All 1 Debates between Justin Madders and Chi Onwurah

Online Anonymity

Debate between Justin Madders and Chi Onwurah
Wednesday 13th January 2021

(3 years, 10 months ago)

Westminster Hall
Read Full debate Read Hansard Text Read Debate Ministerial Extracts

Westminster Hall is an alternative Chamber for MPs to hold debates, named after the adjoining Westminster Hall.

Each debate is chaired by an MP from the Panel of Chairs, rather than the Speaker or Deputy Speaker. A Government Minister will give the final speech, and no votes may be called on the debate topic.

This information is provided by Parallel Parliament and does not comprise part of the offical record

Chi Onwurah Portrait Chi Onwurah (Newcastle upon Tyne Central) (Lab)
- Hansard - - - Excerpts

It is a pleasure to serve under your chairship for the first time, Ms McVey. I look forward to doing so on many further occasions. I thank the right hon. Member for East Hampshire (Damian Hinds) for securing this exceptionally important debate. I also thank the hon. Member for Stroud (Siobhan Baillie) for her opening remarks, which were more than those of a stand-in. They set out the concerns and the personal experience really well and illustrated why this is such an exceptionally important topic to debate. I am sure that many more Members would be here had it not been for the confusion about whether this debate would be taking place. I know that this is an issue of personal, professional and constituency concern to many Members on both sides of the House; it is not a party-political issue.

I want to start by citing the right hon. Member for East Hampshire, who is aware of the challenge of online anonymity for bullying and negative self-perception among young people. He has spoken often about that, and he noted that in 2018 the OECD found that English schools have the highest reported rates of cyber-bullying out of 48 countries. As we debate online anonymity today, we have to keep in mind the deeply troubling human impact that anonymous presence online can have, not least on our young people.

The Government ought to know about the challenge of online anonymity, because their own Commission for Countering Extremism published academic work in 2019 that noted:

“Increased anonymity is associated with increased extremist …language”

on Twitter and YouTube. Tackling abuse and extremism online must mean tackling the worst parts of anonymity online.

We do not have to rely on academic work or the OECD to know the pain and harm that online anonymity can cause. The hon. Member for Stroud set out some of her experiences, and I would just like to say how sorry I was to hear of them. My hon. Friend the Member for Ellesmere Port and Neston (Justin Madders) set out some of his experiences with Twitter, and it is highly regrettable—it is not the first time I have heard it—that Twitter does not take complaints from Members of Parliament or members of the public seriously enough.

Just last month, we heard the strong testimony of my right hon. Friend the Member for Barking (Dame Margaret Hodge), who highlighted over 90,000 posts aimed at her. Many were antisemitic, misogynistic and ageist, and many were posted by people hidden behind anonymous screens. We know from several colleagues, from the valuable testimony of groups such as the Antisemitism Policy Trust, and from painful personal experience that online anonymity too often accompanies online abuse. Like almost all Members of Parliament, I have experienced abuse online, particularly when I dare to say something that some people might consider to be controversial. I have never been able to find out who was behind the most violent instances of such abuse.

As the Government note, there can be trade-offs in regulating online anonymity. Anonymity can be a shield for brave whistleblowers, for victims finding online refuge, or for children and minorities finding courageous self-expression. We must not forget that the internet and social media applications have many positive consequences for people who can use them. They are free and widely available, and they allow communication across generations, geography, countries and all kinds of barriers. Simply banning online anonymity is unlikely to be workable or desirable. We have to be sensitive to the trade-offs here. Protecting privacy is as much a priority in those cases as protecting against harm is in abuse cases.

However, I would say to the Minister that inaction is the worst trade-off of them all. The Secretary of State said:

“It is a challenging area, this point about anonymity,”

and that the Government will do nothing on it in the proposed online safety Bill,

“But of course we will continue to keep it under review.”—[Official Report, 15 December 2020; Vol. 686, c. 157.]

