Friday, February 10, 2006

Digital Rights Ireland is looking for your support

On the 6th December, Digital Rights Ireland formally launched. Our stated mission is to protect civil, legal and human rights in a digital age.

Now we're asking people who share that aim to help us out by pledging their money to DRI. If you're in a hurry and don't need to know more, here's where you can sign up:

Since our launch, and without funding, we've managed to do the following;

Focus attention on data retention, by lobbying, use of parliamentary questions and encouraging media scrutiny of the European Parliament's vote to bring in a Data Retention Directive.

We've established ourselves as a point of contact for the media on digital rights issues. This is important, as editors are much more likely to run a story where they are able to present two competing views to their audiences. We've raised the profile of these issues across the entire range of media, including the Pat Kenny show, Newstalk FM, the Irish Times, Six One News, 2FM, Metro Ireland, the Star on Sunday, various local stations and (of course) internet news outlets such as The Register.

We have intervened in the filesharing debate to speak up for the privacy rights of innocent parties. We have also attempted, with some limited success, to inform the courts of relevant precedent.

We've started producing reliable, readable, guides to users' rights. So far, we have pamphlets on SMS Spam and Online Libel completed. More are in the works.

We have begun to introduce DRI to the other players involved in rights protection. We've met with the Data Protection Commissioner and with the Irish Council for Civil Liberties, and have been in contact with the Human Rights Commission. We've made a formal submission to the European Commission on Irish privacy laws.

We've also established DRI as Ireland's point of contact internationally in the digital rights sphere. We've joined EDRI , and have close relations with the Open Rights Group in the UK. We have also established informal links with other groups, such as the EFF, Liberty and Privacy International.

At the same time, we're working away behind the scenes on researching some of the issues which we expect to have to tackle in the months to come, such as the planned DNA Database and the proposals to introduce ID cards in Ireland.

Not a bad record for a three month old voluntary organisation working on a shoestring.

However, we're now reaching the limits of what we can do with no euro and no cent behind us. With your support, we could launch a flotilla of Freedom of Information requests, seeking information in targeted areas. We could raise awareness of digital rights issues in the professional spheres with a public conference. We could ship a representative to Brussels for crucial votes, to lobby our MEPs face to face. We could even pay for tea and coffee at our press conferences.

And, if needs be, we would be in a position to consider the possibility of seeking to block unconstitutional measures through the high-stakes gambles of the courts, as other advocacy groups regularly do.

Our suggested subscription rate is €10 per month. That is the cost of 2 pints. If we get 100 members willing to pledge that much to us, we will have a solid income base to work from.

We also have a concession membership of €5 a month. We aren't going to be checking IDs or anything like that - if you don't think you can afford to forgo both pints every month, then we'll happily spare you the effort of drinking one of them.

We have both a Paypal subscription option and our bank details for standing orders. Or if you like, you can bung us your full year's subscription in a single lump sum. And if you're not sure where you'll be for the next year, but know you'd like to send us something, we'd be most grateful.

Mechanics: Where does the money go? Money pledged to DRI will go to a bank account owned by Digital Rights Ireland Limited, a company limited by guarantee, registered with the Companies Registration Office in Dublin. As such, annual accounts will be filed for the company, which will be publicly available.

Who are Digital Rights Ireland Limited? Our Directors are listed here with links to their personal sites. Full details can be inspected via the Companies Registration Office.

[Cross-posted from]

Wednesday, February 01, 2006

Your personal information is for sale - Mobile Phone Location edition

The Guardian has an interesting story by Ben Goldacre entitled"How I stalked my girlfriend":
For the past week I've been tracking my girlfriend through her mobile phone. I can see exactly where she is, at any time of day or night, within 150 yards, as long as her phone is on. It has been very interesting to find out about her day. Now I'm going to tell you how I did it.


First I had to get hold of her phone. It wasn't difficult. We live together and she has no reason not to trust me, so she often leaves it lying around. And, after all, I only needed it for five minutes.

I unplugged her phone and took it upstairs to register it on a website I had been told about. It looks as if the service is mainly for tracking stock and staff movements: the Guardian, rather sensibly, doesn't want me to tell you any more than that. I ticked the website's terms and conditions without reading them, put in my debit card details, and bought 25 GSM Credits for £5 plus vat.

Almost immediately, my girlfriend's phone vibrated with a new text message. "Ben Goldacre has requested to add you to their Buddy List! To accept, simply reply to this message with 'LOCATE'". I sent the requested reply. The phone vibrated again. A second text arrived: "WARNING: [this service] allows other people to know where you are. For your own safety make sure that you know who is locating you." I deleted both these text messages.

On the website, I see the familiar number in my list of "GSM devices" and I click "locate". A map appears of the area in which we live, with a person-shaped blob in the middle, roughly 100 yards from our home. The phone doesn't go off at all. There is no trace of what I'm doing on her phone. I can't quite believe my eyes: I knew that the police could do this, and telecommunications companies, but not any old random person with five minutes access to someone else's phone. I can't find anything in her mobile that could possibly let her know that I'm checking her location. As devious systems go, it's foolproof. I set up the website to track her at regular intervals, take a snapshot of her whereabouts automatically, every half hour, and plot her path on the map, so that I can view it at my leisure. It felt, I have to say, exceedingly wrong.


Your mobile phone company could make money from selling information about your location to the companies that offer this service. If you have any reason to suspect that your phone might have been out of your sight, even for five minutes, and there is anyone who might want to track you: call your phone company and ask it to find out if there is a trace on your phone. Anybody could be watching you. It could be me.
This particular service isn't available in Ireland just yet. But other mobile phone location services are. use similar technology to advertise houses based on their proximity to your mobile phone. 02 sell companies the ability to monitor the movements of their employees via their mobiles. And of course our Department of Justice has ensured that the movements of every mobile phone owner are tracked and stored for three years. It's time to make sure that adequate safeguards are put in place to control mobile phone location data - and by that I mean independent monitoring with teeth, not the ineffective and unaccountable internal administrative practices of mobile phone operators.