July 2018 - cypherpunks-legacy

Re: Block directory authorities, is it possible?
by Kevin Smith 06 Jul '18

06 Jul '18

Why hasn't Tor been blocked in China already? Torpark is redirecting to the Google homepage (1). The psiphon homepage has been blocked. The Freegate homepage is blocked. Why not Tor? Could it be that Tor is being used to help identify suspected dissidents? Consider the following: I'm sitting at my home in Beijing using Tor. The Chinese internet police see my computer periodically connecting to a Tor directory server or entry node. They know I am using Tor. Ok. Here's someone using Tor. Who is he? Well, his IP address is linked to Beihang University. A quick check with the Beihang University IT department reveals that he is Kevin Smith in building AB apartment XYZ, his passport number is 123456789, he teaches English and has no record of political activity aside from voting in those despicable American national elections. Not too likely that he is a dissident. Wang Guolu is sitting at home using Tor. The Chinese internet police see his computer periodically connecting to a Tor directory server or entry node. They know he is using Tor. Ok. Here's someone using Tor. Who is he? Well, his IP address is linked to China Netcom in Dalian. A quick check with Dalian China Netcom reveals that he is Wang Guolu who lives in building CD apartment UVW on Renmin Lu. His ID number is 987654321, he has a low paying job at a local factory and is suspected of being a member of the FLG. A relatively low paid factory worker using advanced internet anonymizing software? That just screams dissident. The above situation has been suggested before on the mailing list: http://archives.seul.org/or/talk/Aug-2006/msg00089.html http://archives.seul.org/or/talk/Aug-2006/msg00091.html (1) http://archives.seul.org/or/talk/Dec-2006/msg00076.html Kevin S. On 1/13/07, Pei Hanru <peihanru(a)gmail.com> wrote: >On 2007-1-13 4:44 CST(UTC+8), Mike Perry wrote: >>> I live in China and was/am having difficulties in using Tor, the problem >>> is: it takes quite a long time to build a circuit for the first time I >>> start Tor on my Windows machine. >>> >>> Am I understanding correctly? Are there any actions Tor can take? After >>> all, we cannot simply assume this will not happen in the future. >> >> If the problem right now is just IP blocking you can try the tor >> option HttpProxy which will route your dirserver traffic through an >> http proxy you specify. Unfortunately, certain areas have begun >> blocking by the /tor/ url postfix that dirservers use, independent of >> IP. There is an option in 1.2.x/SVN to tunnel this traffic via other >> tor nodes (via SSL), but I believe it is prone to exploding at this >> point in time. > >Actually, no IP is blocked at this time, it is due to a natural disaster. :( > >It's interesting to evaluate whether the option you mentioned will >defend the attack (that is, blocking all directory authorities), in that >setting, there's no living network-status, how to find "other tor >nodes"? Manually importing required files is an idea, but, it's not that >elegant and finding up-to-date files is a problem. > >I'm curious on more details. :) > >Thanks, >Hanru > ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

1 0

[IP] Re: is restricted cell net access acceptable?
by David Farber 06 Jul '18

06 Jul '18

Begin forwarded message:

1 0

Re: [IP] is restricted cell net access acceptable?
by bts＠evenmere.org 06 Jul '18

06 Jul '18

> Isn't [Web app] access public enough for a mobile terminal where > operators interests do matter, although perhaps not as much as > operators constrain it to today? It restricts one critical component: the iPhone cannot keep a secret. I don't mean that your data isn't safe---I'm sure Apple's put significant effort into keeping secrets in their native apps, and that the SSL/TLS code is well done. I mean that the web apps I can write for an iPhone cannot behave as principals in cryptographic protocols. I can't write an SSH client, for example, or a protocol for any instant messaging system whatsoever. The only way to do such is to run the interesting protocol client remotely, and provide a web interface to access from the iPhone. That unnecessarily involves a third party. As you say, the iPhone is a mobile network terminal---but its capabilities as a peer on that network have been crippled. I also cannot write an editor or viewer for locally stored data---that's a problem related to secret keeping and to the origin-only restrictions on JavaScript. -Brian -- Brian Sniffen bts(a)alum.mit.edu GPG Key fingerprint DED2 61C9 3CBA E7A2 D20D F933 D379 A524 79E0 25F1 Want to verify that I sent this message? Use http://www.gnupg.org/ and http://enigmail.mozdev.org/ with Thunderbird ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com --- end forwarded text -- ----------------- R. A. Hettinga <mailto: rah(a)ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

1 0

[tor-talk] Tor users trackable with common proxy?
by Koh Choon Lin 06 Jul '18

06 Jul '18

Hi I would like to ask for members of this list about the following statement: "The authorities in Singapore are understood to have the ability to track down a person online even if he or she uses anonymizing facilities such as Virtual Private Networking, TOR onion routing, or other forms of proxy servers, and even if encryption is involved. This is because all internet traffic in Singapore is directed through a common proxy choke with date, time and IP stamping operation in place." http://www.sgpolitics.net/?p=7343 -- Regards Koh Choon Lin _______________________________________________ tor-talk mailing list tor-talk(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

EDRI-gram newsletter - Number 6.8, 23 April 2008
by EDRI-gram newsletter 06 Jul '18

