Upload
michael-owen
View
103
Download
0
Embed Size (px)
Citation preview
Internet and the Law w12003024
The Internet has effectively rendered privacy as a
thing of the past.
Critically analyse the above statement with
reference to relevant academic literature, cases and
statutes.
Page 1 of 14
Internet and the Law w12003024
Introduction
The Internet is a system that connects together many individual computer networks allowing
for the transfer of digital data. This is why it is referred to as the network of networks1. As the
Internet develops and expands, it becomes more and more a part of our everyday lives. This
has led to the increase of personal data being used and kept online to identify who we are. It
is arguable this has led to the decline of privacy.
Privacy does not have a definite meaning in English Law. It means different things to
different people all over the world. The most commonly coined phrase is that given by Judge
Cooley, as recognised in the case of Wainwright v Home Office, ‘the right to be left alone’2.
As the right to privacy is one that is enshrined in the European Convention on Human Rights3
(hereinafter ECHR), it is evident that it is worth protecting. Unfortunately, as supported by
the recent Snowden revelations, it appears that this may not be the case, and mass
surveillance under the guise of national security seems to be taking precedent.
This paper seeks to evidence that the Internet has rendered privacy as a thing of the past. It
will do this by focussing on how public bodies use the Internet on a day to day basis to
invade our privacy for reasons of national security. It will also briefly touch on how private
bodies do the same for advertising. In order to achieve this, the current laws on privacy in the
UK must first be understood.
1 Andrew Murray, Information Technology Law (OUP 2010) 162 Wainwright v Home Office [2003] UKHL 53, [2004] 2 AC 406, 4193 Convention for the Protection of Human Rights and Fundamental Freedoms (European Convention on Human Rights, as amended) (ECHR) Article 8
Page 2 of 14
Internet and the Law w12003024
Privacy Rights in the UK
In the UK, we have no overarching right to privacy4. However, as a member state of the
European Union, we do have a right to respect for private and family life under Article 8 of
the ECHR5. Although loosely referred to as a right to privacy, this right is not fundamental. It
is a qualified right and subject to the conditions laid out in Article 8(2)6. These provisions
provide circumstances where the state may justifiably interfere with an individual’s right,
such as in the interests of national security, public safety, and the prevention of disorder or
crime. As set out in the Handyside case, if a case concerning a breach of human rights
reaches the European Court of Human Rights in Strasbourg, a margin of appreciation will be
offered to member states when deciding whether an interference is justified7. In cases
concerning national security, public safety and the prevention of disorder or crime, the
margin of appreciation will be wide8. This offers more flexibility for member states in the
way they run their country.
The UK has incorporated the Articles set out in the ECHR into domestic law under section 2
of the Human Rights Act 1998 (hereinafter HRA). Section 6(1) of the HRA provides, ‘It is
unlawful for a public authority to act in a way which is incompatible with a convention
right’9. This provision makes it so that public authorities, such as the government, courts and
police, must comply with the Articles set out in the ECHR. In this sense, an individual can
bring a claim against a public authority for acting in a way incompatible with their Article 8
right, which offers them a sense of privacy. However, the HRA does not expressly offer
protection against private bodies. For instance, if a private company, such as the many social
networking sites on the Internet that use and bank our personal information, breaches our
Article 8 right, it can be much more difficult to enforce. It is still possible, but what is first
needed is a cause of action.
Traditionally, the primary method of protecting privacy in the UK is through the common
law equitable doctrine of breach of confidence10. Due to the requirement of establishing a
4 Wainwright v Home Office [2003] UKHL 53, [2004] 2 AC 4065 Convention for the Protection of Human Rights and Fundamental Freedoms (European Convention on Human Rights, as amended) (ECHR) Article 86 Ibid Article 8(2)7 Handyside v United Kingdom (1976) Series A no 248 Klass v Germany (1978) Series A no 289 Human Rights Act 1998, s 6(1)10 Coco v AN Clarke (Engineers) Ltd [1968] FSR 415 (Ch)
Page 3 of 14
Internet and the Law w12003024
relationship element11, breach of confidence was seen as a narrow method of protecting one’s
rights. Since the enactment of the HRA in 1998 however, there has been an emergence of
cases concerning privacy rights, and the law of breach of confidence has had a significant
development. This is what is now known as the new tort of misuse of private information12.
