July 2018 - cypherpunks-legacy

Re: [liberationtech] decentralized DNS...
by Robert Guerra 06 Jul '18

06 Jul '18

Another option is to use a hosting service, a registry and registrar that are in a jurisdiction that is out of reach of US authorities.. here's a recent post from Byron Holland, the CEO of CIRA (the top level country code domain for Canada- .ca) http://blog.cira.ca/2012/03/domain-name-seizures-and-ca/ Posted by: Byron Holland Domain name seizures have been top-of-mind for many people lately. It was one of the topics identified at the Canadian Internet Forum, and the high profile seizure by the U.S. government of the Canadian online gambling site bodog.com has been getting a lot ofmedia attention. This also isnbt the first time the U.S. government has seized domain names based on billegalb activity. In 2010, a number of .COM, .NET and .ORG domains were seized, and a country code top-level domain (ccTLD) operated by VeriSign in California, .TV, wasseized as well. In 2011, another 150 were seized. For the most part, the Internet does not recognize national borders. Internet traffic is routed all over the globe, and itbs possible to register a domain using a wide variety of domain name extensions. Herebs the thing b the stuff to the right of the dot matters: note that bodog.ca still resolves. If you register a domain name with an extension that is managed in another country, it is likely subject to the laws of that country b full stop. If a website is found to be in violation of American law, and the domain for that site is an extension managed by a U.S. entity, the U.S. government may seize it. If you keep your business in another country (in the case of Canada, register a .CA with a Canadian Registrar and use a Canadian web host), foreign governments canbt unilaterally seize it. CIRA has never been asked by a foreign government to shut down or seize a domain name. The DNS root zone does fall under American jurisdiction with ICANN (through IANA) as the operator. However, ICANN has explicitly stated in a blog post that they do b not take down domain namesb and that they b have no technical or legal authority to do that.b The fact is ICANN couldnbt cherry-pick domains even if it wanted to. If the U.S. government decided that they wanted to shut down a .CA website, and tried to do it through ICANN, they would have to shut down all of .CA in the root zone. This would involve cutting off every single .CA website and email address from the Internet, and theybre not going to do that for a number of reasons (not the least of which is the fact that shutting down the entire .CA domain space and everything in it would be a major international incident). The global economy would freeze if the U.S. government took such an action. The underpinnings of the Internet would be completely undermined. Think about this: the U.S. government hasnbt even shut down the Internet in nations theybve been at war or have very strained relations with b Iraq, Libya, Iran are just a few examples b because the trust that supports the Internet is fundamental to the economic and social well-being of humanity. Given that, why would they shut down an entire top level domain over a single website? The Internet has brought us incredible benefits, many due to the fact that it breaks down national and geographic borders. However, because of the very nature of the Internet b the fact that it is bvirtualb and bin the cloudb b most of us donbt tend to think of it being governed by the laws of a particular nation. But as the bodog.com case demonstrates, it is critically important to be aware of which jurisdiction your digital assets are in, and therefore what laws they may be subject to. _______________________________________________ liberationtech mailing list liberationtech(a)lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: [tahoe-dev] Resurrecting Mojo Nation
by James A. Donald 06 Jul '18

06 Jul '18

On 2012-06-14 6:15 AM, Brian Warner wrote: > The "entire world as one community" case is what we call > the "one grid to rule them all". There are a lot of > engineering/scaling challenges to it (you need log(N) DHTs, > supernodes), in addition to features needed by a > mass-market product if you want that kind of scale (NAT > handling, bandwidth limiting, automatic update, nice UI, > easy installation, etc, etc). On 2012-06-14 6:26 AM, Brian Warner wrote: > Oh, one other thought: another challenge of Mojo Nation was > that each file involved hundreds or thousands of backend > blocks, and the overhead of finding/tracking/downloading > all of them was pretty bad. If I remember right, the blocks > came in fixed sizes (powers of two, up to maybe 1MB), and > each included a little bit of data about all segments of > the file (to avoid the "chunking" reliability problem). The > result was high alacrity (you had to download the whole > file before any part of it became readable, so no > streaming) and really bad disk IO patterns on both upload > and download. This challenge, and its solution, (DHT, host discovery) corresponds to a bittorrent magnet link, and the software that makes such links work. This may well be the most widely used form of file sharing, so the way to go is likely some kind of superset of this existing solution, if we think of the task to solved as file sharing. _______________________________________________ tahoe-dev mailing list tahoe-dev(a)tahoe-lafs.org https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: [liberationtech] decentralized DNS...
by Robert Guerra 06 Jul '18

06 Jul '18

Another option is to use a hosting service, a registry and registrar that are in a jurisdiction that is out of reach of US authorities.. here's a recent post from Byron Holland, the CEO of CIRA (the top level country code domain for Canada- .ca) http://blog.cira.ca/2012/03/domain-name-seizures-and-ca/ Posted by: Byron Holland Domain name seizures have been top-of-mind for many people lately. It was one of the topics identified at the Canadian Internet Forum, and the high profile seizure by the U.S. government of the Canadian online gambling site bodog.com has been getting a lot ofmedia attention. This also isnbt the first time the U.S. government has seized domain names based on billegalb activity. In 2010, a number of .COM, .NET and .ORG domains were seized, and a country code top-level domain (ccTLD) operated by VeriSign in California, .TV, wasseized as well. In 2011, another 150 were seized. For the most part, the Internet does not recognize national borders. Internet traffic is routed all over the globe, and itbs possible to register a domain using a wide variety of domain name extensions. Herebs the thing b the stuff to the right of the dot matters: note that bodog.ca still resolves. If you register a domain name with an extension that is managed in another country, it is likely subject to the laws of that country b full stop. If a website is found to be in violation of American law, and the domain for that site is an extension managed by a U.S. entity, the U.S. government may seize it. If you keep your business in another country (in the case of Canada, register a .CA with a Canadian Registrar and use a Canadian web host), foreign governments canbt unilaterally seize it. CIRA has never been asked by a foreign government to shut down or seize a domain name. The DNS root zone does fall under American jurisdiction with ICANN (through IANA) as the operator. However, ICANN has explicitly stated in a blog post that they do b not take down domain namesb and that they b have no technical or legal authority to do that.b The fact is ICANN couldnbt cherry-pick domains even if it wanted to. If the U.S. government decided that they wanted to shut down a .CA website, and tried to do it through ICANN, they would have to shut down all of .CA in the root zone. This would involve cutting off every single .CA website and email address from the Internet, and theybre not going to do that for a number of reasons (not the least of which is the fact that shutting down the entire .CA domain space and everything in it would be a major international incident). The global economy would freeze if the U.S. government took such an action. The underpinnings of the Internet would be completely undermined. Think about this: the U.S. government hasnbt even shut down the Internet in nations theybve been at war or have very strained relations with b Iraq, Libya, Iran are just a few examples b because the trust that supports the Internet is fundamental to the economic and social well-being of humanity. Given that, why would they shut down an entire top level domain over a single website? The Internet has brought us incredible benefits, many due to the fact that it breaks down national and geographic borders. However, because of the very nature of the Internet b the fact that it is bvirtualb and bin the cloudb b most of us donbt tend to think of it being governed by the laws of a particular nation. But as the bodog.com case demonstrates, it is critically important to be aware of which jurisdiction your digital assets are in, and therefore what laws they may be subject to. _______________________________________________ liberationtech mailing list liberationtech(a)lists.stanford.edu Should you need to change your subscription options, please go to: https://mailman.stanford.edu/mailman/listinfo/liberationtech If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?" You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here: https://mailman.stanford.edu/mailman/listinfo/liberationtech Should you need immediate assistance, please contact the list moderator. Please don't forget to follow us on http://twitter.com/#!/Liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: [tahoe-dev] Resurrecting Mojo Nation
by James A. Donald 06 Jul '18

