EU Internet Users Can Stand Up For Net Neutrality

Over the past 18 months, the debate around the free and open Internet has taken hold in countries around the world, and we’ve been encouraged to see governments take steps to secure net neutrality. A key component of these movements has been strong public support from users upholding the internet as a global public resource. From the U.S. to India, public opinion has helped to positively influence internet regulators and shape internet policy.

Now, it’s time for internet users in the EU to speak out and stand up for net neutrality.

The Body of European Regulators of Electronic Communications (BEREC) is currently finalising implementation guidelines for the net neutrality legislation passed by EU Parliament last year. This is an important moment — how the legislation is interpreted will have a major impact on the health of the internet in the EU. A clear, strong interpretation can uphold the internet as a free and open platform. But a different interpretation can grant big telecom companies considerable influence and the ability to implement fast lanes, slow lanes, and zero-rating. It would make the internet more closed and more exclusive.

At Mozilla, we believe the internet is at its best as a free, open, and decentralised platform. This is the kind of internet that enables creativity and collaboration; that grants everyone equal opportunity; and that benefits competition and innovation online.

Everyday internet users in the EU have the opportunity to stand up for this type of internet. From now through July 18, BEREC is accepting public comments on the draft guidelines. It’s a small window — and BEREC is simultaneously experiencing pressure from telecom companies and other net neutrality foes to undermine the guidelines. That’s why it’s so important to sound off. When more and more citizens stand up for net neutrality, we’re empowering BEREC to stand their ground and interpret net neutrality legislation in a positive way.

Mozilla is proud to support savetheinternet.eu, an initiative by several NGOs — like European Digital Rights (EDRi) and Access Now — to uphold strong net neutrality in the EU. savetheinternet.eu makes it simple to submit a public comment to BEREC and stand up for an open internet in the EU. BEREC’s draft guidelines already address many of the ambiguities in the Regulation; your input and support can bring needed clarity and strength to the rules. We hope you’ll join us: visit savetheinternet.eu and write BEREC before the July 18 deadline.

A Step Forward for Net Neutrality in the U.S.

We’re thrilled to see the D.C. Circuit Court upholding the FCC’s historic net neutrality order, and the agency’s authority to continue to protect Internet users and businesses from throttling and blocking. Protecting openness and innovation is at the core of Mozilla’s mission. Net neutrality supports a level playing field, critical to ensuring a healthy, innovative, and open Web.

Leading up to this ruling Mozilla filed a joint amicus brief with CCIA supporting the order, and engaged extensively in the FCC proceedings. We filed a written petition, provided formal comments along the way, and engaged our community with a petition to Congress. Mozilla also organized global teach-ins and a day of action, and co-authored a letter to the President.

We’re glad to see this development and we remain steadfast in our position that net neutrality is a critical factor to ensuring the Internet is open and accessible. Mozilla is committed to continuing to advocate for net neutrality principles around the world.

The countdown is on: 24 months to GDPR compliance

Twenty four months from now, a new piece of legislation will apply throughout Europe: the General Data Protection Regulation (GDPR). Broadly speaking, we see the GDPR as advantageous for both users and companies, with trust and security being key components of a successful business in today’s digital age. We’re glad to see an update for European data protection law – the GDPR is replacing the earlier data protection “directive”,  95/46/EC, which was drafted over 20 years ago when only 1% of Europeans had access to the Internet. With the GDPR’s formal adoption as of 14th April 2016, the countdown to compliance has begun. Businesses operating in all 28 European Union (EU) member states have until 25th May 2018 to get ready for compliance, or face fines of up to 4% of their worldwide turnover.

The GDPR aims to modernise data protection rules for today’s digital challenges, increase harmonisation within the EU, strengthen enforcement powers, and increase user control over personal data. The Regulation moved these goals forward, although it is not without its flaws. With some elements of it, the devil will be in the details, and it remains to be seen what the impact will be in practice.

That aside, there are many good pieces of the Regulation which stand out. We want to call out five:

  1. Less is more: we welcome the reaffirmation of core privacy principles requiring that businesses should limit the amount of data they collect and justify for what purpose they collect data. At Mozilla, we put these principles into action and advocate for businesses to adopt lean data practices.
  2. Greater transparency equals smarter individual choice: we applaud the Regulation’s endorsement of transparency and user education as key assets.
  3. Privacy as the default setting: businesses managing data will have to consider privacy throughout the entire lifecycle of products and services. That means that from the day teams start designing a product, privacy must be top of mind. It also means that strong privacy should always be the “by-default setting”.
  4. Privacy and competition are mutually reinforcing: with added controls for users like the ability to port their personal data, users remain the owner of their data, even when they leave a service. Because this increases the ability to move to another provider, this creates competition and prevents user lock-in within one online platform.
  5. What’s good for the user is good for business: strengthened data and security practices also decreases the risks associated with personal data collection and processing for both users and businesses. This is not negligible: in 2015 data breaches have cost on average USD 3.79 million per impacted company, without mentioning the customer trust they lost.