Misuse of private information is a two part test. The first part is to establish whether there
was a reasonable expectation of privacy or not13. This is a broad question of fact that takes
into account all the relevant circumstances of the case14. The second part is a balancing
exercise between the claimants Article 8 right and the defendants Article 10 right15.
It has now been judicially recognised that values and scope of Article 8 are worth protecting
and can apply in disputes between individuals and private bodies. Using misuse of private
information as a cause of action, an individual can take a private body to court. The court is
then under an obligation to work in a way compatible with convention rights. Therefore, a
court must hear your claim for breach of your Article 8 right by a private body. This is known
as the indirect horizontal effect16.
The development of breach of confidence shows that the court believes our right to privacy is
important and one that should be protected. From this, it is arguable now that the UK does
have some form of protection of privacy. However, this may not always be the case. The
Internet is proving a powerful tool to public and private bodies in the surveillance of the
population, as highlighted by Edward Snowden in 2013. Mass surveillance is one way in
which the Internet is extinguishing privacy.
11 Coco v AN Clarke (Engineers) Ltd [1968] FSR 415 (Ch) 41912 Campbell v MGN Ltd [2004] UKHL 22, [2004] 2 AC 457, 46413 Murray v Express Newspapers plc [2008] EWCA Civ 446, [2009] Ch 481, 50214 Ibid15 Axel Springer AG v Germany (2012) 55 EHRR 6, 20016 Ian Leigh, ‘Horizontal rights, the Human Rights Act and privacy: lessons from the Commonwealth?’ (1999) ICLQ 57, 75
Page 4 of 14
Internet and the Law w12003024
Privacy and Surveillance
As previously mentioned, the development of the Internet has led to more and more personal
information is being stored and logged online. This happens through the means of social
networking sites, online shopping, apps requesting location services and various other
avenues. According to a recent Ofcom report, Eighty-five per cent of households owned at
least one Internet-enabled device in 201217. It was also found that the average amount of time
Internet users spent online, just through a laptop or desktop, was 24.6 hours per month. This
was more than double the amount of time users spent online in January 200418. When we
spend this amount of time online, and store the vast amount of information that is required,
we leave ourselves open to attacks on our privacy. The form in which this happens most is
surveillance.
The main, most commonly used form of surveillance has been identified as data
surveillance19. Data surveillance involves the collection and retention of an individual’s
Internet and phone usage. This allows for the mapping of a person’s travel and interactions,
online and offline, which in turn reveals information about their personality20. That
information can allow for the tracking of their movements and regulating of their behaviour.
This can have a very real effect on a person’s behaviour. If they know they are being
watched, or possibly being watched, it inhibits what they would normally and openly do. We
lose the ability to interact anonymously, inhibiting our freedom of expression21.
An analogy can be draw from Jeremy Bentham’s panopticon. Bentham designed a prison
building with the ability to be manned by just one prison guard. The prison was a circular
building with a guard house positioned centrally, permitting one guard constant surveillance
of every inmates cell. The guard could see the inmates at all times, but the inmates could not
see the guard. Although the guard could not physically watch every inmate at once, the
inmates would never be sure whether they were being watched or not. This would dictate
their behaviour, as they would not want to risk punishment22. This can be seen in modern
society through the use of data surveillance. Though 200 years old, Bentham’s concept of the
17 Ofcom, ‘Communications market report 2012’ (Ofcom, 18 July 2012) 24018 Ibid 24519 Ian J Lloyd, Information Technology Law (7th edn, OUP 2014) 1120 Ibid 1221 Convention for the Protection of Human Rights and Fundamental Freedoms (European Convention on Human Rights, as amended) (ECHR) Article 1022 Kim Davies, ‘Panopticon’ in Mary Bosworth (eds), Encyclopedia of Prisons and Correctional Facilities, vol 2 (SAGE Publications 2005) 663-665
Page 5 of 14
Internet and the Law w12003024
panopticon is still being used to represent modern society and the Internet today since citizens
are under constant surveillance23. Cookies and web bugs allow public and private bodies to
find out every webpage a user visits, item they look at in the course of shopping, or web
search they enter into Google24. They can then use this electronic trace of user’s activities to
create data profiles25. Just like the panopticon, it changes the way we use the Internet as we
are in constant fear of being linked, categorised, and possibly punished, whether we are being
watched or not.