06 Jul '18

On 2012-06-14 6:15 AM, Brian Warner wrote: > The "entire world as one community" case is what we call > the "one grid to rule them all". There are a lot of > engineering/scaling challenges to it (you need log(N) DHTs, > supernodes), in addition to features needed by a > mass-market product if you want that kind of scale (NAT > handling, bandwidth limiting, automatic update, nice UI, > easy installation, etc, etc). On 2012-06-14 6:26 AM, Brian Warner wrote: > Oh, one other thought: another challenge of Mojo Nation was > that each file involved hundreds or thousands of backend > blocks, and the overhead of finding/tracking/downloading > all of them was pretty bad. If I remember right, the blocks > came in fixed sizes (powers of two, up to maybe 1MB), and > each included a little bit of data about all segments of > the file (to avoid the "chunking" reliability problem). The > result was high alacrity (you had to download the whole > file before any part of it became readable, so no > streaming) and really bad disk IO patterns on both upload > and download. This challenge, and its solution, (DHT, host discovery) corresponds to a bittorrent magnet link, and the software that makes such links work. This may well be the most widely used form of file sharing, so the way to go is likely some kind of superset of this existing solution, if we think of the task to solved as file sharing. _______________________________________________ tahoe-dev mailing list tahoe-dev(a)tahoe-lafs.org https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: [liberationtech] 29C3 whistleblower panel: Radack, Drake, Binney
by Fabio Pietrosanti (naif) 06 Jul '18

06 Jul '18

On 1/2/13 8:27 AM, Gregory Foster wrote: > > Within the first minute of his talk (~1:28:36), William Binney > describes the legal and intellectual property guidance he received > when retiring from the NSA to set the scene for an announcement that > he has created a "commercial product" which describes a software > architecture akin to ThinThread: Reading from the Wikipedia's relevant page https://en.wikipedia.org/wiki/ThinThread about the software the NSA's folks was trying to use, it seems much like that today they would be just making/using a Palantir's plug-in (http://www.palantir.com/) to do so, connected to the right set of databases . It would be nice a FOIA request to know which kind software and/or software manufacturer get used by US Security Agencies in handling "phone call logs" and/or "email logs" and/or "mobile phone's location data" . We may spot the company where are the NSA's whistleblowers of tomorrow ;-) -naif -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: [ZS] /. ITU Approves Deep Packet Inspection
by Bryce Lynch 06 Jul '18

06 Jul '18

On Wed, Dec 5, 2012 at 1:19 PM, Mark Nuzzolilo II <nuzz604(a)gmail.com> wrote: > I'll take a copy if its not a classified document or anything like that > There's an even better way: http://boingboing.net/2012/12/05/leaked-itus-secret-internet.html Thanks to Asher Wolf of Telecomix for getting hold of the official version and sending it to Boing Boing. Amazing what "please" and "thank you" will still get you... their trying to convince her to treat it as sensitive after the fact was grin worthy, too. -- The Doctor [412/724/301/703] [ZS (MED)] https://drwho.virtadpt.net/ "I am everywhere." -- -- Zero State mailing list: http://groups.google.com/group/DoctrineZero ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

[liberationtech] The Kremlinbs New Internet Surveillance Plan Goes Live Today
by ilf 06 Jul '18

06 Jul '18

This has made quite a wave in Germany, but seemingly not enough anywhere else: http://www.wired.com/dangerroom/2012/11/russia-surveillance/all/ On the surface, itbs all about protecting Russian kids from internet pedophiles. In reality, the Kremlinbs new b Single Registerb of banned websites, which goes into effect today, will wind up blocking all kinds of online political speech. And, thanks to the spread of new internet-monitoring technologies, the Register could well become a tool for spying on millions of Russians. A joint investigation by Agentura.Ru, CitizenLab and Privacy International. -- ilf C ber 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg! -- Eine Initiative des Bundesamtes fC<r Tastaturbenutzung -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

CDR: KJOC lists anarchy symbol with occult
by Saved by Microsoft Internet Explorer 5 06 Jul '18

06 Jul '18

1 0

EDRi-gram newsletter - Number 7.24, 16 December 2009
by EDRI-gram newsletter 06 Jul '18

