What is Ofcom?” https://www.ofcom.org.uk/about-ofcom/what-is-ofcom
- 3DigitalTV Europe, “Ofcom to take over VoD regulation from ATVOD,” October 14, 2015, http://www.digitaltveurope.net/443191/ofcom-to-take-over-vod-regulation…
- 4Nominet, “Nominet to update registration policy in light of Lord Macdonald review,” January 15, 2014, https://www.nominet.uk/nominet-to-update-registration-policy-in-light-o…
- 5Broadband Stakeholder Group, “ISPs launch Open Internet Code of Practice,” July 25, 2012, http://www.broadbanduk.org/2012/07/25/isps-launch-open-internet-code-of…
- 6Broadband Stakeholder Group, “ISPs launch Open Internet Code of Practice,” May 2013, http://www.broadbanduk.org/wp-content/uploads/2013/06/BSG-Open-Internet…
- 7Ofcom, “Codes of Practice” https://www.ofcom.org.uk/phones-telecoms-and-internet/information-for-i…
- 8The Internet Watch Foundation https://www.iwf.org.uk/
Various categories of criminal content—such as depictions of child sexual abuse, promotion of extremism and terrorism, and copyright-infringing materials—are blocked by ISPs. Parental controls on content considered unsuitable for children are enabled by default on mobile networks, requiring adults to opt out to access adult material. These measures can result in excessive blocking, and there is a lack of transparency regarding the processes involved and the kinds of content affected. During the coverage period, the government advanced its plans to regulate online content that it deems harmful but not necessarily illegal.
Does the state block or filter, or compel service providers to block or filter, internet content? | 5.005 6.006 |
Blocking generally does not affect political and journalistic content or other internationally protected forms of online expression. Service providers do block and filter some content that falls into one of three categories: copyright-infringing material, the promotion of terrorism, and depictions of child sexual abuse. Optional filtering can be applied to additional content, particularly material that is considered unsuitable for children.
The Digital Economy Act 2017 includes provisions that allow blocking of “extreme” pornographic material, setting standards that critics said were poorly defined and could be unevenly applied.1 The measures were set to come into force in April 2019, but they were postponed to July,2 and in June 2019 they were delayed again for at least six months due to an “administration oversight.”3
ISPs are required to block domains and URLs found to be hosting material that infringes copyright when so ordered by the High Court (see B3).4
Overseas-based URLs hosting content that has been reported by police for violating the Terrorism Act 2006, which prohibits the glorification or promotion of terrorism, are included in the optional child filters supplied by many ISPs.5 “Public estates” like schools and libraries also block such URLs.6 The content can still be accessed on private computers.7
ISPs block URLs containing photographic or computer-generated depictions of child sexual abuse or criminally obscene adult content in accordance with the Internet Services Providers’ Association’s voluntary code of practice (see A5). Mobile service providers also block URLs identified by the IWF as containing such potentially illegal content.
All mobile service providers and some ISPs that provide home service filter legal content that is considered unsuitable for children. Mobile service providers enable these filters by default, requiring customers to prove that they are over age 18 to access the unfiltered internet. In 2013, the four largest ISPs agreed with the government to present all customers with an “unavoidable choice” about whether to enable parentally controlled filters.8
Mobile UK, an industry group consisting of Vodafone, Three, EE, and O2,9 introduced filtering of content considered unsuitable for children in a code of practice published in 2004 and updated in 2013.10 Content considered suitable for adults only includes “the promotion, glamorization or encouragement of the misuse of illegal drugs”; “sex education and advice which is aimed at adults”; and “discriminatory language or behavior which is frequent and/or aggressive, and/or accompanied by violence and not condemned,” among other categories (see B3).
The four largest ISPs—BT, Sky, Virgin Media, and TalkTalk—offer all customers the choice to activate similar optional filters to protect children. The relevant categories vary by provider, but can include social networking, games, and sex education.11 Website owners can check whether their sites are filtered under one or more category, or report overblocking, by emailing the industry-backed nonprofit group Internet Matters,12 though the process and timeframe for correcting mistakes varies by provider.
These optional filters can affect a range of legitimate content pertaining to public health, LGBT+ topics, drug awareness, and even information published by civil society groups and political parties. In 2012, O2 customers were temporarily unable to access the website of the far-right British National Party.13 Civil society groups have criticized the subjectivity of the filtering criteria. A 2014 magazine article noted that all ISPs had blocked dating sites with the exception of Virgin Media, which operates one.14 An Ofcom report found that ISPs include “proxy sites, whose primary purpose is to bypass filters or increase user anonymity, as part of their standard blocking lists.”15
Blocked, a site operated by the Open Rights Group, allows users to test the accessibility of websites and report excessive blocking and optional filtering by both home broadband and mobile internet providers.16 As of the beginning of October 2019, the number of blocked and filtered sites was reported to be 775,556.17 This includes sites related to advice for abuse victims, addiction counseling, LGBT+ subjects, and school websites.18
- 1Damien Gayle, “What, how and why? The UK’s new online porn restrictions explained” The Guardian, November 25, 2016 https://www.theguardian.com/culture/2016/nov/25/what-how-and-why-the-uk…
- 2Department for Digital, Culture, Media & Sport, “Age-verification for online pornography to begin in July” gov.uk, April 17, 2019 https://www.gov.uk/government/news/age-verification-for-online-pornogra…
- 3Matt Burgess, “It's official. The UK's porn block is delayed for at least 6 months,” Wired, June 20, 2019 https://www.wired.co.uk/article/uk-porn-block-delayed
- 4Sections 17 and 18 of the Digital Economy Act (DEA) of 2010 separately allowed for the courts to order websites containing “substantial” violations of copyright to be blocked. In August 2011, the government announced that the DEA’s blocking provisions would be dropped, in part because it was already authorized under another law. See: “Government drops website blocking,” BBC News, August 3, 2011, http://www.bbc.com/news/technology-14372698
- 5Patrick Wintour, “UK ISPs to introduce jihadi and terror content reporting button,” The Guardian, November 13, 2014, https://www.theguardian.com/technology/2014/nov/14/uk-isps-to-introduce…
- 6Open Net Initiative, “United Kingdom,” December 18, 2010, https://opennet.net/research/profiles/united-kingdom#footnote47_syc8fbo; Terrorism Act 2006, http://www.legislation.gov.uk/ukpga/2006/11/pdfs/ukpga_20060011_en.pdf
- 7What do they Know, “attachment to the Freedom of Information request “Current status of terrorist internet filtering”,” June 28, 2013, https://www.whatdotheyknow.com/request/160774/response/404100/attach/ht…
- 8Ofcom, “Ofcom report on internet safety measures,” December 16, 2015, http://stakeholders.ofcom.org.uk/binaries/internet/fourth_internet_safe…
- 9Mobile UK was formerly the Mobile Broadband Group. Mobile UK, “Who we are,” https://www.mobileuk.org/about-mobile-uk
- 10Mobile Broadband Group, “UK Code of practice for the self-regulation of content on mobiles,” version 3, July 1, 2013, https://www.mobileuk.org/codes-of-practice
- 11Ofcom, “Ofcom report on internet safety measures,” https://www.ofcom.org.uk/research-and-data/internet-and-on-demand-resea…
- 12Internet Matters, “Advice for website owners” https://www.internetmatters.org/parental-controls/info-site-owners/
- 13Thomas Brewster, “O2 blocks BNP website as ‘hate site’,” Silicon.co.uk, May 18, 2012, https://www.silicon.co.uk/workspace/o2-blocks-bnp-website-as-hate-site-…
- 14Steven Mackenzie, “Internet Access: Are You Being Subjected To 'Private Sector Censorship?'” The Big Issue, September 10, 2014, http://www.bigissue.com/features/4323/internet-access-are-you-being-sub…
- 15Ofcom, “Ofcom report on internet safety measures,” July 22, 2014, https://www.ofcom.org.uk/__data/assets/pdf_file/0019/27172/Internet-saf…
- 16Blocked! “Are you being blocked?” https://www.blocked.org.uk/
- 17Blocked!, “Are you being blocked?” https://www.blocked.org.uk/
- 18Blocked!, “Internet Filtering Statistics, Not only adult content is being blocked” https://www.blocked.org.uk/stats
Do state or nonstate actors employ legal, administrative, or other means to force publishers, content hosts, or digital platforms to delete content? | 3.003 4.004 |
Political, social, and cultural content is generally not subject to forced removal, though excessive enforcement of rules against content that constitutes a criminal offense can affect protected speech (see B1). The government has recently worked to develop regulations that would compel platforms to restrict content that is deemed harmful but not necessarily illegal (see B3).