Privacy and Public Bodies
The data used to create these data profiles is termed communications data. Another type of
data is content data. Communications data is data on the origin, destination, route, and time
of any form of communication. This is also known as metadata. Content data is the content of
that communication. Communications data can be just as valuable as content data for the
reasons highlighted above. It allows for data profiles to be made and conclusions to be
drawn26. To avoid abuse of power, the interceptions of both these types of data are regulated
by the Regulation of Investigatory Powers Act 2000 (hereinafter RIPA). Part 1 of the Act is
split into two chapters. Chapter I covers the interception and obtaining of content data27.
Chapter II covers the acquisition and disclosure of communications data28. Section 1 of the
Act makes it an offence for any person, either connected with law enforcement or as a private
body, to intercept any communication in the course of its transmission by means of a private
telecommunication system29. An exception is given to law enforcement authorities, who must
seek a warrant to intercept30. The public bodies that can intercept and access data are set out
in section 2231, and the justifications for access are set out in section 22(2)32. Having strict
legislation on the interception of data is necessary to monitor and limit surveillance, stop
abuse of power, and in turn protect our right to privacy. However, as shown by the
whistleblower Edward Snowden’s leaks on America’s National Security Agency (hereinafter
23 Ibid 66524 Ian J Lloyd, Information Technology Law (7th edn, OUP 2014) 14825 Kim Davies, ‘Panopticon’ in Mary Bosworth (eds), Encyclopedia of Prisons and Correctional Facilities, vol 2 (SAGE Publications 2005) 66526 Rio Ferdinand v MGN Limited [2011] EWHC 2454 (QB)27 Regulation of Investigatory Powers Act 2000, ss 1 - 2028 Ibid ss 21 - 2529 Ibid s 130 Ibid ss 6 - 1131 Ibid s 2232 Ibid s 22(2)
Page 6 of 14
Internet and the Law w12003024
NSA) and the UK’s Government Communications Headquarters (hereinafter GCHQ)
activities, this may not always be the case.
The NSA is America’s intelligence agency, like GCHQ is the UK’s. In June 2013, Edward
Snowden, ex-contractor for the NSA, leaked information through The Guardian regarding a
program that the NSA used called PRISM. It allowed them to gain direct access to content
data held by Google, Facebook, Apple and other giant Internet related companies33.
Information regarding a second program was also released, that showed the NSA had been
granted a secret court order requiring US telecommunications companies to transmit user’s
communications data on a continuing basis34. The revelations revealed that GCHQ had been
supplied information from the PRISM program, and had its own operation codenamed
Tempora. This operation involved the tapping into transatlantic fibre-optic cables which carry
the world's Internet traffic and phone calls, allowing for the monitoring of the world’s
communications35. The revelations showed that NSA and GCHQ were conducting mass
surveillance on the world’s population without public knowledge. While the NSA, GCHQ
and political leaders maintained the mass surveillance was within the law, academics and
other relevant legal experts have challenged this. A study conducted by Sergio Carrera of the
Centre for European Policy Studies and Francesco Ragazi of Leiden University in light of the
revelations showed that mass Internet surveillance by the NSA and GCHQ violated human
rights36.
In the aftermath of the revelations, human rights organisation Liberty, amongst others,
initiated legal proceedings against GCHQ based on Snowden’s allegations37. Section 65
RIPA establishes that the Investigatory Powers Tribunal will handle all complaints by
citizens concerning communications interception38, and so was the location of the instant
hearing. Liberty’s argument came in two parts. First, that GCHQ had unlawfully been
supplied information obtained through the NSA’s PRISM program as they did not have a
33 Mirren Gidda, ‘Edward Snowden and the NSA files – timeline’, The Guardian (London, 21 August 2013)<http://www.theguardian.com/world/2013/jun/23/edward-snowden-nsa-files-timeline> accessed 21 April 201534 Ian J Lloyd, Information Technology Law (7th edn, OUP 2014) 835 Ewen MacAskill and others, ‘GCHQ taps fibre-optic cables for secret access to world's communications’, The Guardian (London, 21 June 2013) <http://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa> accessed 11 April 201536 Sergio Carrera and others, ‘National Programmes for Mass Surveillance of Personal Data in EU Member States and Their Compatibility with EU Law’, (Policy Department C: Citizens' Rights and Constitutional Affairs, 15 October 2013) part 4.137 Liberty v Government Communications Headquarters [2014] UKIPTrib 13 77-H, [2015] 1 Cr App R 24 38 Regulation of Investigatory Powers Act 2000, s 65
Page 7 of 14
Internet and the Law w12003024
warrant, and second, that GCHQ’s own, Tempora, was also illegal. They alleged that these
activities breached Article 8 and, through the panopticon concept highlighted above, Article
