Scooter startup Bird tried to silence a journalist. It did not go well.

Cory Doctorow doesn’t like censorship. He especially doesn’t like his own work being censored.

Anyone who knows Doctorow knows his popular tech and culture blog, Boing Boing, and anyone who reads Boing Boing knows Doctorow and his cohort of bloggers. The part-blogger, part special advisor at the online rights group Electronic Frontier Foundation has written for years on topics of technology, hacking, security research, online digital rights and censorship and its intersection with free speech and expression.

Yet, this week it looked like his own free speech and expression could have been under threat.

Doctorow revealed in a blog post on Friday that scooter startup Bird sent him a legal threat, accusing him of copyright infringement and that his blog post encourages “illegal conduct.”

In its letter to Doctorow, Bird demanded that he “immediately take[s] down this offensive blog.”

Doctorow declined, published the legal threat and fired back with a rebuttal letter from the EFF accusing the scooter startup of making “baseless legal threats” in an attempt to “suppress coverage that it dislikes.”

The whole debacle started after Doctorow wrote about how Bird’s many abandoned scooters can be easily converted into a “personal scooter” by swapping out its innards with a plug-and-play converter kit. Citing an initial write-up by Hackaday, these scooters can have “all recovery and payment components permanently disabled” using the converter kit, available for purchase from China on eBay for about $30.

In fact, Doctorow’s blog post was only two paragraphs long and, though didn’t link to the eBay listing directly, did cite the hacker who wrote about it in the first place — bringing interesting things to the masses in bite-size form in true Boing Boing fashion.

Bird didn’t like this much, and senior counsel Linda Kwak sent the letter — which the EFF published today — claiming that Doctorow’s blog post was “promoting the sale/use of an illegal product that is solely designed to circumvent the copyright protections of Bird’s proprietary technology, as described in greater detail below, as well as promoting illegal activity in general by encouraging the vandalism and misappropriation of Bird property.” The letter also falsely stated that Doctorow’s blog post “provides links to a website where such Infringing Product may be purchased,” given that the post at no point links to the purchasable eBay converter kit.

EFF senior attorney Kit Walsh fired back. “Our client has no obligation to, and will not, comply with your request to remove the article,” she wrote. “Bird may not be pleased that the technology exists to modify the scooters that it deploys, but it should not make baseless legal threats to silence reporting on that technology.”

The three-page rebuttal says Bird used incorrectly cited legal statutes to substantiate its demands for Boing Boing to pull down the blog post. The letter added that unplugging and discarding a motherboard containing unwanted code within the scooter isn’t an act of circumventing as it doesn’t bypass or modify Bird’s code — which copyright law says is illegal.

As Doctorow himself put it in his blog post Friday: “If motherboard swaps were circumvention, then selling someone a screwdriver could be an offense punishable by a five year prison sentence and a $500,000 fine.”

In an email to TechCrunch, Doctorow said that legal threats “are no fun.”

AUSTIN, TX – MARCH 10: Journalist Cory Doctorow speaks onstage at “Snowden 2.0: A Field Report from the NSA Archives” during the 2014 SXSW Music, Film + Interactive Festival at Austin Convention Center on March 10, 2014 in Austin, Texas. (Photo by Travis P Ball/Getty Images for SXSW)

“We’re a small, shoestring operation, and even though this particular threat is one that we have very deep expertise on, it’s still chilling when a company with millions in the bank sends a threat — even a bogus one like this — to you,” he said.

The EFF’s response also said that Doctorow’s freedom of speech “does not in fact impinge on any of Bird’s rights,” adding that Bird should not send takedown notices to journalists using “meritless legal claims,” the letter said.

“So, in a sense, it doesn’t matter whether Bird is right or wrong when it claims that it’s illegal to convert a Bird scooter to a personal scooter,” said Walsh in a separate blog post. “Either way, Boing Boing was free to report on it,” she added.