Above and beyond the direct impact of the GDPR, its standard-setting potential is substantial. It is more than a purely regional regulation, as it will have global impact. Any business that markets goods or services to users in the EU will be subject to compliance, regardless of whether their business is located in the EU.

We will continue to track the implications of the GDPR over the next 24 months as it comes into force, and will stay engaged with any opportunities to work out the final details. We encourage European Internet users and businesses everywhere to join us – stay tuned as we continue to share thoughts and updates here.

This is what a rightsholder looks like in 2016

In today’s policy discussions around intellectual property, the term ‘rightsholder’ is often misconstrued as someone who supports maximalist protection and enforcement of intellectual property, instead of someone who simply holds the rights to intellectual property. This false assumption can at times create a kind of myopia, in which the breadth and variety of actors, interests, and viewpoints in the internet ecosystem – all of whom are rightsholders to one degree or another – are lost.

This is not merely a process issue – it undermines constructive dialogues aimed at achieving a balanced policy. Copyright law is, ostensibly, designed and intended to advance a range of beneficial goals, such as promoting the arts, growing the economy, and making progress in scientific endeavour. But maximalist protection policies and draconian enforcement benefit the few and not the many, hindering rather than helping these policy goals. For copyright law to enhance creativity, innovation, and competition, and ultimately to benefit the public good, we must all recognise the plurality and complexity of actors in the digital ecosystem, who can be at once IP rightsholders, creators, and consumers.

Mozilla is an example of this complex rightsholder stakeholder. As a technology company, a non-profit foundation, and a global community, we hold copyrights, trademarks, and other exclusive rights. Yet, in the pursuit of our mission, we’ve also championed open licenses to share our works with others. Through this, we see an opportunity to harness intellectual property to promote openness, competition and participation in the internet economy.

We are a rightsholder, but we are far from maximalists. Much of the code produced by Mozilla, including much of Firefox, is licensed using a free and open source software licence called the Mozilla Public License (MPL), developed and maintained by the Mozilla Foundation. We developed the MPL to strike a real balance between the interests of proprietary and open source developers in an effort to promote innovation, creativity and economic growth to benefit the public good.

Similarly, in recognition of the challenges the patent system raises for open source software development, we’re pioneering an innovative approach to patent licensing with our Mozilla Open Software Patent License (MOSPL). Today, the patent system can be used to hinder innovation by other creators. Our solution is to create patents that expressly permit everyone to innovate openly. You can read more in our terms of license here.

While these are just two initiatives from Mozilla amongst many more in the open source community, we need more innovative ideas in order to fully harness intellectual property rights to foster innovation, creation and competition. And we need policy makers to be open (pun intended) to such ideas, and to understand the place they have in the intellectual property ecosystem.

More than just our world of software development, the concept of a rightsholder is in reality broad and nuanced. In practice, we’re all rightsholders – we become rightsholders by creating for ourselves, whether we’re writing, singing, playing, drawing, or coding. And as rightsholders, we all have a stake in this rich and diverse ecosystem, and in the future of intellectual property law and policy that shapes it.

Here is some of our most recent work on IP reform:

Reining in abuses of the DMCA notice system

The Digital Millennium Copyright Act (DMCA) should be reformed to help promote openness online. We’ve made this case before, posting about section 1201 on the circumvention of technological protection measures. Now, the U.S. Copyright Office has sought comments on section 512, on liability for intermediaries whose services may facilitate activity that infringes copyright. In this area, too, we argue for changes to better support openness. So, we filed comments in response to this consultation last week.

Section 512 gives an exemption (also known as a “safe harbor”) to the normal presumption of liability for copyright infringement, if the intermediary (usually a website, platform or ISP) follows a set of defined processes to deal with copyright complaints. These processes are centered around DMCA notices and counter-notices, and are a common occurrence in online life for creators who take advantage of fair use and other exceptions to copyright to build upon the work of others. Section 512’s protections have enabled the massive growth both of online services and, thereby, of the market and opportunities for licensing copyrighted works. Both of these outcomes have delivered great benefits to Internet users. Some believe these benefits have come with huge costs to rightsholders and believe the current approach should be gutted and replaced with a more punitive “notice-and-staydown” strategy; we believe these proposals should be ignored. But, there is room for improvement.