10. GCHQ argued that any interference was necessary in the interests of national security.
Before the tribunal, came two questions. The first was, are there publically known rules for
the interception of communications whose content is sufficiently indicated39. It was found
that prior to Snowden’s revelations, the surveillance may have been disproportionate, but
after, when the information was in the public domain, it became proportionate. The tribunal
was satisfied on this point as, although they were classified, arrangements implementing the
statutory framework sufficiently restricted the potential for abuse40. The second was, are these
rules subject to proper oversight41. The tribunal saw that the statutory bodies, in addition to
the tribunal itself, provided enough to satisfy this requirement, which ensured the legality of
the surveillance42. In principal, GCHQ’s actions were lawful. However, the tribunal’s
decision does not come without scrutiny.
The safeguards the Liberty case refers to are the Interception of communications
commissioner, the Intelligence and Security Committee and the Tribunal itself43. In coming to
its decision that GCHQ’s actions were lawful, it relied heavily on the fact that these
safeguards were adequate in protecting citizens ECHR rights. However, it can be argued that
this is not the case, and a scrutiny of their practice is necessary.
In the 2013 Annual Report of the Interception of Communications Commissioner, it was
found that the total number of authorisations and notices for communications data, excluding
urgent oral requests, was 514,60844. On the basis that there are 64 million people in the UK45,
this is a request to intercept communications data on roughly 1 in 125 people. It is arguable
that this is not proportionate, even in the interests of national security. The interference is on
too high a scale.
39 Liberty v Government Communications Headquarters [2014] UKIPTrib 13 77-H, [2015] 1 Cr App R 24, 335-33840 Ibid 335-33841 Ibid 335-33842 Ibid 335-33843 Ibid 31444 Interception of Communications Commissioner, 2013 Annual Report of the Interception of Communications Commissioner (HC 1184, 2014) para 4.1445 Office for National Statistics, ‘Population Estimates for UK, England and Wales, Scotland and Northern Ireland, Mid-2013’ (Office for National Statistics, 26 June 2014) <http://www.ons.gov.uk/ons/rel/pop-estimate/population-estimates-for-uk--england-and-wales--scotland-and-northern-ireland/2013/index.html> accessed 13 April 2015
Page 8 of 14
Internet and the Law w12003024
The Investigatory Powers Tribunal has been considered fundamentally flawed. Arguments
were put forward by leading academics as evidence for the recent Intelligence and Security
Committee report in 2015. The tribunal was criticised for upholding complaints on a tiny
majority of cases, being unable to practically make judgements on cases heard in secret,
rarely publishing its rulings, and not having a right of domestic appeal46. It is been considered
strange that such a secretive tribunal, which is a court in all but name, can make judgements
on such fundamental issues such as human rights47. It is argued that if the way in which
justice is carried out in regards to surveillance is fundamentally flawed, then our Article 8
right cannot be sufficiently enforced, and so is being infringed upon by the internet.
As mentioned above, Article 8 is not an absolute right. Article 2, the right to life, however, is.
It was found in the Intelligence and Security Committee’s investigation that, when deciding
whether an interference is necessary, GCHQ will use what is called the HRA triple test48.
This test involved the requirement that an interference be for a lawful purpose, necessary and
proportionate before being carried out. There are clearly circumstances in the age we live in
where an individual’s right to privacy may be incompatible with our collective right to
security, and one right must take precedence over the other. This test must be passed before
action can be taken which compromises an individual’s right to privacy49. It is the belief that,
although not safeguarded perfectly, interference is always necessary, no matter how intrusive.