The Terrorism Act calls for the removal of online material hosted in the UK if it “glorifies or praises” terrorism, could be useful to terrorists, or incites people to carry out or support terrorism. By early 2018, the police’s Counter-Terrorism Internet Referral Unit (CTIRU), which compiles lists of such content, reported that 304,000 pieces of material had been taken down since 2010.1
In February 2018, the government announced that it had developed software that automatically detected and labelled online content associated with the Islamic State (IS) militant group. The technology is aimed at smaller platforms and services that may not have sufficient resources to carry out similar functions.2 Security Minister Ben Wallace has made statements suggesting that the government use a punitive tax to encourage social media platforms and other technology companies to remove terrorist content more expeditiously.3
When child sexual abuse images or criminally obscene adult materials are hosted on servers in the UK, the IWF coordinates with police and local hosting companies to have it taken down. For content that is hosted on servers overseas, the IWF coordinates with international hotlines and police to have the offending content taken down in the host country.
Similar processes are in place for the investigation of online materials that incite hatred under the oversight of TrueVision, a site that is managed by the police.4 The government has accused social media platforms of not doing enough to combat hate speech.5 The government in 2017 announced plans for a national hub that would monitor online hate speech and help refer certain content to online platforms for their removal.6 As of March 2018, its initial budget was reportedly ₤200,000 ($260,000).7
In 2014, the European Court of Justice gave search engines the task of removing links from their search results at the request of individuals if the stories in question were deemed to be inadequate or irrelevant. This ruling on the “right to be forgotten” has had an impact on the way content is handled in the UK. In 2016, Google expanded the right to be forgotten by removing the designated links from all versions of its search engine.8 In April 2018, in its first decision on the “right to be forgotten,” the High Court ordered Google to delist search results about a businessman’s past criminal conviction. In another case, the court rejected a similar claim made by a businessman who was sentenced for a more serious crime.9
Despite the ongoing Brexit process, the government and the data protection regulator, the Information Commissioner’s Office (ICO), have committed to implementing EU guidance on data protection, the General Data Protection Regulation (GDPR),10 which came into force in May 2018 (see C6). Under the GDPR, the right to be forgotten will continue to apply in the UK.
- 1Shehab Kahn, “Surge in reports of right-wing extremist material online, say anti-terror experts,” The Independent, April 6, 2018, https://www.independent.co.uk/news/uk/home-news/right-wing-extremist-ma…
- 2Patrick Greenfield, “Home Office unveils AI program to tackle Isis online propaganda,” The Guardian, February 13, 2018, https://www.theguardian.com/uk-news/2018/feb/13/home-office-unveils-ai-…
- 3“Call for tech giants to face taxes over extremist content,” BBC News, December 31, 2017, http://www.bbc.co.uk/news/uk-42526271
- 4True Vision, “Internet Hate Crime,” http://www.report-it.org.uk/reporting_internet_hate_crime.
- 5Helen Warrell and Madhumita Murgia, “Social media groups accused of terror fight failings,” Financial Times, August 26, 2016, https://www.ft.com/content/5d608f40-6a16-11e6-ae5b-a7cc5dd5a28c
- 6Gov.uk, “Home Secretary announces new national online hate crime hub,” October 8, 2017 https://www.gov.uk/government/news/home-secretary-announces-new-nationa…
- 7Parliament.uk, “National Online Hate Crime Hub:Written question – 131640” https://www.parliament.uk/business/publications/written-questions-answe…
- 8It had previously removed them only on the local version in the country where the request originated, such as Google.co.uk, leaving them accessible to UK-based users searching international versions like Google.com. The change applies only to users with IP addresses indicating they are located within the jurisdiction of the removal request. The links remain available in searches conducted outside that jurisdiction: “Google takes wider action on 'right to be forgotten,” BBC News, February 11 2016, http://www.bbc.co.uk/news/technology-35548532
- 9Jamie Grierson, Ben Quinn, “Google loses landmark 'right to be forgotten' case,” The Guardian, April 13, 2018, https://www.theguardian.com/technology/2018/apr/13/google-loses-right-t…
- 10Max Metzger, “ICO sets out international vision and route to GDPR compliance,” SC Media, July 5, 2017, https://www.scmagazineuk.com/ico-sets-international-vision-route-gdpr-c…
Do restrictions on the internet and digital content lack transparency, proportionality to the stated aims, or an independent appeals process? | 3.003 4.004 |
The regulatory framework and actual procedures for managing online content are largely proportional, transparent, and open to correction. However, the optional filtering systems operated by ISPs and mobile service providers—particularly those meant to block material that is unsuitable for children—have been criticized for a lack of transparency, inconsistency among different providers, and excessive application that affects legitimate content. Separately, the government has advanced plans to regulate additional content that it considers harmful but not necessarily illegal.
In April 2019, the government released its Online Harms White Paper, aimed at creating a new regulatory framework to tackle problematic content.1 It would apply to both criminal and merely harmful material, encompassing disinformation, trolling, sale of illegal items, nonconsensual pornography, hate speech, harassment, promotion of self-harm, and content uploaded by those who are incarcerated. The proposal would create an independent regulator to enforce companies’ compliance with a new statutory duty of care. Codes of practice would be established to explain how to properly manage harmful content. Companies would also be required to set up appeals processes. The regulator would be given the power to fine noncompliant companies, or impose liability on individuals within senior management. The proposal defines the affected companies as those “that allow users to talk or communicate with each other online,” including social media and messaging platforms, online forums, search engines, and file-hosting sites. At the end of the coverage period, the government was engaged in a consultation process with industry stakeholders and civil society. Civil society groups have criticized the proposal.2
Similarly, in February 2019, Parliament’s Digital, Culture, Media, and Sport Committee released its 2018 report on disinformation and “fake news” (see B5).3 The report recommended holding social media companies and similar broadcasting platforms legally liable for hosting “fake news.” It also suggested imposing other requirements in a new code of conduct for such companies.
Under the Digital Economy Act 2017, ISPs are legally empowered to use both blocking and filtering methods, if allowed by their terms and conditions of use.4 Prior to this amendment, ISPs provided only filtering mechanisms to users; the change allows ISPs to block websites at their own discretion. The Digital Economy Act also imposed a number of requirements on ISPs and content providers, notably Section 14(1), which obliges content providers to verify the age of users accessing online pornography. In February 2018, the British Board of Film Certification (BBFC) was designated as the age-verification regulator, and it launched a public consultation to develop guidance on the means and mechanisms for providers to achieve compliance.5 The age verification mechanisms were set to be implemented in April 2018,6 but they have been delayed to allow more time to identify appropriate means of verification (see B1).7
Civil society groups have criticized the default filters used by ISPs and mobile service providers to review content deemed unsuitable for children, arguing that they lack transparency and affect too much legitimate content, which makes it difficult for consumers to make informed choices and for content owners to appeal wrongful blocking.
ISPs block URLs using content-filtering technology known as Cleanfeed, which was developed by BT in 2004.8 In 2011, a judge described Cleanfeed as “a hybrid system of IP address blocking and DPI-based URL blocking which operates as a two-stage mechanism to filter specific internet traffic.” While the process involves deep packet inspection (DPI), a granular method of monitoring traffic that enables blocking of individual URLs rather than entire domains, it does not entail “detailed, invasive analysis of the contents of a data packet,” according to the judge’s description. Similar systems adopted by ISPs other than BT are “frequently referred to as Cleanfeed,” the judge wrote.9
ISPs are notified about websites hosting content that has been determined to violate or potentially violate UK law under at least three different procedures:
- The IWF compiles a list of specific URLs containing photographic or computer-generated depictions of child sexual abuse or criminally obscene adult content; the list is distributed to ISPs and other industry stakeholders that support the foundation through membership fees.10 ISPs block those URLs in accordance with a voluntary code of practice set forth by the Internet Services Providers’ Association (see A5). IWF analysts evaluate material for potential violations of a range of UK laws,11 in accordance with a Sexual Offences Definitive Guideline published by the Sentencing Council under the Ministry of Justice.12 The IWF recommends that ISPs notify customers about why a blocked site is inaccessible,13 but some simply display error messages.14 The IWF website allows site owners to appeal their inclusion on the list. Citizens can also report criminal content via a hotline. An independent 2014 judicial review of the human rights implications of the IWF's operations found that the body’s work was consistent with human rights law.15 The IWF appointed a human rights expert in accordance with one of the review’s recommendations, but it deferred action on a recommendation to limit its remit to child sexual abuse.16 The list of sites blocked for hosting child sexual abuse imagery is not public.
- The CTIRU, created in 2010, compiles a list of URLs hosted overseas that contain material considered to glorify or incite terrorism under the Terrorism Act 2006,17 and these are filtered on public-sector networks. The blacklist is not made public on the grounds that releasing it would facilitate access to unlawful materials.
