Personal drone registration will become necessary, U.K. Lords say

A U.K House of Lords committee has recommended that, in the long term, people operating drones for leisure may need to register them so their owners can be traced.

The House’s European Union Committee issued a report on Thursday into various aspects of drone regulation. It said there would soon be a need for commercial drone operators to register their flights somewhere, so as to keep airspace safe, but it also noted that hobbyist or leisure-use drones were on the increase, and this may cause issues in the long run.

The committee said there were many potential benefits to civilian use of remotely piloted aircraft systems (RPAS), so “we certainly do not support banning the leisure use of RPAS,” but it laid out several recommendations on how to maintain safety.

A licensing regime or the use of digital identity chips in the drones are some of the options that were raised by industry and police representatives, leading to the following recommendation:

We have already recommended the creation of an online database through which commercial RPAS pilots can provide details of their flights to inform other airspace users. We heard compelling arguments as to why the leisure use of RPAS presents risks to the general public and other airspace users. Therefore, in the long term, we foresee the need for a system which can track and trace all RPAS, especially those flying below 500ft, irrespective of whether they are flown by commercial or leisure pilots. This will be essential not only to manage the increased traffic in the sky, but also to enforce existing and future laws governing RPAS use.

The committee also said it was keen on having media campaigns and messages in drone packaging to remind people that they’re flying aircraft, and encourage them to do so safely. It also pushed for geo-fencing features, which bring down drones when they encounter the borders of restricted areas, to be made more widely available.

The report was a response to communications issued by the European Commission on the subject of drones, and will be debated by the wider House of Lords.

On the issue of drone-enabled state surveillance, the committee said this was “beyond the scope of this inquiry … but the acceptability of state use of RPAS should be subject to urgent public debate.” It also recommended that, given privacy concerns, media regulators should launch a public consultation on the use of drones for reporting.

Spyware firm Gamma failed on human rights, says OECD

The Organisation for Economic Co-operation and Development has for the first time found a surveillance software company to be in violation of human rights guidelines, following a complaint about the notorious British-German spyware outfit Gamma International.

Gamma allegedly sold its FinFisher spyware tool to the Bahraini regime, which is a big-time human rights abuser that seems to have used the software to persecute activists. The complaint to the OECD’s U.K. national contact point (NCP – an agency operated by the British government) was made by the right group Privacy International, which has also made a criminal complaint about Gamma, along with Reporters Without Borders and other groups.

However, the OECD’s guidelines for businesses are voluntary, so apart from calling out the fairly shameless Gamma, not much can come directly from this particular decision. In addition, the Gamma Group is these days operating out of Munich rather than the U.K.

The case involved three Bahraini dissidents, two of whom were living outside the country at the time they were apparently targeted using FinFisher. Gamma refused throughout the investigation to confirm whether it supplied the tool to Bahrain’s government, but the evidence indicated pretty clearly that the activists were targeted with Gamma’s product, and it was reasonable to assume it was the Bahrainis behind it.

The big problem, from the OECD’s point of view, is that Gamma doesn’t have human rights policies and due diligence processes to stop its products being used in an abusive way, and had been uncooperative during the investigation:

The UK NCP has concluded that Gamma International UK Limited has not acted consistently with provisions of the OECD Guidelines requiring enterprises to do appropriate due diligence… to encourage business partners to observe Guidelines standards… to have a policy commitment to respect human rights… and to provide for or co-operate through processes to remediate human rights impacts…

Through its legal representative, the company has raised obstacles to the complaint’s progress, whilst failing to provide information that would help the NCP make a prompt and fair assessment of these. The NCP considers that this does not have the appearance or practical effect of acting in good faith and respecting the NCP process.

In a statement, the complainants said they were disappointed that the NCP had not taken “a more pro-active investigatory role” that would have confirmed that Gamma really did sell FinFisher to Bahrain – this would have allowed more strenuous condemnation of the company, they said.

Still, they seemed reasonably happy with the general precedent. Privacy International deputy director Eric King said:

Today’s judgement is a watershed moment recognising that surveillance companies such as Gamma cannot shirk their human rights obligations. This decision reaffirms that supplying sophisticated intrusive surveillance tools to the world’s most repressive regimes is not only irresponsible business conduct, but violates corporate human rights obligations, and the companies that engage in such behaviour must bear the responsibility for how their products are ultimately used.