Interference could have stopped terror attacks such as the recent Charlie Hebdo attacks in
Paris50. The ordinary citizen should have nothing to fear or hide, so surely interference, and
the absolute right Article 2, should take precedent.
46 Intelligence and Security Committee of Parliament, Privacy and Security: A modern and transparent legal framework (HC 1075, 12 March 2015) para 21447 Andrew Wheelhouse, ‘The Legality of Mass Surveillance Operations’ (Oxford Human Rights Hub Blog, 7 February 2015) <http://ohrh.law.ox.ac.uk/the-legality-of-mass-surveillance-operations/> accessed 13 April 201548 Intelligence and Security Committee of Parliament, Privacy and Security: A modern and transparent legal framework (HC 1075, 12 March 2015) para 23 - 2749 Ibid para 23 - 2750 Andrew Wheelhouse, ‘The Legality of Mass Surveillance Operations’ (Oxford Human Rights Hub Blog, 7 February 2015) <http://ohrh.law.ox.ac.uk/the-legality-of-mass-surveillance-operations/> accessed 13 April 2015
Page 9 of 14
Internet and the Law w12003024
Private surveillance
The Internet has not only led to the growth of public authorities using mass surveillance in
the interests of national security, it has also led to private companies using it for data
profiling and user-specific advertising. However, unlike public bodies, private bodies do not
have a duty under the HRA to uphold the right to privacy. Instead, what is necessary is pre-
existing legislation, or the action of misuse of private information51. With this tort, an
individual can enforce their Article 8 right against a private company.
One way private companies create data profiles of Internet users is using cookies. These may
be used to identify the fact that a particular user has accessed the site previously, and can be
used to customise the page according to previous activities. They may also be used to relieve
the user of the need to supply full details of name, address and financial information52.
Conversely, they can be used to create user-specific advertising and data profiles53. This
obviously has implications on privacy. With the increased use of the internet in day to day
life, the use of cookies in the UK has increased proportionately54. The EU recognised that
with the increased use of Internet and cookies, a risk to privacy was posed. Whereas old
cookie regulations required an ‘opt-out’ service55, which was often hidden in privacy policies,
the new 2011 require a much more prominent notice of the use of cookies, as well as an ‘opt-
in’ service56. This shows that the EU recognises privacy is at risk with increased Internet
usage. It shows that, in a commercial context, the development of the Internet walks hand in
hand with the development of the protection of privacy. However, even though the protection
of privacy is necessary, to some, the use of cookies is necessary. Facebook is a free-to-use
service for example. This means the only way it can make its money is through
advertisements. The reason its advertisements are so successful is through the use of cookies.
Cookies are necessary for the Internet to keep on developing, which in turn provides new
innovative services for us. Balancing this development and the right to privacy is one which
is difficult to achieve in this information society.
51 Mosley v United Kingdom (2011) 53 EHRR 3052 Ian J Lloyd, Information Technology Law (7th edn, OUP 2014) 15353 Andrew Murray, Information Technology Law (OUP 2010) 3854 Nicole Kobie, ‘Why the cookies law wasn't fully baked – and how to avoid being tracked online’ The Guardian (London, 19 March 2015) <http://www.theguardian.com/technology/2015/mar/19/cookies-how-to-avoid-being-tracked-online> accessed 15 April 201555 Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2003 SI 2003/242656 Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 SI 2011/1208
Page 10 of 14
Internet and the Law w12003024
Conclusion
The recent Snowden revelations have shown that the US and UK intelligence agencies, the
NSA and GCHQ, are conducting mass surveillance on the worlds Internet and
telecommunications traffic. Although the Investigatory Powers Tribunal, supported by the
2015 Intelligence and Security report, found GCHQ’s actions as ECHR compatible in the
Liberty case, there is an argument for bias. The actions do infringe on all citizens Article 8
rights as intercepting the worlds Internet traffic without a warrant cannot be justified as ‘in
the interests of national security’. It is too disproportionate.