What’s bizarre is why Bird targeted Doctorow and, apparently, nobody else — so far.

TechCrunch reached out to several people who wrote about and were involved with blog posts and write-ups about the Bird converter kit. Of those who responded, all said they had not received a legal demand from Bird.

We asked Bird why it sent the letter, and if this was a one-off letter or if Bird had sent similar legal demands to others. When reached, a Bird spokesperson did not comment on the record.

Two hours after we published this story, Bird spokesperson Rebecca Hahn said the company supports freedom of speech, adding: “In the quest for curbing illegal activities related to our vehicles, our legal team overstretched and sent a takedown request related to the issue to a member of the media. This was our mistake and we apologize to Cory Doctorow.”

All too often, companies send legal threats and demands to try to silence work or findings that they find critical, often using misinterpreted, incorrect or vague legal statutes to get things pulled from the internet. Some companies have been more successful than others, despite an increase in awareness and bug bounties, and a general willingness to fix security issues before they inevitably become public.

Now Bird becomes the latest in a long list of companies that have threatened reporters or security researchers, alongside companies like drone maker DJI, which in 2017 threatened a security researcher trying to report a bug in good faith, and spam operator River City, which sued a security researcher who found the spammer’s exposed servers and a reporter who wrote about it. Most recently, password manager maker Keeper sued a security reporter claiming allegedly defamatory remarks over a security flaw in one of its products. The case was eventually dropped, but not before more than 50 experts, advocates and journalist (including this reporter) signed onto a letter calling for companies to stop using legal threats to stifle and silence security researchers.

That effort resulted in several companies — notably Dropbox and Tesla — to double down on their protection of security researchers by changing their vulnerability disclosure rules to promise that the companies will not seek to prosecute hackers acting in good-faith.

But some companies have bucked that trend and have taken a more hostile, aggressive — and regressive — approach to security researchers and reporters.

“Bird Scooters and other dockless transport are hugely controversial right now, thanks in large part to a ‘move-fast, break-things’ approach to regulation, and it’s not surprising that they would want to control the debate,” said Doctorow.

“But to my mind, this kind of bullying speaks volumes about the overall character of the company,” he said.

How to browse the web securely and privately

Getty Images

So you want to browse the web securely and privately? Here’s a hard truth: it’s almost impossible.

It’s not just your internet provider that knows which sites you visit, it’s also the government — and other governments! And when it’s not them, it’s social media sites, ad networks or apps tracking you across the web to serve you specific and targeted ads. Your web browsing history can be highly personal. It can reveal your health concerns, your political beliefs and even your porn habits — you name it. Why should anyone other than you know those things?

Any time you visit a website, you leave a trail of data behind you. You can’t stop it all — that’s just how the internet works. But there are plenty of things that you can do to reduce your footprint.

Here are a few tips to cover most of your bases.

A VPN can help hide your identity, but doesn’t make you anonymous

You might have heard that a VPN — or a virtual private network — might keep your internet traffic safe from snoopers. Well, not really.

A VPN lets you create a dedicated tunnel that all of your internet traffic flows through — usually a VPN server — allowing you to hide your internet traffic from your internet provider. That’s good if you’re in a country where censorship or surveillance is rife or trying to avoid location-based blocking. But otherwise, you’re just sending all of your internet traffic to a VPN provider instead. Essentially, you have to choose who you trust more: your VPN provider or your internet provider. The problem is, most free VPN providers make their money by selling your data or serving you ads — and some are just downright shady. Even if you use a premium VPN provider for privacy, they can connect your payment information to your internet traffic, and many VPN providers don’t even bother to encrypt your data.

Some VPN providers are better than others: tried, tested — and trusted — by security professionals.

Services like WireGuard are highly recommended, and are available on a variety of devices and systems — including iPhones and iPads. We recently profiled the Guardian Mobile Firewall, a smart firewall-type app for your iPhone that securely tunnels your data anonymously so that even its creators don’t know who you are. The app also prevents apps on your phone from tracking you and accessing your data, like your contacts or your geolocation.