06 Jul '18

============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 7.24, 16 December 2009 ============================================================ Contents ============================================================ 1. European Civil Society Data Protection Award launched by AEDH and EDRi 2. German Constitutional Court held hearing on data retention 3. Spain discusses shutting down websites without court order 4. The Netherlands promises transparancy regarding wiretapping 5. Future of MySQL investigated by the European Commission 6. EDPS worries about extended powers of agency running EC databases 7. The new Swedish anti-piracy law stirs things for file sharers 8. Italy: The Anopticon project - putting surveillance back in its place 9. ENDitorial: What the conquistadores can teach us about ACTA 10. Recommended Reading 11. Agenda 12. About ============================================================ Seasonal Greetings ============================================================ EDRi sends to all its subscribers best wishes for the New Year and Happy Christmas holidays ! The next issue of EDRi-gram, number 8.1, will be published on 13 January 2010. ============================================================ 1. European Civil Society Data Protection Award launched by AEDH and EDRi ============================================================ AEDH (European Association for the Defence of Human rights) and EDRi (European Digital Rights) is launching the first edition of the European Civil Society Data Protection Award (ECSDPA). The prize aims at rewarding positive initiatives contributing to the visibility and effectiveness of the right to privacy and to the protection of personal data in Europe. The ECSDPA prize will be awarded each year on 28 January, as a European Civil Society contribution to the Data Protection Day. Such achievements and initiatives have to enhance public awareness, stimulate creative and constructive input and favour useful exchanges of information at any level, from the very local neighbourhood to the whole European continent. The award is open to all non-governmental organisations, trade unions, non-profit institutions and any other civil society actor from the 47 member States of the Council of Europe. The ECSDPA winner will benefit from a one week lobbying training in Brussels, travel expenses and lodging being fully covered. The ECSDPA initiative, the first of its kind, has been made possible thanks to the support of The Law Science Technology & Society Research Group of the Vrije Universiteit Brussel (LSTS/VUB) and The Flemish-Dutch House deBuren. The deadline for submitting nominations is 15 January 2010. Nominations should be sent to: nominations at ecsdpa dot org. Operational details about the prize, including application and selection procedures http://www.ecsdpa.org. Press release PDF Format (15.12.2009) http://www.edri.org/files/ECSDPA-PR-151209en.pdf Press release in French: AEDH-EDRi Prix europien de la sociiti civile pour la protection des donnies personnelles: L'Appel a nominations est ouvert http://www.edri.org/files/ECSDPA-PR-151209fr.pdf Press release in German: AEDH-EDRi European Civil Society Data Protection Award: Aurfruf zur Nominierung / Einreichung http://www.edri.org/ecsdpa/press-release/Award-Aurfruf-zur-Nominierung-Einr… Press release in Spanish: Primera edicisn del Premio Europeo de la Sociedad Civil a la Proteccisn de Datos Personales http://www.edri.org/ecsdpa/press-release/Abierta-la-convocatoria-de-candida… Announcement in Dutch - Europese burgerrechtenorganisaties organiseren positieve privacy-prijs https://www.bof.nl/2009/12/15/europese-burgerrechtenorganisatie-positieve-p… Call for ECSDPA - PDF format (15.12.2009) http://www.edri.org/files/Call_European_Civil_Society_Data_Protection_Award… ============================================================ 2. German Constitutional Court held hearing on data retention ============================================================ The German Constitutional Court held a hearing on 15 December 2009 in the largest constitutional case ever regarding the local implementation of the data retention law. The motion has been supported by over 34 000 people. The law has already been limited by the court with two earlier interim measures. The new Justice Minister Sabine Leutheusser-Schnarrenberger is in an awkward position, as she has joined the action against the law as a member of the opposition. But now she also needs to represent the Government in supporting the law in front of the Court. Constitutional Court President Hans-J|rgen Papier said at the beginning of the hearing that the complaint raises fundamental questions about the relationship between freedom and security. During the hearing the Green Party politician Volker Beck, warned of a "black day for the Magna Carta of privacy." Constanze Kurz of the EDRi-member Chaos Computer Club warned about the potential abuses of the retained data and that their combination with other data could lead to a precise overview of every movement of the citizens. The concerns were confirmed by the German Federal Data Protection Supervisor Peter Schaar who explained that the mobile phone companies retained more location data than just the network cell where the user was. The hearing also included information from independent experts. The Dresden computer science professor Andreas Pfitzmann explained how the retention of communications data threatened and weakened significantly the democratic society. For the constitutionality of the law spoke Christopher Moller, representative of the Federal Government in the proceedings, who, however, conceded that the legislation restricted the basic rights by the retention of telecommunication data. The government representative was questioned by the judges who were very critical to his assertions. The Government representative was also backed by Police representatives who showed examples when the law could be useful, and the representatives of the Federal Music Industry and Association of German Publishers. A verdict is expected from the court in two to three months. Live coverage of the hearing (only in German, 15.12.2009) http://www.netzpolitik.org/2009/ticker-muendliche-anhoerung-zur-vorratsdate… Press release of the data retention working group (only in German, 15.12.2009) http://www.vorratsdatenspeicherung.de/content/view/344/55/lang,de/ Retention before the Federal Constitutional Court: Critical issues, serious concerns (only in German, 15.12.2009) http://www.heise.de/newsticker/meldung/Vorratsdatenspeicherung-vor-dem-Bund… Germany's largest-ever class action suit kicks off (15.12.2009) http://www.google.com/hostednews/afp/article/ALeqM5huG0kV5ePFTymKEAu8WzwLVr… ============================================================ 3. Spain discusses shutting down websites without court order ============================================================ Despite the recent statements of Spanish culture Minister Angeles Gonzalez-Sinde and the warnings received from Commissioner Reding, the Spanish Government announced at the beginning of December 2009 a proposal that may lead to shutting down websites that offer P2P file sharing of music and films, without the necessity of a court order. The draft law for Sustainable Economy that may come into force in 2010, if approved by the Parliament, includes a modification that introduces an Intellectual Property Commission which will have the power to shut down web sites considered as illegally sharing cultural copyrighted content. The proposal has brought forth the vivid reaction of Internet users, media representatives, bloggers, professionals and creators. The meeting that took place on 3 December between the representatives of opponents to the draft law and Sinde did not succeed in getting any results due to the large differences of opinions. Sinde continues to state that the proposed legislation will not target individual Internet users who download material but web sites that illegally offer the possibility of downloading copyrighted works and that in no case would anyone's Internet connection be cut off. Prime Minister Jose Luis Rodriguez Zapatero also stated the proposed legislation would not threaten the freedom of expression and that it was not the intention of the government to close down web sites. According to the bill, the Intellectual Property Commission will have the power to investigate complaints about Web sites offering the possibility of P2P downloading and, in case it considers the respective websites make money from other people's work, it may close them down. In order to find the sites that infringe the law, the Commission may ask ISPs for the data they deem necessary to identify the respective web sites and the ISPs will be obliged to provide this information. Once the infringement considered proven, the Commission will send warnings to the alleged infringers in order to cease the downloading activity. And finally, if the web sites do not comply, the Commission may require the blocking of the sites or the removal of the illegally shared content. The opponents of the bill accuse the Spanish Government of trying to create a "Culture Police". "The page with most links to copyright-protected content is Google. Are we going to close Google without a judicial order?" asked Victor Domingo, president of the Spanish Association of Internet Users. Despite the Prime Minister's statement that web sites will not be shut down without a court order and that the law will not address the private individuals, several experts and legal advisers show that the draft law contradicts him. In their opinion, the text of the draft law is ambiguous, leaving very much room for interpretation. It also obliges the Internet service operators to reveal information on their users that may lead to blocking Internet connections or to finding out the entire one-year downloading history of a user. The large number of opponents have spontaneously created a manifesto against the propose legislation which says amongst another things that "copyright should not be placed above citizens' fundamental rights to privacy, security, presumption of innocence, effective judicial protection and freedom of expression" and that "the Internet must function freely and without political interference spurred by interested sectors trying to perpetuate