Because of important nuances of copyright law, it is not just the content but also the context in which content is found that determines infringement.  For example, a piece of content can be used as a parody or for criticism or comment – or the user may hold a license permitting the activity – which would not constitute infringement. However, automated systems which generate the majority of section 512 notices today work by detecting the presence of particular content. These systems cannot account for context, and thus many activities that are non-infringing trigger burdensome enforcement processes. This confusion, problematic in the current regime, would be amplified many times in a “notice-and-staydown” regime.

In our filing, we offer three main proposals for reform to improve on the current system:

  1. Rebalance the underlying incentive structures by introducing statutory damages as a component of the remedy for unwarranted DMCA takedown requests;
  2. Attach penalty of perjury to the accuracy of notices as a whole, not merely the authority of the complaining party to act; and
  3. Give intermediaries some discretion to preserve the availability of content during the statutory 10-day waiting period under good-faith belief of invalidity of the notice (for example, for users who are frequently targeted with invalid notices).

Considering how long ago it was written, and the major technological advancements since then, section 512 has aged very well. It should be viewed generally as a farsighted and well-designed attempt to promote the interests of users who want engaging online services. We hope that the reforms we propose will be adopted to ensure that it continues to maximally promote innovation and creativity online.

Challenges to openness under U.S. copyright law

The Mozilla Manifesto has as its second principle, “The Internet is a global public resource that must remain open and accessible.” The Internet is the most significant social and technological medium of our time, and an invaluable public resource that must be protected and supported. Yet, Internet openness is at risk all around the world, from a number of different directions. One of these is copyright law, and the restrictions that are, at times, imposed on socially and economically beneficial activity. Mozilla has been engaging in various copyright reform processes in the European Union over the past several months, advocating for a European wide framework that promotes competition and innovation online. Now, we are bringing that advocacy across the Atlantic to the United States.

The U.S. Copyright Office is currently seeking comment on part of the Digital Millennium Copyright Act, Section 1201 of Title 17, which prohibits the circumvention of technical measures that effectively control access to copyright protected works. In response, we have submitted comments articulating our view of the problems associated with this law as it stands today, and have offered suggestions that promote openness online, within the general framework of the law.

In practice, Section 1201 implements a different balance of interests than copyright law. It allows copyright holders to impose more severe restrictions on user freedoms than copyright law alone permits. The combination of technical measures and circumvention liability is unable to distinguish between infringing and non-infringing uses of content – so, in service of the ostensible goal of limiting infringement, innovative and positive activities, that do not violate copyright law, get caught up as well. The statute includes some limitations to try to alleviate this harm, including a few specific permanent exceptions as well as a process for requesting additional temporary ones, but these measures fall short. As a result, Section 1201 stifles fair use and other legitimate activities, posing risk of long-term harm to competition, innovation, and culture.

The notice of inquiry asks for suggestions for both general improvements, and for specific changes to the statute’s exceptions. In our filing, we identified gaps where the permanent exceptions have fallen short of accomplishing their ostensible objectives. We also offered three suggestions to help improve the 3-year exemption review process:

The changes we propose would not “fix” Section 1201. It’s hard to conceive of anything that would be a complete fix, so long as the law allows a different balance of interests to be imposed than that set under copyright law. However, the changes we propose, if implemented, would help protect openness to a greater degree than the current approach.

Mozilla stands up for public participation and openness in Trans-Pacific Partnership

The Trans-Pacific Partnership (TPP), like many modern trade deals, encompasses complex aspects of Internet policy, yet the voice of the Internet community is excluded from the nearly decade long negotiations. As a result, the balance shifts away from users and the public interest. It is our belief that effective global Internet policy and governance decisions can’t be made without openness and that the TPP’s processes fail in this regard.

The lack of open processes and public discussion is a primary concern for us because:

  • Global Internet policy issues, including copyright and free expression, are complex and impact the core of openness online in ways that can’t be solved in isolation;
  • Openness is core to both the Internet (including Internet governance) and Mozilla’s mission and values; and
  • When Internet policy decisions and processes lack openness, lack of participation means that user interests are often undervalued and underserved.

We have seen this same thing happen in the past. In January 2012, PIPA/SOPA attempted to create intellectual property policy without public input. At the end of the same year, the World Conference on International Telecommunications (WCIT) attempted to build Internet governance processes without a public role. In both cases, public pressure prevailed and defeated these threats to openness and public benefit. Our concern is that when these same threats come cloaked within trade deals, they may not be visible as threats until the damage has already been done.

