cypherpunks-legacy
Threads by month
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
July 2018
- 1371 participants
- 9656 discussions
============================================================
EDRI-gram
biweekly newsletter about digital civil rights in Europe
Number 5.21, 7 November 2007
============================================================
Contents
============================================================
1. EDRI supports PI's comments on Google-Doubleclick merger
2. EU pushes for an international Anti-Counterfeiting Trade Agreement
3. EC plans to profile all passengers in and out EU
4. Putin wants control of Russian Internet
5. Whois privacy problems not solved by ICANN
6. Government attempts of increased level of surveillance in Czech Republic
7. Open Document Format gains more support
8. Recommended Action
9. Recommended Reading
10. Agenda
11. About
============================================================
1. EDRI supports PI's comments on Google-Doubleclick merger
============================================================
European Digital Rights Initiative (EDRI) is supporting the letter Privacy
International (PI) sent on 5 November 2007 asking the head of the European
Commission DG Competition, Commissioner Kroes, to take the merger of
Google-Doubleclick to the next phase. PI argues that the merger could have
serious implications for privacy innovation in advertising.
The letter explains the problems that the merger could bring to the online
advertising market: "Google's purchase of Doubleclick is particularly
worrying because it is a significant consolidation in this domain and we
worry that this very competition to provide high-quality privacy practices
will dissipate. Google's dominant position in the search marketplace will be
compounded by Doubleclick's dominant position in online profiling, leading
to a potentially abusive situation for the protection of privacy. If the
merger is approved, then Google's dominant service will transform radically
from one with a search advertising function into one that collects both
searches and browsing habits of users. "
PI showed how the decision could influence privacy of the Internet users if
the merger is approved :
"Privacy innovation could suffer under the merger as the two largest online
databases come together. Other companies will have to compete against this
massive entity and we worry it will lead to a race to the bottom for privacy
protection. (...) Little is actually known about how all these companies
protect their customers' data, even though they must do so in accordance
with European privacy laws. (...)We know little about how firms make use of
this data.
Google promises that it does not yet create online user profiles, but it is
purchasing a firm that is renowned for the depth and extent of its online
user profiles. We need strong and enforceable assurances that profiles will
not be developed and enhanced through this merger."
BEUC, the Consumer's Organization, as well as the Data Protection
Commissioner of the German state of Shleswig-Holstein, Thilo Weichert, have
publicly opposed the Google-Doubleclick deal. However, Commissioner Kroes
announced on 15 October: "We are looking at the influence on competition
and that's it." The new deadline for the enquiry has been set for 13
November 2007.
PI Comments on Google-Doubleclick Merger to the European Commission
(5.11.2007)
http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-558328
EU review of Google bid won't cover privacy issue (15.10.2007)
http://business.guardian.co.uk/story/0,,2191128,00.html
BEUC expresses concern over DoubleClick acquisition by Google (18.07.2007)
http://www.edri.org/edrigram/number5.14/beuc-doubleclick-google
============================================================
2. EU pushes for an international Anti-Counterfeiting Trade Agreement
============================================================
A recent statement from the European Commission reveals that it has started
negotiations with US, Japan, Korea, Mexico and New Zealand to create an
international treaty on counterfeiting - Anti Counterfeiting Trade Agreement
(ACTA), despite the absence of any independent data on the topic.
The European Commission is looking for a mandate from the European Member
States to proceed in this endeavour, but the ball is already rolling, taking
into consideration the almost simultaneous press statements from the US
Trade Representative and Canada's Minister of International Trade as well.
But "while the claims regularly focus on health and safety risks or
suggestions that organized crime or terrorist groups benefit from
counterfeiting, the reality is that the policy prescription typically
includes a range of issues that have little to do with those issues", as
Michael Geist puts it.
Even though the OECD estimates the losses of the international trade are 3-4
times lower than the ones the industry has so heavily promoted, the big
states still have their ears open to the industry lobbists' claims.
EU announces that the new ACTA should build the international cooperation
leading to harmonised standards and a better communication between
authorities and should establish common enforcement practices to promote
strong intellectual property protection in coordination with right holders
and trading partners. Also it suggests "creating a strong modern legal
framework which reflects the changing nature of intellectual property theft
in the global economy, including the rise of easy-to-copy digital storage
mediums and the increasing danger of health threats from counterfeit food
and pharmaceutical drugs."
In fact, it seems that the negotiations have started since mid-2006 between
the European Commission, Canada, US and Japan on such an agreement on
counterfeiting. But ACTA aims higher. US Trade Representative Susan Schwab
explained that the negotiations would "expand upon the enforcement standards
of the Agreement on Trade-Related Aspects of Intellectual Property Rights
(TRIPS) and countries would be encouraged to comply with other international
IPR agreements. The goal is to set a new, higher benchmark for enforcement
that countries can join voluntarily."
Or, as Michael Geist better explains it: "This treaty could ultimately
prove bigger than WIPO - without the constraints of consensus building,
developing countries, and civil society groups, the ACTA could further
reshape the IP landscape with tougher enforcement, stronger penalties, and a
gradual eradication of the copyright and trademark balance."
European Commission seeks mandate to negotiate major new international anti-
counterfeiting pact (23.10.2007)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/07/1573
Is ACTA the New WIPO? (24.10.2007)
http://www.michaelgeist.ca/content/view/2318/125/
Top Economies To Negotiate Anti-Counterfeiting Trade Pact (24.10.2007)
http://www.ip-watch.org/weblog/index.php?p=799&res=1024_ff&print=0
EDRI-gram: OECD finds the real piracy losses(23.05.2007)
http://www.edri.org/edrigram/number5.10/oecd-piracy-loss
============================================================
3. EC plans to profile all passengers in and out EU
============================================================
The European Commission(EC) put forward on 6 November 2007 a PNR plan that
is almost similar to the EU-USA PNR (Passenger Name Records) agreement. The
EU PNR plan is part of a new package of proposals "aimed at improving the
EU's capabilities in the fight against terrorism."
According to this proposal, EU will have to collect 19 pieces of personal
data on air passengers coming into and leaving the EU space, including phone
number, e-mail address, travel agent, full itinerary, billing data and
baggage information. The information will be collected in analysis units
that will make a "risk assessment" of the traveller, which could lead to
the questioning or even refusal of the entry. The data is to be kept for
five years and then another eight years in a "dormant" database.
"The availability of PNR data ... is necessary for the purpose of preventing
and fighting terrorist offences and organised crime," is the reason
expressed by the draft.
In October 2007, Justice Commissioner Franco Frattini told Parliament
members that the creation of a PNR database was justified by the high level
of terrorist risk for Europe. "The Union is at least as much a potential
target of a terrorist attack as the United States, and the use and analysis
of passenger name records is an important law enforcement tool to protect
our citizens".
However, legal experts, human-rights groups and data-protection activists
oppose this plan and find it a threat to privacy.
Tony Bunyan, editor of Statewatch stated: "This is yet another measure that
places everyone under surveillance and makes everyone a "suspect" without
any meaningful right to know how the data is used, how it is further
processed and by whom [.] We have already got the mandatory taking of
fingerprints for passports and ID cards and the mandatory storage of
telecommunications data of every communication, now we are to have the
mandatory logging of all travel in and out of the EU. The underlying
rationale for each of the measures is the same - all are needed to tackle
terrorism. Yet there is little evidence that the gathering of "mountain upon
mountain" of data on the activities of every person in the EU makes a
significant contribution. On the other hand, the use of this data for other
purposes, now or in the future, will make the EU the most surveilled place
in the world".
MEP Sophie in 't Veld has also made an appeal to the European Commission to
make an analysis of the situation in USA and Canada in order to verify the
effectiveness of such a system before taking any decision on a similar
system in Europe. "EU counter-terrorism policies must be regularly assessed
on their effectiveness.their impact on reducing the threat and increasing
security, on improving cooperation and exchange between countries and
agencies, as well as an evaluation of the cumulative impact of individual
measures on privacy and civil liberties," she stated.
The Commission's proposal for EU PNR is proposed as a Framework Decision
meaning that the European Parliament is only consulted and its opinion can
be ignored as it happens on a regular basis. The European Council can, in
its secret working parties, change at will this legislative proposal.
Another question raised is why 2004 Directive on the collection of API
(Advance Passenger Information), meant to be applied by all member States by
September 2006, is not enough in supporting the fight against terrorism and
is not yet applied. The API data is more limited including only name,
nationality, passport number, date of birth and the details related to the
flight.
The proposal did not take into consideration the opinions of EU's Article 29
Data Protection Working Party which, during the consultation period
concluded that they "have not seen any information presented by the
Commission that would substantiate the pressing need to process PNR data for
the purpose of preventing and fighting terrorism and related crimes or law
enforcement". They also stated that "Bulk transfer of personal data, which
would include unsuspected travellers to other authorities would be
disproportionate, as data may only be provided to an authority if necessary
for a given purpose".
Concerning data protection, the draft proposal has in view the Council
Framework Decision on the protection of data for police and judicial
cooperation that should apply to the proposed PNR scheme as well. However,
the decision has not been adopted and offers very little protection to
individuals. The decision ignored the opinions of the European Parliament,
the European Data Protection Supervisor, and the EU's Article 29 Data
Protection Working Party and allows the personal data exchange with third
states such as USA.
On the other hand, the draft makes no reference to 1995 EC Directive on data
protection covering the collection of PNR data by the airlines.
PNR (passenger name record) scheme proposed to place under surveillance all
travel in and out of the EU (1.11.2007)
http://www.statewatch.org/news/2007/nov/01eu-pnr.htm
Draft Framework Decison on the use of PNR data (22.10.2007)
http://www.statewatch.org/news/2007/oct/eu-com-pnr-proposal.pdf
EU plans anti-terror screening for air passengers (5.11.2007)
http://www.euractiv.com/en/transport/eu-plans-anti-terror-screening-air-pas…
EU plans to collect personal data on air passengers (4.11.2007)
http://www.reuters.com/article/asiaTopNews/idUSIndia-30328920071104
Fight Against Terrorism: stepping up Europe's capability to protect citizens
against the threat of terrorism (6.11.2007)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/07/1649&format=H…
EDRI-gram Final agreements between EU and USA on PNR and SWIFT (4.07.2007)
http://www.edri.org/edrigram/number5.13/eu-us-pnr-swift
============================================================
4. Putin wants control of Russian Internet
============================================================
As the Internet use in Russia increases spectacularly, having tripled in the
last three years, Putin' governance concentrates its efforts on getting
control over the Russian Internet after having already gained much control
over the traditional mass media.
Putin's allies and supporters have created blogs and news sources to flood
the Internet with messages favourable to the present political power.
During a national broadcast live on TV and Radio in October 2007, Putin
tackled the issue of Internet censorship. "Naturally, in this sphere, as in
other spheres, we should be thinking about adhering to Russian laws, about
making sure that child pornography is not distributed, that financial crimes
are not committed" said Putin.
Besides numerous pro-government blogs, several already established online
outlets have been bought by Putin's allies with the purpose to create a
network to disseminat propaganda and to control the online information.
Such a publication is Gazeta.ru, the most respected online newspaper which
was sold in December to a metals magnate loyal to Putin. Russian officials
have also been looking for the possibility of establishing a separate
Internet within Russia that would serve their purposes.
The reaction of the Kremlin power comes to counterpart situation as the one
having occurred in 2004 when, due to concentrated efforts of uncensored
blogs and on-line publications, a popular uprising in Ukraine provoked the
revoking of the vote for a pro-Moscow candidate in the presidential
elections.
In April 2007, when an opposition movement held a march in Moscow, blogger
Pavel Danilin, a Putin supporter, together with his team, started blogging
about a smaller pro-Kremlin march being held the same day. They blogged so
much, and linked to each other so effectively, that they crowded out all the
items about the opposition march from the very influential top-five blog
post listing on the Yandex Web portal.
Prosecutors have also started focussing on Internet chat sites, blogs and
postings in order to charge the users that criticize Putin or other
officials. However, the federal officials deny any campaign to control the
Internet. "Personally, I am against developing and adopting a special law
that would regulate the Internet," declared Leonid Reiman, Minister of IT&C.
"The Internet has been always developing as a free medium, and it should
remain as such" he added.
Despite the officials' statements, in July 2007, Putin already announced
his plans to create a global information technology powerhouse network, a
statement that was interpreted by the mass media as an attempt from his part
to establish a controlled network separated from the current Internet which
is organised by ICANN. According to Wolfgang Kleinwaechter, special adviser
to the chairmen of the Internet Governance Forum, some Russian officials are
thinking of a separate Internet, with Cyrillic domain names, taking the
example of China.