an obsolete business model and to prevent human knowledge from continuing to be free." For the present, in Spain, downloading copyrighted material, although illegal, it is not a criminal offence and the courts consider the law is infringed only when the downloading is done for commercial profit. Proposal of Web shutdown power angers Spanish Internet users (3.12.2009) http://www.siliconvalley.com/news/ci_13918879 Dangerous Anti-sharing Law in Spain (3.12.2009) http://www.laquadrature.net/en/dangerous-anti-sharing-law-in-spain The cultural "police" of the Internet will be born (only in Spanish, 2.12.2009) http://www.elpais.com/articulo/cultura/Nace/policia/cultural/Internet/elpep… The anti-downloading law revives the confrontation between the cultural industry and the Internet community (only in Spanish, 2.12.2009) http://www.elpais.com/articulo/cultura/ley/antidescargas/aviva/enfrentamien… The manifest "In the defence of the fundamental rights on the Internet"(in Spanish, 2.12.2009) http://www.internautas.org/html/5871.html We don't believe Zapatero (only in Spanish, 12.12.2009) http://www.internautas.org/html/5889.html EDRi-gram: Spain warned by Commissioner Reding for cutting off Internet access (2.12.2009) http://www.edri.org/edrigram/number7.23/reading-warns-spain-3-strikes ============================================================ 4. The Netherlands promises transparancy regarding wiretapping ============================================================ The Dutch Minister of Justice promised on 26 November 2009 at the request of the Dutch Parliament to provide more transparency regarding wiretapping. The Dutch government is placing relatively many taps on a per-capita basis, compared to other countries. During a debate in the Parliament, members of Parliament voiced their concerns on the lack of transparency and insisted on more accountability. In reaction, the Minister of Justice indicated firstly that the government would provide information on how many internet-taps are placed. It also promised to commission a report regarding the effectiveness of wiretapping. The report will touch on whether the amount of wiretaps is necessary, and to what extent the notification obligation is being complied with. The notification obligation is the obligation to inform persons that they have been tapped. The report will also touch on how many times a request for authorisation to apply a wiretap has been denied by the court. Bits of Freedom, in preparation of the debate, wrote a paper to members of Parliament, insisting on more accountability. The paper was written with the aid of several volunteers. Briefing Bits of Freedom to members of Parliament (only in Dutch, 23.11.2009) http://www.bof.nl/kamerbriefing231109.pdf (contribution by Ot van Daalen - EDRi-member Bits of Freedom - Netherlands) ============================================================ 5. Future of MySQL investigated by the European Commission ============================================================ The acquisition of Sun Microsystems by Oracle is investigated by the European Commission for its potential anti-competition effects, including the future role of MySQL as an open source database software owned by Oracle. The debate between opponents and supporters of the merger has been tenser in the past weeks, after Oracle called on its biggest customers to support its position in the hearings at the European Commission, while the creator of the MySQL Monty Widenius made a public appeal to the open source community to reject the terms of this acquisition, unless Oracle commits to a series of issues that will make sure MySQL will not die: "So I just don't buy it that Oracle will be a good home for MySQL. A weak MySQL is worth about one billion dollars per year to Oracle, maybe more. A strong MySQL could never generate enough income for Oracle that they would want to cannibalize their real cash cow. I don't think any company has ever done anything like that." Oracle attacked on 14 December 2009 by making public a series of 10 public commitments in order to asssure the public and the European Commission of its firm decision to continue its investment in research for MySQL and "to enhance MySQL in the future under the GPL." The move appears to soften the position of the European regulators that will decide at the end of January 2010 on this merger, after the US Department of Justice has already confirmed the deal. The Commission states that the "announcement by Oracle of a series of undertakings to customers, developers and users of MySQL is an important new element to be taken into account in the ongoing proceedings." The critics haven't been convinced of the new commitments, with Florian Mueller, an open critic of the deal, classifying them as "purely cosmetic". He also pointed out that the 5-year limit for the Oracle's public commitments is not enough. Other members of the civil society have already backed the criticism to this deal with a public letter of the Knowledge Ecology International, Richard Stallman and EDRi-member Open Rights Group asking the Commission to block the acquisition. The letter addressed to the EC officials explains that "Oracle seeks to acquire MySQL to prevent further erosion of its share of the market for database software licenses and services, and to protect the high prices now charged for its proprietary database software licenses and services. If Oracle is allowed to acquire MySQL, it will predictably limit the development of the functionality and performance of the MySQL software platform, leading to profound harm to those who use MySQL software to power applications." Letter to the EC opposing Oracle's acquisition of MySQL (19.10.2009) http://keionline.org/ec-mysql Oracle pledge pushes Sun deal forward (14.12.2009) http://www.ft.com/cms/s/0/5d57f36c-e89a-11de-9c1f-00144feab49a.html Monty says: Help Saving MySQL (12.12.2009) http://monty-says.blogspot.com/2009/12/help-saving-mysql.html Oracle's pledges on MySQL are 'purely cosmetic', say critics (14.12.2009) http://www.itworld.com/government/89093/oracles-pledges-mysql-are-purely-co… Oracle users tell EU Sun deal not anticompetitive (10.12.2009) http://www.reuters.com/article/idUSGEE5B92H020091210 ============================================================ 6. EDPS worries about extended powers of agency running EC databases ============================================================ Although not opposed to the creation by the European Commission of a security agency that would be in charge of EU visa and asylum databases, EDPS Peter Hustinx issued an opinion on 7 December 2009 showing his concern related to the expansion of the agency powers. The Commission has proposed the creation of an agency that would run the databases used for the Schengen Information System (SIS II) on cross-border travel within the EU, the Visa Information System and EURODAC, the asylum seeker database. Hustinx is worried because the Commission's proposal says that, besides running the respective databases, the agency should also manage other large-range IT projects. The EDPS believes that certain risks on the privacy of individuals should be "sufficiently addressed in the founding legislative instrument(s)," and urged the Commission to limit the powers of the agency. "The creation of an Agency for such large-scale databases must be based on legislation which is unambiguous about the competences and the scope of activities of the Agency. Such clarity would prevent any future misunderstanding about the conduct of the agency and avoid the risk of function creep. As currently drafted, the proposals do not meet those standards." The EDPS's opinion is that entrusting more such large-scale IT projects to the same body would increase the risk of mistakes and wrongful use of personal data. "The total number of large-scale IT systems managed by one and the same Agency should therefore be restricted to a number with which the data protection safeguards can still sufficiently be assured. In other words, the point of departure should not be to bring as many large-scale IT-systems as possible under the operational management of one Agency." The risk is even greater as in terms of interoperability "similar technology will be used for all systems which can therefore easily be interconnected." For the improvement of the EC proposal, the EDPS recommends the legislator to clarify and decide whether the scope of activities of the Agency "should potentially cover all large-scale IT systems developed in the area of freedom, security and justice" and "to clarify the notion of large-scale IT systems in relation to the establishment of the Agency, and make clear whether it is limited to such systems which have as a feature the storage of data in a centralised database for which the Commission or the Agency is responsible". Huntinx also "encourages the legislator, in the context of the proposed pilot schemes, to clarify the procedure which the Commission should follow before requesting for a pilot scheme. According to the EDPS, such a procedure should include an assessment, which might require a consultation of the European Parliament and the EDPS, of the possible impact on data protection of the initiative developed following such a request." Security database super-agency's powers should be limited, says EU privacy watchdog (8.12.2009) http://www.out-law.com//default.aspx?page=10586 Opinion of the European Data Protection Supervisor - on the proposal for a Regulation establishing an Agency for the operational management of large-scale IT systems in the area of freedom, security and justice (7.12.2009) http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consu… EDPS sees advantages of new Agency for large-scale IT systems, but urges the legislator to better define its scope of activities (7.12.2009) http://europa.eu/rapid/pressReleasesAction.do?reference=EDPS/09/14&format=H… ============================================================ 7. The new Swedish anti-piracy law stirs things for file sharers ============================================================ As already foreseen this summer, the Swedish recording industry is using the new anti-piracy IPRED law to chase filesharers. On 7 December 2009, the Swedish branch of the International Federation of the Phonographic Industry (IFPI) filed a suit with the district court in