As TechCrunch’s Romain Dillet explains, the best VPN providers are the ones that you control yourself. You can create your own Algo VPN server in just a few minutes. Algo is created by Trial of Bits, a highly trusted and respected security company in New York. The source code is available on GitHub, making it far more difficult to covertly insert backdoors into the code.

With your own Algo VPN setup, you control the connection, the server, and your data.

You’ll need a secure DNS

What does it mean that “your internet provider knows what sites you visit,” anyway?

Behind the scenes on the internet, DNS — or Domain Name System — converts web addresses into computer-readable IP addresses. Most devices automatically use the resolver that’s set by the network you’re connected to — usually your internet provider. That means your internet provider knows what websites you’re visiting. And recently, Congress passed a law allowing your internet provider to sell your browsing history to advertisers.

You need a secure and private DNS provider. Many use publicly available services — like OpenDNS or Google’s Public DNS. They’re easy to set up — usually on your computer or device, or on your home router.

One recommended offering is Cloudflare’s secure DNS, which it calls 1.1.1.1. Cloudflare encrypts your traffic, won’t use your data to serve ads, and doesn’t store your IP address for any longer than 24 hours. You can get started here, and you can even download Cloudflare’s 1.1.1.1 app from Apple’s App Store and Google Play.

HTTPS is your friend

One of the best things for personal internet security is HTTPS.

HTTPS secures your connection from your phone or your computer all the way to the site you’re visiting. Most major websites are HTTPS-enabled, and appear as such with a green padlock in the address bar. HTTPS makes it almost impossible for someone to spy on your internet traffic intercept and steal your data in transit.

Every time your browser lights up in green or flashes a padlock, HTTPS encrypts the connection between your computer and the website. Even when you’re on a public Wi-Fi network, an HTTPS-enabled website will protect you from snoopers on the same network.

Every day, the web becomes more secure, but there’s a way to go. Some websites are HTTPS ready but don’t have it enabled by default. That means you’re loading an unencrypted HTTP page when you could be accessing a fully HTTPS page.

That’s where one browser extension, HTTPS Everywhere, comes into play. This extension automatically forces websites to load HTTPS by default. It’s a lightweight, handy tool that you’ll forget is even there.

Reconsider your web plug-ins

Remember Flash? How about Java? You probably haven’t seen much of them recently, because the web has evolved to render them obsolete. Both Flash and Java, two once-popular web plug-ins, let you view interactive content in your web browser. But nowadays, most of that has been replaced by HTML5, a technology native to your web browser.

Flash and Java were long derided for their perpetual state of insecurity. They were full of bugs and vulnerabilities that plagued the internet for years — so much so that web browsers started to pull the plug on Java back in 2015, with Flash set to sunset in 2020. Good riddance!

If you don’t use them — and most people don’t anymore — you should remove them. Just having them installed can put you at risk of attack. It takes just a minute to uninstall Flash on Windows and Mac, and to uninstall Java on Windows and Mac.

Most browsers — like Firefox and Chrome — let you run other add-ons or extensions to improve your web experience. Like apps on your phone, they often require certain access to your browser, your data or even your computer. Although browser extensions are usually vetted and checked to prevent malicious use, sometimes bad extensions slip through the net. Sometimes, extensions that were once fine are automatically updated to contain malicious code or secretly mine cryptocurrency in the background.

There’s no simple rule to what’s a good extension and what isn’t. Use your judgment. Make sure each extension you install doesn’t ask for more access than you think it needs. And make sure you uninstall or remove any extension that you no longer use.