Driverless cars can be tested on UK public roads as of now

In July last year, the British government said it would review the rules of the road to see if any changes were needed for the testing of driverless cars. Well, the report is out and the tech and auto industries are free to get testing.

According to the regulatory review, there are no legal barriers to testing autonomous vehicles on the U.K.’s public roads today, as long as a driver is present and taking responsibility, and the vehicle complies with road traffic laws. Those doing the testing don’t need to get any certificates or permits.

A code of practice will be published in the spring, and the report promises that it will “be quicker to establish, more flexible and less onerous for those wishing to engage in testing than the regulatory approach being followed in other countries, notably in the U.S.”

Legislation to allow wider deployment of the technology is being promised for mid-2017 – there are several kinks that will need ironing out, most notably around who’s liable for crashes – and the U.K. will push for new international regulations by the end of 2018. Liability aside, other issues requiring examination include “possible cyber threats” and what driving standards will be expected of algorithmic drivers.

The general thrust of Wednesday’s announcement was that the government wants the U.K. to be a testing hotbed for autonomous vehicles. Transport minister Claire “Porn-filter” Perry said in a statement:

Driverless cars are the future. I want Britain to be at the forefront of this exciting new development, to embrace a technology that could transform our roads and open up a brand new route for global investment.

BAE Wildcat autonomous vehicle

BAE Wildcat autonomous vehicle

As the government said in December, there will be three state-funded trials of driverless cars, in Greenwich (London), Milton Keynes and Coventry, and Bristol. The trials will involve several kinds of vehicle.

The rather odd vehicle you see at the top is the Lutz Pathfinder Pod from Catapult Transport Systems, which will be tested in Milton Keynes along a route that’s been pre-approved by the local council. Bristolians will get to check out the somewhat more rugged Wildcat autonomous jeep (pictured on the right) from defence outfit BAE Systems, while denizens of Greenwich will be treated to an autonomous shuttle called Meridian.

Hotel industry fumes as UK prepares to legalize Airbnb in London

Airbnb users have many options when they visit London, but they and their hosts are probably unaware that these short-term lets are often illegal. However, that’s about to change – much to the ire of the hotel industry.

On Monday, housing minister Brandon Lewis set out plans for short-term lets to be deregulated in London. A 42-year-old London law says that anyone wanting to rent out their home for less than 90 days must get planning permission to do so, or pay a £20,000 ($30,450) penalty per offence. The government now wants that law scrapped.

“We live in the 21st century, and London homeowners should be able to rent out their home for a short period without having to pay for a council permit. These laws … need to be updated for the internet age,” Lewis said in a statement.

However, the government would still restrict short-term letting to 90 days per calendar year or less, so that the properties don’t effectively become hotels. The properties also can’t be business premises, and councils will be able to apply for “small localized exemptions from the new flexibility, where there is a strong case to do so.”

I’d say it was very silly for London to have different rules from the rest of the country, regarding services such as Airbnb — so this move should be welcomed at least on that front. However, the hotel industry doesn’t quite see it that way.

The British Hospitality Association has been lobbying against these changes for quite some time and says it still has serious concerns about health and safety. In an emailed statement, Association policy director Jackie Grech said the relevant clause had been “hastily pushed through … without any concern for the consequences such as security, employment, housing shortages, anti-social behavior and the high quality reputation of tourism in the U.K.”

She added:

When the first claims come through, they could be serious injuries. It is possible to look out for the interests of community, customers and employees; the hospitality industry does this every day. These multi-billion dollar companies need to do the same and we are particularly concerned for small, family run establishments who have to compete with giant multi billion pound companies.

This all comes a few months after the publication of a U.K. government review of the so-called sharing economy, conducted by Debbie Wosskow, the CEO of home exchange platform Love Home Swap. Astonishingly, the review suggested that accommodation-sharing platforms should be less burdened with regulation.

BT agrees to $19B takeover of EE, paving way for close DT relationship

The negotiations are over: pending regulatory approval, BT will get back into the U.K.’s mobile scene in a big way by buying EE from Deutsche Telekom and Orange for £12.5 billion ($19 billion).

This means BT will be able to sell fully-converged bundles of fixed and mobile connectivity, telephony and pay TV services. It will also leave Germany’s Deutsche Telekom as BT’s biggest individual shareholder, and DT’s chief is already talking about the big European national telecoms giants working together more closely in the future.