In the final draft of the TPP, we see copyright losing ground with the balance tipping away from users and the public interest and towards businesses built on IP maximization. Provisions are strong where the rights of some major institutions and traditional business models are at stake, such as implementing software patent frameworks, expanding copyright terms (with retroactive effect), and establishing minimum damages for copyright infringement. Yet, the provisions that have been added to support the rights of the public are softer, including those related to public domain and limitations and exceptions to copyright.

End of January 2016, the Electronic Frontier Foundation (EFF) organized a strategy meeting on creating reform of trade negotiation processes — a two day summit held in Brussels. Over 30 diverse organizations – including Mozilla – came together to collectively discuss strategy and tactics on how to improve transparency in the negotiation processes for current and future trade deals. The result was a declaration being released today, which Mozilla has signed.

While we recognize there may be compelling reasons for sensitivity in some of the negotiations of the TPP and other trade agreements, our view is that these processes are not appropriate to resolve global Internet policy challenges. The future of Internet policy and governance issues must be determined through open and transparent processes that allow all voices to be heard and all rights to be fairly weighed. We look forward to working alongside other stakeholders to collectively forge needed reform of trade deals like the TPP.

Announcing the 2016 Open Web Fellows Program Host Organizations

Last year was a big year for the open Web: net neutrality became a mainstream phrase in the United States, data retention and surveillance were hotly contested at government levels in the European Union, and India’s government suspended operations of Free Basic’s zero-rating practices despite Mark Zuckerberg’s insistence that he was working in the interest of the poor. Much of this was done in collaboration with organizations that share the mission to protect the open Web as a global public resource. It’s partnerships and knowledge sharing initiatives that support these movements.

Once such initiative is the Ford-Mozilla Open Web Fellows program, an international leadership program that brings together technology talent and civil society organizations to advance and protect the open Web. The Fellows embedded at these organizations will work on salient issues like privacy, access, and online rights. And this Fellowship program offers unique opportunities to learn, innovate, and gain credentials in a supportive environment while working to protect the open Web.

We are proud to announce our second cohort of host organizations, who are looking for 8 talented individuals to advise, build, and learn during their 10-month fellowships.

Apply now to become a Ford-Mozilla Open Web Fellow!
Deadline for applications: 11:59pm PST March 20, 2016


Centre for Intellectual Property and Information Technology Law (CIPIT)
CIPIT is an evidence-based research and trainingcenter based at Strathmore Law School in Nairobi, Kenya. Working with communities in extreme stances of censorship, their mission is to study and share knowledge on the development of cyberspace, and conduct research from a multidisciplinary approach. In 2016 CIPIT will be focusing on Internet Freedom in Eastern Africa, intellectual property in African development, and network measurements in election monitoring.

CIPIT is looking for an inquisitive, focused Fellow with tech expertise who can consult on a policy-oriented research process. This Fellow could help shape the next generation of Internet laws in Africa, and see the real-life needs of the tools and code they generate. For example, the Fellow could develop user-focused tools that help real-life events – like the Ugandan election. Learn more here.


Citizen Lab
Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto that focuses on advanced research and development at the intersection of ICTs, human rights, and global security. They provide impartial,evidence-based, peer-reviewed research on information controls to help advocacy and policy engagement on an open and secure Internet, and help secure civil society organizations from targeted attacks.

Citizen Lab is looking for a Fellow who is motivated to apply their technical skills to questions concerning technology and human rights, and brings excellent communications and technical skills. The Fellow could develop new tools to measure Internet filtering and network interference, investigate malware attacks or the privacy and security of apps and social media, and empower citizens by developing platform for corporate and public transparency. Learn more here.


ColorOfChange
ColorOfChange is a leading civil rights organization that works to strengthen the voice of Black America and create positive change around political and social issues that affect the Black community. ColorOfChange supports net neutrality and the reclassification of broadband as a public utility, and works to give their members a voice — hugely consequential, as Black and brown Americans are least able to afford the paybooths and obstacles that come with a closed Internet.

ColorOfChange is looking for a Fellow who is passionate about ensuring the US national conversation around net neutrality includes arguments in favor of net neutrality from a civil rights perspective. This Fellow would have the opportunity to pioneer tools for rapid-response campaigning that could be replicated and used by millions, find a compelling approach for users to engage with data that is integrated in the presentation itself, leverage mobile (and wearables??) for activism. Learn more here.


Data & Society
Data & Society is a research institute that is committed to identifying issues at the intersection of technology and society. They focus on social, cultural, and ethical issues arising from data-centric technological development. In 2016, they will focus on identifying major emergent issues stemming from new data-driven technologies, develop tools to help people better understand issues, and build a diverse network of researchers and practitioners.

