A Quick Guide To Current Online Privacy Threats

Privacy & Security Posted on April 24, 2012

A Quick Guide To Current Online Privacy Threats

It may only be April, but 2012 has already seen a worrying number of legislative acts hit the headlines that threaten online privacy. From the entertainment industry-backed SOPA in the USA, to the UK’s surveillance state-issued CCDP, 2012 has seen governments and industries across the western world try to put the brakes on the vibrant, free-thinking, online ecology that has grown over the last decade.

Given our vested interest in securing online anonymity and privacy, the IVPN blog has followed all these threats closely. So we thought it was about time to pause and have a little recap of which pieces of online legislation still pose a threat to the web as we know it, and which have been successfully challenged by public opposition.

A Quick Guide To Online Privacy Legislation

SOPA

The Stop Online Piracy Act was introduced to the United States House of Representatives last October and will probably be remembered as the first major piece of legislation to embed the issue of online privacy firmly in the public consciousness. SOPA was a bill designed to protect the interest of incumbents in the entertainment industry, who have watched their monopolies crumble around them as the internet disrupted traditional business models (and would rather persecute customers than adapt to new technology). However, SOPA’s broad and ill-thought-out drafting would have effectively given copyright holders the power to shut down major sites such as YouTube and Facebook if users posted copyrighted material.

Luckily SOPA will also go down in history as the first attack on online privacy that was successfully defeated by a combination of grass roots activism, new online ‘hactivist’ protests and opposition from big industry players such as Google and Wikipedia. The bill is currently in a state of suspension, but the ‘SOPA’ name is now so tainted that it’s unlikely to surface again.

PIPA

The Protect IP Act is SOPA’s corresponding US Senate bill that aims to give copyright holders the power to shut down websites that it believes infringes on its copyrights. Although PIPA would have essentially given copyright holders the same powers as SOPA, it’s wording was not as extreme and it didn’t directly attack legal services such as YouTube and Facebook. Many journalists and activists therefore believed that SOPA was something of a distraction or a ploy to divert attention away from PIPA. However, outrage over SOPA eventually spread to PIPA also, and in late January Senator Harry Reid said a vote on the bill is postponed – though possible, it doesn’t look like PIPA will be making a return.

ACTA

The Anti-Counterfeiting Trade Agreement is a global trade agreement that, like SOPA, puts the interests of copyright holders before the interests of a free and open web. If ratified, it would result a huge invasion of privacy as ISPs would have to track user browsing. The act was passed in the USA back in 2009, but it only made headlines at the beginning of this year when EU countries began voting on it. ACTA was labelled as the EU version of SOPA and sparked protests right across the continent. ACTA was passed in a number of EU states but 6 states – including Germany and Poland – were forced by popular protest to suspend voting.  EU nations still have until March 2013 to ratify ACTA.

However, Poland has categorically said it will not sign the act and Germany doesn’t look likely to either. Furthermore the EU official who was overseeing ACTA, Kader Arif, resigned from his post, calling the bill “unacceptable”, and attacked the secrecy behind its drafting. The man who replaced him – British MEP David Martin – has also said that ACTA poses too much of a risk to online freedoms to ratify. Hopefully, this opposition means ACTA won’t pass in the EU.

DEA

The UK government’s Digital Economies Act  - rushed through in the dying hours of the Labour government in 2010 - was yet another bill designed to prop-up the ailing businesses of copyright holders in the music and entertainment industries, by forcing internet service providers to spy on potential file sharers. If the users are caught file-sharing more than three times after being warned, then the ISPs will be forced to ban them from the internet. UK ISPs, understandably, didn’t like the idea of becoming an internet police force, and therefore dragged the DEA through the UK courts for two years. Because of protests, two sections of the act, which required ISPs to block copyright-infringing websites, have been removed. But in March, the ISPs battle against the DEA suffered a big defeat, when its court appeal to prevent the bill from entering into law was denied. Barring any further government reviews, the DEA looks set to enter British law.

CCDP

Unlike SOPA, ACTA and the DEA, the Communications Capabilities Development Programme was not the brain child of the entertainment industry, but a UK government initiative to create a mass surveillance scheme to benefit law enforcement. The CCDP basically removes an important layer of judicial oversight between your private emails and any law enforcement agent who wants to spy on them. If it were not for The Times newspaper leaking details about the bill, then we probably wouldn’t even know about it. The CCDP would also mean ISPs have to retain all of your personal data and then hand them over to government without any court order – all it would take is idle suspicion. The CCDP has not yet been passed and since it was leaked there’s been an outcry from the UK public and the press. What happens next depends on how much pressure protesters place on the UK government and whether or not the surveillance plans are technically feasible. For more information on protesting against CCDP check out our guide.

CISPA

The Cyber Intelligence Sharing and Protection Act is the latest threat to emerge from the state lawmakers in the US. But after the failure of SOPA, the US government is re-branding its clamp-down on internet freedoms by invoking the spectre of Chinese cyber terrorism – far more scary than file-sharers. CISPA is slightly less worse than SOPA as it doesn’t give law enforcement the powers to directly shut down websites, but it’s a very vaguely-written piece of legislation that lumps cyber-terrorism together with theft of intellectual property (i.e. file-sharing). So the outcome – internet users being spied on for violating copyright – is essentially the same. The most dangerous aspect of CISPA is that big internet players such as Google and Facebook support the bill, as it takes the weight of policing copyrighted content off their shoulders and hands it to law enforcement agencies. CISPA has not yet been approved and the protest against it is well under-way. Whether or not the protests succeed, like they did against SOPA, is down to the amount of pressure put on politicians, so get involved!