“The UK’s leading 4G network will now dovetail with the U.K.’s biggest fiber network, helping to create the leading converged communications provider in the U.K.,” BT CEO Gavin Patterson said in a statement. “Consumers and businesses will benefit from new products and services as well as from increased investment and innovation.”

The companies began exclusive talks in December last year after BT said it was interested in buying either EE or O2. After BT and EE went exclusive, Three UK owner Hutchison Whampoa said it was in talks to buy Telefónica’s O2.

If both those deals go through, the U.K. will be left with three network-owning mobile operators, rather than four (the other one is Vodafone). Regulators will need to take this into account, along with the various chunks of spectrum that the companies own — despite only explicitly talking about business services at the time, BT bought 4G spectrum in 2013’s big auction.

It remains to be seen whether Europe’s competition regulators will take an interest, or whether it will be down to the UK Competition and Markets Authority.

EE is the U.K.’s largest mobile carrier, comprising as it does two former carriers, T-Mobile UK and Orange. It has 24.5 million direct mobile customers, 834,000 fixed broadband customers and a bunch more people who use EE mobile services resold under different virtual operator brands. In total, it services 31 million people, or roughly half the country.

The deal will be a cash-share combination, leaving Deutsche Telekom with a 12 percent stake in BT and one non-executive board member, and France’s Orange with a four percent stake.

“The transaction is much more than just the creation of the leading integrated fixed and mobile network operator in Europe’s second largest economy,” DT CEO Tim Höttges said in the statement. “We will be the largest individual shareholder in BT and are laying the foundations for our two companies to be able to work together in the future.”

Zombie UK surveillance law re-buried for billionth time

Having tried to insert the wording of the rejected Communications Data Bill into new U.K. anti-terror legislation, then having withdrawn the amendment before reintroducing it days later, securocrat members of the House of Lords have again withdrawn it due to a lack of government support. The “Snooper’s Charter” is therefore back off the table, though it may well return after the May general election, depending on who wins. Monday’s two-hour debate on the matter was tediously similar to last week’s, and appears to have been mainly intended as an opportunity for the peers to complain about not being shown the revised draft of the Communications Data Bill, which the government is keeping under wraps for now. (High point: Lord King blaming WhatsApp for ISIS’s advance in Syria and Iraq.)

Google to give all users clearer information about data use

Google has vowed to revise its privacy policy and account settings, in order to make it clearer to people what it does with their data and give them more control. This comes as part of a settlement with the U.K. Information Commissioner’s Office, announced on Friday, but the changes will apply globally.

The ICO and other data protection regulators across the EU have been coordinating a crackdown on Google’s practices since 2012, when the company introduced a new unified privacy policy. The unified policy allowed [company]Google[/company] to mix and match personal data across its various services – between YouTube and Search, for example. However, many people did not, and still do not, appreciate what this means in terms of user profiling.

Google has faced repeated fines over its refusal to change the policy in countries such as France, Italy and Germany, but the sums involved were chickenfeed for a company of Google’s girth. The U.K.’s ICO hasn’t fined Google in this way, but has repeatedly said that Google’s settlement proposals didn’t go far enough.

Now this long-running drama may be drawing to a close. On Friday the ICO triumphantly brandished an undertaking in which Google said it would do the following things during the next two years:

  • Make its privacy policy easier to find, and be clearer in that policy about what user information it processes and why.
  • Provide users with “information to exercise their rights” and launch a redesigned account settings version to give them more control.
  • Add two provisions from the Google terms of service to the privacy policy, regarding email data and the “shared endorsement” feature.
  • Add to the privacy policy information about “the entities that may collect anonymous identifiers on Google properties and the purposes to which they put that data.”
  • “Take several measures” to tell passive users – those using third-party services that are plugged into Google services, such as advertising – more about what’s happening with their data. Those running the third-party services will also need to “obtain the necessary consents” for this data collection.
  • “Enhance its guidance for employees regarding notice and consent requirements.”

Google also said it would continuously evaluate the privacy impact of future changes to its services and keep users informed, especially where the changes “might not be within the reasonable expectations of service users.” Particularly significant changes to the privacy policy will be “reviewed by user experience specialists and with representative user groups before the policy and associated tools are launched as appropriate.”

The changes will make sure Google is compliant with the U.K. Data Protection Act, which is based on European law. It is not yet clear whether this is the end of the matter as far as the other EU data protection authorities are concerned — I understand that the changes will apply in all countries around the world, though.