06 Jul '18

============================================================ EDRI-gram biweekly newsletter about digital civil rights in Europe Number 6.8, 23 April 2008 ============================================================ Contents ============================================================ 1. EDPS endorses data breach notification provision in ePrivacy Directive 2. More Internet content blacklisted in Europe 3. Russian Government wants to control all WiFi devices 4. Eurobarometers on data protection in EU 5. Setback for IFPI in its case against PirateBay 6. Changes in the German copyright law 7. France considering new rules for web 2.0 8. ENDitorial: Will France introduce the digital guillotine in Europe? 9. Recommended Reading 10. Agenda 11. About ============================================================ 1. EDPS endorses data breach notification provision in ePrivacy Directive ============================================================ The European Data Protection Supervisor (EDPS) has issued his opinion on the new draft text of the Directive on Privacy and Electronic Communications (ePrivacy Directive) as proposed by the European Commission. One of the important changes supported by the EDPS with the new text is the creation of a mandatory security breach notification system. The system should require the Telecoms and ISPs to notify their customers when personal information has been lost. But Peter Hustinx wants to go further and asked for the system to apply not only to "providers of public electronic communication services in public networks but also to other actors, especially to providers of information society services which process sensitive personal data (e.g. online banks and insurers, on-line providers on health services, etc.)." EDPS has explained in his opinion that such a notification has clear benefits: "it reinforces the accountability of organisations, is a factor that drives companies to implement stringent security measures and it permits the identification of the most reliable technologies towards protecting information." and openly supported the concept, despite some private sector opposition. "Indeed, the simple fact of having to publicly notify security breaches causes organisations to implement stronger security standards that protect personal information and prevent breaches." Another important change backed by EDPS in the ePrivacy Directive is the possibility given to legal persons to take action against those who infringe spam provisions. Thus the ISPs, as well as consumer associations and trade unions representing the interest of spammed consumers, may take legal action on their behalf before courts. EDPS wanted to go further by proposing "class actions, empowering groups of citizens to jointly use litigation in matters concerning protection of personal data. In the case of spam, where a large number of individuals are receiving spam, the potential exists for classes of individuals to join together and launch class actions against spammers." EDPS also asked to extend the possibility for the legal persons to ask for damages for any infringement to any provision of the ePrivacy Directive. Peter Hustinx considered that the Directive should therefore broaden its scope of application to include providers of electronic communication services also in mixed (private/public) and private networks and welcomed the clarification regarding the inclusion of a number of RFID applications in the scope of application of the Directive. Opinion of the European Data Protection Supervisor on the Proposal for a Directive amending, among others, Directive 2002/58/EC (Directive on privacy and electronic communications) (10.04.2008) http://edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultat… EDPS Opinion on ePrivacy Directive review: overall positive, but further improvements should be considered (14.04.2008) http://edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/Pres… EU privacy chief wants data breach law for business (17.04.2008) http://www.out-law.com//default.aspx?page=9053 ============================================================ 2. More Internet content blacklisted in Europe ============================================================ The European Ministers of Justice and Internal Affairs have agreed to make publishing bomb-making instructions on the Internet a crime. The French authorities are discussing making the publication on the Internet of any alleged pro-anorexia information a crime. Justice and interior ministers from the EU member states backed a proposal from Commissioner Frattini to harmonise the normative acts that will make the "public provocation to commit a terrorist offence, recruitment, and training for terrorism" a crime. According to the statements of the EU officials publishing these acts on the Internet completed the European legislation in this domain. They described the Internet as "a virtual training camp for militants, used to inspire and mobilise local groups." Gilles de Kerchove, the EU anti-terrorism co-ordinator, declared that there are approx. 5 000 websites that are used to radicalise young people. The plans triggered some criticism from free speech supporters that considered the move could be misused by authorities. Recent news, cited by UK Liberal Democrat MEP Sarah Ludford reports that: "UK police threatened anti-China protestors at the display of the Olympic Torch with arrest under anti-terror laws." Dick Marty, Chairman of the PACE Sub-Committee on Crime Problems and Fight against Terrorism, questioned the Commission's proposal on incorporating the Council of Europe's Convention on terrorism which would "establish the criminal offences of public provocation to commit a terrorist offence, recruitment for terrorism and training for terrorism. However, it omits to include the convention's Article 12 safeguard clause in the operative text of the framework decision. Mentioning fundamental human rights only in the preamble or in a recital is not enough. The message, outside as well as inside Europe, must be clear: anti-terrorist measures must be conditional on respect for fundamental human rights." Ben Hayes also explained in an article for Statewatch the potential problems of the measure: "While the recurring publication of the 'Danish cartoons' of the Prophet Mohammed continues to provoke anger in the Muslim world and a defence of 'free speech' in the West, a proposed EU law on 'public provocation' to terrorism could criminalise widely held political views - but it has barely raised a murmur." Another type of content is now on some French politicians' agenda as public enemy number one: pro-anorexia websites. A draft law that makes any kind of propaganda for products, objects or methods used for an "excessive thinness" a crime was adopted by the National Assembly on 15 April 2008 and now it will