- The UK High Court can order ISPs to block websites found to be infringing copyright under the Copyright, Designs, and Patents Act 1988.18 The High Court has held that publishing a link to copyright-infringing material, rather than actually hosting it, does not amount to an infringement;19 this approach was confirmed by the Court of Justice of the European Union.20 A new intellectual property framework adopted in 2014 included exceptions for making personal copies of protected work for private use, as well as for “parody, caricature, and pastiche.”21 Copyright-related blocking has been criticized for its inefficiency and lack of transparency.22 In 2014, after lobbying from the London-based Open Rights Group, BT, Sky, and Virgin Media began informing visitors to sites blocked by court order that the order can be appealed at the High Court.23 While High Court orders are not kept from the public, they can be burdensome to obtain in practice.24
The processes by which mobile service providers block content that the industry group Mobile UK deems unsuitable for children lack transparency, and their effects vary across providers. In some cases the filtering activity may be outsourced to third-party contractors, further limiting transparency.25 Child-protection filters are enabled by default in mobile internet browsers, though users can disable them by verifying that they are over age 18. Mobile virtual network operators are believed to “inherit the parent service's filtering infrastructure, though they can choose whether to make this available to their customers.”26 O2 allows its users to check how a particular site has been classified.27 The filtering is based on a classification framework for mobile content published by the BBFC.28 The BBFC adjudicates appeals from content owners and publishes the results quarterly.29
Website owners and companies that knowingly host illicit material and fail to remove it may be held liable, even if the content was created by users, according to EU Directive 2000/31/EC (the E-Commerce Directive).30 Updates to the Defamation Act effective since 2014 limit companies’ liability for user-generated content that is considered defamatory. However, the Defamation Act offers protection from private libel suits based on third-party postings only if the plaintiff is able to identify the user responsible for the allegedly defamatory content.31 The act does not specify what sort of information the website operator must provide to plaintiffs, but it raised concerns that websites would register users and restrict anonymity in order to avoid civil liability.32
- 1Gov.uk, “Online Harms White Paper,” April 8, 2019 https://www.gov.uk/government/consultations/online-harms-white-paper
- 2Katharine Trendacosta, “EFF and OTI Respond to the UK Government’s Online Harms White Paper,” Electronic Frontier Foundation, July 3, 2019 https://www.eff.org/deeplinks/2019/07/eff-and-oti-respond-uk-government…; Article 19, “UK: Article 19 response to Online Harms White Paper,” July 02, 2019 https://www.article19.org/resources/uk-article-19-response-to-online-ha…
- 3Parliament.uk, “Disinformation and ‘fake news’: Final Report published,” February 18, 2019 https://www.parliament.uk/business/committees/committees-a-z/commons-se…
- 4s. 104 Digitial Economy Act 2017 http://www.legislation.gov.uk/ukpga/2017/30/section/104/enacted
- 5BBFC, “Consultation on draft Guidance on Age Verification Arrangements and draft Guidance on Ancillary Service Providers launched,” March 26, 2018 http://www.bbfc.co.uk/industry-services/customer-news/DEA-consultation-…
- 6Leo Kelion, “Porn ID checks set to start in April 2018,” BBC News, July 17, 2017, http://www.bbc.co.uk/news/technology-40630582
- 7Zoe Kleinman “Online porn age checks delayed in UK,” BBC News, March 12, 2018 https://www.bbc.co.uk/news/technology-43370999
- 8Martin Bright, “BT puts block on child porn sites,” The Guardian, June 6, 2004, https://www.theguardian.com/technology/2004/jun/06/childrensservices.ch…; Charles Arthur, "How the IWF blacklist stops you seeing the Scorpions’ album cover," The Guardian, December 8, 2008, https://www.theguardian.com/technology/blog/2008/dec/08/internet-censor…; Open Rights Group Wiki, “Cleanfeed,” https://wiki.openrightsgroup.org/wiki/Cleanfeed
- 9[2011] EWHC 1981 (Ch) http://news.bbc.co.uk/2/shared/bsp/hi/pdfs/28_07_11_bt_newzbin_ruling.p…
- 10Internet Watch Foundation, “URL List Policy,” https://www.iwf.org.uk/members/member-policies/url-list
- 11Internet Watch Foundation, “The laws and assessment levels,” https://www.iwf.org.uk/hotline/the-laws
- 12Sentencing Council, Sexual Offences Definitive Guideline, https://www.sentencingcouncil.org.uk/publications/item/sexual-offences-…
- 13Internet Watch Foundation, “URL Blocking: Good Practice,” https://www.iwf.org.uk/become-a-member/services-for-members/url-list/ur….
- 14Open Rights Group Wiki, “Cleanfeed,” https://wiki.openrightsgroup.org/wiki/Cleanfeed.
- 15Lord MacDonald of River Glaven GQ, “A Human Rights Audit of the Internet Watch Foundation,” January 27, 2014, https://www.iwf.org.uk/sites/default/files/inline-files/Human_Rights_Au….
- 16Internet Watch Foundation, “Audits and inspections” https://www.iwf.org.uk/what-we-do/who-we-are/human-rights-audit
- 17Open Net Initiative, “United Kingdom,” December 18, 2010, https://opennet.net/research/profiles/united-kingdom#footnote47_syc8fbo; Terrorism Act 2006, http://www.legislation.gov.uk/ukpga/2006/11/pdfs/ukpga_20060011_en.pdf; “2010 to 2015 government policy: counter-terrorism,” Gov.UK, May 8, 2015, https://www.gov.uk/government/publications/2010-to-2015-government-poli…; National Police Chiefs Council, “The Counter Terrorism Internet Referral Unit,” https://web.archive.org/web/20160426105626/http://www.npcc.police.uk/NP….
- 18Sections 17 and 18 of the Digital Economy Act (DEA) of 2010 separately allowed for the courts to order websites containing “substantial” violations of copyright to be blocked. In August 2011, the government announced that the DEA’s blocking provisions would be dropped, in part because it was already authorized under another law. See: “Government drops website blocking,” BBC News, August 3, 2011, http://www.bbc.com/news/technology-14372698
- 19Paramount Home Entertainment International Ltd v British Sky Broadcasting Ltd [2013] EWHC 3479 (Ch). For instances where the individual is merely browsing the content, the Supreme Court has held that this does not amount to an infringement. PRCA v The Newspaper Licensing Agency Limited [2013] UKSC 18.
- 20Case C-466/12 Svensson and others v Retreiver Sverige, full judgement at: http://curia.europa.eu/juris/document/document.jsf?docid=147847&doclang…
- 21“Major reform of intellectual property comes into force,” UK Department for Business, Innovation and Skills, September 30, 2014, https://www.gov.uk/government/news/major-reform-of-intellectual-propert…
- 22Ofcom, “Site blocking” to reduce online copyright infringement,” May 27, 2010 https://assets.publishing.service.gov.uk/government/uploads/system/uplo…
- 23Jim Killock, “Website blocking orders made more transparent,” Open Rights Group, December 5, 2014, https://www.openrightsgroup.org/blog/2014/website-blocking-orders-made-….
- 24451 Unavailable, “UK Blocking Orders,” https://www.451unavailable.org/uk-blocking-orders/
- 25Blocked! “The personal cost of filters,” https://www.blocked.org.uk/personal-stories
- 26Blocked! “Frequently Asked Questions,” https://www.blocked.org.uk/faqs
- 27O2, “Site Checker,” http://urlchecker18plus.o2.co.uk/
- 28BBFC, “Mobile Content: Framework,” http://www.bbfc.co.uk/what-classification/mobile-content/framework. In 2013, the British Board of Film Classification took over this function from the Independent Mobile Classification Body. See, BBFC, “BBFC replaces the Independent Mobile Classification Board (IMCB) as the regulation framework provider for mobile internet content,” July 1, 2013, http://www.bbfc.co.uk/about-bbfc/media-centre/bbfc-replaces-independent…
- 29BBFC, “Quarterly Report,” http://www.bbfc.co.uk/what-classification/mobile-content/quarterly-repo…
- 30Directive 2000/31/EC of the European Parliament http://eur-lex.europa.eu/legal-content/en/ALL/?uri=CELEX%3A32000L0031
- 31Mike Masnick, “Did UK Gov’t Already effectively Outlaw Anonymity Online With Its New Defamation Law?,” TechDirt, August 11, 2014, https://www.techdirt.com/articles/20140807/17234928145/did-uk-govt-alre…
- 32Eric Goldman, “UK’s New Defamation Law May Accelerate The Death of Anonymous User-Generated Content Internationally,” Forbes, Sept. 9, 2014, http://www.forbes.com/sites/ericgoldman/2013/05/09/uks-new-defamation-l…; Mike Masnick, “Did UK Gov’t Already effectively Outlaw Anonymity Online With Its New Defamation Law?,” TechDirt, Aug. 11, 2014, https://www.techdirt.com/articles/20140807/17234928145/did-uk-govt-alre….