The Government are evading tough trade-offs altogether. That inaction means turning a blind eye to misinformation online. It means a failure to look at victims of abuse online—young people, minority communities and our fellow Members of Parliament—and a failure to assure them that we will do better by them. It is a failure to stand by the victims in these horrendous examples.

It does not have to be this way. Protecting whistleblowers does not need to come at the cost of protecting people who perpetrate abuse. We could do things differently. Indeed, there are already legal provisions that seek to balance anonymity and online responsibility. Norwich Pharmacal orders, or NPOs, can help obtain the identity of a party in court cases where there is alleged wrongdoing. The regulations in the Investigatory Powers Act 2016 give public authorities the ability to access communications data for potential criminal investigations. As we know, however, the sheer scale of online abuse and extremism means that there is more that we could and should do.

This is not a new issue. As I may have said in the past, my background before coming into Parliament was working in technology, particularly on the networks that now form the internet, for 20 years. The rights and wrongs of anonymity on the internet is a question that is as old as the internet itself, which we should remember is now decades old—it is no longer a rebellious teenager.

Three years ago, I attended a conference held by Ditchley on our rights and responsibilities on the internet, and the right to identity was a particular issue. One of the things that I want to emphasise to the Minister is that, as well as considering the right to anonymity on the internet, we must also consider the right to identity. For example, people should be able to prove who they are when they need to. Companies, services and Governments have a right to ask for identity in certain circumstances, as we do in the physical world. Anonymity should not be treated as a zero-sum concept, but should be qualified by the question, “Anonymous to whom and for how long?”

In real life, we can walk through a crowd without the people around us knowing who we are, but we accept that we are not permanently anonymous. If, for example, a police officer has a reason to review CCTV footage of the area, or we go into a bar and look young enough that we are asked about our age, we may be asked to prove our identity. We would not expect to be able to take out a loan or mortgage without proving our identity. Different degrees of anonymity apply to different situations in the real world. Why should we not reveal on the internet as much of our identity as is appropriate to the situation?

In some ways, as well as a question of principle, this is a question of design, on the way in which permissions and information are required and set out for applications on the internet. It is up to the Government to support a debate about how a spectrum of identity and anonymity should be implemented. A key aim should be to increase the friction that cyber-criminals face when pursuing crime. I do not think anyone is arguing that putting in place identity requirements and appropriate measures to support identification will end cyber-crime or cyber-abuse, but it would increase the friction associated with the crime, and that would help to reduce it.

We should consider a number of areas to address that, some of which have already been raised by the hon. Member for Stroud and my hon. Friend the Member for Ellesmere Port and Neston. We should consider a requirement for companies to know their customers’ identities. Contrary to the Government’s position, requiring users to selectively share their identities with online platforms does not mean that users share their identities with the world at large. Platforms can still protect users’ anonymity on the public platform while having direct access to their identities in the event of harmful behaviour.

Justin Madders Portrait Justin Madders
- Hansard - -

We know that the business model of a lot of online tech giants is based on sharing and utilising user information commercially. Does that not show that there must be a way of getting enough information on individuals? The information does not need to be circulated, but that shows that it can be found.

Chi Onwurah Portrait Chi Onwurah
- Hansard - - - Excerpts

My hon. Friend makes an excellent point, and one that I was just about to make by citing the “know your customer” verification requirements in financial institutions, which are part of efforts to prevent money laundering, for example.

Financial institutions, although they have improved immensely in technology over the past few years, are nowhere near as knowledgeable as the great tech giants such as Facebook, Twitter and Google in scooping up and managing data, although they tell us that they manage the data in privacy-conscious ways. As my hon. Friend the Member for Ellesmere Port and Neston said, their business models are driven by access to data. There are real concerns about the consolidation and monopoly control of data, which are not within the remit of this debate, but, as he suggests, the idea that these organisations cannot obtain and protect effectively the identity of their users is clearly ridiculous.