pass to the Senate for consideration. The draft law supported by the deputy Valirie Boyer foresees penalties with 2 years imprisonment and 30 000 Euro as fines for publishing such information online. The report drafted by the deputy accused the pro-anorexic websites and the big number of blogs written by young people that are supporters for this method of life, as being too easy to be accessed by the French youth. EU tightens anti-terrorism laws (18.04.2008) http://news.bbc.co.uk/2/hi/europe/7355446.stm "White man's burden": criminalising free speech (04.2008) http://www.statewatch.org/news/2008/apr/viewpoint-bh.pdf Statement by Dick Marty, addressing the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament in Brussels (7.04.2008) http://assembly.coe.int/ASP/APFeaturesManager/defaultArtSiteView.asp?ID=757 Pro-anorexia websites on the point to be declared illegal (only in French, 15.04.2008) http://www.01net.com/editorial/378261/les-sites-pro-anorexie-sur-le-point-d… ============================================================ 3. Russian Government wants to control all WiFi devices ============================================================ On 14 April 2008, Fontanka.ru online newspaper reported that Rossvyazokhrankultura, the Russian Mass Media, Communications and Cultural Protection Service, intends to ask for the mandatory registration of all WiFi devices, including personal home networks, notebook computers, mobile telephones and PDAs. Vladimir Karpov, the deputy director of the agency's communications monitoring division, told the newspaper that wireless Internet users will have to register any electronics using WiFi technology. The registration could take as long as ten days for standard devices like PDAs and laptops and the noncompliance may bring forth the confiscation of the respective equipment. Users wanting to operate a wireless access point or a WiFi-enabled home router must obtain a license which might need, in certain areas, a special approval from the Federal Security Service. While in most countries there is free and open access to WiFi networking with certain limitations on the maximum signal strength of the transmissions, the Russian agency's opinion might reverse previous decisions of the Russian government. In 2004, the State panel for Radio Frequencies gave open rights to a narrow band of spectrum for indoor wireless networks and in July 2007, mobile wireless devices were excluded from the list of electronics requiring registration. Rossvyazokhrankultura, the author of this bureaucratic, unprofessional and extremely unrealistic policy, was created in 2007 by the merger of the Russian media and telecommunications regulatory bodies. "Similar conclusions speak to the complete professional deterioration of a unified regulatory agency. It is now engaged in all manner of fields - protecting cultural riches, registering mass-media outlets, control of legal compliance on personal data, monitoring communications, allocation of radio frequencies and so on. The organization is led by a metallurgic engineer by background. It is unlikely that he can simultaneously manage communications personnel, fine art experts, journalists and attorneys" stated an anonymous industry specialist. Russian Agency Demands Registration for all Wi-Fi Devices (15.04.2008) http://www.theotherrussia.org/2008/04/15/russian-agency-demands-registratio… Wifi ? Niet! (15.04.2008) http://blog.quintarelli.it/blog/2008/04/wifi-niet.html How to kill wireless, Russian style (16.04.2008) http://community.zdnet.co.uk/blog/0,1000000567,10007848o-2000331777b,00.htm… Russian government enacts Byzantine WiFi regulations (16.04.2008) http://arstechnica.com/news.ars/post/20080416-russian-government-enacts-byz… ============================================================ 4. Eurobarometers on data protection in EU ============================================================ According to a couple of Eurobarometer surveys on data protection, issued by the European Commission on 17 April 2008, EU citizens have little faith in the security of data transmission on the Internet. Two surveys were conducted by Gallup in January 2008, investigating the perceptions on data protection among EU citizens and data controllers respectively. The surveys involved about 27000 EU citizens and 5000 companies from all 27 member states. The findings of the surveys show that 82% of European Internet users have little trust in personal data management on the Internet and 64% of EU citizens are concerned about data protection issues feeling that the awareness and information on these topics are not satisfactory enough. The lack of information appeared to be a major problem. Especially the national data protection authorities were rather unknown to most of the EU citizens. Only 28% of respondents said they knew about such institutions existing in their country. Less than half of the respondents think data is properly protected in their own countries and more than half of them considering the legislation cannot cope with the increasing amount of exchanged personal information. The surveys also reveal an increase in the awareness of the risks related to potential abuses of private data, proportional to the increased use of privacy protecting tools and technologies. Privacy-enhancing technologies (PETs) that include automatic anonymisation after a certain lapse of time, encryption tools and cookie-cutters, are better known by companies, more than half of them using now such tools. The studies revealed that, although increasing, the level of awareness it still relatively low among EU citizens. More than two thirds of Internet users in some country (such as Ireland or France) say they have never heard of PETs. One of the topics covered by the studies was data monitoring. Citizens, as well as data controllers, agree on the monitoring of passenger flight details (82%), telephone calls (72%), Internet (75%) and credit card usage (69%) to combat terrorism but only within well-defined limits. About a third of the respondents believe only suspects should be monitored while about 20% wanted even stricter safeguards. Commenting on the results of the surveys, Commission Vice-President Jacques Barrot, temporarily in charge of justice and home affairs, said: "It is our intention to fully analyse and understand the feedback we have been given by Europe's citizens in this survey and we will ensure these comments inform the work we are doing in this area this year. I am convinced that this survey will also be a salutary lesson for all stakeholders involved in handling personal data and maintaining data protection". EU Press Release - Eurobarometer survey measures perceptions amongst European data controllers (17.04.2008) http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/08/248 Eurobarometer survey reveals that EU citizens are