Kremlin Seeks To Extend Its Reach in Cyberspace (28.10.2007)
http://www.washingtonpost.com/wp-dyn/content/article/2007/10/27/AR200710270…
Putin tightens his grip on Russia's internet (29.10.2007)
http://www.theregister.co.uk/2007/10/29/putin_censors_internet/
============================================================
5. Whois privacy problems not solved by ICANN
============================================================
ICANN meeting that took place last week (29 October - 2 November 2007) in
Los Angeles was expected to decide on the WHOIS database privacy problems.
But unfortunately the decision taken was just to make further studies on the
matter, despite the already seven years of discussions on this topic.
The need for WHOIS reform has been a hot topic for some years in the civil
society and some ICANN structures. An EPIC & NGO Letter to ICANN Board on
Need for Whois Reform sent on 30 October 2007 asks "for changes to WHOIS
services that would protect the privacy of individuals, specifically the
removal of registrants' contact information from the publicly accessible
WHOIS database."
The letter explains that the "current ICANN WHOIS policy conflicts with
national privacy laws, including the EU Data Protection Directive, which
requires the establishment of a legal framework to ensure that when personal
information is collected, it is used only for its intended purpose. As
personal information in the directory is used for other purposes and ICANN's
policy keeps the information public and anonymously accessible, the database
could be found illegal according to many national privacy and data
protection laws including the European Data Protection Directive, European
data protection laws and legislation in Canada and Australia." Moreover, it
points to the Article 29 Working Party's opinion that underlines that "in
its current form the WHOIS database does not take account of the data
protection and privacy rights".
The NGOs supported Final Outcomes Report recently published by the WHOIS
Working Group that "accepted the Operational Point of Contact (OPoC)
proposal as a starting point, and the best option to date. The OPoC proposal
would replace publicly available registrant contact information with an
intermediate contact responsible for relaying messages to the registrant."
The public letter accepted the fact that the WHOIS Working Group proposal
was a workable framework and not a perfect one, recommending "a distinction
between commercial and non-commercial domains."
But the proposal was rejected by the ICANN, as well as another proposal that
would have allowed domain name registration companies to stop making the
data available through WHOIS. Instead, the ICANN decided to ask for further
studies, that will be identified by the The Generic Names Supporting
Organization (GNSO) Council until 15 February 2007.
The move was seen as a new delay after seven years of discussions. Ross
Rader from the GNSO said to AP: "We've had seven years of study on this
issue... what has not been answered is what are the specific questions we
want answers to. From my perspective, further, broad, open study is just a
way for (opponents) to say you don't have enough votes to change the status
quo."
The lack of a concrete decision from GNSO meant a renewal of a call for a
procedure to allow exemptions from ICANN standard contractual obligations
for WHOIS. ICANN's Government Advisory Committee (GAC) said "uniform
process" among governments was not to be expected and the specific cases
should just be referred to national authorities in order to come to a
procedure for the respective registries and registrars.
EPIC & NGO Letter to ICANN Board on Need for Whois Reform (30.10.2007)
http://ipjustice.org/wp/2007/10/30/epic-ngo-letter-to-icann-board-on-need-f…
Whois Studies Approved, Privacy Deferred (31.10.2007)
http://ap.google.com/article/ALeqM5hCiHLmZiymo5BhARlugPCaGcTsUQD8SKFC680
Faced with clamor for WHOIS reform, ICANN votes to study the issue more
(31.10.2007)
http://arstechnica.com/news.ars/post/20071031-faced-with-whois-reform-icann…
Whois reform: ICANN says let's run more tests (1.11.2007)
http://www.theregister.co.uk/2007/11/01/whois_reform/
Change Of Leadership At ICANN As Cerf Makes Way For IP Expert (4.11.2007)
http://www.ip-watch.org/weblog/index.php?p=807&res=&res=1024_ff&print=0
============================================================
6. Government attempts of increased level of surveillance in Czech Republic
============================================================
The Czech Interior Ministry introduced in October 2007 a new National Action
Plan to Combat Terrorism that would increase the access of the police and
intelligence authorities to personal data, under the pretext of the
protection against terrorism.
The Czech Ministry of Interior has introduced a similar plan every year
since 2002 - in 2005 it actually won the Czech Big Brother Award for it -
which, until now, has been rejected by the Parliament. The Plan of Action is
meant to be used to draft legislation allowing police and other agencies to
have access to emails and to wiretap without following any court procedures.
"According to the current legal regulations, in order to perform certain
actions it is necessary that security bodies meet a number of requirements
and conditions, the existence of which is unquestionable," stated Vladimmr
Repka, spokesman for the Interior Ministry.
As compared to the plan proposed last year, this year's plan seems to have a
much more ambiguous wording that " it is actually very difficult to argue
against it" says privacy expert Filip Pospmsil from the EDRI-member Czech
NGO Iuridicum Remedium. According to him, the plan is inspired from the US
Patriot Act that that give the US police authorities direct access to
personal data.
Presently, in Czech Republic, the interception of emails and wiretapping can
be done only by a court order that is valid for up to six months. "They want
to have the power just to call the judge and then to get written approval
later" said Pospmsil.
What the Interior Ministry also wants is to force financial institutions and
private Internet providers to pass on clients' information to security
agencies as well as to eliminate anonymous phone cards.
In Pospmsil's opinion, the present plan is meant as a test to check out on
the position of the policy makers and of the public as anyway, even if
approved by the government, the plan has no value if it is not passed by the
Parliament. "I think it's just a kind of test by the Interior Ministry and
other intelligence services to test the willingness of the public and its
representatives to exchange some privacy for promises of improved security,"
he said.
Privacy International has issued reports on the situation in the Czech
Republic showing concern on the increase of the government attempts to
legalise wiretapping, to create a central database from the separate
databases of the security agencies as well as on the high level of video
surveillance in the country, unrestricted by law.
Hana Stepankova, the spokeswoman of the Office of Personal Data Protection,
which is responsible for enforcing the country's privacy laws, stated that
the office lawyers are presently studying the proposal.
The draft plan may receive comments from the public until the end of October
but there is no guarantee that the Interior Ministry will take any comments
into consideration.
Ministry seeks approval for terror law (24.10.2007)
http://www.praguepost.com/articles/2007/10/24/ministry-seeks-approval-for-t…
EDRI-gram: Big Brother Awards presented in 4 countries (3.11.2007)
http://www.edri.org/edrigram/number3.22/BBA
============================================================
7. Open Document Format gains more support
============================================================
The first international workshop of Open Document Format (ODF) public sector
users took place in Berlin on 29-30 October 2007, hosted by the Foreign
Office of the Federal Republic of Germany.
The position of the German Foreign Office, as host of the event, was made
very clear. The Federal Foreign Minister Frank-Walter Steinmeier, in his
opening word, called ODF "a completely open and ISO-standardized format",
considering it an "excellent basis" for "a free exchange of knowledge and
information in a time of globalization". The Foreign Office has already
linked its foreign missions in a network using open-source programs and
shifted to OpenOffice and Linux operation systems on their laptops and has
in view to extend this program to all diplomatic workstations by the middle
of 2008.
According to Florian Schie_l of the LiMux Project Office of Munich, where a
migration to Linux is in progress, the ODF is a good tool in reducing the
large range of templates and macros in the municipal government and in
creating more uniform file management standards. The municipal
administration of Freiburg will also implement a project for the migration
of 2000 workstations from Microsoft Office 2000 to OpenOffice, relying in
the future solely on ODF and PDF. ODF will also be adopted as the standard
file format by all agencies and departments of Schwdbisch-Hall as Horst
Brduner, IT director, stated.
Germany is not the only country in favour of ODF. As expressed by Gavin
Beckett of the city administration of Bristol, UK, a migration to Sun
Microsystems's StarOffice is currently in progress in the city
administrative offices. Mr. Beckett pointed out that the difficulty in the
development of the progress is the inertia and habit of the office employees
having been used Microsoft operation system for many years. "The point is to
overcome deeply ingrained modes of behavior," he stated.
Brazil and India are also leaders in the use of open standards in the office
area. Deivi Kuhn of Serpro, a company coordinating the use of open source in
Brazil, declared that ODF standard adopted by the International Organization
for Standardization, a good tool providing both access to knowledge
and ensuring user freedoms, was mandatory for e-government state
interoperability standards. In India, in the federal state of Assam, PCs
with Linux and OpenOffice were given to students and the migration to open
source software was in progress in government offices.
German Foreign Office comes out in favor of Open Document Format
(30.10.2007)
http://www.heise.de/english/newsticker/news/98208
ODF Workshop (29-30.10.2007)
http://www.odfworkshop.org/
EDRI-gram: OOXML - negative vote at International Organization for
Standardization (12.09.2007)
http://www.edri.org/edrigram/number5.17/ooxml-rejected-iso
============================================================
8. Recommended Action
============================================================
Privacy International in a coalition with over 50 other organisations from
around the world, including EDRI, is in the process of appealing for the
imminent implementation of the Immigration Control and Refugee Recognition
Act by the Japan's Ministry of Justice. The act will make fingerprint and
face-scan compulsory for Japan's visitors and foreign residents. The
campaign will be launched later this week.
If any organisation wants to endorse this privacy campaign, please contact
as soon as possible Gus Hosein - Privacy International - gus at privacy.org.
============================================================
9. Recommended Reading
============================================================
Big Brother Eyes German Journalists
http://www.spiegel.de/international/germany/0%2C1518%2C514872%2C00.html
ENISA Position Paper : Security Issues and Recommendations for Online Social
Networks (25.10.2007)
Social Networking is like a 'digital cocktail party': a powerful mixture of
human social instincts and web 2.0 technology which is revolutionising the
Internet. In this position paper, ENISA emphasises the many benefits of
Social Networking but identifies 14 important threats. This leads to 17
recommendations on how Social Networking can be made safer.
http://www.enisa.europa.eu/doc/pdf/deliverables/enisa_pp_social_networks.pdf
============================================================
10. Agenda
============================================================
9 November 2007, St. Gallen, Switzerland
Big Brother Awards Switzerland
http://bigbrotherawards.ch/
11 November 2007, Rio de Janeiro, Brazil
GigaNet'07 - Global Internet Governance Academic Network 2nd Annual
Symposium
http://www.igloo.org/giganet
12-15 November 2007, Rio de Janeiro, Brazil
The Government of Brazil will host the second Internet Governance Forum
meeting.
http://www.intgovforum.org/
http://cgi.br/igf/
15-16 November 2007, Lisbon, Portugal
On RFID: The Next step to the Internet of Things
http://www.rfid-outlook.pt/
16-18 November 2007, Munich, Germany
20 years of grassroot networks - 20 years /Cl-Network in Germany
Congress on Networking of alternative media, privacy, environment,
anti-nuclear, antifascism, peace and human rights
http://www.cl-netz.de/cl-netz/20-jahre-datennetze-von-unten-20-jahre-cl-netz
21 November 2007, London, UK
Privacy enhancing technologies: How to create a trusted information society
http://www.petsfinebalance.com/index.php
29-30 November 2007, Skopje, Macedonia
The International Conference e-Society.Mk on inclusive e-Government
http://www.e-society.org.mk
3-4 December 2007, Bonn, Germany
Network Neutrality - Implications for Europe
http://www.wik.org/content/netneutrality_main.htm
4-5 December 2007, Rome, Italy
First QualiPSo Conference - Fostering trust and quality of Open Source
Software systems
http://www.qualipso.org/index.php?option=com_content&task=view&id=63&Itemid…
5-7 December 2007, Pisa, Italy
Second DELOS Conference on Digital Libraries
http://www.delos.info/index.php?option=com_content&task=view&id=606&Itemid=…
17 January 2008, London, UK
Nanotechnology for security and the crime prevention III
http://www.nano.org.uk/events/ionevents.htm#security
============================================================
11. About
============================================================
EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 28 members based or with offices in 17 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRI-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and visibly on the
EDRI website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 2.0 License. See the full text at
http://creativecommons.org/licenses/by/2.0/
Newsletter editor: Bogdan Manolea <edrigram(a)edri.org>
Information about EDRI and its members:
http://www.edri.org/
European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring
- EDRI-gram subscription information
subscribe by e-mail
To: edri-news-request(a)edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
unsubscribe by e-mail
To: edri-news-request(a)edri.org
Subject: unsubscribe
- EDRI-gram in Macedonian
EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edrigram-mk.php
- EDRI-gram in German
EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/
- Newsletter archive
Back issues are available at:
http://www.edri.org/edrigram
- Help
Please ask <edrigram(a)edri.org> if you have any problems with subscribing or
unsubscribing
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
[liberationtech] Stanford Security Seminar Tomorrow: Jay Lorch -- Ensuring Private Access to Large-Scale Data in the Data Center
by Yosem Companys 06 Jul '18
by Yosem Companys 06 Jul '18
06 Jul '18
From: Joe Zimmerman <jzim(a)cs.stanford.edu>
*Jay Lorch* -- *Ensuring Private Access to Large-Scale Data in the Data
Center*
Tuesday, February 12, 2013
Talk at 4:30pm in Gates 463A
Abstract:
Recent events have shown online service providers the perils of possessing
private information about users. Encrypting data mitigates but does not
eliminate this threat: the pattern of data accesses still reveals
information. Thus, this talk will present Shroud, a general storage system
that hides data access patterns from the servers running it, protecting
user privacy. Shroud functions as a virtual disk with a new privacy
guarantee: the user can look up a block without revealing the block's
address. Such a virtual disk can be used for many purposes, including map
lookup, microblog search, and social networking. Shroud aggressively
targets hiding accesses among hundreds of terabytes of data. We achieve our
goals by adapting oblivious RAM algorithms to enable large-scale
parallelization. Specifically, we show, via new techniques such as
oblivious aggregation, how to securely use many inexpensive secure
coprocessors acting in parallel to improve request latency. Our evaluation
combines large-scale emulation with an implementation on secure
coprocessors and suggests that these adaptations bring private data access
closer to practicality.