Do online journalists, commentators, and ordinary users practice self-censorship? | 3.003 4.004 |
Self-censorship, though difficult to assess, is not understood to be a widespread problem in the UK. However, due to factors including the government’s extensive surveillance practices, it appears likely that some users censor themselves when discussing sensitive topics to avoid potential government intervention or other repercussions (see C5).1
- 1Nik Williams, “Writers silenced by surveillance: self-censorship in the age of big data,” Open Democracy, December 14, 2018 https://www.opendemocracy.net/en/opendemocracyuk/writers-silenced-by-su…
Are online sources of information controlled or manipulated by the government or other powerful actors to advance a particular political interest? | 3.003 4.004 |
Concerns about content manipulation have increased in recent years, with foreign, partisan, and extremist groups allegedly using automated “bot” accounts, fabricated news, and altered images to shape discussions on social networks.
There is no evidence of widespread government manipulation of online content. However, there have been a number of allegations that the information environment was manipulated surrounding the 2016 Brexit referendum and the June 2017 elections, adding to the polarization of online political discourse. In the lead-up to the referendum, targeted online ads distributed by Leave campaign groups on Facebook included misleading statistics and wild claims, with one even accusing the EU of seeking to ban teakettles.1 In May 2017, Facebook reported that it had removed tens of thousands of fake accounts to limit the impact of deliberately misleading information disguised to look like news reports, which spread online prior to the elections.2 It was not clear whether those circulating the fake reports had a coherent agenda or how significant their influence was. One group accused Facebook and Twitter of failing to curb disinformation that depicted Muslims and migrants in a negative light.3 A recent study by the group Hope Not Hate separately examined anti-Muslim activists’ exploitation of terrorist attacks in the UK to spread their views on social media.4
There have been a number of reports about the influence of foreign states, especially Russia, on the Brexit referendum. Platforms such as Facebook and Twitter initially denied that there was substantial interference.5 However, these denials were met with skepticism, and there are continuing inquiries into the alleged meddling. After accusing Russia of waging a disinformation campaign to sow discord in democratic countries,6 Prime Minister Theresa May in January 2018 announced plans to establish a national security communications unit tasked with combating disinformation by state actors and others.7
A parliamentary inquiry into social media interference intensified in March 2018, when Christopher Wylie, a former employee at the data analytics company Cambridge Analytica, claimed that the firm had illegally obtained information on millions of accounts from Facebook and developed techniques for categorizing and influencing potential voters.8
The report on disinformation and “fake news” published in February 2019 by Parliament’s Digital, Culture, Media, and Sport Committee specifically addressed Facebook’s purported role in facilitating the spread of disinformation.9 The report called for electoral law reforms as well as the establishment of intermediary liability to help address the problem (see B3).
- 1Andrew Woodcock, “Facebook releases details of Leave campaign ads targeted at users,” The Scotsman, July 26, 2018, https://www.scotsman.com/news/uk/facebook-releases-details-of-leave-cam…
- 2Mark Scott, “Facebook Aims to Tackle Fake News Ahead of U.K. Election,” New York Times, May 8, 2017, https://www.nytimes.com/2017/05/08/technology/uk-election-facebook-fake…
- 3AOL, “Facebook and Twitter fail to remove misleading Britain First videos,” June 7, 2017, http://www.aol.co.uk/news/2017/06/07/facebook-and-twitter-fail-to-remov…
- 4Hope Not Hate, “Bots, fake news and the anti-Muslim message on social media,” https://www.hopenothate.org.uk/bots-fake-news-anti-muslim-message-socia…
- 5Rory Cellan-Jones, “Facebook and Twitter: Nine Russian Brexit ads found by inquiries,” BBC News, December 13, 2017, http://www.bbc.co.uk/news/technology-42342216
- 6“Theresa May accuses Vladimir Putin of election meddling,” BBC News, November 14, 2017, https://www.bbc.com/news/uk-politics-41973043
- 7Adan Bienkov, “Theresa May is setting up a 'fake news' unit to fight Russian propaganda,” Business Insider, January 23, 2018, http://uk.businessinsider.com/theresa-may-fake-news-national-security-c…
- 8Parliament. UK, Commons Select Committee “Committee to push for Zuckerberg evidence after Facebook CTO fails to answer questions fully,” April 26, 2018 https://www.parliament.uk/business/committees/committees-a-z/commons-se…
- 9Parliament.uk, “Disinformation and ‘fake news’: Final Report published,” February 18, 2019 https://www.parliament.uk/business/committees/committees-a-z/commons-se…
Are there economic or regulatory constraints that negatively affect users’ ability to publish content online? | 3.003 3.003 |
Online media outlets face economic constraints that negatively impact their financial sustainability, but these are the result of market forces, not political intervention.
Publishers have struggled to find a profitable model for their digital platforms, though more than half of the population reportedly consumes news online. In 2018, a survey found that 64 percent of adults used the internet to access news, social media being the most popular online source.1
Ofcom is responsible for enforcing the EU’s 2015 Open Internet Regulation, which includes an obligation for ISPs to ensure net neutrality—the principle that internet traffic should not be throttled, blocked, or otherwise disadvantaged based on its content. It remains to be seen whether the Brexit process will lead the UK government to change its policy on net neutrality or maintain its current approach.
- 1Ofcom, “News Consumption in the UK: 2018,” https://www.ofcom.org.uk/__data/assets/pdf_file/0024/116529/news-consum…
Does the online information landscape lack diversity? | 4.004 4.004 |
The online information landscape is diverse and lively. Users have access to the online content of virtually all national and international news organizations. While there are a range of sources that present diverse views and appeal to various audiences and communities, the ownership of leading news outlets is relatively concentrated,1 and particular media groups have been accused of political bias.
The publicly funded British Broadcasting Corporation (BBC), which maintains an extensive online presence, has an explicit diversity and inclusion strategy, aiming to increase the representation of different sexualities, age ranges, and ethnic and religious groups, as well as addressing gender.2 Similar models have been adopted by other national broadcasters.3
- 1Ed Jones, “Five reasons we don’t have a free and independent press in the UK and what we can do about it” OpenDemocracy.org, April 18, 2019 https://www.opendemocracy.net/en/opendemocracyuk/five-reasons-why-we-do…
- 2BBC, “Diversity,” https://www.bbc.com/diversity/
- 3Channel 4 “Diversity” https://www.channel4.com/corporate/about-4/operating-responsibly/divers…
Do conditions impede users’ ability to mobilize, form communities, and campaign, particularly on political and social issues? | 6.006 6.006 |
Online mobilization tools are freely available, and collective action continues to grow in terms of both numbers of participants and numbers of campaigns. Some groups use digital tools to document and combat bigotry, including Tell MAMA (Measuring Anti-Muslim Attacks), which tracks reports of attacks or abuse submitted by British Muslims online.1 Petition and advocacy platforms such as 38 Degrees and AVAAZ have emerged, and civil society organizations view online communication as an indispensable part of any campaign strategy, though the efficacy of online mobilization per se remains subject to debate.
- 1CBS/AP, “Worrying rise in racist abuse linked to Brexit?” June 29, 2016, http://www.cbsnews.com/news/brexit-increase-racist-anti-immigrant-musli…
The government has placed significant emphasis on stopping the dissemination of terrorist content and hate speech online, and on protecting individuals from targeted harassment on social media. While users are generally free from arrest, prosecution, or extralegal violence in response to their online activity, user rights are undermined by extensive surveillance for law enforcement and foreign intelligence purposes. A new counterterrorism law was enacted in February 2019, raising concerns that its broad provisions could be used to improperly limit speech and access to information.
Do the constitution or other laws fail to protect rights such as freedom of expression, access to information, and press freedom, including on the internet, and are they enforced by a judiciary that lacks independence? | 5.005 6.006 |
The UK does not have a written constitution or similarly comprehensive legislation that defines the scope of governmental power and its relation to individual rights. Instead, constitutional powers and individual rights are addressed in various statutes, common law, and conventions. The provisions of the European Convention on Human Rights were adopted into law via the Human Rights Act 1998. In 2014, Conservative Party officials announced their intention to repeal the Human Rights Act in favor of a UK Bill of Rights in order to give British courts more control over the application of human rights principles.1 During the 2017 election campaign, Prime Minister Theresa May initially scaled back those ambitions.2 However, in June 2017 she reopened the possibility of significantly amending human rights legislation to allow more aggressive measures against terrorism in light of high-profile attacks in Manchester and London.3 No such legal changes were enacted during the coverage period.
- 1Oliver Wright, “David Cameron to ‘scrap’ Human Rights Act for new ‘British Bill of Rights,’” The Independent, October 1, 2014, http://www.independent.co.uk/news/uk/politics/conservative-party-confer…
- 2Samuel Obsborne, “Conservative manifesto: Theresa May announces UK will remain part of European Convention of Human Rights,” The Independent, May 18, 2017, http://www.independent.co.uk/news/uk/politics/conservative-manifesto-uk…
- 3“Theresa May: Human rights laws could change for terror fight,” BBC News, June 7, 2017, http://www.bbc.co.uk/news/election-2017-40181444
Are there laws that assign criminal penalties or civil liability for online activities? | 2.002 4.004 |
Political expression and other forms of online speech or activity are generally protected, but there are legal restrictions on hate speech, online harassment, and copyright infringement, and some measures—including a new counterterrorism law—could be applied in ways that violate international human rights standards.