not yet fully aware of their rights on data protection (17.04.2008) http://europa.eu/rapid/pressReleasesAction.do?reference=IP/08/592&format=HT… Data Protection in the European Union - Citizens' Perceptions - Analytical Report http://ec.europa.eu/public_opinion/flash/fl_225_en.pdf Data Protection in the European Union - Data Controllers' Perceptions - Analytical Report http://ec.europa.eu/public_opinion/flash/fl_226_en.pdf Online privacy a concern for EU citizens (18.04.2008) http://www.euractiv.com/en/infosociety/online-privacy-concern-eu-citizens/a… =========================================================== 5. Setback for IFPI in its case against PirateBay ============================================================ After the International Federation of the Phonographic Industry (IFPI) sued the PirateBay at the end of March 2008 demanding 1.6 million euro in damages as compensation for 24 albums, new elements have occurred forcing IFPI to limit its demands. The Stockholm District Court indicted the four PirateBay founders (Svartholm Warg, Fredrik Neij, Peter Sunde, and Carl Lundstrvm) for breaking copyright law. The fine to be paid by PirateBay was established according to the number of times the 24 albums were downloaded. Moreover, the companies demanded general compensation as no permission was given by the copyright owners for the downloading. "The damages now being demanded are based on the albums which the prosecutor has included in his indictment. The injury to the record companies, the artists, and the copyright holders caused by The PirateBay's illegal activity is many times greater," said Lars Gustafsson, head of the Swedish chapter of IFPI. "Their numbers are pure fantasy" said Svartholm Warg who claimed the figures were based on multiplying the retail price for the album by the number of times it was downloaded. Now IFPI has had to apologize to Max Peezay (whose given name is Tom Piha), a Swedish rap artist, for having included his album Discokommittin among the albums selected at random for the indictment against The PirateBay, without his permission. IFPI assumed that the rights to the album were owned by music distributor Bonnier Amigo, and therefore has not asked Piha if he wanted to be a party in the suit, while actually Piha owns the rights himself. The artist explained that his main revenues came from concerts rather than album sales and that free downloading was compensated by the fact that he got more fans from people discovering his music on the Internet. As a result, IFPI reduced the level of compensation to be paid by PirateBay by 12 000 euro. However, Piha had to suffer from the process finding himself in the middle of this battle, being questioned by his fans and fellow artists. "I wish I hadn't landed in this situation. I can see now how easy it is to become a pawn in this game," said the artist who disagrees with IFPI's approach. The trial date has not yet been set and in the meantime more artists might come forth in the support of PirateBay. Another new element in this picture is the news that a Swedish policeman who helped in the investigation against The PirateBay is now working for Warners Brothers, a plaintiff in the pending court case. As reported by newspaper Sydsvenskan, the police officer got his job several months after the completion of the preliminary investigation and is now scheduled to appear as a witness in the trial. "The question is how long this was under consideration. If it was under consideration at the time of the investigation then it is a scandal," said Peter Althin, a lawyer defending the PirateBay founders who also added that if it was found that the discussion between the police officer and Warner Brothers started before the end of the investigation, which took a year and a half, it was possible that the prosecution would have to forget about its findings and start again. Max Peezay is a-Ok! (16.04.2008) http://courtblog.thepiratebay.org/2008/04/16/max-peezay-is-a-ok/ Pirate Bay-probing cop on Warner Brothers payroll (18.04.2008) http://www.theregister.co.uk/2008/04/18/pirate_bay_probing_cop_joins_warner… 'Judicial scandal' in Pirate Bay case (18.04.2008) http://www.thelocal.se/11188.html/ IFPI demands $2.5m in damages from The Pirate Bay(1.04.2008) http://www.theregister.co.uk/2008/04/01/ifpi_wants_damages_from_pirate_bay/ Music industry dealt Pirate Bay blow (16.04.2008) http://www.thelocal.se/11144/20080416/ Record companies sue Pirate Bay four (31.03.2008) http://www.thelocal.se/10818/20080331/ ============================================================ 6. Changes in the German copyright law ============================================================ The extension of the copyright law aimed at fighting illegal file-sharing adopted on 11 April 2008 by the German Government creates concerns on how the p2p-related lawsuits will be considered under the new law. The new text forces the ISPs to reveal the names and IP addresses of the file sharers. However, some lawyers warn that the procedure is limited by conditions that could turn against the music industry in court procedings . The present procedure is as follows: industry detectives report the IP numbers of file sharers to the German police who traces the suspects and prosecutes those who offer more than 1000 tracks. However, the industry can demand the police files of all file sharers and has already sued 16 000 of them for civil damages. With the new law, the music industry fears it will no longer have access to this police data and moreover, a prosecuted file-sharer will only have to pay 100 euros instead of 1 000 or more as until now. The old bounties were considered as unfair and irresponsible. Other elements may be unfavourable to the record industry. The limitation to "commercial-scale" file sharers in the new law prevents the industry from catching the small illegal file sharers it has been tracking down lately. The law also makes it more expensive for the industry which has now to support the costs of the legal cases. It is too early yet to decide whether the new law is really good news for file sharers as there is no clear definition of the term "commercial level" for which the 100 euro fine has to be paid in case of law infringement. At this point, the privacy advocates as well as rights holders believe that the interpretation of the law will be in the hands of the court. Music industry slams new German law on file-sharing (13.04.2008) http://www.earthtimes.org/articles/show/198521,music-industry-slams-new-ger… New German copyright makes P2P lawsuits cheaper, more confusing (16.04.2008) http://www.p2p-blog.com/item-603.html EDRi-gram: File-sharers' identification refused by German prosecutors (29.08.2007) http://www.edri.org/edrigram/number5.16/file-sharing-germany ============================================================ 7. France considering