Bio:
Jacob R. Lorch has been a Researcher at Microsoft Research in Redmond, WA
for the last eleven years. Before that, he received his Ph.D. in Computer
Science from UC Berkeley in 2001 under the supervision of Alan Jay Smith.
Jacob's research focuses broadly on computer systems, with particular
emphasis on distributed systems, web security, cloud computing, and energy
management. In recent work, he has developed TrInc (NSDI 2009), a simple
piece of trusted hardware useful in securing a variety of distributed
systems; Memoir (IEEE S&P 2011), a framework for building stateful,
crash-resilient trusted modules; and GreenUp (NSDI 2012), a decentralized
system for maintaining the availability of machines while letting them save
energy by sleeping. His current work includes protecting user privacy when
using online services and simplifying the construction and deployment of
fault-tolerant systems.
--
Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
CEA Applauds Appeals Court Ruling in Over-the-Air Reception Devices Case
by Consumer Electronics Association -Communications 06 Jul '18
by Consumer Electronics Association -Communications 06 Jul '18
06 Jul '18
FOR RELEASE
Contact: Jeff Joseph or Jenny Miller
tel: (703) 907-7664 tel: (703) 907-7079
e-mail: jjoseph(a)ce.org e-mail: jmiller(a)ce.org
http://www.CE.org
CEA Applauds Appeals Court Ruling in Over-the-Air Reception Devices Case
Decision Upholds FCC Order Prohibiting Restrictions on Satellite Dish Placement
Arlington, Va., July 10, 2001 - The Consumer Electronics Association (CEA) applauded the U.S. Appeals Court ruling Friday, which upheld Federal Communications Commission (FCC) regulations prohibiting restrictions on certain over-the-air television reception and direct-to-home satellite services.
Petitioners in the case, including building owners and managers, had questioned the agency's statutory authority and had objected to the FCC's rules concerning over-the-air reception devices (OTARD) that were promulgated following enactment of the 1996 Telecommunications Act and amended in 1998 to extend to leaseholders. The three District of Columbia appellate court judges decidedly rejected the petitioners' claims, delivering a victory to the FCC. CEA celebrated the decision as a victory for consumers who may install satellite dishes and equipment despite landlord opposition in order to enjoy freely the benefits of digital access and entertainment.
"This is a big win for consumers. The 'unambiguously expressed intent of Congress' was clear in Section 207 of the Telecommunications Act of 1996," said CEA President and CEO Gary Shapiro. "The Court has upheld the right of all Americans - including renters - to have access to the latest and best consumer technologies, such as direct-to-home satellite. As the original FCC Order recognized, full participation in the digital revolution shouldn't be conditioned on property ownership."
The Consumer Electronics Association (CEA) represents more than 650 U.S. companies involved in the design, development, manufacturing and distribution of audio, video, mobile electronics, wireless and landline communications, information technology, multimedia and accessory products, as well as related services that are sold through consumer channels. Combined, these companies account for more than $70 billion in annual sales.
CEA also sponsors and manages the International CES - Your Source for Workstyle and Lifestyle Technology. All profits from CES are reinvested into industry services, including technical training and education, industry promotion, engineering standards development, market research and legislative advocacy.
UPCOMING EVENTS
DTV Summit - Is Laissez-Faire Fair?
July 24, 2001, Washington, DC
CEA Fall Conference and Industry Forum
October 14-17, 2001, La Quinta CA
Digital Car Conference and Exhibition
October 16-18, 2001, Detroit, MI
2002 International CES - Your Source for Workstyle and Lifestyle Technology
January 8-11, 2002, Las Vegas, NV
###
I:\RELEASES\DTV & DTV SUMMIT\FCC.OTARD.doc
Consumer Electronics Association -Communications 703-907-7041 Phone
---------------------------------------------------------------------
If you would prefer not to receive further messages from this sender:
1. Click on the Reply button.
2. Replace the Subject field with the word REMOVE.
3. Click the Send button.
You will receive one additional e-mail message confirming your removal.
----- End forwarded message -----
1
0
Robert,
Just sent this to gsc. Not sure if it will get through. Feel free to
forward (gsc or anywhere) if you think it's of interest.
----
http://www.avertlabs.com/research/blog/index.php/2009/04/29/laundering-as-a…
ervice/
Laundering as a Service
Wednesday April 29, 2009 at 5:24 am CST
Posted by Francois Paget
Money laundering is a process for concealing the origin of funds
generated by illegal means. People generally associate money
laundering with drug trafficking, gun smuggling, or corruption. But
funds misappropriated by identity theft, phishing, and carding also
have to be laundered. Today, the mushrooming of virtual money (or e-
currency) makes the job easier when you need to eliminate traces of
suspicious actions. In the past, E-Gold and WebMoney were frequently
under suspicion and had to respond to serious allegations of having
been used to transform dirty money into clean money.
But they are not unique; ECUMoney, Liberty Reserve, PerfectMoney,
Pecunix, etc. are also on the scene. As with all digital gold
currencies, these exchangers offer nonreversible transactions, which
is a primary advantage when you want to manipulate money.
Today, websites proposing virtual money exchanges are numerous on the
Internet. They are profitable for their owners because they are
subject to significant exchange commissions. It is also relatively
safe for the people offering these services. In the past, malware
authors explained they created their programs only for educational
purposes and were not responsible for any inappropriate use. Today
administrators of such websites are trying to claim they are not
liable for the origin of the transmitting money.
Here too, the network is turning professional, and many former crooks
are now specializing in this field. In October 2004, the U.S. Secret
Service arrested people said to be responsible for a set of credit
card and identity thefts that had plagued Internet users. It was the
result of Operation Firewall. Most of them frequented ShadowCrew, a
worldwide marketplace where thousands of members traded stolen credit
cards and debit cards, as well as bank account numbers and counterfeit
identification documents, such as drivers licenses, passports, and
Social Security cards.
One convicted person, using Voleur (French for thief) as a
pseudonym, set up a special payment system for cybercrime
transactions. For a 10 percent commission, he exchanged cash for E-
Gold, the well-known and controversial digital gold currency. Voleur
laundered money for dozen of deals of forum members, moving amounts
ranging from $40,000 to $100,000 per week. With about twenty other
individuals, he pleaded guilty in November 2005, was sentenced in June
2006, and was released later on.
At that time, Voleurs work was not institutionalized. But today, I
believe, this individual is again in business and manages some
websites specialized in giving advice for digital currency activities.
One of them is named Voleur Financial Services; thats a tall order!
[image]
On another site from the same origin (same administrators), we can see
some examples of current fees:
[table]
Many people want to seize power in this fruitful business, and there
are no holds barred. Enemies of Voleur often spread stories of him on
the Internet and do not hesitate to reveal bank account numbers.
[image]
U.S. nationals are not alone in this business. At the time of
Operation Firewall, an Eastern Europe married couple (he is Russian,
she is Ukrainian), their son, and several other people were arrested
after they moved more than $35 million in suspect funds through their
company, a pioneer of virtual money exchange. Their office was
originally located in the Empire State Building, in New York City.
Approximately $20 million flowed through E-Gold digital currency
accounts. It is also estimated they purchased approximately $15
million worth of Webmoney digital currency.
Now, from the Manhattan House of Detention, the main prisoner/offender
keeps his blog, gives security advice, and is visited by compassionate
countrymen. Some of his friends (I suppose) still manage such
exchange sites from Russia. From one of them, these screen shots show
transfer fees and how easy it is to remain anonymous in the world of
money transfers.
[image]
When you visit the website, you will discover a touching interview
made in a U.S. jail and the (presumed) building housing the actual
company: a bit empty, but nonetheless prestigious in the New York area.
[image]
In early April, at an annual conference of the Association of Russian
Banks, Finance Minister Alexei Kudrin explained that many small banks
are now engaged in money laundering. It seems that many suspicious
online companies are also engaged in this business both in and outside
of Russia.
1
0
============================================================
EDRi-gram
biweekly newsletter about digital civil rights in Europe
Number 7.16, 26 August 2009
============================================================
Contents
============================================================
1. The Pirate Bay - public enemy number one
2. Italian DNA database: The devil is in the details
3. People convicted in UK for refusing to surrender cryptographic keys
4. Google's Street View contested in France and Switzerland
5. UK: p2p three strikes clamp down despite civil liberties concerns
6. Belgium: Minister of Justice wants 2 years of data retention
7. Creative Commons licensed works available on Google Books
8. ENDitorial: Dutch NGO Bits of Freedom resumes its activities
9. Recommended Action
10. Recommended Reading
11. Agenda
12. About
============================================================
1. The Pirate Bay - public enemy number one
============================================================
The Pirate Bay (TBP) seems to be the website in the limelight these days,
after the music industry decided to attack it with every legal possibility
and in any country they can, with actions in Denmark,
Netherlands, Norway, Ireland and, of course, Sweden. The move seems not to
have troubled the website too much, but has definitely given it a lot of
publicity.
Thus the Pirate Bay was offline for a few hours on 24 August 2009, after its
ISP, called Black Internet, was obliged by a Swedish court order, following
an action from the music industry, to disconnect the website from Internet.
Otherwise Black Internet would had to pay penalties of 500 000 Swedish
Krowns (approx. 50 000 euros). But TPB already had in place a backup
solution, after the other problems with the music industry this year, and
came back online in a few hours, with a message for the "attackers":
"The MAFIAA has spent millions of dollars and endless amounts of time to get
this ban in order. Our guess is that they also bribed a bit to get it since
it violates so many laws not only in Sweden but also in the EU, not to
mention violations against human rights. And what do they have to show for
it? 3 hours of partial downtime"
In Ireland, according to the understanding reached by the music record
companies and the Irish ISP Eircom in January 2009, and to the order issued
by The High Court on 24 July 2009, Eircom has agreed to cut off the access
to TPB starting with 1 September 2009.
The agreement Eircom made with the music industry implied that the Irish ISP
would implement a three-strikes system to its users deemed guilty of
copyright infringement and also that it would not oppose any application to
the court to block access to The Pirate Bay.
Irish divisions of EMI, Warner, Universal and Sony music companies have also
sent official requests to the other Irish ISPs to block access to the
Pirate Bay website but, for the time being, this request was denied by UPC
and BT Ireland.
"UPC has informed the rights holders that there is no basis under Irish law
requiring an ISP to block access to certain websites and that it will not
agree to a request that goes beyond what is currently provided for under
Irish law," stated UPC who added that "UPC has every intention of vigorously
defending its position in Court."
BT Ireland has also confirmed that it has refused the music industry request
considering "there is no legal basis for such a request".
In Norway, a coalition of 21 movie and music industry companies sued
Telenor, the country's largest ISP trying to force it to block TPB. The
hearing is to take place in October.
In Netherlands, the anti-piracy organisation, BREIN won a court case at the
end of July against TPB. An Amsterdam court has ruled that the Swedish site
must cease its operations in 10 days in Netherlands. Otherwise they will
need to pay 30 000 euros per day in penalties. Even though the ten days have
passed now, the sentence is not applied yet and the three defendants have
already appealed the case. The two parties have clashed before the appeal at
the Hacking at Random, with a public juicy encounter between the head of
BREIN, Tim Kuik and the Pirate Bay co-founder Gottfrid Svartholm.
All these publicity on the Pirate Bay could be connected with the purchase
of the site by the Swedish company Global Gaming Factory, which is estimated
to be closed by the end of this week.