Here’s what ICO enforcement head Steve Eckersley said in a statement:

Google’s commitment today to make these necessary changes will improve the information UK consumers receive when using their online services and products.

Whilst our investigation concluded that this case hasn’t resulted in substantial damage and distress to consumers, it is still important for organisations to properly understand the impact of their actions and the requirement to comply with data protection law… This investigation has identified some important learning points not only for Google, but also for all organisations operating online, particularly when they seek to combine and use data across services.

Although the list of commitments is fairly comprehensive, some terms are vague and the proof may lie in the implementation. For example, the EU privacy watchdogs previously demanded that users get the opportunity to “choose when their data are combined, for instance with dedicated buttons in the services.” That’s not merely a matter of giving users “information to exercise their rights”, so it will be interesting to see what the redesigned account settings entail.

So far, Google has merely said:

We’re pleased that the ICO has decided to close its investigation. We have agreed improvements to our privacy policy and will continue to work constructively with the Commissioner and his team in the future.

Even if this does indicate a conclusion to the unified privacy policy saga, then Google still faces major regulatory headaches in Europe. These include the big search antitrust case – tied in with digital agenda commissioner Günther Oettinger’s apparent desire to extend a version of the “Google tax” copyright levy across Europe – and a potential second antitrust case over Android.

Still, one at a time, eh?

This article was updated at 8.15am PT to note that the changes will apply globally.

UK’s BT lays out gigabit broadband plans with a hint of a threat

BT is stepping up its superlatives. “Superfast” broadband speeds are so 2014 – now the British telecoms giant is planning a shift to “ultrafast” broadband of up to 500 megabits per second (Mbps) or, for those willing to pay a premium, a whole gigabit per second.

All this is based on G.fast technology, which delivers fiber-like speeds despite using an older copper connection into the home. Pilots of the technology will take place this summer in Gosforth, Newcastle, and Huntingdon, Cambridgeshire, taking in up to 4,000 premises.

Hello, G.fast

G.fast uses more spectrum than previous fiber-to-the-cabinet (FTTC) techniques, but it needs the fiber-copper connection point to be closer to the premises than many street cabinets are, probably meaning the addition of new boxes on telephone poles and the like (a technique known as fiber-to-the-distribution-point, or FTTdp.) This is still likely to be cheaper than running fiber into the premises.

In BT’s trials, G.fast achieved speeds of 700 Mbps on the downlink, and 200 Mbps on the uplink. BT Retail’s current FTTC product, BT Infinity, runs at up to 76 Mbps, while its pricier fiber-to-the-home option reaches a theoretical 300 Mbps.

The headline figures BT quoted in its Friday announcement were not, it should be noted, what everyone should expect once deployment begins in 2016 or 2017. As the speeds depend greatly on line length, the company said “millions of homes and businesses” can expect a few hundred megabits per second by 2020, with network upgrades subsequently taking that up to 500 Mbps. It’s not clear how many premises will have access to the 1 Gbps premium option.

BT’s network passes 22 million premises or thereabouts, and rivals can also use it thanks to the functional separation of the former state monopoly a decade ago — the network is run by an entity called Openreach, and BT’s retail business has to get access on the same terms as other ISPs. With fiber, this separation is maintained through a wholesaling process called virtual unbundled local access, or VULA. Openreach is currently providing fiber connectivity to over 3.7 million premises, BT’s new results showed, over 2.7 million of which are BT Retail customers.

Regulatory clash

However, there was a word of warning in BT CEO Gavin Patterson’s Friday statement:

We believe G.fast is the key to unlocking ultrafast speeds and we are prepared to upgrade large parts of our network should the pilots prove successful. That upgrade will depend however on there continuing to be a stable regulatory environment that supports investment.

This suggests that the timing of the “ultrafast broadband” announcement may have something to do with Ofcom’s recent statement to the European Commission about BT’s VULA pricing. The U.K. telecoms regulator wants to regulate the margin between BT’s wholesale and retail prices, and here’s why:

We are concerned that BT could distort the development of competition in superfast broadband by setting an insufficient margin between its wholesale VULA and retail superfast broadband prices. Therefore, this statement sets out detailed requirements on the minimum margin that BT must maintain. Our approach is designed to ensure that other communication providers have sufficient margin to be able to compete with BT in the provision of superfast broadband packages to consumers.