The Counter-Terrorism and Border Security Act, which received royal assent in February 2019, included several provisions related to online activity (see C5).1 The legislation, intended to update the Terrorism Act 2000, came in response to attacks in London and Manchester in 2017, among other events.2 The new provisions make it an offense to view terrorist material (as defined in the act) over the internet. Individuals can face up to 15 years in prison for viewing or accessing material that is useful or likely to be useful in preparing or committing a terrorist act, even if there is no demonstrated intent to commit such acts. The law includes exceptions for journalists or academic researchers who access such materials in the course of their work, but it does not address other possible circumstances in which access might be legitimate.3 “Reckless” expressions of support for banned organizations are also criminalized under the law. A number of civil society organizations argued that the legislation was dangerously broad, with unclear definitions that could be abused.4
Stringent bans on hate speech are encapsulated in a number of laws (see Table 1), and some rights groups have said they are too vaguely worded. Defining what constitutes an offense has been made more difficult by the development of new communications platforms, and prosecutions are becoming more common (see C3).
Table 1: List of Legislation Regarding Offensive Speech
The Crown Prosecution Service (CPS) publishes specific guidelines for the prosecution of crimes “committed by the sending of a communication via social media.”9 Updates in 2014 placed digital harassment offenses committed with the intent to coerce the victims into sexual activity under the Sexual Offences Act 2003, which carries a maximum of 14 years in prison.10 Revised guidelines issued in March 2016 identified four categories of communications that are subject to possible prosecution: credible threats; abusive communications targeting specific individuals; breaches of court orders; and grossly offensive, false, obscene, or indecent communications.11 They also advised prosecutors to consider the age and maturity of the user in question. Some observers said this could restrict the creation of pseudonymous accounts, though only in conjunction with activity that is considered abusive.12 In October 2016, the CPS updated its guidelines again to cover more abusive online behaviors, including organized harassment campaigns or “mobbing,” and doxing, the deliberate and unauthorized publication of personal information online to facilitate harassment.13
The Copyright, Designs, and Patents Act 1988 carries a maximum two-year prison sentence for offenses committed online. In 2015, the government held a public consultation regarding a proposal to increase the sentence to 10 years. Of the 1,011 responses, only 21 supported the proposal,14 but a 2016 government consultation paper announced plans to introduce an amendment that included the 10-year maximum sentence “at the earliest available legislative opportunity.”15 The penalty was ultimately incorporated into the Digital Economy Act 2017.
The libel laws in England and Wales have historically tended to favor the plaintiff, leading foreign litigants to file suits that had only a tenuous connection to the UK, a phenomenon known as “libel tourism.” The Defamation Act 2013 was intended to address the problem by requiring claimants to prove that England and Wales are the most appropriate forum for the action, setting a serious-harm threshold for claims, and codifying certain defenses such as truth and honest opinion. In recent years, the overall number of defamation cases in the UK has fallen.16
- 1Parliament.uk, “Counter-Terrorism and Border Security Act 2019” https://services.parliament.uk/Bills/2017-19/counterterrorismandborders…
- 2Robbie Stern, “New U.K. Border Security Law: A Frightening Response to the Skripal Poisoning,” Just Security, March 20, 2019 https://www.justsecurity.org/63305/new-u-k-border-security-law-a-fright…
- 3Parliament.uk, “Counter-Terrorism and Border Security Act 2019” http://www.legislation.gov.uk/ukpga/2019/3/section/3/enacted
- 4EDRi, “New UK counter-terrorism law limist online freedom”, February 27, 2019 https://edri.org/new-uk-counter-terrorism-law-limits-online-freedoms/; “UK: Amend Flawed Counterterrorism Bill,” Human Rights Watch, October 15, 2018 https://www.hrw.org/news/2018/10/15/uk-amend-flawed-counterterrorism-bi…; Jamie Grierson, “Counter-terror bill is a threat to press freedom, say campaigners,” The Guardian, October 24, 2018 https://www.theguardian.com/media/2018/oct/25/counter-terror-bill-is-a-…
- 5Adam Wagner, “Public insults to be legalised but grossly offensive messages still criminal”, The UK Human Rights Blog, January 15, 2013 https://ukhumanrightsblog.com/2013/01/15/public-insults-to-be-legalised…; The Crown Prosecution Service, “Public Order Offences incorporating the Charging Standard” http://www.cps.gov.uk/legal/p_to_r/public_order_offences/#Section_5
- 6Ministry of Justice and The Rt Hon Chris Grayling MP, “Internet trolls to face 2 years in prison,” Gov.uk, October 20, 2014, https://www.gov.uk/government/news/internet-trolls-to-face-2-years-in-p…
- 7These offenses were previously confined to the magistrates' courts, but the new law, effective in England and Wales as of April 13, 2015, allows the crown court to hear the more serious offenses, since it can issue higher prison sentences. The changes also extended the time limit to bring charges for these offenses to three years from the date of the offense. See, “’Revenge porn’ illegal under new law in England and Wales,” BBC, February 12, 2015, http://www.bbc.co.uk/news/uk-31429026; “Internet trolls face up to two years in jail under new laws,” BBC, October 19, 2014, http://www.bbc.co.uk/news/uk-29678989; Ministry of Justice and The Rt Hon Chris Grayling MP, “Internet trolls to face 2 years in prison,” Gov.uk, October 20, 2014, https://www.gov.uk/government/news/internet-trolls-to-face-2-years-in-p….
- 8Claire Overman, Andrew Wheelhouse, “Papa Don’t Preach (You May be Found Guilty of Hate Speech),” Oxford Human Rights Hub, March 22, 2016, http://ohrh.law.ox.ac.uk/papa-dont-preach-you-may-be-found-guilty-of-ha…
- 9The Crown Prosecution Service, “Guidelines on prosecuting cases involving communications sent via social media,” http://www.cps.gov.uk/legal/a_to_c/communications_sent_via_social_media/
- 10“Guidelines on prosecuting cases involving communications sent via social media,” Crown Prosecution Service, amended October 2014, www.parliament.uk/documents/lords-committees/communications/socialmedia…; Owen Bowcott, “Revenge porn could lead to 14-year-sentence, new guidelines clarify,” The Guardian, October 7, 2014, www.theguardian.com/law/2014/oct/07/revenge-porn-14-year-sentence-cps-g….
- 11CPS, “New guidelines published on the prosecution of those who abuse victims online,” March 3, 2016, https://web.archive.org/web/20171120124500/http://www.cps.gov.uk/news/l…
- 12David Barrett, “Faking social media accounts could lead to criminal charges,” The Telegraph, March 3, 2016 http://www.telegraph.co.uk/news/uknews/crime/12180782/Faking-social-med….
- 13Crown Prosecution Service, “CPS publishes new social media guidance and launches Hate Crime consultation,” October 10, 2016, https://web.archive.org/web/20161013201133/www.cps.gov.uk/news/latest_n…
- 14Intellectual Property Office, “Summary of responses: Consultation on changes to the penalties…,” https://assets.publishing.service.gov.uk/government/uploads/system/uplo…
- 15Intellectual Property Office, “Criminal Sanctions for Online Copyright Infringement: Government Consultation Response,” https://assets.publishing.service.gov.uk/government/uploads/system/uplo…
- 16“Judicial Statistics, 2015: Issued defamation claims down by 40%, the second lowest number since 1992,” Inforrm, June 4, 2016 https://inforrm.wordpress.com/2016/06/04/judicial-statistics-2015-issue…; Michael Cross, “Defamation cases slump to nine-year low”, The Law Society Gazette, May 30, 2017, https://www.lawgazette.co.uk/law/defamation-cases-slump-to-nine-year-lo…
Are individuals penalized for online activities? | 5.005 6.006 |
Police have arrested internet users for promoting terrorism, issuing threats, or engaging in racist abuse, and in some past cases the authorities have been accused of overreaching in their enforcement efforts. However, prison sentences for political, social, and cultural speech remain rare.