Eircom to block the Pirate Bay from September; UPC not so keen (19.08.2009)
http://www.tjmcintyre.com/2009/08/eircom-to-block-pirate-bay-from.html
Eircom to block internet access to Pirate Bay as other firms refuse
(20.08.2009)
http://www.irishtimes.com/newspaper/frontpage/2009/0820/1224252952116.html
Eircom Agrees to Block Pirate Bay Access (20.08.2009)
http://torrentfreak.com/eircom-agrees-to-block-pirate-bay-access-090820/
UPC Refuses to Block Pirate Bay (19.08.2009)
http://www.irishtimes.com/newspaper/breaking/2009/0819/breaking49.htm
Pirate Bay Faces ISP Block in Norway (19.08.2009)
http://freakbits.com/pirate-bay-faces-isp-block-in-norway-0819
Pirate Bay and BREIN Clash at Hacker Conference (16.08.2009)
http://torrentfreak.com/pirate-bay-and-brein-clash-at-hacker-conference-090…
Pirate Bay website back online (25.08.2009)
http://news.bbc.co.uk/2/hi/technology/8217800.stm
EDRI-gram: The big record companies are after Irish ISPs (15.07.2009)
http://www.edri.org/edri-gram/number7.14/irish-isp-copyright
============================================================
2. Italian DNA database: The devil is in the details
============================================================
On 30 June 2009, the Italian Parliament finally passed Law No. 85 that
ratifies the Prum Convention and forms the legal ground for the creation of
an Italian National DNA Database (NDNAD).
Although this law might have benefited from UK and USA court experience in
the field of DNA forensics, the current text indicates that neither British
nor American case law have been taken into consideration. Furthermore, the
law is flawed by a foggy understanding of the technicalities behind DNA
profiling and sloppy wording that certainly will not facilitate the work of
lawyers, prosecutors or judges. Just to highlight a few of these
inconsistencies, it must be noted that art. 8 (Attivita` del laboratorio
centrale per la banca dati nazionale del DNA - Activity of NDNA Database
Central Laboratory) lacks any general provision that would oblige all the
responsible parties to adopt serious and adequate security measures against
unauthorized access, data tampering, and illegal handling of data and
information.
Furthermore, art. 9 (Prelievo di campione biologico e tipizzazione del
profilo del DNA - Mandatory DNA Sample Collection and DNA Profile
Sequencing) states nothing about the need for a properly established chain
of custody. It is crucial that the collected sample be processed, both
technically and administratively, in such a way that it would be impossible
for a "planted" or "altered" sample to be used. This requirement was proven
vitally important in the OJ Simpson trial (held between 1994 and 1995 at the
Los Angeles Court in the USA) where the value of DNA evidence was
successfully challenged by the defendant due to law enforcement gaffes.
As if this wasn't enough, nothing is said about the effect of an improperly
managed chain of custody on admissibility of the samples as evidence in
Court. This is an issue similar to the one raised in the computer forensics
field, where there is an vigorous ongoing debate about the
admissibility/reliability of digital (volatile) information presented in
Court without a documented and technically well-grounded chain of custody
(the relevance of this issue is enhanced by the recent finding that DNA
samples can be easily faked without expensive facilities.)
This same lack of perspective can be observed in art.10 (Profili del DNA
tipizzati da reperti biologici acquisiti nel corso di procedimenti penali -
DNA Profiles Sequenced from Biological Samples gathered during Criminal
Investigations). (Its impact on due process and the right of defense are
addressed in the analysis of art. 12). This section deals with sample
tracing and access to data. Law enforcement officers can access the NDNA
database without prior authorisation from the prosecutor or the judge that
is responsible for the investigation involving the sample or profile in
question (under Italian law, law enforcement bodies are under the direction
and control of the public prosecutor). Since the article is silent about the
matter, only future court decisions will determine whether prior
authorization is needed to access the NDNA database, thus leaving wide open
a window of several years in which "anything can happen". It is worth
pointing out that there is no mention of defense and victim's lawyers in
this provision, thus making it impossible for them to make reasonable
discovery demands.
The third provision in art.12 requires neither the positive identification
of the personnel accessing the NDNA database and material in the central
lab, nor the secure logging of access to and activity involving the profile
and sample.
Art.13 also raises concerns (Cancellazione dei dati e distruzione dei
campioni biologici - Data Erasire and Destruction of Biological Samples).
Provision 3 doesn't clearly identify who is in charge of ordering the
destruction of samples and profiles. It would have been far more appropriate
(and easier) to say that samples, profiles and all of its related
information cannot be used during the trial. A judge in the preliminary
investigation, preliminary hearing or trial - depending on the stage of the
trial - orders the destruction of both profiles and samples from the NDNA
database, the central laboratory and any other place where this information
is stored (e.g. prosecutor's docket, law enforcement investigator files,
etc.)
Art.14 deals with punishment for a public officer that communicates or uses
data and information without authorization, or for purposes other than those
stipulated specifically in the law. Well, the punishment is incredibly
light: a jail term of between one and three years. This means that by
pleading guilty (up to 1/3 of a reduction in term) and obtaining a further
1/3 reduction for the "attenuanti generiche" (generic circumstances that
decrease the severity of the punishment), a defendant could face a final
jail term of less than six months that could be avoided by simply paying a
fine. Given the magnitude of the matter, one would expect to find harsh
punishments rather than the equivalent of a light slap on the hand.
Two final remarks:
The first one is about technology. The law says nothing about strategic
technological choices. Of course it is not to be expected that a law will
enter into the maze of ICT and molecular biology oddities. Naturally a
series of subordinate administrative acts will be adopted by the ministries
concerned. But what the law might have (and should have) laid down was the
inclusion of principles such as the use of non-proprietary file formats and
technologies (thus avoiding the technological "locked-in" syndrome that
allowed ICT multinationals to create a de facto monopoly since the cost of
converting huge quantities of information to a different format was so high
as to discourage the shift).
The second one concerns the "vicious loop" in assessing crime impact and
crime spreading. By excluding white collar crime profiles from the NDNAD,
the law can alter crime-related statistics. If all you can find in the NDNAD
are violent crimes committed by Africans or Balkan immigrants and
undocumented migrants (they will hardly be involved in stock exchange
frauds), prosecutors will find easier to investigate these crimes, with the
potential result being an injection of "hidden racism" into the justice
system.
To put it briefly: crime statistics are based upon prosecutory
investigations and trials, but if prosecutory investigations are based upon
the NDNA database, the only crimes that will be scrutinized by politicians
will be those that fall into the NDNA database.
Italian NDNA database. The devil is in the details
http://blog.andreamonti.eu/?p=165
(Contribution by Andrea Monti - EDRi-member ALCEI -Italy)
============================================================
3. People convicted in UK for refusing to surrender cryptographic keys
============================================================
According to the Annual Report of the Chief Surveillance Commissioner Sir
Christopher Rose to the UK Prime Minister and Scottish Ministers, people
were sentenced between 1 April 2008 and 31 March 2009 for not having given
their passwords or cryptographic keys, on the basis of powers provided to
authorities by section 49 of the Regulation of Investigatory Powers Act
(RIPA) that came into force in October 2007.
The law, initially intended to deal with organised crime and terrorism,
allows the police and other enforcement agencies to demand from a person
passwords, encryption keys or a clear text transcript of encrypted texts.
Failure to comply can result in two years imprisonment for cases not
involving national security, or five years for terrorism or similar
offences. The required data can be even several years old.
The report, ordered by the House of Commons, shows that there were 26
applications for section 49 RIPA powers, out of which 17 obtained permission
from a judge to proceed. Out of the 17, 15 notices were served and 11 people
having received the notices failed to comply with the request. The actions
resulted in seven charges being brought and two convictions. According to
the report, the types of crimes under investigation in these cases were
"counter terrorism, child indecency and domestic extremism".
Sir Christopher was unable to give details on the two convictions or the
situations regarding the other five charges as the former High Court judge
did not provide such information and the Crown Prosecution Service stated it
could not track down any information on the cases without the defendants'
names.
According to The Home Office, the National Technical Assistance Centre
(NTAC) where the police is suppose to apply in order to obtain a section 49
notice do not follow up the results of the notices they approve and UK
Government Communications Headquarters which apparently covers NTAC, did not
answer to the request of revealing some information on these cases.
Annual Report of the Chief Surveillance Commissioner to the Prime Minister
and to Scottish Ministers for 2008-2009 (21.07.2009)
http://www.surveillancecommissioners.gov.uk/docs1/osc_annual_rpt_2008_09.pdf
Initial password prosecutions in UK (17.08.2009)
http://www.heise.de/english/newsticker/news/143617
Two convicted for refusal to decrypt data (12.08.2009)
http://www.out-law.com/page-10250
EDRi-gram: UK: Decrypt data or go to prison! (10.10.2007)
http://www.edri.org/edrigram/number5.19/ripa-part3-uk
============================================================
4. Google's Street View contested in France and Switzerland
============================================================
After being criticised and contested in several countries in Europe, such as
UK, Germany and Greece and even outside Europe like in Japan, it is the turn
of France and Switzerland to complain against Google's service Street View.
Several complaints have been recorded in France in 2009 against Street View
service as recently indicated by the French Data Protection Authority - CNIL
(Commission nationale de l'informatique et des libertis).
CNIL is keeping an eye of Google's system as the company has introduced in
France this summer tricycles equipped with cameras to explore parks, walking
streets and other less crowded areas. Despite the system introduced by
Google to blur faces and other identification elements such as licence
plates from the images taken by Street View cameras, the system is not 100%
proof. For instance, profiles or faces through grills can still be visible
and are not blurred. Besides, people are also asking for other elements to
be blurred such as the access to private homes.
The French authority is also concerned about the delay in the data treatment
and the retention of raw images. In June, Google committed in front of
European Commission's Article 29 working party to improve this aspect and
delete the raw images but not on a very short term and no precise period of
time was given.
In Switzerland, less than one week after the launching of Street View, the
authorities have already asked for the immediate interruption of the service
under threat of taking the case to court as they consider that Google's
blurring technology is not good enough.
"Numerous reports from the public and our own research show that Google
Street View does not respect the conditions that were laid down. Many faces
and car numbers have not been blurred, or only insufficiently so," stated
Hans-Peter Th|r, the Swiss data protection commissioner who asked Google to
"improve the service and ensure that the images published meet Swiss legal
requirements".
In its defence, Google admitted there were still some flaws in their
technology: "Our face and license plate blurring software is very effective,
but like any new technology it still makes mistakes now and then -
occasionally blurring things that shouldn't be blurred, or missing some
things that should."
Sibastien Fanti, a lawyer specialised in Internet issues, warns on the fact
that all the data gathered by Google is available to US authorities as
according to the USA Patriot Act, any US government agency has access to
data collected anywhere in the world by US firms, even without a court
order. "If the CIA asks to see what was going on in Zurich this spring,
Google isn't going to provide blurred images," says Fanti.
Google's Switzerland spokesman Matthias Meyer admitted that the companies is
collaborating with authorities but stated that "What we are putting on line
are photos of the past. Once they've been taken they don't change, nothing
is shown in real time."
This is far from being reassuring and as it can be seen people in many
countries there are a lot of privacy concerns related to Street View
service.
Google Street View feeds Cnil's complaints (only in French, 10.08.2009)
http://www.01net.com/editorial/504863/google-street-view-alimente-le-bureau…
CNIL in the wheel of Street view tricycle (only in French, 7.08.2009)
http://www.cnil.fr/la-cnil/actu-cnil/article/article/2/40-000-euros-damende…
Switzerland asks the interruption of Google Street View (only in French,
24.08.2009)
http://www.zdnet.fr/actualites/internet/0,39020774,39705022,00.htm
Europe asks for the suppression of the raw images by Google Street View
(only in French, 16.06.2009)
http://www.zdnet.fr/actualites/internet/0,39020774,39504703,00.htm
Big Google is watching you - really? (only in French, 21.08.2009)
http://www.swissinfo.ch/fre/a_la_une/Big_Google_is_watching_you_vraiment.ht…
Street View privacy guarantees remain fuzzy (24.08.2009)
http://www.swissinfo.ch/eng/front/Street_View_privacy_guarantees_remain_fuz…
EDRi-gram: Privacy complaints related to Google's Street View (16.07.2009)
http://www.edri.org/edrigram/number6.14/privacy-street-view
============================================================
5. UK: p2p three strikes clamp down despite civil liberties concerns
============================================================
A new proposal shows that the UK Government has given in to the pressure of
right holders who have complained that the measures proposed by the 'Digital
Britain' report were not powerful enough "to have a significant deterrent
effect on infringing behaviour".
The new proposals would allow Lord Peter Mandelson, UK
Secretary of State, to approve automated sanctions against file-sharers (so
basically a three strikes scheme) and thus, practically, placing the
regulator Ofcom under Mandelson's orders. Apparently, this follows a meeting
between Lord Mandelson and the David Geffen, head of Steven Spielberg's
Dreamworks Studio.
The new proposal also takes into consideration British Recorded
Music Industry's amendment addressed to the Copyright, Designs and Patents
Act proposing that ISPs should be made liable for copyright infringement and
obliged to introduce measures against infringers.
BIS seems to take for granted the opinion of the industry that all
file-sharing is unlawful and that the right solution is represented by
technical measures which actually imply automated network technology to
block websites and user connections.