new rules for web 2.0 ============================================================ A French Parliamentary report suggests a change in the law (LCEN) that implements the European Directive on e-commerce in order to make clearer the distinction between editing and hosting activities in the new applications related to Web 2.0. The report of the Deputy Jean Dionis du Sijour on the application of the LCEN was updated on 16 April 2008, after the first version was submitted to the Parliament on 23 January. The update concerns some of the latest court decisions in France that established the responsibility of some websites for others' RSS feeds or for user-generated content. The report specifies that the law has created a hosting status that is different from that of an editor and that "this distinction must not be emptied by the court decisions." The report also claims that the law needs to be changed in order to comply with the new applications available, such as hosting collaboratives websites or online auctions. This could be helpful in order to avoid the situation already presented in EDRi-gram, when Paris Tribunal condemned 3 different French websites for linking to another website containing gossip information on a French actor. But the report also suggests increasing the obligations on the hosting companies, especially by making public the methods used to fight illegal activities, that would prove their good will. This provision could be enforced by an independent authority, like the French Data Protection Authority (CNIL). But the French Government does not seem to share this opinion. The new State Secretary in charge with information society, Eric Besson, made clear in the first public appearance that he didn't think that the law needed to be changed. "I will not be the Minister of Internet castration" he declared in a public meeting to Dailymotion, one of the biggest video-sharing French websites. Since Mr. Besson has an objective to present to the French Government by 31 July 2008 the new plan on information society, he may discuss also the problems of the new type of applications on the Internet. Do we need a law to regulate web 2.0 ? (only in French, 16.04.2008) http://www.01net.com/editorial/378317/faut-il-une-loi-pour-reguler-le-web-2… Information report on the application of the LCEN (only in French, 16.04.2008) http://www.assemblee-nationale.fr/13/rap-info/i0627.asp Eric Besson ready to re-discuss the hosters status (only in French, 16.04.2008) http://www.zdnet.fr/actualites/internet/0,39020774,39380497,00.htm EDRi-gram: France: Linking can be damaging to your pockets (9.04.2008) http://www.edri.org/edrigram/number6.7/linking-decison-france ============================================================ 8. ENDitorial: Will France Introduce the Digital Guillotine in Europe? ============================================================ Ever since DADVSI, the French implementation of the European Copyright Directive, Internet users in France have faced increasingly disproportionate threats of punishment for claims of copyright infringement. The latest scheme promoted by the content industry against unauthorized sharing of music and films on Internet is called "flexible response" or "three strikes, you're dead". The principle is simple: repeated infringements result in getting cut off from the Internet. A claimed copyright infringer is identified by automated Internet traffic filtering and by a rightsholders' denunciation. After a complaint to the ISP, a letter is sent warning the alleged infringer that he might be being cut off from the Internet. In the early versions of this scheme the punishing fines were to be sent out automatically, but the fines were later replaced by the proposal to cut off Internet access instead. The proposal further includes the creation of an administrative authority responsible for enforcement, making sure the disconnected Internet users are not able to use the Internet again for a set period of time. The scheme is unclear as to the possibility to appeal a mistaken claim or to whether a punished Internet user can also be sued in a civil law suit. State authorised software for securing Internet connections has been proposed as one solution to uphold legal protection of innocent citizens. Promoted by the French President Sarkozy, flexible response has become known as the suggested main measure in the Olivennes report, which until recently was generally thought to provide the basis for both French and European legislation to come. But not so any more; a majority vote in the European Parliament on the 10 April 2008 suggests otherwise. In contrast to the French solution, the Swedish government has rejected such a regime as disproportionate. The Swedish Ministers of Justice and Culture concluded in March 2008 that ostracism from the Internet as punishment in a society whose daily activities are increasingly intertwined with the digitally networked environment is not proportional to the infringement of copyright, especially without intention for commercial gain. Its only justification, that of deterrence, has been shown repeatedly to be ineffective. The Swedish Government has also pointed out that large owners of media content should "not use the copyright laws to defend old business models" but should do more to provide attractive alternatives to unlicensed filesharing services. In an effort to bring the Swedish Government's policy decision to the European discussion, and to oppose Sarkozy's plans, MEP Christofer Fjellner (EPP) initiated a cross partisan platform together with former French Prime Minister MEP Michel Rocard (PSE) and MEP Guy Bono (PSE), Rapporteur for the European Parliament's Report on Creative Industries. Together they signed, with more than 90 MEPs supporting them, an amendment to the report which effectively rejects flexible response: "Calls on the Commission and the Member States to recognise that the Internet is a vast platform for cultural expression, access to knowledge, and democratic participation in European creativity, bringing generations together through the information society; calls on the Commission and the Member States, therefore, to avoid adopting measures conflicting with civil liberties and human rights and with the principles of proportionality, effectiveness and dissuasiveness, such as the interruption of Internet access." Following the tabling, the internal debate over the amendment intensified and was complicated when the liberal group (ALDE) unexpectedly asked to split the amendment into two parts and vote on them separately, presumably to save flexible response. The first part related the Internet and the importance of rights and proportionality had overwhelming support, while the second part explicitly mentioning "interruption of Internet access" was harder to support for many French MEPs who