Stockholm against Direct Connect (DC) file sharing network, trying to force the site to reveal the identity of a user suspected of illegal file sharing. IPFI has investigated a number of file sharing cases until now but this is the first case they have decided to go to court with. "We want to take one at a time. It's a new law and we have to learn how to do this, what the courts want in terms of evidence to be sure that they're not compromising anyone's privacy," stated Ludvig Werner, head of IFPI in Sweden. IFPI has decided to take DC to court although the network is no longer the strongest on the market. "BitTorrent technology is superior for moving large files, but DC is more of a social network. You connect to a hub and are there throughout the day, chatting and exchanging files with one another, sort of like a youth recreation centre on the internet, even if it's not only young people who are there." The dramatic 40% drop in the Internet traffic even the night before the law entered into force on 1 April 2009 (according to the statistics of an ISP coordination organisation) seemed to contradict the experts who had believed IPRED would not have such a big effect on file sharing in Sweden. Yet, after the serious decline in April, file sharing has gradually recovered and in November the Internet traffic surpassed the previous all-time high, reported in March. Certainly, there are other factors besides file sharing that might have contributed to the increase of the traffic. "There is guaranteed to be certain increase in file sharing, but it isn't possible to tell exactly how much. (...) Then you have the illegal video streaming sites, which aren't file sharing in the traditional sense, but which play the same role for users. Watching a movie via a streaming video directly in your web browser is becoming more and more popular" said researcher Kristoffer Schollin. In his opinion, in time, these video steaming sites might gain field in front of file sharing. Anyway, it appears that file-sharing is still increasing. Music industry to test Sweden's anti-piracy law (7.12.2009) http://www.thelocal.se/23698/20091207/ File sharing in Sweden nears record high (6.12.2009) http://www.thelocal.se/23680/20091206/ EDRi-gram: Swedish court: IP addresses are personal data (1.07.2009) http://www.edri.org/edri-gram/number7.13/sweden-ip-addresses-personal-data ============================================================ 8. Italy: The Anopticon project - putting surveillance back in its place ============================================================ Nowadays, CCTVs are the practical implementation of the "Panopticon", theorised in 1791 by Jeremy Bentham as the "ideal prison", one that keeps people in place by using their natural fear of being surveilled. The Anopticon project is a reaction to the huge rise in CCTVs installations in Italian cities. Information on CCTVs - where they are, what they point at, which area is being surveilled - is collected by members of the project and put online, publicly accessible via the "Big Brother Viewer". The project has already concluded that a large part of CCTVs does not provide the "information notice" required by Legislative Decree 196/2003 (which implements the Data Protection Directive in Italy). The project started in Venice, but it soon spread to other cities including Padova, Foggia, Urbino and Solero (Alessandria). More and more "anopticon groups" are born, to contribute to the Big Brother map. Anyone from anywhere can join in. The Anopticon project has also launched the "Denounce illegal CCTVs" campaign: every surveillance device that does not respect Italian data protection law (including the need for an "information notice") will be signalled to the Italian Data Protection Authority, without excluding formal complaints for the more powerful and invasive surveillance systems such as the "Argos" and "Hydra" systems being implemented in Venice which are able to automatically track the movement of boats and people. The Anopticon project - Big Brother Viewer http://www.tramaci.org/anopticon (contribution by Epto) ============================================================ 9. ENDitorial: What the conquistadores can teach us about ACTA ============================================================ When the conquistadores arrived in the Americas, historians tell us that the viruses that they carried caused devastation among the indigenous populations. For the European invaders, who had been subject to the viruses for longer, the illnesses, while still sometimes deadly, were less dangerous than for populations that had not yet been exposed to them. With ACTA as the future EU and US template for free trade agreements with countries around the globe, is this the virus that risks killing free speech, democracy, privacy and access to knowledge even more readily in developing countries than in the countries where it was conceived? Within the EU, a certain amount of resistance has been developed over the years to excessive, destructive and anti-democratic attempts to strangle fundamental principles of civil and human rights. For example, France's original "HADOPI" proposal stumbled over the nation's constitution when it attempted to overturn centuries of legal tradition by undermining the basic principle of "innocent until proven guilty." Similarly, the European Parliament, faced with the threats appearing in France, the UK and elsewhere, defended the rights of citizens by squeezing every legally possible guarantee out of the famous "amendment 138" in the telecoms package. The UK, unfortunately, is still in a critical condition as its government feverishly tries to destroy the concept of a free and open Internet with its "Digital Britain" proposals. It remains to be seen whether that country's democratic safeguards, such as its unwritten constitution and its Human Rights Act will be enough to protect its citizens. Maybe it will be an imaginative web 2.0 campaign by an opposition party in the upcoming national elections that will create a flashmob of the polling stations to disconnect politicians from office if they support narrow business interests ahead of their voters' rights. All of these protections are not available in many of the countries that the EU and US would plan to reach free trade agreements with in the future - agreements that will be based on ACTA. Measures like intermediary liability take on a vastly different meaning in the absence of robust legal defences of civil rights. What happens when Internet access providers are made liable for illicit online content, when they are given an incentive to carry out surveillance on their consumers in the absence of human rights law, in the absence of privacy legislation, in the absence of a democratically-elected government or in the absence of competition? The EU and US will not wish to tie their own hands by demanding strict human rights or privacy protections when imposing ACTA measures on other countries. In any event, even if they wanted to, they could not replicate Europe's experience of 50 years of human rights legislation. Once Internet access providers have paid for the technology to filter and control their consumers' access, the next logical step will be to monetise this control through a non-neutral Internet - one which governments will also be tempted to exploit in the same way as broadcast and print media are frequently exploited to undermine democracy in many countries today. Only months after entering into force, what will be left of the Lisbon Treaty's goal of developing and consolidating "democracy and the rule of law, and respect for human rights and fundamental freedoms" if ACTA becomes the vehicle for undermining civil liberties across the globe? Digital Britain http://www.culture.gov.uk/what_we_do/broadcasting/5631.aspx Telecoms package overview http://en.wikipedia.org/wiki/Telecoms_Package EDRi-gram: ENDitorial: Mobilizing to Stop ACTA (18.11.2009) http://www.edri.org/edrigram/number7.22/acta-mobilizing-to-stop (contribution by Joe McNamee - EDRi) ============================================================ 10. Recommended Reading ============================================================ Report of the 3rd PrivacyOS in Vienna https://www.privacyos.eu/index.php?option=com_content&view=category&layout=… Web inventor: 'Snooping' authorities threaten Internet http://www.euractiv.com/en/infosociety/web-inventor-snooping-authorities-th… ============================================================ 11. Agenda ============================================================ 27-30 December 2009, Berlin, Germany 26th Chaos Communication Congress http://events.ccc.de/congress/2009/ 20-22 January 2010, Namur, Belgium The Conference for the 30th Anniversary of the CRID - An Information Society for All : A Legal Challenge http://www.crid.be/30years/ 29-30 January 2009, Turin, Italy "Cultural Commons" - First International Workshop http://www.css-ebla.it/css/ 29-30 January 2009, Brussels, Belgium Third edition of the Computers, Privacy and Data Protection - CPDP 2010 - An Element of Choice http://www.cpdpconferences.org/ 5 February 2009, Amsterdam, Netherlands Big Brother Awards Netherlands 2010 Candidates for nominations until 12 January to: kandidaten at bigbrotherawards.nl https://www.bof.nl/2009/12/08/geef-kandidaten-op-voor-de-big-brother-awards… 6-7 February 2010, Brussels, Belgium FOSDEM 2010 http://www.fosdem.org/2010/ 29-30 April 2010 EuroDIG 2010 http://www.eurodig.org/ 26-28 May 2010, Amsterdam, Netherlands World Congress on Information Technology http://www.wcit2010.com/ 9-11 July 2010, Gdansk, Poland Wikimedia 2010 - the 6th annual Wikimedia Conference http://meta.wikimedia.org/wiki/Wikimania_2010 ============================================================ 12. About ============================================================ EDRI-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRI has 27 members based or with offices in 17 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram(a)edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request(a)edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. unsubscribe by e-mail To: edri-news-request(a)edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edrigram-mk.php - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram(a)edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