One of these technical measures is what is called the deep packet inspection
implying the opening by the ISP of each data package. After checking out the
package content, the ISP can decide on interrupting the communication. This
is actually legal interception and is not allowed under EU laws including
the UK law. Technical measures are infringing Amendment 138 of the EU
Telecoms Package but all this does not seem to concern the UK Government.
In line with EU Commissioner Viviane Reding's opinion expressed in July at
the Ludwig Erhard Lecture 2009 Lisbon Council in Brussels, UK MEP Tom
Watson, who has joined the online copyright enforcement debate, believes
drastic measures such as the automated suspension of the Internet connection
are not the best methods to deal with illegal file-sharing. In his opinion,
the policy-makers should rather consider assisting companies in creating new
business models and setting up efficient alternative distribution structures
for online music and entertainment works.
Mr Watson considers the technical measures are only in favour of an industry
that is not ready to change and that the government should find ways to
promote innovation and deal with the changes in the entertainment business
which develop along with the development of the IT technology.
UK 3-strikes - MP urges consultancy not censorship (20.08.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=384&Item…
Mandelson to sit in judgement on UK file-sharers (25.08.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=385&Item…
Government details how Digital Britain Report will become reality
(18.08.2009)
http://www.out-law.com/page-10300
UK anti-filesharing plans get the Mandelson touch (17.08.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=383&Item…
Digital Britain: Government vows to cut illegal file-sharing by 70%
(16.06.2009)
http://www.out-law.com/page-10097
BIS Implementation Plan of Digital Britain (08.2009)
http://www.culture.gov.uk/images/publications/DB_ImplementationPlanv6_Aug09…
Internet cut-off threat for illegal downloaders (25.08.2009)
http://www.guardian.co.uk/technology/2009/aug/25/file-sharing-internet
EDRI-gram: EU Commissioner: Current business models encourage illegal
file-sharing (15.07.2009)
http://www.edri.org/edri-gram/number7.14/reding-business-models-encourage-p…
============================================================
6. Belgium: Minister of Justice wants 2 years of data retention
============================================================
Belgium is starting again to discuss the implementation of the data
retention directive, suggesting a 2-year retention period for electronic
communication traffic data, according with the Flemish newspaper De Tijd.
The initial discussion in 2008 did not passed the criticism received
from the Belgian Data Protection Authority and from the public comments
submitted by an ad hoc alliance of civil society and industry.
The draft was presented these days in the media by the Minister of Justice,
Stefaan De Clerck. He asks for a two year period for data retention,
claiming that the Police and the Prosecutors Office need the data for that
long. The draft foresees that the prosecutor or the magistrate in a case has
to submit a written justification for every query.
The Belgium ISP Association claimed that a period of six months should be
enough, asking the Government to support the costs for a longer period.
Otherwise the cost might be passed to the user, therefore an increased cost
for an Internet connection.
The Belgium Data Protection Authority (DPA) has also considered a two year
period as excessive. In a comment sent to the Government on this topic, the
Authority has suggested a one year period. After that period, all the stored
data needs to be deleted immediately.
The DPA has stated that a public report needs to be made public each
year in order to assess if the data retention is necessary and in what
conditions it was used. The Authority made also several comments on the
text - for a better clarification of the "public networks" definition or the
"exceptional circumstances" when the data can be kept more than 24 months.
Comments from the Belgium DPA on the data retention draft law (only in
French, 1.07.2009)
http://www.privacycommission.be/fr/docs/Commission/2009/avis_20_2009.pdf
Emails kept for 2 years, Internet user might pay (only in French,
12.08.2009)
http://www.rtbf.be/info/economie/la-justice-risque-de-rendre-linternet-plus…
Belgium wants to go for 2 years in data retention (only in Dutch,
12.08.2009)
http://www.tijd.be/nieuws/ondernemingen_diensten/Justitie_maakt_internet_du…
============================================================
7. Creative Commons licensed works available on Google Books
============================================================
Google Books announced on 13 August 2009 the launching of an initiative
allowing writers, artists and publishers to specify their works as Creative
Commons (CC) works, being able to choose between the six CC version 3
licenses, a public domain license or the CC "no rights reserved" license.
This gives right holders a simple way to give clear indications on the legal
rights they have to CC-licensed works found through Google Books and tell
readers whether and how they can use the copyrighted books.
A few authors have already made their CC books available on Google Books and
these books have been marked by a matching logo on the book's left hand
navigation bar. Books can thus be downloaded, shared and even modified and
remixed if the right holder has chosen to allow this.
People downloading these books agree to use them only as specified by the
license, as for instance giving proper credit to the author in case of
remixing and further public distributions.
Google Books also announced that according to the publisher's choice, it
will introduce the option to restrict searches of books accordingly.
Representatives of the Book Rights Registry have also shown the intention to
allow the free distribution by right holders of CC-licensed works in case
the settlement is approved in court.
This action might come also in light of the late criticism and investigation
of Google Books by the European Commission with the hearing to come very
soon on 7 September. The hearing seems to come late, as 4 September is
the deadline of submissions on the settlement that the US Judge has set in
this case. With a final decision in this case estimated on 7 October, the
European hearing finds widespread disagreement between different publishers.
Bringing the power of Creative Commons to Google Books (13.08.2009)
http://booksearch.blogspot.com/2009/08/bringing-power-of-creative-commons-t…
Google Books adds Creative Commons license options (13.08.2009)
http://creativecommons.org/weblog/entry/16823
Europe Divided on Google Book Deal (24.08.2009)
http://www.nytimes.com/2009/08/24/technology/internet/24iht-books.html
EDRI-gram: EU EC hearing on Google book deal (29.07.2009)
http://www.edri.org/edri-gram/number7.15/ec-investigating-google-books
============================================================
8. ENDitorial: Dutch NGO Bits of Freedom resumes its activities
============================================================
When EDRi was established, its founders recognized that co-operation
between European digital rights organisations was essential for the
effective protection of digital civil rights in the years ahead. EDRi
would in the subsequent years indeed come to serve as an important
framework for this co-operation.
One of these founders was a Dutch digital rights organization called Bits of
Freedom (BoF). Not only has it helped establishing EDRi, but
it was also one of the first digital rights organisations in Europe.
Thus, it was highly unfortunate that Bits of Freedom announced in August
2006 that it would cease most of its activities. Both full-time
employees decided to leave, and the continuing uncertainty about financing
led to the conclusion that a relaunch at that time was not possible.
Of all the reasons which led to this conclusion, the lack of work was not
one, however: "a bottom-up civil rights movement in the Netherlands
seems more necessary than ever", one of the former directors of Bits of
Freedom wrote in the EDRI-gram at that time.
Now, exactly three years later, we are happy to announce that Bits of
Freedom resumed its activities this month. A substantial initial grant
by the Dutch foundation Internet4All allows Bits of Freedom to start
again defending Dutch civil rights in the information society.
Bits of Freedom will focus on protecting privacy and communications
freedom in a digital age. It will do so by influencing government policy
and self regulation, not only on a national, but also on a European level.
And when doing so on a European level, Bits of Freedom still is convinced
that co-operation between European digital rights organisations remains
an essential part of effectively defending freedom in a digital world.
Bits of Freedom strives to make a meaningful contribution to that
co-operation in the years to come.
The new executive board of the foundation consists of Doke Pelleboer
(former CEO of Dutch ISP XS4ALL), Joris van Hoboken (researcher at the
University of Amsterdam) and Karianne Thomas (attorney at the Dutch law
firm Van Doorne). The organisation will be led by Ot van Daalen (former
attorney at the Dutch law firm De Brauw Blackstone Westbroek).
Bits of Freedom website
http://www.bof.nl
Press release on re-launch of BoF (only in Dutch, 14.08.2009)
http://www.bof.nl/persbericht140809.html
EDRi-gram: End of activities Bits of Freedom (2.08.2009)
http://www.edri.org/edrigram/number4.15/bof
(contribution by Ot van Daalen, Director EDRi-member Bits of Freedom -
Netherlands)
============================================================
9. Recommended Action
============================================================
Public consultation on post-i2010: priorities for new strategy for European
information society (2010-2015)
http://ec.europa.eu/information_society/eeurope/i2010/pc_post-i2010/index_e…
Launch of International Free and Open Source Software Law Review.
http://www.ifosslr.org/ifosslr/announcement/view/1
============================================================
10. Recommended Reading
============================================================
Statewatch analysis - EU agrees on rules for remote computer access by
police forces, but fails, as usual, to mention the security and intelligence
agencies
http://www.statewatch.org/analyses/no-83-remote-computer-access.pdf
The Privacy Jungle: On the Market for Data Protection in Social Networks
http://preibusch.de/publications/social_networks/privacy_jungle_dataset.htm
============================================================
11. Agenda
============================================================
10-12 September 2009, Potsdam, Germany
5th ECPR General Conference, Potsdam
Section: Protest Politics
Panel: The Contentious Politics of Intellectual Property
http://www.ecpr.org.uk/potsdam/default.asp
12 September 2009, Worldwide
2nd International Action Day "Freedom not Fear - Stop the Surveillance
Mania" Demonstrations, Events, Privacy Parties etc. in many countries
http://wiki.vorratsdatenspeicherung.de/Freedom_Not_Fear_2009
16-18 September 2009, Crete, Greece
World Summit on the Knowledge Society WSKS 2009
http://www.open-knowledge-society.org/
17-18 September 2009, Amsterdam, Netherlands
Gikii, A Workshop on Law, Technology and Popular Culture
Institute for Information Law (IViR) - University of Amsterdam
http://www.law.ed.ac.uk/ahrc/gikii/2009.asp
23-24 September 2009, Copenhagen, Denmark
The Net will not forget
European conference on ICT and Privacy
http://www.ict-privacy.dk/
29-30 September 2009, Warsaw, Poland
3rd International Conference "Keeping Children and Young People Safe Online"
http://konferencja.saferinternet.pl/articles-2009/3rd_international_confere…
1-2 October 2009, Barcelona, Spain
6th Communia Workshop: Memory Institutions and Public Domain
http://www.communia-project.eu/ws06
16 October 2009, Bielefeld, Germany
10th German Big Brother Awards
http://www.bigbrotherawards.de/
21-23 October 2009, Istanbul, Turkey
eChallenges 2009
http://www.echallenges.org/e2009/default.asp
24 October 2009, Zurich, Switzerland
Big Brother Awards Switzerland
Deadline for nominations: 31 August 2009
http://www.bigbrotherawards.ch/2009/
24-25 October 2009, Vienna, Austria
3rd European Privacy Open Space
http://www.privacyos.eu
25 October 2009, Vienna, Austria
Austrian Big Brother Awards
Deadline for nominations: 21 September 2009
http://www.bigbrotherawards.at/
29 October - 1 November 2009, Barcelona, Spain
Free Culture Forum: Organization and Action
http://fcforum.net/
3 November 2009, Madrid, Spain
Civil Society Conference: "Global Privacy Standards for a Global Economy"
Organized by Electronic Privacy Information Center
http://www.privacyconference2009.org/privacyconf2009/home/eventos_previos/C…
4-6 November 2009, Madrid, Spain
31st International Conference of Data Protection and Privacy
http://www.privacyconference2009.org
13-15 November 2009, Gothenburg, Sweden
Free Society Conference and Nordic Summit
http://www.fscons.org/
15-18 November 2009, Sharm El Sheikh, Egypt
UN Internet Governance Forum
http://www.intgovforum.org/
============================================================
12. About
============================================================
EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 29 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRI-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and visibly on the
EDRI website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/
Newsletter editor: Bogdan Manolea <edrigram(a)edri.org>
Information about EDRI and its members:
http://www.edri.org/
European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring
- EDRI-gram subscription information
subscribe by e-mail
To: edri-news-request(a)edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
unsubscribe by e-mail
To: edri-news-request(a)edri.org
Subject: unsubscribe
- EDRI-gram in Macedonian
EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edrigram-mk.php
- EDRI-gram in German
EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/
- Newsletter archive
Back issues are available at:
http://www.edri.org/edrigram
- Help
Please ask <edrigram(a)edri.org> if you have any problems with subscribing or
unsubscribing.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0
Fear destroys what Bin Laden could not
By Rober Steinback
Fear destroys what bin Laden could not
ROBERT STEINBACK
rsteinback(a)MiamiHerald.com
One wonders if Osama bin Laden didn't win after all. He ruined the
America that existed on 9/11. But he had help.
If, back in 2001, anyone had told me that four years after bin
Laden's attack our president would admit that he broke U.S. law
against domestic spying and ignored the Constitution -- and then
expect the American people to congratulate him for it -- I would have
presumed the girders of our very Republic had crumbled.
Had anyone said our president would invade a country and kill 30,000
of its people claiming a threat that never, in fact, existed, then
admit he would have invaded even if he had known there was no threat
-- and expect America to be pleased by this -- I would have thought
our nation's sensibilities and honor had been eviscerated.