Privacy
We invite you to discuss this post in our Reddit community or on Twitter. You can also send your feedback to blog@ivpn.net.

13 Comments

Dina G

24.04.2012

Good list. Our government is the biggest actual threat to privacy, but as a practical matter, most people are their worst own enemy - friending people on Facebook that they don’t know, posting drunk pics of themselves online that come back to bit them, not using privacy settings, etc. Most online privacy issues can be prevented by common sense. Particularly problematic for many people is seeing how they post personal information on social media, neglect to use privacy settings, and are surprised when their personal information is stolen weeks later. While you can be careful about what you post about yourself, you can’t prevent other people from posting about you. Also problematic for people is how there are sites like DirtyPhoneBook where people post personal information about each that can’t be removed. With Google making all of this information widely available, being vigilant about seeing what people can find out you is critical to maintaining your online reputation. Facebook can do a bit more to prevent people from accidentally messing up their own lives by encouraging more sensible defaults, but in the end people have to be smart about what they post about themselves online, and this doesn’t solve all potential problems. A lot of the government abuses can’t be stopped, but at least you can control your own behavior and minimize the damage that you can do to yourself.

Jack

24.04.2012

Good post, Dennis - thanks.

SOPA of course is the Stop Online Piracy (not, Privacy) Act.

Good Freudian slip though. :-)

anonymous

25.04.2012

Good post, thanks.

Dennis Kügler

25.04.2012

Lol, thanks for pointing that out! It was indeed totally Freudian.

Dennis Kügler

25.04.2012

Thanks for the comment Dina. What you say is very true. I think many people - especially young kids - have no idea about how damaging some of information they post to social networks can be. Everyone does and says stupid things when they’re teenagers, but now it is documented and - in some cases - out there in the public domain for others to see. We did a little roundup of tips to protect privacy here - blog/top-five-ways-to-protect-your-online-privacy

.....

25.04.2012

Relying on the government to protect your privacy is like asking a peeping tom to install your window blinds. - John Perry Barlow

Jason

25.04.2012

Here’s another one, this time in New Zealand: http://www.stuff.co.nz/national/politics/6625136/Search-and-Surveillance-Bill-passes

Dennis Kügler

25.04.2012

Thanks, I’ll stick this into the post when I’ve got a minute. If anyone else has suggestions to add, post them here and we’ll try to make this list more comprehensive.

Chris Cody

25.04.2012

Excellent post! Tbank you. I wonder if intellectual property rights are going to need to be enforced soley by the property owners from now on. Think of a digital ‘Stand Your Ground’ approach.

Stu

26.04.2012

I think the governments are playing a sort of over-reaction catch up game. But it is understandable when Mark Zuckerberg probably owns more valuable information about people in the world than most law enforcement agencies. While the governments may introduce some stupid bills to try and claw back some of the power, or support their powerful music-industry friends - why is no-one worried about the power that Facebook and Google have? At least democratic governments are elected and are supposed to represent/support the people. What is Facebook’s motiviation? Money? Mark originally wanted to pick up girls on campus - is this the guy we want to own all the world’s information? Now with open graph that’s exactly what Facebook wants to do. At least Google have occasionally pretended to want to “do no evil” - but Facebook don’t event pretend.

an independent musician

26.04.2012

Just a reminder that it’s not only big media corporations who are concerned about copyrights - lots of musicians who paid a few thousand dollars to record their album ( not to mention years of practice) want to be paid for their music, too.

Jon H

26.04.2012

Very reasonable viewpoint - but how much of the money extracted by these copyright agencies actually gets back to the small artists, or any artist for that matter. I’ve heard that they keep all the money for their costs…

Dennis Kügler

26.04.2012

The current business model of the recording industry is broken. If the industry had any sense they would have come up with iTunes themselves rather than persecuting their own customers and allowing a software company like Apple to completely pull the rug from under their feet. Luckily the record industry was never that good for regular artists anyway (only the tiny minority that struck it big). Now that the internet has put the means of distribution into everyone’s hands and PCs mean you can record an album in your bedroom, there isn’t much use for the bloated record industry and all its middlemen sucking the artists dry. Sure, the new monetisation models are still finding their feet, because its very early days and the incumbents are still fighting tooth and claw to retain their position. But there are other ways. This techdirt report into how the music industry is actually making more money than ever is pretty interesting - http://www.techdirt.com/skyisrising/
IVPN News

Independent security audit concluded

By Nick Pestell

IVPN News

IVPN applications are now open source

By Viktor Vecsei

Releases

Beta IVPN Linux app released

By Viktor Vecsei

IVPN TunnelCrack vulnerability assessment Privacy & Security

IVPN TunnelCrack vulnerability assessment

Posted on September 7, 2023 by IVPN Staff

Context TunnelCrack is the combination of two independent security vulnerabilities (LocalNet attack and ServerIP attack) that affect VPN applications. The research paper detailing these vulnerabilities was published and presented on 11 August 2023. IVPN apps were not tested by the researchers, and unlike other providers, we did not receive a vulnerability disclosure.
Most people don't need a commercial VPN to work from home securely Privacy & Security

Most people don't need a commercial VPN to work from home securely

Posted on April 7, 2020 by Nick Pestell

Many small businesses and their employees are concerned about the security of their data whilst working from home during the coronavirus pandemic. We see a lot of confusion surrounding this topic, even from fairly technical folk and there is unfortunately a lot of misinformation being spread by commercial VPN providers themselves.
Spotted a mistake or have an idea on how to improve this page?
Suggest an edit on GitHub.