Internet News

The BBFC commented in a recent board meeting minutes:

BBFC Classifiers discussed a policy proposal to allow BBFC age ratings issued by self-rating partners such as Netflix to be made available for wider online use by other VoD services licensed to carry BBFC ratings. This proposal will promote greater ratings consistency across the VoD landscape, to help families make safe and informed viewing decisions.

The Classifiers approved the new policy to be implemented on a 12 month trial basis, after which the BBFC will review its impact and effectiveness.

European police chiefs have called for Europeans to be deprived of basic internet security used to protect against Russian & Chinese spies, scammers, thieves and blackmailers. The police chiefs write:

Joint Declaration of the European Police Chiefs

We, the European Police Chiefs, recognise that law enforcement and the technology industry have a shared duty to keep the public safe, especially children. We have a proud partnership of complementary actions towards that end. That partnership is at risk.

Two key capabilities are crucial to supporting online safety.

First, the ability of technology companies to reactively provide to law enforcement investigations  --  on the basis of a lawful authority with strong safeguards and oversight  -- the data of suspected criminals on their service. This is known as lawful access.

Second, the ability of technology companies proactively to identify illegal and harmful activity on their platforms. This is especially true in regards to detecting users who have a sexual interest in children, exchange images of abuse and seek to commit contact sexual offences. The companies currently have the ability to alert the proper authorities  -- with the result that many thousands of children have been safeguarded, and perpetrators arrested and brought to justice.

These are quite different capabilities, but together they help us save many lives and protect the vulnerable in all our countries on a daily basis from the most heinous of crimes, including but not limited to terrorism, child sexual abuse, human trafficking, drugs smuggling, murder and economic crime. They also provide the evidence that leads to prosecutions and justice for victims of crime.

We are, therefore, deeply concerned that end to end encryption is being rolled out in a way that will undermine both of these capabilities. Companies will not be able to respond effectively to a lawful authority. Nor will they be able to identify or report illegal activity on their platforms. As a result, we will simply not be able to keep the public safe.

Our societies have not previously tolerated spaces that are beyond the reach of law enforcement, where criminals can communicate safely and child abuse can flourish. They should not now. We cannot let ourselves be blinded to crime. We know from the protections afforded by the darkweb how rapidly and extensively criminals exploit such anonymity.

We are committed to supporting the development of critical innovations, such as encryption, as a means of strengthening the cyber security and privacy of citizens. However, we do not accept that there need be a binary choice between cyber security or privacy on the one hand and public safety on the other. Absolutism on either side is not helpful. Our view is that technical solutions do exist; they simply require flexibility from industry as well as from governments. We recognise that the solutions will be different for each capability, and also differ between platforms.

We therefore call on the technology industry to build in security by design, to ensure they maintain the ability to both identify and report harmful and illegal activities, such as child sexual exploitation, and to lawfully and exceptionally act on a lawful authority.

We call on our democratic governments to put in place frameworks that give us the information we need to keep our publics safe.

Trends in crime are deeply concerning and show how offenders increasingly use technology to find and exploit victims and to communicate with each other within and across international boundaries. It must be our shared objective to ensure that those who seek to abuse these platforms are identified and caught, and that the platforms become more safe not less.

See article from reclaimthenet.org

Here we have Europol and the UK's National Crime Agency (NCA), teaming up to attack Meta for the one thing the company is apparently trying to do right. And that's implementing in its products end-to-end encryption (E2EE), the very, necessary, irreplaceable software backbone of a safe and secure internet for everybody. Yet that is what many governments, and here we see the EU via Europol, and the UK, keep attempting to damage.

But mass surveillance is a hard sell, so the established pitch is to link the global and overall internet problem, to that of the safety of children online, and justify it that way.

The Europol executive director, Catherine De Bolle, compared E2EE to sending your child into a room full of strangers and locking the door. And yet, the technological truth and reality of the situation is that undermining E2EE is akin to giving the key to your front door and access to everybody in it, children included, to somebody you trust (say, governments and organizations who like you to take their trustworthiness for granted).

But once a copy of that key is out, it can be obtained and used by anybody out there to get into your house at any time, for any reason. That includes governments and organizations you don't trust or like, straight-up criminals -- and anything active on the web in between.