Guidelines clarifying the scope of offenses involving digital communications may be helping to cut down on the more problematic speech-related prosecutions observed in the past (see C2). The scale of arrests remains a concern, though many investigations are dropped before prosecution. Figures obtained by the Times newspaper showed that in 2016 and 2017, more than 3,000 individuals had been detained and questioned for offensive online comments under Section 127 of the Communications Act.1
Local police departments have the discretion to pursue criminal complaints that would be treated as civil cases in many democracies. Some cases of offensive humor have been prosecuted. In early 2016, for example, police in Scotland detained 28-year-old Markus Meechan after he uploaded a YouTube video of himself teaching his girlfriend’s dog to perform a Nazi salute as a prank.2 Meechan was convicted of breaching Section 127 of the Communications Act 2003,3 and in April 2018 he was ordered to pay a fine of ₤800 ($1,000).4 He refused, arguing that the penalty set a dangerous precedent, and held a fundraiser for an appeal.5 The appeal was raised to the High Court of the Judiciary in Scotland with the aim of a hearing before the Supreme Court of the United Kingdom, but in January 2019 the Scottish High Court judges rejected the move.6
In another case of offensive humor from November 2018, a group of friends at a party burned an effigy of the Grenfell Tower—a public housing facility in London where a fast-moving fire had killed more than 70 people in June 2017—and posted video of the act to their WhatsApp group. The video was subsequently uploaded to YouTube, where it spread widely and received public condemnation. There was a police investigation,7 and one of the accused, Paul Bussetti, was charged under the Communications Act 2003.8 In August 2019, after the end of the coverage period, Bussetti was found not guilty.9
- 1Charlie Parker, “Police arresting nine people a day in fight against web trolls,” The Times, October 12, 2017, https://www.thetimes.co.uk/article/police-arresting-nine-people-a-day-i…
- 2In the clip, Meechan states, “My girlfriend is always ranting and raving about how cute her dog is so I thought I would turn her into the least cute thing you could think of, which is a Nazi.”: “Police arrest 'Nazi dog' owner who trained his pet to respond to anti-jewish slurs for viral video,” Daily Record, May 9, 206 http://www.dailyrecord.co.uk/news/scottish-news/police-arrest-nazi-dog-…
- 3An individual is liable under this section if they “sends by means of a public electronic communications network a message or other matter that is grossly offensive or of an indecent, obscene or menacing character.” http://www.legislation.gov.uk/ukpga/2003/21/contents
- 4“ 'Nazi dog' owner fined £800 after posting footage to YouTube, “The National, April 23, 2018, http://www.thenational.scot/news/16177350._Nazi_dog__owner_s_punishment…
- 5“Man fined for Nazi pug video raises more than £100k for appeal,” The Scotsman, April 25, 2018, https://www.scotsman.com/regions/glasgow-strathclyde/man-fined-for-nazi…
- 6“Supreme Court appeal blocked for man in Pug Nazi salute case”, BBC News, January 22, 2019 https://www.bbc.co.uk/news/uk-scotland-glasgow-west-46959556
- 7“Grenfell Tower bonfire: Police search property”, BBC News, November 6, 2018 https://www.bbc.co.uk/news/uk-46106224
- 8“Grenfell Tower: Man please not guilty over effigy burning video,” BBC News, April 30, 2019, https://www.bbc.com/news/uk-england-london-48105945
- 9“Man cleared over burning Grenfell effigy film,” BBC News, August 22, 2019 https://www.bbc.com/news/uk-england-london-49435117
Does the government place restrictions on anonymous communication or encryption? | 2.002 4.004 |
Users are not required to register to obtain a SIM card, allowing for the anonymous use of mobile devices.1 However, some laws provide authorities with the means to undermine encryption, and security officials have pushed for further powers.
There are several legal provisions that could allow authorities to compel decryption or require a user to disclose passwords, including the Regulation of Investigatory Powers Act 2000, the Terrorism Act 2000, and the Investigatory Powers Act 2016 (see C5 and C6).2 Although such powers are seldom invoked in practice, some users have faced detention for failure to provide passwords.3
In late 2018, GCHQ representatives released a proposal, the so-called “Ghost Proposal,” calling for more cooperation mechanisms between communications services and intelligence bodies that would allow the decryption of criminal and terrorist communications in “exceptional” circumstances.4 The proposal would require companies to facilitate the addition of “ghost” users—law enforcement agents—to encrypted conversations without the knowledge of participants. Civil society organizations, service providers, technology platforms, and other experts criticized the idea as a serious infringement on privacy that would undermine cybersecurity.5
Recent legal changes requiring age verification for access to online pornography have also threatened anonymity (see B3). Enforcement of the rules has been beset by delays,6 however, with no specified implementation date as of October 2019.7
- 1Privacy International, “Timeline of SIM Card Registration Laws,” June 11, 2019 https://privacyinternational.org/long-read/3018/timeline-sim-card-regis…
- 2Alex Hern, “UK government can force encryption removal, but fears losing, experts say,” The Guardian, March 29, 2017 https://www.theguardian.com/technology/2017/mar/29/uk-government-encryp…; Saunders Law, “Prosecuted for your password,” January 23, 2018 https://www.saunders.co.uk/news/prosecuted-for-your-password.html; Daniel Severson, “The Encryption Debate in Europe,” The Hoover Institute, March 21, 2017 https://www.hoover.org/sites/default/files/research/docs/severson_webre…
- 3Dell Cameron, “Why This Man Is Risking Jail by Refusing to Surrender Passwords at a London Airport [Updated],” Gizmodo, May 16, 2017 https://gizmodo.com/why-this-man-is-risking-jail-by-refusing-to-surrend…
- 4Ian Levy, Crispin Robinson, “Principles for a More Informed Exceptional Access Debate,” Lawfare, November 29, 2018 https://www.lawfareblog.com/principles-more-informed-exceptional-access…
- 5Sharon Bradford Franklin, Andi Wilson Thompson, “Open Letter to GCHQ on the Threats Posed by the Ghost Proposal,” Lawfare, May 30, 2019 https://www.lawfareblog.com/open-letter-gchq-threats-posed-ghost-propos…
- 6Department for Digital, Culture, Media & Sport, “Age-verification for online pornography to begin in July,” Gov.uk, 17, 2019 https://www.gov.uk/government/news/age-verification-for-online-pornogra…
- 7Helen Johnson, “Porn block: UK porn website ban delayed – how new proof of age laws will (eventually) work”, INews, July 24, 2019 https://inews.co.uk/news/technology/porn-block-free-website-ban-when-da…
Does state surveillance of internet activities infringe on users’ right to privacy? | 2.002 6.006 |
The UK authorities are known to engage in surveillance of digital communications, including mass surveillance, for intelligence, law enforcement, and counterterrorism purposes. A 2016 law introduced some oversight mechanisms to prevent abuses, but it also authorized bulk collection of communications data and other problematic practices. A 2019 counterterrorism law empowered border officials to search travelers’ devices, undermining the privacy of their online activity.
The Counter-Terrorism and Border Security Act (see C2) gives border agents the ability to search electronic devices at border crossings and ports of entry with the aim of detecting “hostile activity”—a broad category including actions that threaten national security, threaten the economic well-being of the country in a way that touches on security, or are serious crimes. However, border agents do not need to have a ”reasonable suspicion” that an individual is engaged in “hostile activity,” giving them broad discretion to stop and search travelers.1 Those detained are required to provide information when requested by border officers, including the passwords to unlock devices.2
In September 2018, the European Court of Human Rights found that parts of the UK’s bulk surveillance regime under the Regulation of Investigatory Powers Act 2000 (RIPA) violated the European Convention on Human Rights, specifically its provisions on privacy and free expression, noting that, for example, there were insufficient safeguards to protect confidential journalistic material.3 However, the court controversially ruled that bulk surveillance was not always incompatible with human rights and could fall within a state’s “margin of appreciation in choosing how best to achieve” national security.4 The ruling addressed three petitions filed by UK civil society groups and individuals following former US National Security Agency contractor Edward Snowden’s 2013 revelations about UK surveillance.5 Some of the problems that were raised in the case were addressed in the Investigatory Powers Act 2016 (IP Act).
The IP Act codified law enforcement and intelligence agencies’ surveillance powers in a single omnibus law, whereas they were previously scattered across multiple statutes and authorities.6 It covers interception, equipment interference, and data retention, among other topics.7 In general, the IP Act has been criticized by industry associations, civil rights groups, and the wider public, particularly regarding the range of powers it authorizes and its legalization of bulk data collection.8
The act specifically enables the bulk interception and acquisition of communications data sent or received by individuals outside the UK, as well as bulk equipment interference involving “overseas-related” communications and information. When both the sender and receiver of a communication are in the UK, targeted warrants are required, though several individuals, groups, or organizations may be covered under a single warrant in connection with a single investigation. Moreover, the internet’s distributed architecture means that privacy protections based on an individual’s physical location are highly porous. Communications exchanged within the UK may be routed overseas, a fact that intelligence agencies have exploited in the past to conduct bulk surveillance programs like Tempora (see below).
Part 7 of the IP Act introduced warrant requirements for intelligence agencies to retain or examine “personal data relating to a number of individuals” where “the majority of the individuals are not, and are unlikely to become, of interest to the intelligence service in the exercise of its functions.”9 Datasets may be “acquired using investigatory powers, from other public sector bodies or commercially from the private sector.”10 An initial examination of bulk datasets must occur within three months “where the set of information was created in the United Kingdom” and within six months otherwise (Section 220).