EDRi-gram newsletter - Number 7.24, 16 December 2009
by EDRI-gram newsletter 06 Jul '18

06 Jul '18

============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 7.24, 16 December 2009 ============================================================ Contents ============================================================ 1. European Civil Society Data Protection Award launched by AEDH and EDRi 2. German Constitutional Court held hearing on data retention 3. Spain discusses shutting down websites without court order 4. The Netherlands promises transparancy regarding wiretapping 5. Future of MySQL investigated by the European Commission 6. EDPS worries about extended powers of agency running EC databases 7. The new Swedish anti-piracy law stirs things for file sharers 8. Italy: The Anopticon project - putting surveillance back in its place 9. ENDitorial: What the conquistadores can teach us about ACTA 10. Recommended Reading 11. Agenda 12. About ============================================================ Seasonal Greetings ============================================================ EDRi sends to all its subscribers best wishes for the New Year and Happy Christmas holidays ! The next issue of EDRi-gram, number 8.1, will be published on 13 January 2010. ============================================================ 1. European Civil Society Data Protection Award launched by AEDH and EDRi ============================================================ AEDH (European Association for the Defence of Human rights) and EDRi (European Digital Rights) is launching the first edition of the European Civil Society Data Protection Award (ECSDPA). The prize aims at rewarding positive initiatives contributing to the visibility and effectiveness of the right to privacy and to the protection of personal data in Europe. The ECSDPA prize will be awarded each year on 28 January, as a European Civil Society contribution to the Data Protection Day. Such achievements and initiatives have to enhance public awareness, stimulate creative and constructive input and favour useful exchanges of information at any level, from the very local neighbourhood to the whole European continent. The award is open to all non-governmental organisations, trade unions, non-profit institutions and any other civil society actor from the 47 member States of the Council of Europe. The ECSDPA winner will benefit from a one week lobbying training in Brussels, travel expenses and lodging being fully covered. The ECSDPA initiative, the first of its kind, has been made possible thanks to the support of The Law Science Technology & Society Research Group of the Vrije Universiteit Brussel (LSTS/VUB) and The Flemish-Dutch House deBuren. The deadline for submitting nominations is 15 January 2010. Nominations should be sent to: nominations at ecsdpa dot org. Operational details about the prize, including application and selection procedures http://www.ecsdpa.org. Press release PDF Format (15.12.2009) http://www.edri.org/files/ECSDPA-PR-151209en.pdf Press release in French: AEDH-EDRi Prix europien de la sociiti civile pour la protection des donnies personnelles: L'Appel a nominations est ouvert http://www.edri.org/files/ECSDPA-PR-151209fr.pdf Press release in German: AEDH-EDRi European Civil Society Data Protection Award: Aurfruf zur Nominierung / Einreichung http://www.edri.org/ecsdpa/press-release/Award-Aurfruf-zur-Nominierung-Einr… Press release in Spanish: Primera edicisn del Premio Europeo de la Sociedad Civil a la Proteccisn de Datos Personales http://www.edri.org/ecsdpa/press-release/Abierta-la-convocatoria-de-candida… Announcement in Dutch - Europese burgerrechtenorganisaties organiseren positieve privacy-prijs https://www.bof.nl/2009/12/15/europese-burgerrechtenorganisatie-positieve-p… Call for ECSDPA - PDF format (15.12.2009) http://www.edri.org/files/Call_European_Civil_Society_Data_Protection_Award… ============================================================ 2. German Constitutional Court held hearing on data retention ============================================================ The German Constitutional Court held a hearing on 15 December 2009 in the largest constitutional case ever regarding the local implementation of the data retention law. The motion has been supported by over 34 000 people. The law has already been limited by the court with two earlier interim measures. The new Justice Minister Sabine Leutheusser-Schnarrenberger is in an awkward position, as she has joined the action against the law as a member of the opposition. But now she also needs to represent the Government in supporting the law in front of the Court. Constitutional Court President Hans-J|rgen Papier said at the beginning of the hearing that the complaint raises fundamental questions about the relationship between freedom and security. During the hearing the Green Party politician Volker Beck, warned of a "black day for the Magna Carta of privacy." Constanze Kurz of the EDRi-member Chaos Computer Club warned about the potential abuses of the retained data and that their combination with other data could lead to a precise overview of every movement of the citizens. The concerns were confirmed by the German Federal Data Protection Supervisor Peter Schaar who explained that the mobile phone companies retained more location data than just the network cell where the user was. The hearing also included information from independent experts. The Dresden computer science professor Andreas Pfitzmann explained how the retention of communications data threatened and weakened significantly the democratic society. For the constitutionality of the law spoke Christopher Moller, representative of the Federal Government in the proceedings, who, however, conceded that the legislation restricted the basic rights by the retention of telecommunication data. The government representative was questioned by the judges who were very critical to his assertions. The Government representative was also backed by Police representatives who showed examples when the law could be useful, and the representatives of the Federal Music Industry and Association of German Publishers. A verdict is expected from the court in two to three months. Live coverage of the hearing (only in German, 15.12.2009) http://www.netzpolitik.org/2009/ticker-muendliche-anhoerung-zur-vorratsdate… Press release of the data retention working group (only in German, 15.12.2009) http://www.vorratsdatenspeicherung.de/content/view/344/55/lang,de/ Retention before the Federal Constitutional Court: Critical issues, serious concerns (only in German, 15.12.2009) http://www.heise.de/newsticker/meldung/Vorratsdatenspeicherung-vor-dem-Bund… Germany's largest-ever class action suit kicks off (15.12.2009) http://www.google.com/hostednews/afp/article/ALeqM5huG0kV5ePFTymKEAu8WzwLVr… ============================================================ 3. Spain discusses shutting down websites without court order ============================================================ Despite the recent statements of Spanish culture Minister Angeles Gonzalez-Sinde and the warnings received from Commissioner Reding, the Spanish Government announced at the beginning of December 2009 a proposal that may lead to shutting down websites that offer P2P file sharing of music and films, without the necessity of a court order. The draft law for Sustainable Economy that may come into force in 2010, if approved by the Parliament, includes a modification that introduces an Intellectual Property Commission which will have the power to shut down web sites considered as illegally sharing cultural copyrighted content. The proposal has brought forth the vivid reaction of Internet users, media representatives, bloggers, professionals and creators. The meeting that took place on 3 December between the representatives of opponents to the draft law and Sinde did not succeed in getting any results due to the large differences of opinions. Sinde continues to state that the proposed legislation will not target individual Internet users who download material but web sites that illegally offer the possibility of downloading copyrighted works and that in no case would anyone's Internet connection be cut off. Prime Minister Jose Luis Rodriguez Zapatero also stated the proposed legislation would not threaten the freedom of expression and that it was not the intention of the government to close down web sites. According to the bill, the Intellectual Property Commission will have the power to investigate complaints about Web sites offering the possibility of P2P downloading and, in case it considers the respective websites make money from other people's work, it may close them down. In order to find the sites that infringe the law, the Commission may ask ISPs for the data they deem necessary to identify the respective web sites and the ISPs will be obliged to provide this information. Once the infringement considered proven, the Commission will send warnings to the alleged infringers in order to cease the downloading activity. And finally, if the web sites do not comply, the Commission may require the blocking of the sites or the removal of the illegally shared content. The opponents of the bill accuse the Spanish Government of trying to create a "Culture Police". "The page with most links to copyright-protected content is Google. Are we going to close Google without a judicial order?" asked Victor Domingo, president of the Spanish Association of Internet Users. Despite the Prime Minister's statement that web sites will not be shut down without a court order and that the law will not address the private individuals, several experts and legal advisers show that the draft law contradicts him. In their opinion, the text of the draft law is ambiguous, leaving very much room for interpretation. It also obliges the Internet service operators to reveal information on their users that may lead to blocking Internet connections or to finding out the entire one-year downloading history of a user. The large number of opponents have spontaneously created a manifesto against the propose legislation which says amongst another things that "copyright should not be placed above citizens' fundamental rights to privacy, security, presumption of innocence, effective judicial protection and freedom of expression" and that "the Internet must function freely and without political