Data & Society is looking for a Fellow who is deeply versed in technical conversations, and understands that new massive technologies are creating disruption. This Fellow would work with people from other fields to raise the technical capacity of others in the network, and engage technical communities core to Data & Society’s mission. Learn more here.


Derechos Digitales
Derechos Digitales is an organization that promotes human rights in digital environments. Their work focuses on the nuanced realities of Latin American countries, and bring these perspectives to discussions around issues like cybersecurity and corporate transparency. They work to shape policy-making on issues such as mass surveillance, digital threats to activists, and legislative work on Internet governance. In 2016 they will focus on privacy, freedom of expression and access to knowledge.

Derechos Digitales is looking for a Fellow with tech expertise who is passionate about working at the intersection of human rights and tech policy in the global south. The Fellow could provide technical advise on the tools and resources needed in these contexts, and develop tech policy documents that can bridge the human rights and tech communities. Derechos Digitales is looking for a Spanish-speaking Fellow who would be comfortable supporting capacity building sessions with local civil society organizations. Learn more here.


European Digital Rights (EDRi)
EDRi is an association of 33 civil rights organizations from across Europe, and works to promote, protect and uphold civil and human rights in the digital environment in the European Union. Their four key priorities for 2016 are data protection and privacy, mass surveillance, copyright reform and net neutrality. EDRi supports Europe’s data protection reform and campaigned against EU state surveillance proposals. The current onslaught of “counter-terrorism” proposals after recent attacks sees European governments adopting new laws with little consideration of effectiveness, proportionality, or whether privacy is being sacrificed.

EDRi is looking for a Fellow who is passionate about raising awareness about EU digital rights, and can use their technical expertise to help educate the general public, tech-policy community, and policy-makers. For example, the Fellow could explain existing data collection practices and newly gained online rights to users via an app or other tool, depending on the Fellow’s talents and preferences. The Fellow could provide technical assistance to help policy-makers and regulators understand the tools used by online companies for tracking and monitoring. Learn more here.


Freedom of the Press Foundation
Freedom of the Press Foundation is a non-profit organization that supports and defends journalism dedicated to transparency and accountability. They believe one of the most critical press freedom issues of the 21st Century is digital security, and work to ensure journalists can use technology to do their jobs safely and without the constant fear of surveillance.

Freedom of the Press Foundation is looking for a Fellow with strong technical abilities and is interested in helping journalists work safely and communicate securely.  The Fellow would apply their skills to build and support tools like SecureDrop with Freedom of the Press Foundation’s talented staff of technologists and engineers that help journalists communicate securely with sources and whistleblowers. Learn more here.


Privacy International
Privacy International focuses on privacy issues around the world. They advocate for strong privacy protection laws, investigate government surveillance, conduct research to enact policy change, and raise awareness amongst the public about technologies that place privacy at risk. In 2016 Privacy International is working partnering with organizations in the global south to identify privacy challenges, and more work on data exploitation.

Privacy International is looking for a Fellow who’s eager to learn and find new challenges. The Fellow would use their strong technical skills to translate technology to policy-makers, and help others around the world do the same. The Fellow would work with Privacy International’s Tech Team to analyze surveillance documentation and data, identify and analyze new technologies, and help develop briefings and educational programming with a technical understanding. Learn more here.


Apply now to become a Ford-Mozilla Open Web Fellow!
Deadline for applications: 11:59pm PST March 20, 2016

Introducing Lean Data Practices

At Mozilla, we believe that users trust products more when companies build in transparency and user control. Earned trust can drive a virtuous cycle of adoption, while conversely, mistrust created by even just a few companies can drive a negative cycle that can damage a whole ecosystem.

Today on International Data Privacy Day, we are happy to announce a new initiative aimed at assisting companies and projects of all sizes to earn trust by staying lean and being smart about collecting and using data.

We call these Lean Data Practices.

Banners_and_Alerts_and_Mozilla_Lean_Data_Practices_—_Mozilla

Lean Data Practices in action

Lean Data Practices are not principles, nor are they a way to address legal compliance— rather, they are a framework to help companies think about the decisions they make about data. They do not prescribe a particular outcome and can help even the smallest companies to begin building user trust by fostering transparency and user control.

We have designed Lean Data Practices to be simple and direct:

  1. stay lean by focusing on data you need,
  2. build in security appropriate to the data you have and
  3. engage your users to help them understand how you use their data.

We have even created a toolkit to make it easy to implement them.

We use these practices as a starting point for our own decisions about data at Mozilla. We believe that as more companies and projects use Lean Data Practices, the better they will become at earning trust and, ultimately, the more trusted we will all become as an industry.

Please check them out and help us spread the word!