The IP Act established a new commissioner appointed by the prime minister to oversee investigatory powers under Section 227. Adrian Fulford, an appeals court judge, was appointed to the role in March 2017.11 The law includes some other safeguards, such as “double-lock” interception warrants. These require approval from both the relevant secretary of state and an independent judge, though the secretary alone can approve urgent warrants. Under Section 32, urgent warrants last five days; others expire after six months unless renewed under the same double-lock procedure. The act allows authorities to prohibit telecommunications providers from disclosing the existence of a warrant. Intercepting authorities that may apply for targeted warrants include police commissioners, intelligence service heads, and revenue and customs commissioners.12 Applications for bulk interception, bulk equipment interference, and bulk personal dataset warrants can only be made to the secretary of state “on behalf of the head of an intelligence service by a person holding office under the Crown” and must be reviewed by a judge.
Bulk surveillance is an especially contentious issue in the UK because intelligence agencies developed secret programs under older laws that bypassed oversight mechanisms and any means of redress for affected individuals. These programs affected an untold number of people within the UK, even if they were meant to have only foreign targets. Tempora, a secret surveillance project documented in the Snowden leaks, is one example. A number of other legislative measures authorized surveillance,13 including RIPA.14 RIPA was not repealed by the IP Act, though many of its competences were transferred to the newer legislation. A clause within Part I of RIPA allowed the foreign or home secretary to sign off on bulk surveillance of communications data arriving from or departing to foreign soil, providing the legal basis for Tempora.15 Since the UK’s fiber-optic network often routes domestic traffic through international cables, this provision legitimized mass surveillance of UK residents.16 Working with telecommunications companies, GCHQ installed interception probes at the British landing points of undersea fiber-optic cables, giving the agency direct access to data carried by hundreds of cables, including private calls and messages.17
The Investigatory Powers Tribunal was established under RIPA to adjudicate disputes regarding government surveillance. It found procedural irregularities in the retention of communications intercepted from Amnesty International and the South Africa–based Legal Resources Center, though it concluded that the interception itself was lawful.18 In early 2016, the tribunal ruled that computer network exploitation carried out by GCHQ was in principle lawful within the limitations in the European Convention on Human Rights.19 The tribunal also noted that network exploitation is legal if the warrant is as specific and narrow as possible.
In July 2016, the Investigatory Powers Tribunal found that bulk data collection by GCHQ and two other intelligence agencies, known as MI5 and MI6, was unlawful from March 1998 until the practice was disclosed in November 2015.20 The practice had been authorized under Section 94 of the Telecommunications Act 1984, which the Interception of Communications Commissioner described in June 2016 as lacking “any provision for independent oversight or any requirements for the keeping of records.”21 The tribunal also said that the use of bulk personal datasets by GCHQ and MI5, commencing in 2006, was likewise unlawful until disclosed in March 2015. The datasets contained personal information that could include financial, health, and travel data as well as communications details.22 There were hearings in June and October 2017 on the process and legality of collecting and sharing these datasets.23
UK authorities have been known to monitor social media platforms.24 In London, for example, police reportedly monitored nearly 9,000 activists from across the political spectrum—many of whom had no criminal background—using geolocation tracking and sentiment analysis of data scraped from Facebook, Twitter, and other platforms.25 This information was then compiled in secret dossiers on each campaigner. In another example, the Online Hate Speech Dashboard, a joint project led by the National Online Hate Crime Hub of the National Police Chiefs’ Council and Cardiff University, received ₤1 million ($1.3 million) in 2018 to use artificial intelligence for real-time monitoring of social media platforms meant to identify hate speech and “preempt hate crimes.”26
- 1Robbie Stern, “New U.K. Border Security Law: A Frightening Response to the Skripal Poisoning,” Just Security, March 20, 2019 https://www.justsecurity.org/63305/new-u-k-border-security-law-a-fright…
- 2Index on Censorship, “New UK counter-terrorism law limits online freedoms,” edri.org, February 27, 2019 https://edri.org/new-uk-counter-terrorism-law-limits-online-freedoms/
- 3European Court of Human Rights, Case Of Big Brother Watch And Others V. The United Kingdom, September 13, 2018 https://hudoc.echr.coe.int/eng#{%22itemid%22:[%22001-186048%22]}; Natasha Lomas, “UK’s mass surveillance regime violated human rights law, finds ECHR,” Tech Crunch, September 13, 2018, https://techcrunch.com/2018/09/13/uks-mass-surveillance-regime-violated…; Privacy International, “UK mass interception law violates human rights - but the fight against mass surveillance continues,” September 13, 2018 https://privacyinternational.org/feature/2267/uk-mass-interception-law-…
- 4Privacy International, “UK mass interception law violates human rights - but the fight against mass surveillance continues,” September 13, 2018 https://privacyinternational.org/feature/2267/uk-mass-interception-law-…
- 5Mana Azarmi, Greg Nojeim, “Court Blesses Bulk Surveillance But Tells UK You’re Doing It Wrong,” Center for Democracy and Technology, October 2, 2018 https://cdt.org/blog/court-blesses-bulk-surveillance-but-tells-uk-youre…
- 6UK Home Office, “Investigatory Powers Bill,” March 1, 2016, https://www.gov.uk/government/collections/investigatory-powers-bill
- 7Investigatory Powers Act 2016, http://www.legislation.gov.uk/ukpga/2016/25/contents/enacted
- 8Andrew Griffin, “Investigatory Powers Act goes into Force, Putting UK Citizens under Intense New Spying Regime,” The Independent, December 31, 2016, https://www.independent.co.uk/life-style/gadgets-and-tech/news/investig…
- 9Investigatory Powers Act 2016, Part 7 http://www.legislation.gov.uk/ukpga/2016/25/part/7/enacted
- 10“Investigatory Powers Bill: Bulk Personal Datasets” https://www.gov.uk/government/uploads/system/uploads/attachment_data/fi…
- 11Prime Minister’s Office, “Investigatory Powers Commissioner appointed: Lord Justice Fulford,” March 3, 2017 https://www.gov.uk/government/news/investigatory-powers-commissioner-ap….
- 12“Investigatory Powers Act 2016, Section 18,” legislative.gov.uk http://www.legislation.gov.uk/ukpga/2016/25/section/18/enacted.
- 13“Surveillance Road Map: A Shared Approach to the Regulation of Surveillance in the United Kingdom,” ICO, February 14, 2014, https://assets.publishing.service.gov.uk/government/uploads/system/uplo…
- 14Regulation of Investigatory Powers Act 2000, http://www.legislation.gov.uk/ukpga/2000/23/contents; “Explanatory Notes” to Regulation of Investigatory Powers Act 2000, http://www.legislation.gov.uk/ukpga/2000/23/notes/contents
- 15Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies, James Ball, “GCHQ taps fibre‐optic cables for secret access to world’s communications,” The Guardian, June 21, 2013, http://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-comm…
- 16Nick Hopkins, “NSA and GCHQ spy programmes face legal challenge,” The Guardian, July 8, 2013, http://www.theguardian.com/uk-news/2013/jul/08/nsa-gchq-spy-programmes-…
- 17Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies, James Ball, “GCHQ taps fibre-optic cables for secret access to world's communications,” The Guardian, June 21, 2013, https://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-com…
- 18Investigatory Powers Tribunal, “IPT to Liberty and Others,” July 1, 2015, http://www.ipt-uk.com/docs/IPT_to_Liberty_Others.pdf; Owen Bowcott, “GCHQ's surveillance of two human rights groups ruled illegal by tribunal,” The Guardian, June 22, 2015, http://www.theguardian.com/uk-news/2015/jun/22/gchq-surveillance-two-hu…
- 19Privacy International v. Secretary of State for the Foreign and Commonwealth Office et al. [2016] UKIP Trib 14_85-CH, https://www.ipt-uk.com/docs/Privacy_Greennet_and_Sec_of_State.pdf
- 20Privacy International v Secretary of State of Foreign and Commonwealth Affairs [2016] UKIP Trib 15_110-CH. Available at: http://www.ipt-uk.com/docs/Bulk_Data_Judgment.pdf
- 21The Rt Hon. Sir Stanley Burnton, “Report of the Interception of Communications Commissioner,” 2016, https://assets.publishing.service.gov.uk/government/uploads/system/uplo…
- 22Matt Burgess, “MI6, MI5 and GCHQ 'unlawfully collected private data for 10 years'” Wired, October 17, 2016, http://www.wired.co.uk/article/uk-collect-data-unlawful
- 23“Social media data shared by spy agencies,” BBC News, October 17, 2017, http://www.bbc.co.uk/news/technology-41651840
- 24Privacy International, “How your social media activity is monitored by the police,” March 11, 2019 https://privacyinternational.org/long-read/2722/how-your-social-media-a…; Natasha Lomas, “UK spies using social media data for mass surveillance,” Tech Crunch, October 17, 2017 https://techcrunch.com/2017/10/17/uk-spies-using-social-media-data-for-…
- 25Janus Kopfstein, “UK police secretly monitoring 9,000 political campaigners using social media surveillance,” The Verge, June 26, 2013 https://www.theverge.com/2013/6/26/4467056/uk-police-monitoring-9000-po…;
- 26“Cardiff University to track hate speech and 'triggers',” BBC News, December 13, 2018 https://www.bbc.com/news/uk-wales-46552574; Cardiff University, “Rise in Brexit related hate crime to be focus of new research lab,” December 13, 2018 https://www.cardiff.ac.uk/news/view/1393983-rise-in-brexit-related-hate…
Are service providers and other technology companies required to aid the government in monitoring the communications of their users? | 3.003 6.006 |
Companies are required to capture and retain user data under certain circumstances, though the government issued regulatory changes in 2018 to address flaws in the existing rules. While the government has legal authority to require companies to assist in the decryption of communications, the extent of its use and efficacy in practice remains unclear.