interference spurred by interested sectors trying to perpetuate an obsolete business model and to prevent human knowledge from continuing to be free." For the present, in Spain, downloading copyrighted material, although illegal, it is not a criminal offence and the courts consider the law is infringed only when the downloading is done for commercial profit. Proposal of Web shutdown power angers Spanish Internet users (3.12.2009) http://www.siliconvalley.com/news/ci_13918879 Dangerous Anti-sharing Law in Spain (3.12.2009) http://www.laquadrature.net/en/dangerous-anti-sharing-law-in-spain The cultural "police" of the Internet will be born (only in Spanish, 2.12.2009) http://www.elpais.com/articulo/cultura/Nace/policia/cultural/Internet/elpep… The anti-downloading law revives the confrontation between the cultural industry and the Internet community (only in Spanish, 2.12.2009) http://www.elpais.com/articulo/cultura/ley/antidescargas/aviva/enfrentamien… The manifest "In the defence of the fundamental rights on the Internet"(in Spanish, 2.12.2009) http://www.internautas.org/html/5871.html We don't believe Zapatero (only in Spanish, 12.12.2009) http://www.internautas.org/html/5889.html EDRi-gram: Spain warned by Commissioner Reding for cutting off Internet access (2.12.2009) http://www.edri.org/edrigram/number7.23/reading-warns-spain-3-strikes ============================================================ 4. The Netherlands promises transparancy regarding wiretapping ============================================================ The Dutch Minister of Justice promised on 26 November 2009 at the request of the Dutch Parliament to provide more transparency regarding wiretapping. The Dutch government is placing relatively many taps on a per-capita basis, compared to other countries. During a debate in the Parliament, members of Parliament voiced their concerns on the lack of transparency and insisted on more accountability. In reaction, the Minister of Justice indicated firstly that the government would provide information on how many internet-taps are placed. It also promised to commission a report regarding the effectiveness of wiretapping. The report will touch on whether the amount of wiretaps is necessary, and to what extent the notification obligation is being complied with. The notification obligation is the obligation to inform persons that they have been tapped. The report will also touch on how many times a request for authorisation to apply a wiretap has been denied by the court. Bits of Freedom, in preparation of the debate, wrote a paper to members of Parliament, insisting on more accountability. The paper was written with the aid of several volunteers. Briefing Bits of Freedom to members of Parliament (only in Dutch, 23.11.2009) http://www.bof.nl/kamerbriefing231109.pdf (contribution by Ot van Daalen - EDRi-member Bits of Freedom - Netherlands) ============================================================ 5. Future of MySQL investigated by the European Commission ============================================================ The acquisition of Sun Microsystems by Oracle is investigated by the European Commission for its potential anti-competition effects, including the future role of MySQL as an open source database software owned by Oracle. The debate between opponents and supporters of the merger has been tenser in the past weeks, after Oracle called on its biggest customers to support its position in the hearings at the European Commission, while the creator of the MySQL Monty Widenius made a public appeal to the open source community to reject the terms of this acquisition, unless Oracle commits to a series of issues that will make sure MySQL will not die: "So I just don't buy it that Oracle will be a good home for MySQL. A weak MySQL is worth about one billion dollars per year to Oracle, maybe more. A strong MySQL could never generate enough income for Oracle that they would want to cannibalize their real cash cow. I don't think any company has ever done anything like that." Oracle attacked on 14 December 2009 by making public a series of 10 public commitments in order to asssure the public and the European Commission of its firm decision to continue its investment in research for MySQL and "to enhance MySQL in the future under the GPL." The move appears to soften the position of the European regulators that will decide at the end of January 2010 on this merger, after the US Department of Justice has already confirmed the deal. The Commission states that the "announcement by Oracle of a series of undertakings to customers, developers and users of MySQL is an important new element to be taken into account in the ongoing proceedings." The critics haven't been convinced of the new commitments, with Florian Mueller, an open critic of the deal, classifying them as "purely cosmetic". He also pointed out that the 5-year limit for the Oracle's public commitments is not enough. Other members of the civil society have already backed the criticism to this deal with a public letter of the Knowledge Ecology International, Richard Stallman and EDRi-member Open Rights Group asking the Commission to block the acquisition. The letter addressed to the EC officials explains that "Oracle seeks to acquire MySQL to prevent further erosion of its share of the market for database software licenses and services, and to protect the high prices now charged for its proprietary database software licenses and services. If Oracle is allowed to acquire MySQL, it will predictably limit the development of the functionality and performance of the MySQL software platform, leading to profound harm to those who use MySQL software to power applications." Letter to the EC opposing Oracle's acquisition of MySQL (19.10.2009) http://keionline.org/ec-mysql Oracle pledge pushes Sun deal forward (14.12.2009) http://www.ft.com/cms/s/0/5d57f36c-e89a-11de-9c1f-00144feab49a.html Monty says: Help Saving MySQL (12.12.2009) http://monty-says.blogspot.com/2009/12/help-saving-mysql.html Oracle's pledges on MySQL are 'purely cosmetic', say critics (14.12.2009) http://www.itworld.com/government/89093/oracles-pledges-mysql-are-purely-co… Oracle users tell EU Sun deal not anticompetitive (10.12.2009) http://www.reuters.com/article/idUSGEE5B92H020091210 ============================================================ 6. EDPS worries about extended powers of agency running EC databases ============================================================ Although not opposed to the creation by the European Commission of a security agency that would be in charge of EU visa and asylum databases, EDPS Peter Hustinx issued an opinion on 7 December 2009 showing his concern related to the expansion of the agency powers. The Commission has proposed the creation of an agency that would run the databases used for the Schengen Information System (SIS II) on cross-border travel within the EU, the Visa Information System and EURODAC, the asylum seeker database. Hustinx is worried because the Commission's proposal says that, besides running the respective databases, the agency should also manage other large-range IT projects. The EDPS believes that certain risks on the privacy of individuals should be "sufficiently addressed in the founding legislative instrument(s)," and urged the Commission to limit the powers of the agency. "The creation of an Agency for such large-scale databases must be based on legislation which is unambiguous about the competences and the scope of activities of the Agency. Such clarity would prevent any future misunderstanding about the conduct of the agency and avoid the risk of function creep. As currently drafted, the proposals do not meet those standards." The EDPS's opinion is that entrusting more such large-scale IT projects to the same body would increase the risk of mistakes and wrongful use of personal data. "The total number of large-scale IT systems managed by one and the same Agency should therefore be restricted to a number with which the data protection safeguards can still sufficiently be assured. In other words, the point of departure should not be to bring as many large-scale IT-systems as possible under the operational management of one Agency." The risk is even greater as in terms of interoperability "similar technology will be used for all systems which can therefore easily be interconnected." For the improvement of the EC proposal, the EDPS recommends the legislator to clarify and decide whether the scope of activities of the Agency "should potentially cover all large-scale IT systems developed in the area of freedom, security and justice" and "to clarify the notion of large-scale IT systems in relation to the establishment of the Agency, and make clear whether it is limited to such systems which have as a feature the storage of data in a centralised database for which the Commission or the Agency is responsible". Huntinx also "encourages the legislator, in the context of the proposed pilot schemes, to clarify the procedure which the Commission should follow before requesting for a pilot scheme. According to the EDPS, such a procedure should include an assessment, which might require a consultation of the European Parliament and the EDPS, of the possible impact on data protection of the initiative developed following such a request." Security database super-agency's powers should be limited, says EU privacy watchdog (8.12.2009) http://www.out-law.com//default.aspx?page=10586 Opinion of the European Data Protection Supervisor - on the proposal for a Regulation establishing an Agency for the operational management of large-scale IT systems in the area of freedom, security and justice (7.12.2009) http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consu… EDPS sees advantages of new Agency for large-scale IT systems, but urges the legislator to better define its scope of activities (7.12.2009) http://europa.eu/rapid/pressReleasesAction.do?reference=EDPS/09/14&format=H… ============================================================ 7. The new Swedish anti-piracy law stirs things for file sharers ============================================================ As already foreseen this summer, the Swedish recording industry is using the new anti-piracy IPRED law to chase filesharers. On 7 December 2009, the Swedish branch of the International Federation of the Phonographic Industry (IFPI) filed a suit