If I had been informed that our nation's leaders would embrace
torture as a legitimate tool of warfare, hold prisoners for years
without charges and operate secret prisons overseas -- and call such
procedures necessary for the nation's security -- I would have
laughed at the folly of protecting human rights by destroying them.
If someone had predicted the president's staff would out a CIA agent
as revenge against a critic, defy a law against domestic propaganda
by bankrolling supposedly independent journalists and commentators,
and ridicule a 37-year Marie Corps veteran for questioning U.S.
military policy -- and that the populace would be more interested in
whether Angelina is about to make Brad a daddy -- I would have called
the prediction an absurd fantasy.
That's no America I know, I would have argued. We're too strong, and
we've been through too much, to be led down such a twisted path.
What is there to say now?
All of these things have happened. And yet a large portion of this
country appears more concerned that saying ''Happy Holidays'' could
be a disguised attack on Christianity.
More at http://www.miami.com/mld/miamiherald/news/columnists/13487511.htm
-------------------------------------
You are subscribed as eugen(a)leitl.org
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
1
0
Begin forwarded message:
1
0
http://www.courant.com/hc-radiation0303.artmar03,0,2607541.story
Radar Didn't Get Her; Radiation Did
March 3, 2006
By TRACY GORDON FOX, Courant Staff Writer
The large, black SUV passed the woman on the left, abruptly slowed
down, and then dropped behind her. Suddenly, flashing red and blue
lights lit up her rearview mirror.
"Ma'am, you were pulled over because you set off a nuclear radioactive
alarm," a man dressed in a blue jumpsuit-type uniform and a baseball
cap said in a monotone.
It sounds like a scene from the movie "Men in Black." A select group of
state troopers and inspectors from the state Department of Motor
Vehicles now wear ultra-sensitive, portable radiation detectors on
their belts to check for dangerous materials inside large trucks.
But the 45-year-old Suffield woman wasn't hauling nuclear waste. She
had been injected with a radioactive substance for a common medical
test.
Relieved to have completed a series of stress tests on her heart on
Feb. 23, the woman was heading home, seatbelt on, and cruising at the
65 mph speed limit on I-91 north.
Inspectors in the SUV were on a routine assignment when the device
started beeping and they homed in on the woman's car.
The woman, who asked not to be identified, wasn't angry about being
stopped, nor particularly inconvenienced, but baffled as to how police
detected radiation from a substance injected into her body hours
earlier.
The pager-size devices are so new to Connecticut law enforcement that
even state homeland security officials and top state police were at
first perplexed by the woman's story.
"I've never heard of this being done in my entire life," James Thomas,
commissioner of the state Office of Emergency Management and Homeland
Security, said Wednesday. On Thursday, he called Public Safety
Commissioner Leonard C. Boyle, who also did not know that radiation
could be detected in a moving vehicle.
"I was surprised and did not expect that these devices could detect
radiological activity in a moving car," Boyle said. Both men said they
knew that radiation testing is regularly done at truck stops.
Edward Wilds, director for the division of radiation at the state
Department of Environmental Protection, solved the mystery.
Wilds said Thursday that he was consulted on the purchase of the
device. He said DEP workers have carried them for a while to detect
radiation at scenes involving biological hazards. The state purchased
50 of the "radiological pagers," dividing them between the state police
and the DMV, said Bill Seymour, a DMV spokesman.
Seymour confirmed Thursday that a motor vehicle inspector pulled over
the woman.
"When these things go off, they have an obligation to check it out," he
said.
Seymour said the inspector, who has full police powers, identified
himself as being from the DMV and that his truck was marked with the
agency's insignia.
"These are very sensitive devices," Seymour said, adding that some
officers have reported them going off in buildings "because someone in
the next room on the other side of the wall had a stress test."
Doctors said they have heard of radiation sensors going off at nuclear
plants after patients have had stress tests, but not along highways.
"It is certainly conceivable," said Dr. Bernard Clark, chairman of the
department of medicine and associate chief of cardiology at St. Francis
Hospital and Medical Center in Hartford. "The glass and steel of a car
wouldn't stop it, if they have an extremely sensitive indicator or
detector."
In stress tests, which monitor a patient's heart at rest and during
activity, technetium and Cardiolite are injected. Cardiolite is a
substance that helps move technetium, a radioactive isotope, to the
heart muscle, allowing doctors to look at how the blood flows to it,
Clark said. The substance has a half-life of about six hours, and then
starts to dissipate, he said.
"These are very safe agents," he said, adding that they are also used
to scan other organs.
The woman said she quickly explained to the officer that she had just
undergone a medical procedure that involved a radioactive substance.
She had to sign a bunch of forms that explained the risks.
The officer seemed satisfied by her answer, and said, " `That's usually
what it is,' " she said. He asked for her license and registration, and
returned to her car a short time later.
"Nobody at my doctor's office warned me this could happen," the woman
said she told the officer. "He said, `That's because they don't know.'
"
She drove home and called her husband, who works for the state, telling
him her strange story. Although she is glad someone is monitoring
radioactivity in the state, the woman said she feels a little violated.
"I was pulled over because of something in my bloodstream," she said.
"There are [federal privacy laws], and I pretty much had to tell him I
had a medical test. I was going to say, `none of your business why I'm
radioactive.' But that wouldn't have gotten me that far."
Clark said he assumes there will be a higher level of vigilance for
radioactive material in the aftermath of the Sept. 11 terrorist
attacks.
"You figure on the interstate highways people are going to ship things
that shouldn't be shipped," the doctor said. "Most people aren't
radioactive. If they are, you'd probably want to know why. Are you
carrying weapons grade plutonium, or did you just get a stress test?"
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
1
0
Robert,
Just sent this to gsc. Not sure if it will get through. Feel free to
forward (gsc or anywhere) if you think it's of interest.
----
http://www.avertlabs.com/research/blog/index.php/2009/04/29/laundering-as-a…
ervice/
Laundering as a Service
Wednesday April 29, 2009 at 5:24 am CST
Posted by Francois Paget
Money laundering is a process for concealing the origin of funds
generated by illegal means. People generally associate money
laundering with drug trafficking, gun smuggling, or corruption. But
funds misappropriated by identity theft, phishing, and carding also
have to be laundered. Today, the mushrooming of virtual money (or e-
currency) makes the job easier when you need to eliminate traces of
suspicious actions. In the past, E-Gold and WebMoney were frequently
under suspicion and had to respond to serious allegations of having
been used to transform dirty money into clean money.
But they are not unique; ECUMoney, Liberty Reserve, PerfectMoney,
Pecunix, etc. are also on the scene. As with all digital gold
currencies, these exchangers offer nonreversible transactions, which
is a primary advantage when you want to manipulate money.
Today, websites proposing virtual money exchanges are numerous on the
Internet. They are profitable for their owners because they are
subject to significant exchange commissions. It is also relatively
safe for the people offering these services. In the past, malware
authors explained they created their programs only for educational
purposes and were not responsible for any inappropriate use. Today
administrators of such websites are trying to claim they are not
liable for the origin of the transmitting money.
Here too, the network is turning professional, and many former crooks
are now specializing in this field. In October 2004, the U.S. Secret
Service arrested people said to be responsible for a set of credit
card and identity thefts that had plagued Internet users. It was the
result of Operation Firewall. Most of them frequented ShadowCrew, a
worldwide marketplace where thousands of members traded stolen credit
cards and debit cards, as well as bank account numbers and counterfeit
identification documents, such as drivers licenses, passports, and
Social Security cards.
One convicted person, using Voleur (French for thief) as a
pseudonym, set up a special payment system for cybercrime
transactions. For a 10 percent commission, he exchanged cash for E-
Gold, the well-known and controversial digital gold currency. Voleur
laundered money for dozen of deals of forum members, moving amounts
ranging from $40,000 to $100,000 per week. With about twenty other
individuals, he pleaded guilty in November 2005, was sentenced in June
2006, and was released later on.
At that time, Voleurs work was not institutionalized. But today, I
believe, this individual is again in business and manages some
websites specialized in giving advice for digital currency activities.
One of them is named Voleur Financial Services; thats a tall order!
[image]
On another site from the same origin (same administrators), we can see
some examples of current fees:
[table]
Many people want to seize power in this fruitful business, and there
are no holds barred. Enemies of Voleur often spread stories of him on
the Internet and do not hesitate to reveal bank account numbers.
[image]
U.S. nationals are not alone in this business. At the time of
Operation Firewall, an Eastern Europe married couple (he is Russian,
she is Ukrainian), their son, and several other people were arrested
after they moved more than $35 million in suspect funds through their
company, a pioneer of virtual money exchange. Their office was
originally located in the Empire State Building, in New York City.
Approximately $20 million flowed through E-Gold digital currency
accounts. It is also estimated they purchased approximately $15
million worth of Webmoney digital currency.
Now, from the Manhattan House of Detention, the main prisoner/offender
keeps his blog, gives security advice, and is visited by compassionate
countrymen. Some of his friends (I suppose) still manage such
exchange sites from Russia. From one of them, these screen shots show
transfer fees and how easy it is to remain anonymous in the world of
money transfers.
[image]
When you visit the website, you will discover a touching interview
made in a U.S. jail and the (presumed) building housing the actual
company: a bit empty, but nonetheless prestigious in the New York area.
[image]
In early April, at an annual conference of the Association of Russian
Banks, Finance Minister Alexei Kudrin explained that many small banks
are now engaged in money laundering. It seems that many suspicious
online companies are also engaged in this business both in and outside
of Russia.
1
0
============================================================
EDRi-gram
biweekly newsletter about digital civil rights in Europe
Number 7.16, 26 August 2009
============================================================
Contents
============================================================
1. The Pirate Bay - public enemy number one
2. Italian DNA database: The devil is in the details
3. People convicted in UK for refusing to surrender cryptographic keys
4. Google's Street View contested in France and Switzerland
5. UK: p2p three strikes clamp down despite civil liberties concerns
6. Belgium: Minister of Justice wants 2 years of data retention
7. Creative Commons licensed works available on Google Books
8. ENDitorial: Dutch NGO Bits of Freedom resumes its activities
9. Recommended Action
10. Recommended Reading
11. Agenda
12. About
============================================================
1. The Pirate Bay - public enemy number one
============================================================
The Pirate Bay (TBP) seems to be the website in the limelight these days,
after the music industry decided to attack it with every legal possibility
and in any country they can, with actions in Denmark,
Netherlands, Norway, Ireland and, of course, Sweden. The move seems not to
have troubled the website too much, but has definitely given it a lot of
publicity.
Thus the Pirate Bay was offline for a few hours on 24 August 2009, after its
ISP, called Black Internet, was obliged by a Swedish court order, following
an action from the music industry, to disconnect the website from Internet.
Otherwise Black Internet would had to pay penalties of 500 000 Swedish
Krowns (approx. 50 000 euros). But TPB already had in place a backup
solution, after the other problems with the music industry this year, and
came back online in a few hours, with a message for the "attackers":
"The MAFIAA has spent millions of dollars and endless amounts of time to get
this ban in order. Our guess is that they also bribed a bit to get it since
it violates so many laws not only in Sweden but also in the EU, not to
mention violations against human rights. And what do they have to show for
it? 3 hours of partial downtime"
In Ireland, according to the understanding reached by the music record
companies and the Irish ISP Eircom in January 2009, and to the order issued
by The High Court on 24 July 2009, Eircom has agreed to cut off the access
to TPB starting with 1 September 2009.
The agreement Eircom made with the music industry implied that the Irish ISP
would implement a three-strikes system to its users deemed guilty of
copyright infringement and also that it would not oppose any application to
the court to block access to The Pirate Bay.
Irish divisions of EMI, Warner, Universal and Sony music companies have also
sent official requests to the other Irish ISPs to block access to the
Pirate Bay website but, for the time being, this request was denied by UPC
and BT Ireland.
"UPC has informed the rights holders that there is no basis under Irish law
requiring an ISP to block access to certain websites and that it will not
agree to a request that goes beyond what is currently provided for under
Irish law," stated UPC who added that "UPC has every intention of vigorously
defending its position in Court."
BT Ireland has also confirmed that it has refused the music industry request
considering "there is no legal basis for such a request".
In Norway, a coalition of 21 movie and music industry companies sued
Telenor, the country's largest ISP trying to force it to block TPB. The
hearing is to take place in October.
In Netherlands, the anti-piracy organisation, BREIN won a court case at the
end of July against TPB. An Amsterdam court has ruled that the Swedish site
must cease its operations in 10 days in Netherlands. Otherwise they will
need to pay 30 000 euros per day in penalties. Even though the ten days have
passed now, the sentence is not applied yet and the three defendants have
already appealed the case. The two parties have clashed before the appeal at
the Hacking at Random, with a public juicy encounter between the head of
BREIN, Tim Kuik and the Pirate Bay co-founder Gottfrid Svartholm.