These plug-ins and extensions can protect you

There are some extensions that are worth their weight in gold. You should consider:

  • An ad-blocker: Ad-blockers are great for blocking ads — as the name suggests — but also the privacy invasive code that can track you across sites. uBlock is a popular, open source efficient blocker that doesn’t consume as much memory as AdBlock and others. Many ad-blockers now permit “acceptable ads” that allow publishers to still make money but aren’t memory hogs or intrusive — like the ones that take over your screen. Ad-blockers also make websites load much faster.
  • A cross-site tracker blocker: Privacy Badger is a great tool that blocks tiny “pixel”-sized trackers that are hidden on web pages but track you from site to site, learning more about you to serve you ads. To advertisers and trackers, it’s as if you vanish. Ghostery is another example of an advanced-level anti-tracker that aims to protect the user by default from hidden trackers.

And you could also consider switching to more privacy-minded search engines, like DuckDuckGo, a popular search engine that promises to never store your personal information and doesn’t track you to serve ads.

Use Tor if you want a better shot at anonymity

But if you’re on the quest for anonymity, you’ll want Tor.

Tor, known as the anonymity network is a protocol that bounces your internet traffic through a series of random relay servers dotted across the world that scrambles your data and covers your tracks. You can configure it on most devices and routers. Most people who use Tor will simply use the Tor Browser, a preconfigured and locked-down version of Firefox that’s good to go from the start — whether it’s a regular website, or an .onion site — a special top-level domain used exclusively for websites accessible only over Tor.

Tor makes it near-impossible for anyone to snoop on your web traffic, know which site you’re visiting, or that you are the person accessing the site. Activists and journalists often use Tor to circumvent censorship and surveillance.

But Tor isn’t a silver bullet. Although the browser is the most common way to access Tor, it also — somewhat ironically — exposes users to the greatest risk. Although the Tor protocol is largely secure, most of the bugs and issues will be in the browser. The FBI has been known to use hacking tools to exploit vulnerabilities in the browser in an effort to unmask criminals who use Tor. That puts the many ordinary, privacy-minded people who use Tor at risk, too.

It’s important to keep the Tor browser up to date and to adhere to its warnings. The Tor Project, which maintains the technology, has a list of suggestions — including changing your browsing behavior — to ensure you’re as protected as you can be. That includes not using web plug-ins, not downloading documents and files through Tor, and keeping an eye out for in-app warnings that advise you on the best action.

Just don’t expect Tor to be fast. It’s not good for streaming video or accessing bandwidth-hungry sites. For that, a VPN would probably be better.

Check out our full Cybersecurity 101 guides here.

Food delivery startup Swiggy raises $1 billion more from Naspers, Tencent and others

Naspers, the South African investment giant, is back at it again in India! Days after backing educational startup Byju’s by leading a $540 million investment, it has led a $1 billion investment in food delivery company Swiggy.

The new round sees Chinese internet and Naspers ally Tencent join the party, alongside fellow new investors Hillhouse Capital and Wellington Management Company. Existing backers returning to take part in this round include DST Global, Meituan Dianping and Coatue Management.

The deal is the largest investment in a food delivery company outside of China, and it means Swiggy is one of the few in the billion-dollar-round club. Others include Flipkart, which is now owned by Walmart, fintech startup Paytm, and OYO, which raised $1 billion from SoftBank’s Vision Fund, Southeast Asia’s Grab and others in September.

Swiggy was founded in 2014 and it claims to work with 50,000 restaurants in more than 50 cities in India. That’s up from 35,000 restaurants six months ago and the company claims it has doubled its GMV over that same period, although — like most private companies — it didn’t divulge specific data. Swiggy’s major geographical expansion saw it move into 42 cities in tier-two and tier-three India.

The company said in a statement that it plans to use the capital for hiring machine learning and engineering talent, and further its AI technology to improve matching and discovery inside its service.

Swiggy’s closest competitors include fellow unicorn Zomato, Ola-owned FoodPanda as well as Uber Eats, which came to India around 18 months ago.

The deal is a real triple down on India and Swiggy from Naspers, which has just seen the valuation of Byju’s soar to some $3.7 billion up from under $1 billion last year and first backed Swiggy in February before going back for more in June.