Such checks would not even require platform companies to hold user identity data themselves. Instead, as in financial services, secure, expert identity verification services could allow users to share only aspects of their identity—the minimum required to access online platforms. Again, anonymity would be guaranteed relative to other users. The fact that my bank did a “know your customer” check would not mean that my bank data was suddenly accessible to other customers. I think we accept that principle. At the same time, identity would be available to relevant law enforcement authorities in the event of suspected wrongdoing. The very act of requiring a “know your customer” check would also deter malicious agents from using the cloak of anonymity and would therefore increase the friction in the system.

As a complement to those ideas, we could require platform companies to put up deterrents against abuse and harm, ensuring that customers know that their identity could be shared with law enforcement agencies in the event of wrongdoing. I know that the Minister’s online safety legislation, which is in development, will put a duty of care on the large platforms. Perhaps she will tell us why she does not feel a more proactive duty to prevent and deter harm and abuse would not be appropriate, as it would require platforms to know their customers.

It is important to recognise that people are always customers. Even if those who use Twitter and Facebook are not paying for the service, they are still customers and are effectively paying in an exchange of data, so I feel that the model of “know your customer” is particularly appropriate. We could also consider imposing appropriate forms of liability on companies in the event that they are unable to provide identity information where courts and law enforcement require it.

None of those policies would obstruct the privacy of whistleblowers, children expressing themselves or victims finding solace and solidarity online. None of them would require companies to identify customers on their platforms to other customers. Some of them would not even require companies to have the identity data themselves, allowing the possibility of secure identity solutions held outside of these companies. Some of them are likely to be practices that already happen, but voluntarily and not systematically.

The point is not to pursue one specific policy. The point is for the Government to have a consultation and a debate that sets out policies that achieve those objectives, with a robust set of sophisticated digital identity options that can be statutorily enforced. Inaction, which is the Government’s current default of delaying action in this area, is a choice that evades trade-offs, avoids actions and lets victims down, so I ask the Minister to use this moment to tackle online anonymity head-on. We must grasp this opportunity, and to do so we must answer three questions.

First, what is the right identity verification required to place on online platforms with user-generated content? Can we ensure that those cover what might be needed for effective action against illegal and, in some instances, harmful behaviour? How can those requirements on platform companies have impact, with the right mix of incentives and sanctions for companies?

Secondly, how can we ensure that those online platforms are best co-ordinated with law enforcement authorities, where needed? Should Ofcom’s oversight of platforms’ duty-of-care performance cover how effectively companies work with law enforcement authorities? I understand, for example, that Twitter charges law enforcement officials to provide information on the identity of its users. Will the Minister verify that?

Thirdly, what confidence do we have in the jurisdictional coverage of existing and potential identity verification requirements? Do those apply to the range of internationally headquartered and popular platforms, or are Facebook, YouTube, Instagram and Twitter able to evade coverage as a result of country-of-origin principles?

I hope that the Minister will answer those questions, as the right answers could materially improve our public sphere and address the examples of online harm and abuse that have been raised in this debate. Platforms would be able to verify users easily, law enforcement authorities could pursue justice appropriately, those hiding online abuse behind anonymity would be deterred and, most of all, users would navigate online platforms with far greater assurance of no abuse or extremism.

With that final point, I will close, because the pandemic has demonstrated that our lives are lived online to an extent never before seen. Even when we return to social contact—we all hope soon—as opposed to social distance, the internet, the web and social media platforms will continue to play a greater part in our lives. The hon. Member for Stroud set out the enormous increase in online activity that we have seen as a consequence of the pandemic. I want my constituents to be able to have trust and confidence online, and in those they meet and engage with online. I want them to feel secure in their online and digital lives, because without that they will be handicapped and prevented from engaging as full citizens in what is increasingly a digital world. I ask the Minister to ensure that that digital world is as safe for everyone as the real world is.