A couple weeks ago, BT responded to that missive by calling it “misconceived.” Patterson’s statement Friday talked about keeping the U.K. ahead of its European neighbors – in the context of the VULA pricing spat, that statement may be as much a veiled political threat as it was an invitation.

Google Wallet takes its 1st trip overseas into UK Gmail accounts

For the first time, someone outside the U.S. will be able to use a Google Wallet to do something more than buy Android apps and content. Starting on Thursday, Google is bringing Send Money in Gmail money transfer to the UK, allowing users to transfer money to Wallet accounts via email messages, Google revealed in its Commerce Blog.

That’s by no means the full extent of Wallet’s capabilities, but it’s a big step considering the only Google Wallet feature available internationally has been in-store purchases on Google Play. There’s still no word on when the Google Wallet app will be available in the U.K., which would let smartphone users make direct money transfers, store their gift and loyalty cards and make contactless credit and debit card payments on Android phones that sport NFC chips.

But given the runaway success of Apple Pay (which has also driven more use of Wallet), you can bet Google is weighing an international expansion of mobile payments service as well. [company]Apple[/company] has confirmed it aims to bring Pay to U.K. iPhones and merchants in 2015.

For U.K. Gmail users, a £ icon will soon appear in the attachment bar of a Gmail missive (in the same place the $ appears in U.S. Gmail accounts today). You just click on that £ sign to either send money to or request money from the email’s recipient. Google created a video to show how it works:

[youtube https://www.youtube.com/watch?v=FVKwbZOFh3o]

Both parties need to have a Wallet account linked to a debit or bank account for the transaction to process. But as with competing peer-to-peer payment services such as PayPal, Square Cash, Venmo, Google will let you send money to anyone regardless of whether they have Gmail or Wallet accounts. The recipient, however, will be prompted to set up a Wallet account if they don’t already have one.

It’s a smart move by Google to launch with its Gmail money transfer service in the UK because it could lead to more Britons signing up for Wallet accounts. That means Google could have a larger ingrained user base for its financial services when it eventually launches the full-fledged Wallet app overseas.

UK Lords kill attempt to sneak in new surveillance laws

Members of the U.K. House of Lords, who last week introduced amendments to an antiterror bill that would have essentially brought back defeated surveillance legislation, have withdrawn the amendments after a spirited debate in the House.

The amendments had been added to the Counter-Terrorism and Security Bill and would have reintroduced key planks of the Communications Data Bill, popularly known as the Snooper’s Charter.

This included a new data retention regime and very broadly-phrased clauses that would have allowed security services to force communications service providers such as Facebook to install equipment in their facilities, so U.K. intelligence and law enforcement could search through Britons’ communications metadata.

Lord King, one of the four peers who introduced the amendments, withdrew them after hours of debate on the basis that their contentiousness might sink the wider terror bill.

It was certainly a lively debate. The peers who submitted the amendments attacked the term “Snooper’s Charter” as “sanctimonious claptrap” (Lord Blair), “much emotive claptrap” (Lord West), and phrasing that incorrectly “presupposes malignancy” (Lord Carlile). Baroness Neville-Jones argued that the terrorist threat means Parliament cannot “do nothing”.

Lord Blencathra, who had chaired the joint committee that nixed the original Communications Data Bill, maintained that the term “Snooper’s Charter” was accurate, as it was so broadly termed that it could be used as just that. He argued that the sunset clause in the amendments – they would run out at the end of 2016 – wouldn’t reassure people outside Parliament and were likely to be constantly revised. Once these clauses were on the statute book “I have little confidence any government would remove them,” he said.

“If hundred of millions of pounds are spent after this bill passed, sunset is unlikely to have any impact,” added Baroness Ludford, who also pointed out that she was “not sure why we legislate” on surveillance when the spy agency is already carrying out sweeping secret programs such as Tempora.

Blencathra, like several other peers, pointed out that there are multiple reviews of U.K. surveillance legislation currently underway, and shoving in these amendments would “do enormous damage” to those efforts.

The Snooper’s Charter may still return in some form, though. Blencathra indicated that he and some others had seen a version of the bill that had been revised to alleviate his committee’s concerns. The Conservatives have repeatedly said they will reintroduce the bill if they win the general election – right now it’s only their Liberal Democrat coalition partners who are holding them back.