New Tools to Help Protect Against Sextortion and Intimate Image Abuse

We're testing new features to help protect young people from sextortion and intimate image abuse, and to make it more difficult for potential scammers and criminals to find and interact with teens. We're also testing new ways to help people spot potential sextortion scams, encourage them to report and empower them to say no to anything that makes them feel uncomfortable. We've started sharing more signals about sextortion accounts to other tech companies through Lantern, helping disrupt this criminal activity across the internet.

While people overwhelmingly use DMs to share what they love with their friends, family or favorite creators, sextortion scammers may also use private messages to share or ask for intimate images. To help address this, we'll soon start testing our new nudity protection feature in Instagram DMs, which blurs images detected as containing nudity and encourages people to think twice before sending nude images. This feature is designed not only to protect people from seeing unwanted nudity in their DMs, but also to protect them from scammers who may send nude images to trick people into sending their own images in return.

Nudity protection will be turned on by default for teens under 18 globally, and we'll show a notification to adults encouraging them to turn it on.

When nudity protection is turned on, people sending images containing nudity will see a message reminding them to be cautious when sending sensitive photos, and that they can unsend these photos if they've changed their mind.

Anyone who tries to forward a nude image they've received will see a message encouraging them to reconsider.

When someone receives an image containing nudity, it will be automatically blurred under a warning screen, meaning the recipient isn't confronted with a nude image and they can choose whether or not to view it. We'll also show them a message encouraging them not to feel pressure to respond, with an option to block the sender and report the chat.

Nudity protection uses on-device machine learning to analyze whether an image sent in a DM on Instagram contains nudity. Because the images are analyzed on the device itself, nudity protection will work in end-to-end encrypted chats, where Meta won't have access to these images -- unless someone chooses to report them to us.

When the British Government started work on online censorship laws I think it envisaged that age/ID verification would create a business opportunity for British start up companies to exploit the market so created. Unfortunately for them it looks inevitably set that the usual US internet giants will be the ones to profit from the requirements.

In fact Meta has been speaking of its ideas that operating system companies and app stores should be the ones to implement age/ID verification.

Meta is calling for implementing age verification across Europe and proposed a way to do it. The company wants to ensure that parents only need to verify the age of their child once and noted that the most effective way of achieving this would be to have operating systems or app stores complete the verification process.

The move would pass on the responsibility of age verification from social media platforms to firms such as Apple and Google. Other platforms have also in argued in favor of the solution, including Twitter and Match, the company behind dating apps like Tinder, Hinge and OkCupid.

Meta delivered its statement during a hearing of an Irish parliament committee focused on children's rights this week. Meta has been taking different approaches to try and ease pressure from global censors on the age verification question. The company has been experimenting with facial age estimation technology from UK firm Yoti in several countries.

The Kansas state governor, Laura Kelly, has announced that she will not sign age verification legislation that was recently passed through the state legislature.

Instead, she will let the bill, Senate Bill (SB) 394 , automatically become law by letting it enter force on April 25. The bill levies age verification requirements on websites with users from Kansas IP addresses to check their identities through government identification or transactional data.

SB 394 empowers Attorney General Kris Kobach to enforce the law.

Kelly said in a statement:

While well-meaning in its efforts to protect children from content the legislature considers 'harmful to minors,' this bill is vague in its application and may end up infringing on constitutional rights, which is an issue being litigated in other jurisdictions over similar bills. For that reason, I will allow this bill to become law without my signature.

Kelly added that she could have vetoed the bill, but the Republican-held state legislature would have the necessary votes to overturn her veto.

EU DisinfoLab, a censorship lobby group regularly making policy recommendations to the EU and member-states, is now pushing for a security structure created by ICANN (the Internet Corporation for Assigned Names and Numbers) to be utilized to censor what it deems as disinformation.

Attempting to directly use ICANN would be highly controversial. Given its importance in the internet infrastructure -- ICANN manages domain names globally -- and the fact content control is not among its tasks (DisinfoLab says ICANN refuses to do it) -- this would represent a huge departure from the organization's role as we understand it today.

But now DisinfoLab proposes to use the structure already created by ICANN against legitimate security threats, to police the internet for content that somebody decides to treat as disinformation. It would require minimal amount of diligence and cooperation from registries, a blog post said, to accept ICANN-style reports and revoke a site's domain name.