You’d imagine that the Naspers link is also a major factor behind Tencent’s arrival. The South African firm is (famously) an early investor in Tencent and, despite a well-reported share sale this year, it still maintains around 33 percent ownership in the internet firm — that’s worth around $120 billion as of today’s share price.

The deal takes Swiggy to $1.26 billion raised to date. That most recent June-round was $210 million at a $1.3 billion valuation. Swiggy isn’t disclosing a new valuation but Economic Times reports it as $3.3 billion.

Snapchat now has cat lenses. (Yes, for your cat.)

It’s 8:00 PM on Friday night and you’re home alone and already drunk. Oh, is that just me? Well no matter. Snapchat has made lenses for your cat now. Yes, that’s right. Your cat! This is what the internet is made for, friends. Not all that fake news and trolling. Not having to read tweets where people use words like “woke” unironically. Cat lenses! 

So technically, I guess, Snapchat added the ability to recognize things in your photos last November, like food, sports, and even pets, then suggest appropriate filters – like a sticker that says “IT’S A PAWTY” above a photo of a dog.

But now you can put a set of matching glasses on yourself and your cat.

Or give you and your cat rainbow unicorn horns.

Or give Mr. Fluffypants some big ol’ googley eyes.

Or put a piece of toast over his face, which makes him look even less amused than usual.

What the actual f***

You can even give you and kitty big, fat lips as you kissy face the camera.

You can be the angel, while the cat gets devil horns and wings, as is – of course, appropriate.

I mean, this may or may not solve Snap’s long list of problems, like its rushed redesign, the mess that’s Snapchat Discover, its inability to attract adult users, falling share price, and ooooh, all that money it’s bleeding. ($353M last quarter!)

And that Saudi money, don’t forget that! (No, seriously, don’t.)

But I mean, c’mon. C’MON. 

Internet, we deserve this.

This is what 2018 needs.

Cat lenses.

Cat lenses to make everything better.

Cat lenses, and this here drink.

The Internet Bill of Rights is just one piece of our moral obligations

Congressman Ro Khanna’s proposed Internet Bill of Rights pushes individual rights on the Internet forward in a positive manner. It provides guidelines for critical elements where the United States’ and the world’s current legislation is lacking, and it packages it in a way that speaks to all parties. The devil, as always, is in the details—and Congressman Khanna’s Internet Bill of Rights still leaves quite a bit to subjective interpretation.

But what should not be neglected is that we as individuals have not just rights but also moral obligations to this public good—the Internet. The web positively impacts our lives in a meaningful fashion, and we have a collective responsibility to nurture and keep it that way.

Speaking to the specific rights listed in the Bill, we can likely all agree that citizens should have control over information collected about them, and that we should not be discriminated against based on that personal data. We probably all concur that Internet Service Providers should not be permitted to block, throttle, or engage in paid prioritization that would negatively impact our ability to access the world’s information. And I’m sure we all want access to numerous affordable internet providers with clear and transparent pricing.

These are all elements included in Congressman Khanna’s proposal; all things that I wholeheartedly support.

As we’ve seen of late with Facebook, Google, and other large corporations, there is an absolute need to bring proper legislation into the digital age. Technological advancements have progressed far faster than regulatory changes, and drastic improvements are needed to protect users.

What we must understand, however, is that corporations, governments, and individuals all rely on the same Internet to prosper. Each group should have its own set of rights as well as responsibilities. And it’s those responsibilities that need more focus.

Take, for example, littering. There may be regulations in place that prevent people from discarding their trash by the side of the road. But regardless of these laws, there’s also a moral obligation we have to protect our environment and the world in which we live. For the most part, people abide by these obligations because it’s the right thing to do and because of social pressure to keep the place they live beautiful—not because they have a fear of being fined for littering.

We should approach the protection of the Internet in the same way.