would not go against the explicit will of their own government. However, with a close vote on the second part, the amendment ended up being passed in its entirety. In the aftermath of the European Parliament's decision, the French Minister of Culture, Ms. Christine Albanel, has clearly announced her intention to move on with the Olivennes proposal. She is currently planning to put it to vote in the French Parliament before the summer. Accordingly, to this date, there are no indications that Sarkozy's decision to use the French Presidency to propagate this scheme at the European level has been revised. In Brussels it is also unclear whether the initiative by MEPs Fjellner, Rocard and Bono will have an impact. Neither of them is listed as a speaker or moderator at the next High Level Conference on Counterfeiting and Piracy on the 13 May 2008, while MEPs who voted in favour of flexible response are. It is a matter of public interest to ensure that there is a balanced debate and that seats are reserved for politicians representing the European Parliament's position on what otherwise risk to be a very controversial conference. In media and the political blogosphere the impact of the vote is increasing. Of particular interest is the correlation between the Member States with a well developed Internet infrastructure and the way their MEPs voted: the digitally advanced Nordic countries have all clearly rejected the French digital guillotine. Amendment 1 by Christofer Fjellner and amendment 2 by Michel Rocard and Guy Bono and others. Report Cultural industries in Europe. Rapporteur Guy Bono (2.04.2008) http://www.europarl.europa.eu/sce/data/amend_motions_texts/doc/P6_AMA(2008)… http://www.europarl.europa.eu/sce/data/amend_motions_texts/doc/P6_AMA(2008)… High Level Conference on Counterfeiting (13.05.2008) http://www.bordermeasures.com/spip.php?article123 Press review http://www.laquadrature.net/en/press-review European Parliament Says No to Internet Ban (10.04.2008) http://sigfridinenglish.wordpress.com/2008/04/10/european-parliament-says-n… Digital economy : head or tail ? (20.04.2008) http://www.laquadrature.net/en/digital-economy-head-or-tail Vote results Bono report http://www.ffii.be/bono (Contribution by Jirimie Zimmermann - La Quadrature du Net and Erik Josefsson - EDRi-member Electronic Frontier Foundation) ============================================================ 9. Recommended Reading ============================================================ More than 250 million Europeans regularly use Internet, says Commission's ICT Progress Report More than half of Europeans are now regular Internet users, 80% of them have broadband connections and 60% of public services in the EU are fully available online. Two thirds of schools and half of doctors make use of fast Internet connections, thanks to strong broadband growth in Europe. These are the findings of a Commission report on the results achieved so far with i2010, the EU's digital-led strategy for growth and jobs. http://ec.europa.eu/information_society/eeurope/i2010/mid_term_review_2008/… ============================================================ 10. Agenda ============================================================ 28-29 April 2008, Vienna, Austria PRISE Final Conference -Towards privacy enhancing security technologies - the next steps http://www.prise.oeaw.ac.at/conference.htm 9-10 May 2008, Florence, Italy Digital communities and data retention http://e-privacy.winstonsmith.info/ 10 May 2008, Florence, Italy Big Brother Awards Italy 2008 http://bba.winstonsmith.info/ 12 May 2008, Bled, Slovenia Workshop on ethics and e-Inclusion http://ec.europa.eu/information_society/newsroom/cf/itemdetail.cfm?item_id=… 15-17 May 2008, Ljubljana, Slovenia EURAM Conference 2008 - Track "Creating Value Through Digital Commons" How collective management of IPRs, open innovation models, and digital communities shape the industrial dynamics in the XXI century. http://www.euram2008.org 20-23 May 2008, New Haven, CT, USA 18th Annual Computers, Freedom, and Privacy conference http://cfp2008.org/ 30-31 May 2008, Bucharest, Romania eLiberatica 2008 - The benefits of Open and Free Technologies http://www.eliberatica.ro/2008/ 6-7 June 2008, Bremen, Germany IdentityCamp - a barcamp around identity 2.0 and privacy 2.0 http://barcamp.org/IdentityCampBremen 17-18 June 2008, Seoul, Korea The Future of the Internet Economy - OECD Ministerial Meeting http://www.oecd.org/FutureInternet 23 June 2008, Paris, France GigaNet is organizing an international academic workshop on "Global Internet Governance: An Interdisciplinary Research Field in Construction" http://tinyurl.com/3y9ld8 26-27 June 2008, London, UK International Conference on Digital Evidence http://www.mistieurope.com/default.asp?Page=65&Return=70&ProductID=8914&LS=… 30 June - 1 July 2008, Louvain-la-Neuve, Belgium First COMMUNIA Conference - Assessment of economic and social impact of digital public domain throughout Europe http://www.communia-project.eu/conf2008 7-9 July 2008, Cambridge, UK Privacy Laws & Business 21st Annual International Conference http://www.privacylaws.com/templates/AnnualConferences.aspx?id=641 7-8 July 2008, London, UK Developing New Models Of Content Delivery Online & Innovative Strategies For Effectively Tackling Copyright Infringement http://www.isp-content-regulation.com/conference.agenda.asp 23-25 July 2008, Leuven, Belgium The 8th Privacy Enhancing Technologies Symposium (PETS 2008) http://petsymposium.org/2008/ 19-20 July 2008, Stockholm, Sweden International Association for Media and Communication Research pre-conference - Civil Rights in Mediatized Societies: Which data privacy against whom and how ? http://www.iamcr.org/content/view/301/1/ 8-10 September 2008, Geneva, Switzerland The third annual Access to Knowledge Conference (A2K3) http://isp.law.yale.edu/ 24-28 September 2008, Athens, Greece World Summit on the Knowledge Society The deadline for articles submission is 10 May 2008 http://www.open-knowledge-society.org/summit.htm ============================================================ 11. About ============================================================ EDRI-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRI has 28 members based or with offices in 17 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 2.0 License. See the full text at http://creativecommons.org/licenses/by/2.0/ Newsletter editor: Bogdan Manolea <edrigram(a)edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request(a)edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. unsubscribe by e-mail To: edri-news-request(a)edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edrigram-mk.php - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram(a)edri.org> if you have any problems with subscribing or unsubscribing ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