However, we now live in an era were national security is under as great a threat from
terrorism as it has ever been. This can be illustrated by the recent Charlie Hebdo attacks in
Paris. Privacy is the price we must now pay for national security. People invent false care
about their privacy rights being infringed, yet complain at a much louder capacity when
national security fails. Ordinary citizens should not have anything to fear or hide, so should
not be concerned with their right to privacy being infringed, when their Article 2, right to life,
is at stake. If allowing GCHQ and the NSA to intercept our internet traffic, which prima facie
invades our privacy, is the price we must pay for national security, then the ordinary citizen
must believe this is one which is fair and proportionate.
Word Count: 3,227
Page 11 of 14
Internet and the Law w12003024
BIBLIOGRAPHY
Primary Sources
UK Primary Legislation
Human Rights Act 1998
Regulation of Investigatory Powers Act 2000
Cases from England and Wales
Campbell v MGN Ltd [2004] UKHL 22, [2004] 2 AC 457
Coco v AN Clarke (Engineers) Ltd [1968] FSR 415 (Ch)
Liberty v Government Communications Headquarters [2014] UKIPTrib 13 77-H, [2015] 1 Cr App R 24
Mosley v United Kingdom (2011) 53 EHRR 30
Murray v Express Newspapers plc [2008] EWCA Civ 446, [2009] Ch 481
Rio Ferdinand v MGN Limited [2011] EWHC 2454 (QB)
Wainwright v Home Office [2003] UKHL 53, [2004] 2 AC 406
European Union Legislation
Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2003 SI 2003/2426
Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 SI 2011/1208
European Court of Human Rights Legislation
Convention for the Protection of Human Rights and Fundamental Freedoms (European Convention on Human Rights, as amended) (ECHR)
European Court of Human Rights Cases
Axel Springer AG v Germany (2012) 55 EHRR 6
Handyside v United Kingdom (1976) Series A no 24
Klass v Germany (1978) Series A no 28
Page 12 of 14
Internet and the Law w12003024
Secondary Sources
Books
Davies K, ‘Panopticon’ in Bosworth M (eds), Encyclopedia of Prisons and Correctional Facilities, vol 2 (SAGE Publications 2005)
Lloyd I J, Information Technology Law (7th edn, OUP 2014)
Murray A, Information Technology Law (OUP 2010)
Articles
Leigh I, ‘Horizontal rights, the Human Rights Act and privacy: lessons from the Commonwealth?’ (1999) ICLQ 57
–– Mason S, ‘The Internet and Privacy: Some Considerations’ (2015) CTLR 68
Websites and Blogs
Kobie N, ‘Why the cookies law wasn't fully baked – and how to avoid being tracked online’ The Guardian (London, 19 March 2015) <http://www.theguardian.com/technology/2015/mar/19/cookies-how-to-avoid-being-tracked-online>
Office for National Statistics, ‘Population Estimates for UK, England and Wales, Scotland and Northern Ireland, Mid-2013’ (Office for National Statistics, 26 June 2014) <http://www.ons.gov.uk/ons/rel/pop-estimate/population-estimates-for-uk--england-and-wales--scotland-and-northern-ireland/2013/index.html>
Wheelhouse A, ‘The Legality of Mass Surveillance Operations’ (Oxford Human Rights Hub Blog, 7 February 2015) <http://ohrh.law.ox.ac.uk/the-legality-of-mass-surveillance-operations/>
Newspaper Articles
Gidda M, ‘Edward Snowden and the NSA files – timeline’, The Guardian (London, 21 August 2013)<http://www.theguardian.com/world/2013/jun/23/edward-snowden-nsa-files-timeline>
MacAskill E and others, ‘GCHQ taps fibre-optic cables for secret access to world's communications’, The Guardian (London, 21 June 2013) <http://www.theguardian.com/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa>
Page 13 of 14
Internet and the Law w12003024
Other Secondary Sources
Carrera S and others, ‘National Programmes for Mass Surveillance of Personal Data in EU Member States and Their Compatibility with EU Law’, (Policy Department C: Citizens' Rights and Constitutional Affairs, 15 October 2013)
Intelligence and Security Committee of Parliament, Privacy and Security: A modern and transparent legal framework (HC 1075, 12 March 2015)
Interception of Communications Commissioner, 2013 Annual Report of the Interception of Communications Commissioner (HC 1184, 2014)
Ofcom, ‘Communications market report 2012’ (Ofcom, 18 July 2012)
Page 14 of 14