We should hold individuals, corporations, and governments to a higher standard and delineate their responsibilities to the Internet. All three groups should accept and fulfill those responsibilities, not because we create laws and fines, but because it is in their best interests.

For individuals, the Internet has given them powers beyond their wildest dreams and it continues to connect us in amazing ways. For corporations, it has granted access to massively lucrative markets far and wide that would never have been accessible before. For governments, it has allowed them to provide better services to their citizens and has created never before seen levels of tax revenue from the creation of businesses both between and outside their physical borders.

Everyone — and I mean everyone — has gained (and will continue to gain) from protecting an open Internet, and we as a society need to recognize that and start imposing strong pressure against those who do not live up to their responsibilities.

We as people of the world should feel tremendously grateful to all the parties that contributed to the Internet we have today. If a short-sighted government decides it wants to restrict the Internet within its physical borders, this should not be permitted. It will not only hurt us, but it will hurt that very government by decreasing international trade and thus tax revenue, as well as decreasing the trust that the citizens of that country place in their government. Governments often act against their long-term interests in pursuit of short-term thinking, thus we have 2 billion people living in places with heavy restrictions on access to online information.

When an Internet Service Provider seeks full control over what content it provides over its part of the Internet, this, again, should not be allowed. It will, in the end, hurt that very Internet Service Provider’s revenue; a weaker, less diverse Internet will inevitably create less demand for the very service they are providing along with a loss of trust and loyalty from their customers.

Without the Internet, our world would come grinding to a halt. Any limitations on the open Internet will simply slow our progress and prosperity as a human race. And, poignantly, the perpetrators of those limitations stand to lose just as much as any of us.

We have a moral responsibility, then, to ensure the Internet remains aligned with its original purpose. Sure, none of us could have predicted the vast impact the World Wide Web would have back in 1989—probably not even Sir Tim Berners-Lee himself—but in a nutshell, it exists to connect people, WHEREVER they may be, to a wealth of online information, to other people, and to empower individuals to make their lives better.

This is only possible with an open and free Internet.

Over the next five years, billions of devices—such as our garage door openers, refrigerators, thermostats, and mattresses—will be connected to the web via the Internet of Things. Further, five billion users living in developing markets will join the Internet for the first time, moving from feature phones to smartphones. These two major shifts will create incredible opportunities for good, but also for exploiting our data—making us increasingly vulnerable as Internet users.

Now is the time to adequately provide Americans and people around the world with basic online protections, and it is encouraging to see people like Congressman Khanna advancing the conversation. We can only hope this Internet Bill of Rights remains bipartisan and real change occurs.

Regardless of the outcome, we must not neglect our moral obligations—whether individual Internet users, large corporations, or governments. We all shoulder a responsibility to maintain an open Internet. After all, it is perhaps the most significant and impactful creation in modern society.

E-commerce drives Southeast Asia’s Sea to record revenue but big losses remain

Sea, one of Southeast Asia’s largest internet companies, continues to see losses although its growing e-commerce business helped it hit record revenue.

The Tencent-backed company went public back in October when it raised around $1 billion through an NYSE listing. Its latest earnings released today show revenue broke $200 million for the first time ($219.6 million) but losses continue to pile up. Revenue was up 71 percent year-on-year to hit the record figure but Sea’s losses continue to stack up. The company lost $250.8 million in Q2, up significantly from a $92.1 million loss one year previous and $216.2 million negative in the previous quarter.

Sea’s main business, its Garena gaming unit, grew 19 percent to reach $116.9 million in revenue, but the firm is placing a lot of emphasis on its Shopee e-commerce service — which is the benefactor of a recent $500 million capital raise — and its growth continues to be promising.

Shopee GMV, the total value of all goods sold on the service, grew 171 percent to $2.2 billion. That doesn’t include take-home revenue, but for the first time that figure has been broken: Shopee grossed $58.8 million in sales. That figure is up over 2,000 percent annually, but Sea has only just begun to monetize the service which is reflected in the huge rise.