EDRI-gram newsletter - Number 6.8, 23 April 2008
by EDRI-gram newsletter 06 Jul '18

06 Jul '18

============================================================ EDRI-gram biweekly newsletter about digital civil rights in Europe Number 6.8, 23 April 2008 ============================================================ Contents ============================================================ 1. EDPS endorses data breach notification provision in ePrivacy Directive 2. More Internet content blacklisted in Europe 3. Russian Government wants to control all WiFi devices 4. Eurobarometers on data protection in EU 5. Setback for IFPI in its case against PirateBay 6. Changes in the German copyright law 7. France considering new rules for web 2.0 8. ENDitorial: Will France introduce the digital guillotine in Europe? 9. Recommended Reading 10. Agenda 11. About ============================================================ 1. EDPS endorses data breach notification provision in ePrivacy Directive ============================================================ The European Data Protection Supervisor (EDPS) has issued his opinion on the new draft text of the Directive on Privacy and Electronic Communications (ePrivacy Directive) as proposed by the European Commission. One of the important changes supported by the EDPS with the new text is the creation of a mandatory security breach notification system. The system should require the Telecoms and ISPs to notify their customers when personal information has been lost. But Peter Hustinx wants to go further and asked for the system to apply not only to "providers of public electronic communication services in public networks but also to other actors, especially to providers of information society services which process sensitive personal data (e.g. online banks and insurers, on-line providers on health services, etc.)." EDPS has explained in his opinion that such a notification has clear benefits: "it reinforces the accountability of organisations, is a factor that drives companies to implement stringent security measures and it permits the identification of the most reliable technologies towards protecting information." and openly supported the concept, despite some private sector opposition. "Indeed, the simple fact of having to publicly notify security breaches causes organisations to implement stronger security standards that protect personal information and prevent breaches." Another important change backed by EDPS in the ePrivacy Directive is the possibility given to legal persons to take action against those who infringe spam provisions. Thus the ISPs, as well as consumer associations and trade unions representing the interest of spammed consumers, may take legal action on their behalf before courts. EDPS wanted to go further by proposing "class actions, empowering groups of citizens to jointly use litigation in matters concerning protection of personal data. In the case of spam, where a large number of individuals are receiving spam, the potential exists for classes of individuals to join together and launch class actions against spammers." EDPS also asked to extend the possibility for the legal persons to ask for damages for any infringement to any provision of the ePrivacy Directive. Peter Hustinx considered that the Directive should therefore broaden its scope of application to include providers of electronic communication services also in mixed (private/public) and private networks and welcomed the clarification regarding the inclusion of a number of RFID applications in the scope of application of the Directive. Opinion of the European Data Protection Supervisor on the Proposal for a Directive amending, among others, Directive 2002/58/EC (Directive on privacy and electronic communications) (10.04.2008) http://edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultat… EDPS Opinion on ePrivacy Directive review: overall positive, but further improvements should be considered (14.04.2008) http://edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/Pres… EU privacy chief wants data breach law for business (17.04.2008) http://www.out-law.com//default.aspx?page=9053 ============================================================ 2. More Internet content blacklisted in Europe ============================================================ The European Ministers of Justice and Internal Affairs have agreed to make publishing bomb-making instructions on the Internet a crime. The French authorities are discussing making the publication on the Internet of any alleged pro-anorexia information a crime. Justice and interior ministers from the EU member states backed a proposal from Commissioner Frattini to harmonise the normative acts that will make the "public provocation to commit a terrorist offence, recruitment, and training for terrorism" a crime. According to the statements of the EU officials publishing these acts on the Internet completed the European legislation in this domain. They described the Internet as "a virtual training camp for militants, used to inspire and mobilise local groups." Gilles de Kerchove, the EU anti-terrorism co-ordinator, declared that there are approx. 5 000 websites that are used to radicalise young people. The plans triggered some criticism from free speech supporters that considered the move could be misused by authorities. Recent news, cited by UK Liberal Democrat MEP Sarah Ludford reports that: "UK police threatened anti-China protestors at the display of the Olympic Torch with arrest under anti-terror laws." Dick Marty, Chairman of the PACE Sub-Committee on Crime Problems and Fight against Terrorism, questioned the Commission's proposal on incorporating the Council of Europe's Convention on terrorism which would "establish the criminal offences of public provocation to commit a terrorist offence, recruitment for terrorism and training for terrorism. However, it omits to include the convention's Article 12 safeguard clause in the operative text of the framework decision. Mentioning fundamental human rights only in the preamble or in a recital is not enough. The message, outside as well as inside Europe, must be clear: anti-terrorist measures must be conditional on respect for fundamental human rights." Ben Hayes also explained in an article for Statewatch the potential problems of the measure: "While the recurring publication of the 'Danish cartoons' of the Prophet Mohammed continues to provoke anger in the Muslim world and a defence of 'free speech' in the West, a proposed EU law on 'public provocation' to terrorism could criminalise widely held political views - but it has barely raised a murmur." Another type of content is now on some French politicians' agenda as public enemy number one: pro-anorexia websites. A draft law that makes any kind of propaganda for products, objects or methods used for an "excessive thinness" a crime was adopted by the National Assembly on 15 April 2008 and now it will pass to the Senate for consideration. The draft law supported by the deputy Valirie Boyer foresees penalties with 2 years imprisonment and 30 000 Euro as fines for publishing such information online. The report drafted by the deputy accused the pro-anorexic websites and the big number of blogs written by young people that are supporters for this method of life, as being too easy to be accessed by the French youth. EU tightens anti-terrorism laws (18.04.2008) http://news.bbc.co.uk/2/hi/europe/7355446.stm "White man's burden": criminalising free speech (04.2008) http://www.statewatch.org/news/2008/apr/viewpoint-bh.pdf Statement by Dick Marty, addressing the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament in Brussels (7.04.2008) http://assembly.coe.int/ASP/APFeaturesManager/defaultArtSiteView.asp?ID=757 Pro-anorexia websites on the point to be declared illegal (only in French, 15.04.2008) http://www.01net.com/editorial/378261/les-sites-pro-anorexie-sur-le-point-d… ============================================================ 3. Russian Government wants to control all WiFi devices ============================================================ On 14 April 2008, Fontanka.ru online newspaper reported that Rossvyazokhrankultura, the Russian Mass Media, Communications and Cultural Protection Service, intends to ask for the mandatory registration of all WiFi devices, including personal home networks, notebook computers, mobile telephones and PDAs. Vladimir Karpov, the deputy director of the agency's communications monitoring division, told the newspaper that wireless Internet users will have to register any electronics using WiFi technology. The registration could take