All these publicity on the Pirate Bay could be connected with the purchase
of the site by the Swedish company Global Gaming Factory, which is estimated
to be closed by the end of this week.
Eircom to block the Pirate Bay from September; UPC not so keen (19.08.2009)
http://www.tjmcintyre.com/2009/08/eircom-to-block-pirate-bay-from.html
Eircom to block internet access to Pirate Bay as other firms refuse
(20.08.2009)
http://www.irishtimes.com/newspaper/frontpage/2009/0820/1224252952116.html
Eircom Agrees to Block Pirate Bay Access (20.08.2009)
http://torrentfreak.com/eircom-agrees-to-block-pirate-bay-access-090820/
UPC Refuses to Block Pirate Bay (19.08.2009)
http://www.irishtimes.com/newspaper/breaking/2009/0819/breaking49.htm
Pirate Bay Faces ISP Block in Norway (19.08.2009)
http://freakbits.com/pirate-bay-faces-isp-block-in-norway-0819
Pirate Bay and BREIN Clash at Hacker Conference (16.08.2009)
http://torrentfreak.com/pirate-bay-and-brein-clash-at-hacker-conference-090…
Pirate Bay website back online (25.08.2009)
http://news.bbc.co.uk/2/hi/technology/8217800.stm
EDRI-gram: The big record companies are after Irish ISPs (15.07.2009)
http://www.edri.org/edri-gram/number7.14/irish-isp-copyright
============================================================
2. Italian DNA database: The devil is in the details
============================================================
On 30 June 2009, the Italian Parliament finally passed Law No. 85 that
ratifies the Prum Convention and forms the legal ground for the creation of
an Italian National DNA Database (NDNAD).
Although this law might have benefited from UK and USA court experience in
the field of DNA forensics, the current text indicates that neither British
nor American case law have been taken into consideration. Furthermore, the
law is flawed by a foggy understanding of the technicalities behind DNA
profiling and sloppy wording that certainly will not facilitate the work of
lawyers, prosecutors or judges. Just to highlight a few of these
inconsistencies, it must be noted that art. 8 (Attivita` del laboratorio
centrale per la banca dati nazionale del DNA - Activity of NDNA Database
Central Laboratory) lacks any general provision that would oblige all the
responsible parties to adopt serious and adequate security measures against
unauthorized access, data tampering, and illegal handling of data and
information.
Furthermore, art. 9 (Prelievo di campione biologico e tipizzazione del
profilo del DNA - Mandatory DNA Sample Collection and DNA Profile
Sequencing) states nothing about the need for a properly established chain
of custody. It is crucial that the collected sample be processed, both
technically and administratively, in such a way that it would be impossible
for a "planted" or "altered" sample to be used. This requirement was proven
vitally important in the OJ Simpson trial (held between 1994 and 1995 at the
Los Angeles Court in the USA) where the value of DNA evidence was
successfully challenged by the defendant due to law enforcement gaffes.
As if this wasn't enough, nothing is said about the effect of an improperly
managed chain of custody on admissibility of the samples as evidence in
Court. This is an issue similar to the one raised in the computer forensics
field, where there is an vigorous ongoing debate about the
admissibility/reliability of digital (volatile) information presented in
Court without a documented and technically well-grounded chain of custody
(the relevance of this issue is enhanced by the recent finding that DNA
samples can be easily faked without expensive facilities.)
This same lack of perspective can be observed in art.10 (Profili del DNA
tipizzati da reperti biologici acquisiti nel corso di procedimenti penali -
DNA Profiles Sequenced from Biological Samples gathered during Criminal
Investigations). (Its impact on due process and the right of defense are
addressed in the analysis of art. 12). This section deals with sample
tracing and access to data. Law enforcement officers can access the NDNA
database without prior authorisation from the prosecutor or the judge that
is responsible for the investigation involving the sample or profile in
question (under Italian law, law enforcement bodies are under the direction
and control of the public prosecutor). Since the article is silent about the
matter, only future court decisions will determine whether prior
authorization is needed to access the NDNA database, thus leaving wide open
a window of several years in which "anything can happen". It is worth
pointing out that there is no mention of defense and victim's lawyers in
this provision, thus making it impossible for them to make reasonable
discovery demands.
The third provision in art.12 requires neither the positive identification
of the personnel accessing the NDNA database and material in the central
lab, nor the secure logging of access to and activity involving the profile
and sample.
Art.13 also raises concerns (Cancellazione dei dati e distruzione dei
campioni biologici - Data Erasire and Destruction of Biological Samples).
Provision 3 doesn't clearly identify who is in charge of ordering the
destruction of samples and profiles. It would have been far more appropriate
(and easier) to say that samples, profiles and all of its related
information cannot be used during the trial. A judge in the preliminary
investigation, preliminary hearing or trial - depending on the stage of the
trial - orders the destruction of both profiles and samples from the NDNA
database, the central laboratory and any other place where this information
is stored (e.g. prosecutor's docket, law enforcement investigator files,
etc.)
Art.14 deals with punishment for a public officer that communicates or uses
data and information without authorization, or for purposes other than those
stipulated specifically in the law. Well, the punishment is incredibly
light: a jail term of between one and three years. This means that by
pleading guilty (up to 1/3 of a reduction in term) and obtaining a further
1/3 reduction for the "attenuanti generiche" (generic circumstances that
decrease the severity of the punishment), a defendant could face a final
jail term of less than six months that could be avoided by simply paying a
fine. Given the magnitude of the matter, one would expect to find harsh
punishments rather than the equivalent of a light slap on the hand.
Two final remarks:
The first one is about technology. The law says nothing about strategic
technological choices. Of course it is not to be expected that a law will
enter into the maze of ICT and molecular biology oddities. Naturally a
series of subordinate administrative acts will be adopted by the ministries
concerned. But what the law might have (and should have) laid down was the
inclusion of principles such as the use of non-proprietary file formats and
technologies (thus avoiding the technological "locked-in" syndrome that
allowed ICT multinationals to create a de facto monopoly since the cost of
converting huge quantities of information to a different format was so high
as to discourage the shift).
The second one concerns the "vicious loop" in assessing crime impact and
crime spreading. By excluding white collar crime profiles from the NDNAD,
the law can alter crime-related statistics. If all you can find in the NDNAD
are violent crimes committed by Africans or Balkan immigrants and
undocumented migrants (they will hardly be involved in stock exchange
frauds), prosecutors will find easier to investigate these crimes, with the
potential result being an injection of "hidden racism" into the justice
system.
To put it briefly: crime statistics are based upon prosecutory
investigations and trials, but if prosecutory investigations are based upon
the NDNA database, the only crimes that will be scrutinized by politicians
will be those that fall into the NDNA database.
Italian NDNA database. The devil is in the details
http://blog.andreamonti.eu/?p=165
(Contribution by Andrea Monti - EDRi-member ALCEI -Italy)
============================================================
3. People convicted in UK for refusing to surrender cryptographic keys
============================================================
According to the Annual Report of the Chief Surveillance Commissioner Sir
Christopher Rose to the UK Prime Minister and Scottish Ministers, people
were sentenced between 1 April 2008 and 31 March 2009 for not having given
their passwords or cryptographic keys, on the basis of powers provided to
authorities by section 49 of the Regulation of Investigatory Powers Act
(RIPA) that came into force in October 2007.
The law, initially intended to deal with organised crime and terrorism,
allows the police and other enforcement agencies to demand from a person
passwords, encryption keys or a clear text transcript of encrypted texts.
Failure to comply can result in two years imprisonment for cases not
involving national security, or five years for terrorism or similar
offences. The required data can be even several years old.
The report, ordered by the House of Commons, shows that there were 26
applications for section 49 RIPA powers, out of which 17 obtained permission
from a judge to proceed. Out of the 17, 15 notices were served and 11 people
having received the notices failed to comply with the request. The actions
resulted in seven charges being brought and two convictions. According to
the report, the types of crimes under investigation in these cases were
"counter terrorism, child indecency and domestic extremism".
Sir Christopher was unable to give details on the two convictions or the
situations regarding the other five charges as the former High Court judge
did not provide such information and the Crown Prosecution Service stated it
could not track down any information on the cases without the defendants'
names.
According to The Home Office, the National Technical Assistance Centre
(NTAC) where the police is suppose to apply in order to obtain a section 49
notice do not follow up the results of the notices they approve and UK
Government Communications Headquarters which apparently covers NTAC, did not
answer to the request of revealing some information on these cases.
Annual Report of the Chief Surveillance Commissioner to the Prime Minister
and to Scottish Ministers for 2008-2009 (21.07.2009)
http://www.surveillancecommissioners.gov.uk/docs1/osc_annual_rpt_2008_09.pdf
Initial password prosecutions in UK (17.08.2009)
http://www.heise.de/english/newsticker/news/143617
Two convicted for refusal to decrypt data (12.08.2009)
http://www.out-law.com/page-10250
EDRi-gram: UK: Decrypt data or go to prison! (10.10.2007)
http://www.edri.org/edrigram/number5.19/ripa-part3-uk
============================================================
4. Google's Street View contested in France and Switzerland
============================================================
After being criticised and contested in several countries in Europe, such as
UK, Germany and Greece and even outside Europe like in Japan, it is the turn
of France and Switzerland to complain against Google's service Street View.
Several complaints have been recorded in France in 2009 against Street View
service as recently indicated by the French Data Protection Authority - CNIL
(Commission nationale de l'informatique et des libertis).
CNIL is keeping an eye of Google's system as the company has introduced in
France this summer tricycles equipped with cameras to explore parks, walking
streets and other less crowded areas. Despite the system introduced by
Google to blur faces and other identification elements such as licence
plates from the images taken by Street View cameras, the system is not 100%
proof. For instance, profiles or faces through grills can still be visible
and are not blurred. Besides, people are also asking for other elements to
be blurred such as the access to private homes.
The French authority is also concerned about the delay in the data treatment
and the retention of raw images. In June, Google committed in front of
European Commission's Article 29 working party to improve this aspect and
delete the raw images but not on a very short term and no precise period of
time was given.
In Switzerland, less than one week after the launching of Street View, the
authorities have already asked for the immediate interruption of the service
under threat of taking the case to court as they consider that Google's
blurring technology is not good enough.
"Numerous reports from the public and our own research show that Google
Street View does not respect the conditions that were laid down. Many faces
and car numbers have not been blurred, or only insufficiently so," stated
Hans-Peter Th|r, the Swiss data protection commissioner who asked Google to
"improve the service and ensure that the images published meet Swiss legal
requirements".
In its defence, Google admitted there were still some flaws in their
technology: "Our face and license plate blurring software is very effective,
but like any new technology it still makes mistakes now and then -
occasionally blurring things that shouldn't be blurred, or missing some
things that should."
Sibastien Fanti, a lawyer specialised in Internet issues, warns on the fact
that all the data gathered by Google is available to US authorities as
according to the USA Patriot Act, any US government agency has access to
data collected anywhere in the world by US firms, even without a court
order. "If the CIA asks to see what was going on in Zurich this spring,
Google isn't going to provide blurred images," says Fanti.
Google's Switzerland spokesman Matthias Meyer admitted that the companies is
collaborating with authorities but stated that "What we are putting on line
are photos of the past. Once they've been taken they don't change, nothing
is shown in real time."
This is far from being reassuring and as it can be seen people in many
countries there are a lot of privacy concerns related to Street View
service.
Google Street View feeds Cnil's complaints (only in French, 10.08.2009)
http://www.01net.com/editorial/504863/google-street-view-alimente-le-bureau…
CNIL in the wheel of Street view tricycle (only in French, 7.08.2009)
http://www.cnil.fr/la-cnil/actu-cnil/article/article/2/40-000-euros-damende…
Switzerland asks the interruption of Google Street View (only in French,
24.08.2009)
http://www.zdnet.fr/actualites/internet/0,39020774,39705022,00.htm
Europe asks for the suppression of the raw images by Google Street View
(only in French, 16.06.2009)
http://www.zdnet.fr/actualites/internet/0,39020774,39504703,00.htm
Big Google is watching you - really? (only in French, 21.08.2009)
http://www.swissinfo.ch/fre/a_la_une/Big_Google_is_watching_you_vraiment.ht…
Street View privacy guarantees remain fuzzy (24.08.2009)
http://www.swissinfo.ch/eng/front/Street_View_privacy_guarantees_remain_fuz…
EDRi-gram: Privacy complaints related to Google's Street View (16.07.2009)
http://www.edri.org/edrigram/number6.14/privacy-street-view
============================================================
5. UK: p2p three strikes clamp down despite civil liberties concerns
============================================================
A new proposal shows that the UK Government has given in to the pressure of
right holders who have complained that the measures proposed by the 'Digital
Britain' report were not powerful enough "to have a significant deterrent
effect on infringing behaviour".