For now, a lot of that revenue looks to be based on aggressive user acquisition as Shopee battles with rivals that include Lazada, the e-commerce service owned by Alibaba that has a large budget to work with.

Sea’s cost of marketing across all services — Shopee, Garena and its AirPay service — jumped 131 percent year-on-year to reach $175.2 million in Q2. But, it pointed out that sales and marketing as a percentage of GMV shrunk to 6.2 percent from 6.8 percent and 6.6 percent in the previous two quarters.

“Shopee continued to expand rapidly across all markets, strengthening its leadership in the region. Our monetization strategy for Shopee is delivering ahead of expectations, even at this early stage,” said Sea CEO Forrest Li in a statement.

WhatsApp limits message forwarding in bid to reduce spam and misinformation

In a bid to cut down on the spread of false information and spam, WhatsApp recently added labels that indicate when a message has been forwarded. Now the company is sharpening that strategy by imposing limits on how many groups a message can be sent on to.

Originally, users could forward messages on to multiple groups, but a new trial will see that forwarding limited to 20 groups worldwide. In India, however, which is WhatsApp’s largest market with 200 million users, the limit will be just five. In addition, a ‘quick forward’ option that allowed users to pass on images and videos to others rapidly is being removed from India.

“We believe that these changes — which we’ll continue to evaluate — will help keep WhatsApp the way it was designed to be: a private messaging app,” the company said in a blog post.

The changes are designed to help reduce the amount of information that goes viral on the service, although clearly this isn’t a move that will end the problem altogether.

The change is in direct response to a series of incidents in India. The BBC recently wrote about an incident which saw one man dead and two others severely beaten after rumors of their efforts to abduct children from a village spread on WhatsApp. Reportedly 17 other people have been killed in the past year under similar circumstances, with police saying false rumors had spread via WhatsApp.

In response, WhatsApp — which is of course owned by Facebook has bought full-page newspaper ads to warn about false information on its service.

Beyond concern about firing up vigilantes, the saga may also spill into India’s upcoming national general election next year. Times Internet today reports that Facebook and WhatsApp plan to introduce a fake news verification system that it used recently in Mexico to help combat spam messages and the spreading of incorrect news and information. The paper said that the companies have already held talks with India’s Election Commission.

Europe takes another step towards copyright pre-filters for user generated content

In a key vote this morning the European Parliament’s legal affairs committee has backed the two most controversial elements of a digital copyright reform package — which critics warn could have a chilling effect on Internet norms like memes and also damage freedom of expression online.

In the draft copyright directive, Article 11; “Protection of press publications concerning online uses” — which targets news aggregator business models by setting out a neighboring right for snippets of journalistic content that requires a license from the publisher to use this type of content (aka ‘the link tax’, as critics dub it) — was adopted by a 13:12 majority of the legal committee.

While, Article 13; “Use of protected content by online content sharing service providers”, which makes platforms directly liable for copyright infringements by their users — thereby pushing them towards creating filters that monitor all content uploads with all the associated potential chilling affects (aka ‘censorship machines’) — was adopted by a 15:10 majority.

MEPs critical of the proposals have vowed to continue to oppose the measures, and the EU parliament will eventually need to vote as a whole.

EU Member State representatives in the EU Council will also need to vote on the reforms before the directive can become law. Though, as it stands, a majority of European governments appear to back the proposals.

European digital rights group EDRi, a long-standing critic of Article 13, has a breakdown of the next steps for the copyright directive here.

Derailing the proposals now essentially rests on whether enough MEPs can be convinced its politically expedient to do so — factoring in a timeline that includes the next EU parliament elections, in May 2019.

Last week, a coalition of original Internet architects, computer scientists, academics and supporters — including Sir Tim Berners-Lee, Vint Cerf, Bruce Schneier, Jimmy Wales and Mitch Kapor — penned an open letter to the European Parliament’s president to oppose Article 13, warning that while “well-intended” the requirement that Internet platforms perform automatic filtering of all content uploaded by users “takes an unprecedented step towards the transformation of the Internet from an open platform for sharing and innovation, into a tool for the automated surveillance and control of its users”.