with the district court in Stockholm against Direct Connect (DC) file sharing network, trying to force the site to reveal the identity of a user suspected of illegal file sharing. IPFI has investigated a number of file sharing cases until now but this is the first case they have decided to go to court with. "We want to take one at a time. It's a new law and we have to learn how to do this, what the courts want in terms of evidence to be sure that they're not compromising anyone's privacy," stated Ludvig Werner, head of IFPI in Sweden. IFPI has decided to take DC to court although the network is no longer the strongest on the market. "BitTorrent technology is superior for moving large files, but DC is more of a social network. You connect to a hub and are there throughout the day, chatting and exchanging files with one another, sort of like a youth recreation centre on the internet, even if it's not only young people who are there." The dramatic 40% drop in the Internet traffic even the night before the law entered into force on 1 April 2009 (according to the statistics of an ISP coordination organisation) seemed to contradict the experts who had believed IPRED would not have such a big effect on file sharing in Sweden. Yet, after the serious decline in April, file sharing has gradually recovered and in November the Internet traffic surpassed the previous all-time high, reported in March. Certainly, there are other factors besides file sharing that might have contributed to the increase of the traffic. "There is guaranteed to be certain increase in file sharing, but it isn't possible to tell exactly how much. (...) Then you have the illegal video streaming sites, which aren't file sharing in the traditional sense, but which play the same role for users. Watching a movie via a streaming video directly in your web browser is becoming more and more popular" said researcher Kristoffer Schollin. In his opinion, in time, these video steaming sites might gain field in front of file sharing. Anyway, it appears that file-sharing is still increasing. Music industry to test Sweden's anti-piracy law (7.12.2009) http://www.thelocal.se/23698/20091207/ File sharing in Sweden nears record high (6.12.2009) http://www.thelocal.se/23680/20091206/ EDRi-gram: Swedish court: IP addresses are personal data (1.07.2009) http://www.edri.org/edri-gram/number7.13/sweden-ip-addresses-personal-data ============================================================ 8. Italy: The Anopticon project - putting surveillance back in its place ============================================================ Nowadays, CCTVs are the practical implementation of the "Panopticon", theorised in 1791 by Jeremy Bentham as the "ideal prison", one that keeps people in place by using their natural fear of being surveilled. The Anopticon project is a reaction to the huge rise in CCTVs installations in Italian cities. Information on CCTVs - where they are, what they point at, which area is being surveilled - is collected by members of the project and put online, publicly accessible via the "Big Brother Viewer". The project has already concluded that a large part of CCTVs does not provide the "information notice" required by Legislative Decree 196/2003 (which implements the Data Protection Directive in Italy). The project started in Venice, but it soon spread to other cities including Padova, Foggia, Urbino and Solero (Alessandria). More and more "anopticon groups" are born, to contribute to the Big Brother map. Anyone from anywhere can join in. The Anopticon project has also launched the "Denounce illegal CCTVs" campaign: every surveillance device that does not respect Italian data protection law (including the need for an "information notice") will be signalled to the Italian Data Protection Authority, without excluding formal complaints for the more powerful and invasive surveillance systems such as the "Argos" and "Hydra" systems being implemented in Venice which are able to automatically track the movement of boats and people. The Anopticon project - Big Brother Viewer http://www.tramaci.org/anopticon (contribution by Epto) ============================================================ 9. ENDitorial: What the conquistadores can teach us about ACTA ============================================================ When the conquistadores arrived in the Americas, historians tell us that the viruses that they carried caused devastation among the indigenous populations. For the European invaders, who had been subject to the viruses for longer, the illnesses, while still sometimes deadly, were less dangerous than for populations that had not yet been exposed to them. With ACTA as the future EU and US template for free trade agreements with countries around the globe, is this the virus that risks killing free speech, democracy, privacy and access to knowledge even more readily in developing countries than in the countries where it was conceived? Within the EU, a certain amount of resistance has been developed over the years to excessive, destructive and anti-democratic attempts to strangle fundamental principles of civil and human rights. For example, France's original "HADOPI" proposal stumbled over the nation's constitution when it attempted to overturn centuries of legal tradition by undermining the basic principle of "innocent until proven guilty." Similarly, the European Parliament, faced with the threats appearing in France, the UK and elsewhere, defended the rights of citizens by squeezing every legally possible guarantee out of the famous "amendment 138" in the telecoms package. The UK, unfortunately, is still in a critical condition as its government feverishly tries to destroy the concept of a free and open Internet with its "Digital Britain" proposals. It remains to be seen whether that country's democratic safeguards, such as its unwritten constitution and its Human Rights Act will be enough to protect its citizens. Maybe it will be an imaginative web 2.0 campaign by an opposition party in the upcoming national elections that will create a flashmob of the polling stations to disconnect politicians from office if they support narrow business interests ahead of their voters' rights. All of these protections are not available in many of the countries that the EU and US would plan to reach free trade agreements with in the future - agreements that will be based on ACTA. Measures like intermediary liability take on a vastly different meaning in the absence of robust legal defences of civil rights. What happens when Internet access providers are made liable for illicit online content, when they are given an incentive to carry out surveillance on their consumers in the absence of human rights law, in the absence of privacy legislation, in the absence of a democratically-elected government or in the absence of competition? The EU and US will not wish to tie their own hands by demanding strict human rights or privacy protections when imposing ACTA measures on other countries. In any event, even if they wanted to, they could not replicate Europe's experience of 50 years of human rights legislation. Once Internet access providers have paid for the technology to filter and control their consumers' access, the next logical step will be to monetise this control through a non-neutral Internet - one which governments will also be tempted to exploit in the same way as broadcast and print media are frequently exploited to undermine democracy in many countries today. Only months after entering into force, what will be left of the Lisbon Treaty's goal of developing and consolidating "democracy and the rule of law, and respect for human rights and fundamental freedoms" if ACTA becomes the vehicle for undermining civil liberties across the globe? Digital Britain http://www.culture.gov.uk/what_we_do/broadcasting/5631.aspx Telecoms package overview http://en.wikipedia.org/wiki/Telecoms_Package EDRi-gram: ENDitorial: Mobilizing to Stop ACTA (18.11.2009) http://www.edri.org/edrigram/number7.22/acta-mobilizing-to-stop (contribution by Joe McNamee - EDRi) ============================================================ 10. Recommended Reading ============================================================ Report of the 3rd PrivacyOS in Vienna https://www.privacyos.eu/index.php?option=com_content&view=category&layout=… Web inventor: 'Snooping' authorities threaten Internet http://www.euractiv.com/en/infosociety/web-inventor-snooping-authorities-th… ============================================================ 11. Agenda ============================================================ 27-30 December 2009, Berlin, Germany 26th Chaos Communication Congress http://events.ccc.de/congress/2009/ 20-22 January 2010, Namur, Belgium The Conference for the 30th Anniversary of the CRID - An Information Society for All : A Legal Challenge http://www.crid.be/30years/ 29-30 January 2009, Turin, Italy "Cultural Commons" - First International Workshop http://www.css-ebla.it/css/ 29-30 January 2009, Brussels, Belgium Third edition of the Computers, Privacy and Data Protection - CPDP 2010 - An Element of Choice http://www.cpdpconferences.org/ 5 February 2009, Amsterdam, Netherlands Big Brother Awards Netherlands 2010 Candidates for nominations until 12 January to: kandidaten at bigbrotherawards.nl https://www.bof.nl/2009/12/08/geef-kandidaten-op-voor-de-big-brother-awards… 6-7 February 2010, Brussels, Belgium FOSDEM 2010 http://www.fosdem.org/2010/ 29-30 April 2010 EuroDIG 2010 http://www.eurodig.org/ 26-28 May 2010, Amsterdam, Netherlands World Congress on Information Technology http://www.wcit2010.com/ 9-11 July 2010, Gdansk, Poland Wikimedia 2010 - the 6th annual Wikimedia Conference http://meta.wikimedia.org/wiki/Wikimania_2010 ============================================================ 12. About ============================================================ EDRI-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRI has 27 members based or with offices in 17 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram(a)edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request(a)edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. unsubscribe by e-mail To: edri-news-request(a)edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edrigram-mk.php - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram(a)edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0