The new proposals would allow Lord Peter Mandelson, UK
Secretary of State, to approve automated sanctions against file-sharers (so
basically a three strikes scheme) and thus, practically, placing the
regulator Ofcom under Mandelson's orders. Apparently, this follows a meeting
between Lord Mandelson and the David Geffen, head of Steven Spielberg's
Dreamworks Studio.
The new proposal also takes into consideration British Recorded
Music Industry's amendment addressed to the Copyright, Designs and Patents
Act proposing that ISPs should be made liable for copyright infringement and
obliged to introduce measures against infringers.
BIS seems to take for granted the opinion of the industry that all
file-sharing is unlawful and that the right solution is represented by
technical measures which actually imply automated network technology to
block websites and user connections.
One of these technical measures is what is called the deep packet inspection
implying the opening by the ISP of each data package. After checking out the
package content, the ISP can decide on interrupting the communication. This
is actually legal interception and is not allowed under EU laws including
the UK law. Technical measures are infringing Amendment 138 of the EU
Telecoms Package but all this does not seem to concern the UK Government.
In line with EU Commissioner Viviane Reding's opinion expressed in July at
the Ludwig Erhard Lecture 2009 Lisbon Council in Brussels, UK MEP Tom
Watson, who has joined the online copyright enforcement debate, believes
drastic measures such as the automated suspension of the Internet connection
are not the best methods to deal with illegal file-sharing. In his opinion,
the policy-makers should rather consider assisting companies in creating new
business models and setting up efficient alternative distribution structures
for online music and entertainment works.
Mr Watson considers the technical measures are only in favour of an industry
that is not ready to change and that the government should find ways to
promote innovation and deal with the changes in the entertainment business
which develop along with the development of the IT technology.
UK 3-strikes - MP urges consultancy not censorship (20.08.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=384&Item…
Mandelson to sit in judgement on UK file-sharers (25.08.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=385&Item…
Government details how Digital Britain Report will become reality
(18.08.2009)
http://www.out-law.com/page-10300
UK anti-filesharing plans get the Mandelson touch (17.08.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=383&Item…
Digital Britain: Government vows to cut illegal file-sharing by 70%
(16.06.2009)
http://www.out-law.com/page-10097
BIS Implementation Plan of Digital Britain (08.2009)
http://www.culture.gov.uk/images/publications/DB_ImplementationPlanv6_Aug09…
Internet cut-off threat for illegal downloaders (25.08.2009)
http://www.guardian.co.uk/technology/2009/aug/25/file-sharing-internet
EDRI-gram: EU Commissioner: Current business models encourage illegal
file-sharing (15.07.2009)
http://www.edri.org/edri-gram/number7.14/reding-business-models-encourage-p…
============================================================
6. Belgium: Minister of Justice wants 2 years of data retention
============================================================
Belgium is starting again to discuss the implementation of the data
retention directive, suggesting a 2-year retention period for electronic
communication traffic data, according with the Flemish newspaper De Tijd.
The initial discussion in 2008 did not passed the criticism received
from the Belgian Data Protection Authority and from the public comments
submitted by an ad hoc alliance of civil society and industry.
The draft was presented these days in the media by the Minister of Justice,
Stefaan De Clerck. He asks for a two year period for data retention,
claiming that the Police and the Prosecutors Office need the data for that
long. The draft foresees that the prosecutor or the magistrate in a case has
to submit a written justification for every query.
The Belgium ISP Association claimed that a period of six months should be
enough, asking the Government to support the costs for a longer period.
Otherwise the cost might be passed to the user, therefore an increased cost
for an Internet connection.
The Belgium Data Protection Authority (DPA) has also considered a two year
period as excessive. In a comment sent to the Government on this topic, the
Authority has suggested a one year period. After that period, all the stored
data needs to be deleted immediately.
The DPA has stated that a public report needs to be made public each
year in order to assess if the data retention is necessary and in what
conditions it was used. The Authority made also several comments on the
text - for a better clarification of the "public networks" definition or the
"exceptional circumstances" when the data can be kept more than 24 months.
Comments from the Belgium DPA on the data retention draft law (only in
French, 1.07.2009)
http://www.privacycommission.be/fr/docs/Commission/2009/avis_20_2009.pdf
Emails kept for 2 years, Internet user might pay (only in French,
12.08.2009)
http://www.rtbf.be/info/economie/la-justice-risque-de-rendre-linternet-plus…
Belgium wants to go for 2 years in data retention (only in Dutch,
12.08.2009)
http://www.tijd.be/nieuws/ondernemingen_diensten/Justitie_maakt_internet_du…
============================================================
7. Creative Commons licensed works available on Google Books
============================================================
Google Books announced on 13 August 2009 the launching of an initiative
allowing writers, artists and publishers to specify their works as Creative
Commons (CC) works, being able to choose between the six CC version 3
licenses, a public domain license or the CC "no rights reserved" license.
This gives right holders a simple way to give clear indications on the legal
rights they have to CC-licensed works found through Google Books and tell
readers whether and how they can use the copyrighted books.
A few authors have already made their CC books available on Google Books and
these books have been marked by a matching logo on the book's left hand
navigation bar. Books can thus be downloaded, shared and even modified and
remixed if the right holder has chosen to allow this.
People downloading these books agree to use them only as specified by the
license, as for instance giving proper credit to the author in case of
remixing and further public distributions.
Google Books also announced that according to the publisher's choice, it
will introduce the option to restrict searches of books accordingly.
Representatives of the Book Rights Registry have also shown the intention to
allow the free distribution by right holders of CC-licensed works in case
the settlement is approved in court.
This action might come also in light of the late criticism and investigation
of Google Books by the European Commission with the hearing to come very
soon on 7 September. The hearing seems to come late, as 4 September is
the deadline of submissions on the settlement that the US Judge has set in
this case. With a final decision in this case estimated on 7 October, the
European hearing finds widespread disagreement between different publishers.
Bringing the power of Creative Commons to Google Books (13.08.2009)
http://booksearch.blogspot.com/2009/08/bringing-power-of-creative-commons-t…
Google Books adds Creative Commons license options (13.08.2009)
http://creativecommons.org/weblog/entry/16823
Europe Divided on Google Book Deal (24.08.2009)
http://www.nytimes.com/2009/08/24/technology/internet/24iht-books.html
EDRI-gram: EU EC hearing on Google book deal (29.07.2009)
http://www.edri.org/edri-gram/number7.15/ec-investigating-google-books
============================================================
8. ENDitorial: Dutch NGO Bits of Freedom resumes its activities
============================================================
When EDRi was established, its founders recognized that co-operation
between European digital rights organisations was essential for the
effective protection of digital civil rights in the years ahead. EDRi
would in the subsequent years indeed come to serve as an important
framework for this co-operation.
One of these founders was a Dutch digital rights organization called Bits of
Freedom (BoF). Not only has it helped establishing EDRi, but
it was also one of the first digital rights organisations in Europe.
Thus, it was highly unfortunate that Bits of Freedom announced in August
2006 that it would cease most of its activities. Both full-time
employees decided to leave, and the continuing uncertainty about financing
led to the conclusion that a relaunch at that time was not possible.
Of all the reasons which led to this conclusion, the lack of work was not
one, however: "a bottom-up civil rights movement in the Netherlands
seems more necessary than ever", one of the former directors of Bits of
Freedom wrote in the EDRI-gram at that time.
Now, exactly three years later, we are happy to announce that Bits of
Freedom resumed its activities this month. A substantial initial grant
by the Dutch foundation Internet4All allows Bits of Freedom to start
again defending Dutch civil rights in the information society.
Bits of Freedom will focus on protecting privacy and communications
freedom in a digital age. It will do so by influencing government policy
and self regulation, not only on a national, but also on a European level.
And when doing so on a European level, Bits of Freedom still is convinced
that co-operation between European digital rights organisations remains
an essential part of effectively defending freedom in a digital world.
Bits of Freedom strives to make a meaningful contribution to that
co-operation in the years to come.
The new executive board of the foundation consists of Doke Pelleboer
(former CEO of Dutch ISP XS4ALL), Joris van Hoboken (researcher at the
University of Amsterdam) and Karianne Thomas (attorney at the Dutch law
firm Van Doorne). The organisation will be led by Ot van Daalen (former
attorney at the Dutch law firm De Brauw Blackstone Westbroek).
Bits of Freedom website
http://www.bof.nl
Press release on re-launch of BoF (only in Dutch, 14.08.2009)
http://www.bof.nl/persbericht140809.html
EDRi-gram: End of activities Bits of Freedom (2.08.2009)
http://www.edri.org/edrigram/number4.15/bof
(contribution by Ot van Daalen, Director EDRi-member Bits of Freedom -
Netherlands)
============================================================
9. Recommended Action
============================================================
Public consultation on post-i2010: priorities for new strategy for European
information society (2010-2015)
http://ec.europa.eu/information_society/eeurope/i2010/pc_post-i2010/index_e…
Launch of International Free and Open Source Software Law Review.
http://www.ifosslr.org/ifosslr/announcement/view/1
============================================================
10. Recommended Reading
============================================================
Statewatch analysis - EU agrees on rules for remote computer access by
police forces, but fails, as usual, to mention the security and intelligence
agencies
http://www.statewatch.org/analyses/no-83-remote-computer-access.pdf
The Privacy Jungle: On the Market for Data Protection in Social Networks
http://preibusch.de/publications/social_networks/privacy_jungle_dataset.htm
============================================================
11. Agenda
============================================================
10-12 September 2009, Potsdam, Germany
5th ECPR General Conference, Potsdam
Section: Protest Politics
Panel: The Contentious Politics of Intellectual Property
http://www.ecpr.org.uk/potsdam/default.asp
12 September 2009, Worldwide
2nd International Action Day "Freedom not Fear - Stop the Surveillance
Mania" Demonstrations, Events, Privacy Parties etc. in many countries
http://wiki.vorratsdatenspeicherung.de/Freedom_Not_Fear_2009
16-18 September 2009, Crete, Greece
World Summit on the Knowledge Society WSKS 2009
http://www.open-knowledge-society.org/
17-18 September 2009, Amsterdam, Netherlands
Gikii, A Workshop on Law, Technology and Popular Culture
Institute for Information Law (IViR) - University of Amsterdam
http://www.law.ed.ac.uk/ahrc/gikii/2009.asp
23-24 September 2009, Copenhagen, Denmark
The Net will not forget
European conference on ICT and Privacy
http://www.ict-privacy.dk/
29-30 September 2009, Warsaw, Poland
3rd International Conference "Keeping Children and Young People Safe Online"
http://konferencja.saferinternet.pl/articles-2009/3rd_international_confere…
1-2 October 2009, Barcelona, Spain
6th Communia Workshop: Memory Institutions and Public Domain
http://www.communia-project.eu/ws06
16 October 2009, Bielefeld, Germany
10th German Big Brother Awards
http://www.bigbrotherawards.de/
21-23 October 2009, Istanbul, Turkey
eChallenges 2009
http://www.echallenges.org/e2009/default.asp
24 October 2009, Zurich, Switzerland
Big Brother Awards Switzerland
Deadline for nominations: 31 August 2009
http://www.bigbrotherawards.ch/2009/
24-25 October 2009, Vienna, Austria
3rd European Privacy Open Space
http://www.privacyos.eu
25 October 2009, Vienna, Austria
Austrian Big Brother Awards
Deadline for nominations: 21 September 2009
http://www.bigbrotherawards.at/
29 October - 1 November 2009, Barcelona, Spain
Free Culture Forum: Organization and Action
http://fcforum.net/
3 November 2009, Madrid, Spain
Civil Society Conference: "Global Privacy Standards for a Global Economy"
Organized by Electronic Privacy Information Center
http://www.privacyconference2009.org/privacyconf2009/home/eventos_previos/C…
4-6 November 2009, Madrid, Spain
31st International Conference of Data Protection and Privacy
http://www.privacyconference2009.org
13-15 November 2009, Gothenburg, Sweden
Free Society Conference and Nordic Summit
http://www.fscons.org/
15-18 November 2009, Sharm El Sheikh, Egypt
UN Internet Governance Forum
http://www.intgovforum.org/
============================================================
12. About
============================================================
EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 29 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRI-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and visibly on the
EDRI website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/
Newsletter editor: Bogdan Manolea <edrigram(a)edri.org>
Information about EDRI and its members:
http://www.edri.org/
European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring
- EDRI-gram subscription information
subscribe by e-mail
To: edri-news-request(a)edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
unsubscribe by e-mail
To: edri-news-request(a)edri.org
Subject: unsubscribe
- EDRI-gram in Macedonian
EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edrigram-mk.php
- EDRI-gram in German
EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/
- Newsletter archive
Back issues are available at:
http://www.edri.org/edrigram
- Help
Please ask <edrigram(a)edri.org> if you have any problems with subscribing or
unsubscribing.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
1
0