“As creators ourselves, we share the concern that there should be a fair distribution of revenues from the online use of copyright works, that benefits creators, publishers, and platforms alike. But Article 13 is not the right way to achieve this,” they write in the letter.

“By inverting this liability model and essentially making platforms directly responsible for ensuring the legality of content in the first instance, the business models and investments of platforms large and small will be impacted. The damage that this may do to the free and open Internet as we know it is hard to predict, but in our opinions could be substantial.”

The Wikimedia Foundational also blogged separately, setting out some specific concerns about the impact that mandatory upload filters could have on Wikipedia.

“[A]ny sort of law which mandates the deployment of automatic filters to screen all uploaded content using AI or related technologies does not leave room for the types of community processes which have been so effective on the Wikimedia projects,” it warned last week. “As previously mentioned, upload filters as they exist today view content through a broad lens, that can miss a lot of the nuances which are crucial for the review of content and assessments of legality or veracity.”

More generally critics warn that expressive and creative remix formats like memes and GIFs — which have come to form an integral part of the rich communication currency of the Internet — will be at risk if the proposals become law…

Regarding Article 11, Europe already has experience experimenting with a neighboring right for news, after an ancillary copyright law was enacted in Germany in 2013. But local publishers ended up offering Google free consent to display their snippets after they saw traffic fall substantially when Google stopped showing their content rather than pay for using them.

Spain also enacted a similar law for publishers in 2014, but its implementation required publishers to charge for using their snippets — leading Google to permanently close its news aggregation service in the country.

Critics of this component of the digital copyright reform package also warn it’s unclear what kinds of news content will constitute a snippet, and thus fall under the proposal — even suggesting a URL including the headline of an article could fall foul of the copyright extension; ergo that the hyperlink itself could be in danger.

They also argue that an amendment giving Member States the flexibility to decide whether or not a snippet should be considered “insubstantial” (and thus freely shared) or not, does not clear up problems — saying it just risks causing fresh fragmentation across the bloc, at a time when the Commission is keenly pushing a so-called ‘Digital Single Market’ strategy.

“Instead of one Europe-wide law, we’d have 28,” warns Reda on that. “With the most extreme becoming the de-facto standard: To avoid being sued, international internet platforms would be motivated to comply with the strictest version implemented by any member state.”

Returning to Article 13, the EU’s executive, the Commission — the body responsible for drafting the copyright reforms — has also been pushing online platforms towards pre-filtering content as a mechanism for combating terrorist content, setting out a “one hour rule” for takedowns of this type of content earlier this year, for example.

But again critics of the copyright reforms argue it’s outrageously disproportionate to seek to apply the same measures that are being applied to try to clamp down on terrorist propaganda and serious criminal offenses like child exploitation to police copyright.

“For copyrighted content these automated tools simply undermine copyright exceptions. And they are not proportionate,” Reda told us last year. “We are not talking about violent crimes here in the way that terrorism or child abuse are. We’re talking about something that is a really widespread phenomenon and that’s dealt with by providing attractive legal offers to people. And not by treating them as criminals.”

In a statement reacting to the committee vote today, Monique Goyens, director general of European consumer rights group BEUC, warned: “The internet as we know it will change when platforms will need to systematically filter content that users want to upload. The internet will change from a place where consumers can enjoy sharing creations and ideas to an environment that is restricted and controlled. Fair remuneration for creators is important, but consumers should not be at the losing end.”

Goyens blamed the “pressure of the copyright industry” for scuppering “even modest attempts to modernise copyright law”.

“Today’s rules are outdated and patchy. It is high time that copyright laws take into account that consumers share and create videos, music and photos on a daily basis. The majority of MEPs failed to find a solution that would have benefitted consumers and creators,” she added.