The UK has incorporated the GDPR into domestic law through the Data Protection Act 2018.1 Therefore, even if the Brexit process is completed and the country leaves the EU, the GDPR in its entirety will continue to regulate data protection within the UK.
Data retention provisions under the IP Act allow the secretary of state to issue notices requiring telecommunications providers to capture information about user activity, including browser history, and retain it for up to 12 months. The Data Retention and Investigatory Powers Act 2014 (DRIPA), the older law this requirement was modeled on, was ruled unlawful in the UK and the EU in 2015.2 In January 2018, the Court of Appeal described DRIPA as being inconsistent with European law, since the data collected and retained were not limited to the purpose of fighting serious crime.3 In April 2018, the High Court ruled that part of the IP Act’s data retention provisions similarly violated EU law, and that the government should amend the legislation by November 2018.4
In response, the government issued the Data Retention and Acquiring Regulations 2018, which entered into force in October 2018. The regulations limited the scope of the government’s collection and retention of data, and enhanced the transparency of the process.5 Furthermore, a newly created Office for Communications Data Authorisations would oversee data requests and ensure that official powers are used in accordance with the law.
Another problematic provision of the IP Act enables the government to order companies to decrypt content, though the extent to which companies would be willing or able to comply remains uncertain (see C4).6 Under Section 253, technical capability notices can be used to impose obligations on telecommunications operators both inside and outside the country “relating to the removal … of electronic protection applied by or on behalf of that operator to any communications or data,” among other requirements. The approval process for issuing a technical capability notice is similar to that of an interception warrant.7 After consultations with the industry and civil society groups,8 the government issued the Investigatory Powers (Technical Capability) Regulations 2018 in March 2018, which will govern how the notices are issued and implemented.9 The regulations specify companies’ responsibilities in ensuring that they are able to comply with lawful warrants for communications data.
- 1Gov.uk, “Data Protection” https://www.gov.uk/data-protection#targetText=The%20Data%20Protection%2…
- 2[2015] EWHC 2092 (Admin); Joined Cases C-203/15 and C-698/15 Tele2 Sverige AB v Post- och telestyrelsen and Secretary of State for the Home Department v Tom Watson http://curia.europa.eu/juris/liste.jsf?num=C-203/15
- 3Secretary of State for the Home Department v Watson & Others [2018] EWCA Civ 70, https://www.matrixlaw.co.uk/wp-content/uploads/2018/01/SSHD-v-Watson-Or…
- 4Liberty v Home Office [2018] EWHC 975 (Admin); Full judgement may be found at: https://www.judiciary.gov.uk/wp-content/uploads/2018/04/liberty-v-home-…
- 5Privacy International, “After Watson: Mandatory data retention by telecommunications operators,” August 19, 2019 https://privacyinternational.org/news-analysis/3170/after-watson-mandat…; Cynthia O’Donoghue, Katalina Bateman, “UK government introduces Data Retention and Acquisition Regulations 2018,” Technology Law Dispatch, December 4, 2018 https://www.technologylawdispatch.com/2018/12/regulatory/uk-government-…
- 6Natasha Lomas, “Could the UK be about to break end-to-end encryption?” TechCrunch, May 27, 2017, https://techcrunch.com/2017/05/27/could-the-uk-be-about-to-break-end-to….
- 7Investigatory Powers Act 2016, Section 253, http://www.legislation.gov.uk/ukpga/2016/25/section/253/enacted
- 8Open Rights Group, “Home Office Consultation: Investigatory Powers (Technical Capability) Regulations 2017,” https://www.openrightsgroup.org/ourwork/reports/home-office-consultatio…
- 9The Investigatory Powers (Technical Capability) Regulations 2018 https://www.legislation.gov.uk/uksi/2018/353/made
Are individuals subject to extralegal intimidation or physical violence by state authorities or any other actor in retribution for their online activities? | 4.004 5.005 |
There were no reported instances of violence against internet users in reprisal for their online activities during the coverage period, though cyberbullying, particularly harassment of women, is widespread.1 A recent study found that one in three women members of Parliament had experienced online abuse, harassment, or threats.2 Online harassment of Muslims and other minorities is also a significant problem.3
A 2017 study found an increase in abusive comments targeting politicians on Twitter, which peaked on the day of the 2016 Brexit referendum.4 News reports indicated that hate crimes against minorities increased after the vote to leave the EU, which was driven in part by campaigns that depicted immigration as a threat to the British way of life. However, a 2016 analysis of cyberbullying in different parts of the UK found that regions with high levels of online hate speech or racial intolerance did not necessarily vote in favor of Brexit, and concluded that other issues were also driving the trend.5
- 1Sandra Laville, “Top tech firms urged to step up online abuse fightback,” The Guardian, April 11, 2016, https://www.theguardian.com/technology/2016/apr/11/facebook-twitter-goo….
- 2University of Bradford, “Almost a third of UK MPs experience online abuse and threats,” June 13, 2018 https://www.bradford.ac.uk/news/2018/mp-online-trolling.php
- 3Sarah Marsh, “Record number of anti-Muslim attacks reported in UK last year,” The Guardian, July 20, 2018 https://www.theguardian.com/uk-news/2018/jul/20/record-number-anti-musl…
- 4William Eichler, “Brexit vote marked ‘high point’ of online abuse to MPs, research reveals,” LocalGov, May 23, 2017, https://www.localgov.co.uk/Brexit-vote-marked-high-point-of-online-abus…
- 5Ditch The Label, “,Cyberbullying and Hate Speech” https://www.ditchthelabel.org/research-papers/cyberbullying-and-hate-sp…
Are websites, governmental and private entities, service providers, or individual users subject to widespread hacking and other forms of cyberattack? | 2.002 3.003 |
Nongovernmental organizations, media outlets, and activists are generally not targeted for technical attacks by government or nonstate actors. Financially motivated fraud and hacking continue to present a challenge to authorities and the private sector. Cyberattacks have increased in recent years, and observers have questioned the security of a trend in which various machines, appliances, and objects are connected to the internet, creating what is known as the Internet of Things.1 During 2018, nearly 70 percent of companies and other commercial entities in the UK are reported to have been affected by cyberattacks.2
In March 2019, the information systems of the Police Federation of England and Wales were infected with ransomware—malicious software that blocks access to the contents of a computer or network and demands a ransom payment for access to be restored.3 The federation said there was no evidence that any information was leaked, although its data back-ups were deleted and other information was rendered inaccessible.4 The attack was limited to the federation’s headquarters in Surrey and did not spread to its 43 associated offices.
In May 2017, the National Health Service suffered a ransomware attack affecting 40 organizations, effectively barring workers from patient case files.5 The attack had severe consequences, delaying or denying essential services for vulnerable individuals.6
- 1Andrew Meola, “How the Internet of Things will affect security & privacy,” Business Insider, August 24, 2016, http://www.businessinsider.com/internet-of-things-security-privacy-2016…
- 2Phil Muncaster, “Nearly 70% of UK Firms Hit by a Cyber-Attack in 2018” InfoSecurity Magazine, December 10, 2018, https://www.infosecurity-magazine.com/news/nearly-70-of-uk-firms-hit-by…
- 3Wiltshire Police Federation, “Police association headquarters hit by malware cyber attack,” March 21, 2019 https://www.polfed.org/wilts/news/2019/police-association-headquarters-…
- 4Rene Millman, “Back-ups deleted in Police Federation ransomware attack,” SC Media, March 22, 2019 https://www.scmagazineuk.com/back-ups-deleted-police-federation-ransomw…
- 5“NHS cyber-attack: GPs and hospitals hit by ransomware,” BBC News, May 13, 2017, http://www.bbc.co.uk/news/health-39899646
- 6Shireen Khalil, “WannaCrypt cyber-attack continues to impact NHS trusts,” Digital Health, May 19, 2017, https://www.digitalhealth.net/2017/05/wannacry-impact-ongoing-one-week/


Country Facts
-
Global Freedom Score
93 100 free -
Internet Freedom Score
79 100 free -
Freedom in the World Status
Free -
Networks Restricted
Yes -
Websites Blocked
No -
Pro-government Commentators
No -
Users Arrested
No