as long as ten days for standard devices like PDAs and laptops and the noncompliance may bring forth the confiscation of the respective equipment. Users wanting to operate a wireless access point or a WiFi-enabled home router must obtain a license which might need, in certain areas, a special approval from the Federal Security Service. While in most countries there is free and open access to WiFi networking with certain limitations on the maximum signal strength of the transmissions, the Russian agency's opinion might reverse previous decisions of the Russian government. In 2004, the State panel for Radio Frequencies gave open rights to a narrow band of spectrum for indoor wireless networks and in July 2007, mobile wireless devices were excluded from the list of electronics requiring registration. Rossvyazokhrankultura, the author of this bureaucratic, unprofessional and extremely unrealistic policy, was created in 2007 by the merger of the Russian media and telecommunications regulatory bodies. "Similar conclusions speak to the complete professional deterioration of a unified regulatory agency. It is now engaged in all manner of fields - protecting cultural riches, registering mass-media outlets, control of legal compliance on personal data, monitoring communications, allocation of radio frequencies and so on. The organization is led by a metallurgic engineer by background. It is unlikely that he can simultaneously manage communications personnel, fine art experts, journalists and attorneys" stated an anonymous industry specialist. Russian Agency Demands Registration for all Wi-Fi Devices (15.04.2008) http://www.theotherrussia.org/2008/04/15/russian-agency-demands-registratio… Wifi ? Niet! (15.04.2008) http://blog.quintarelli.it/blog/2008/04/wifi-niet.html How to kill wireless, Russian style (16.04.2008) http://community.zdnet.co.uk/blog/0,1000000567,10007848o-2000331777b,00.htm… Russian government enacts Byzantine WiFi regulations (16.04.2008) http://arstechnica.com/news.ars/post/20080416-russian-government-enacts-byz… ============================================================ 4. Eurobarometers on data protection in EU ============================================================ According to a couple of Eurobarometer surveys on data protection, issued by the European Commission on 17 April 2008, EU citizens have little faith in the security of data transmission on the Internet. Two surveys were conducted by Gallup in January 2008, investigating the perceptions on data protection among EU citizens and data controllers respectively. The surveys involved about 27000 EU citizens and 5000 companies from all 27 member states. The findings of the surveys show that 82% of European Internet users have little trust in personal data management on the Internet and 64% of EU citizens are concerned about data protection issues feeling that the awareness and information on these topics are not satisfactory enough. The lack of information appeared to be a major problem. Especially the national data protection authorities were rather unknown to most of the EU citizens. Only 28% of respondents said they knew about such institutions existing in their country. Less than half of the respondents think data is properly protected in their own countries and more than half of them considering the legislation cannot cope with the increasing amount of exchanged personal information. The surveys also reveal an increase in the awareness of the risks related to potential abuses of private data, proportional to the increased use of privacy protecting tools and technologies. Privacy-enhancing technologies (PETs) that include automatic anonymisation after a certain lapse of time, encryption tools and cookie-cutters, are better known by companies, more than half of them using now such tools. The studies revealed that, although increasing, the level of awareness it still relatively low among EU citizens. More than two thirds of Internet users in some country (such as Ireland or France) say they have never heard of PETs. One of the topics covered by the studies was data monitoring. Citizens, as well as data controllers, agree on the monitoring of passenger flight details (82%), telephone calls (72%), Internet (75%) and credit card usage (69%) to combat terrorism but only within well-defined limits. About a third of the respondents believe only suspects should be monitored while about 20% wanted even stricter safeguards. Commenting on the results of the surveys, Commission Vice-President Jacques Barrot, temporarily in charge of justice and home affairs, said: "It is our intention to fully analyse and understand the feedback we have been given by Europe's citizens in this survey and we will ensure these comments inform the work we are doing in this area this year. I am convinced that this survey will also be a salutary lesson for all stakeholders involved in handling personal data and maintaining data protection". EU Press Release - Eurobarometer survey measures perceptions amongst European data controllers (17.04.2008) http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/08/248 Eurobarometer survey reveals that EU citizens are not yet fully aware of their rights on data protection (17.04.2008) http://europa.eu/rapid/pressReleasesAction.do?reference=IP/08/592&format=HT… Data Protection in the European Union - Citizens' Perceptions - Analytical Report http://ec.europa.eu/public_opinion/flash/fl_225_en.pdf Data Protection in the European Union - Data Controllers' Perceptions - Analytical Report http://ec.europa.eu/public_opinion/flash/fl_226_en.pdf Online privacy a concern for EU citizens (18.04.2008) http://www.euractiv.com/en/infosociety/online-privacy-concern-eu-citizens/a… =========================================================== 5. Setback for IFPI in its case against PirateBay ============================================================ After the International Federation of the Phonographic Industry (IFPI) sued the PirateBay at the end of March 2008 demanding 1.6 million euro in damages as compensation for 24 albums, new elements have occurred forcing IFPI to limit its demands. The Stockholm District Court indicted the four PirateBay founders (Svartholm Warg, Fredrik Neij, Peter Sunde, and Carl Lundstrvm) for breaking copyright law. The fine to be paid by PirateBay was established according to the number of times the 24 albums were downloaded. Moreover, the companies demanded general compensation as no permission was given by the copyright owners for the downloading. "The damages now being demanded are based on the albums which the prosecutor has included in his indictment. The injury to the record companies, the artists, and the copyright holders caused by The PirateBay's illegal activity is many times greater," said Lars Gustafsson, head of the Swedish chapter of IFPI. "Their numbers are pure fantasy" said Svartholm Warg who claimed the figures were based on multiplying the retail price for the album by the number of times it was downloaded. Now IFPI has had to apologize to Max Peezay (whose given name is Tom Piha), a Swedish rap artist, for having included his album Discokommittin among the albums selected at random for the indictment against The PirateBay, without his permission. IFPI assumed that the rights to the album were owned by music distributor Bonnier Amigo, and therefore has not asked Piha if he wanted to be a party in the suit, while actually Piha owns the rights himself. The artist explained that his main revenues came from concerts rather than album sales and that free downloading was compensated by the fact that he got more fans from people discovering his music on the Internet. As a result, IFPI reduced the level of compensation to be paid by PirateBay by 12 000 euro. However, Piha had to suffer from the process finding himself in the middle of this battle, being questioned by his fans and fellow artists. "I wish I hadn't landed in this situation. I can see now how easy it is to become a pawn in this game," said the artist who disagrees with IFPI's approach. The trial date has not yet been set and in the meantime more artists might come forth in the support of PirateBay. Another new element in this picture is the news that a Swedish policeman who helped in the investigation against The PirateBay is now working for Warners Brothers, a plaintiff in the pending court case. As reported by newspaper Sydsvenskan, the police officer got his job several months after the completion of the preliminary investigation and is now scheduled to appear as a witness in the trial. "The question is how long this was under consideration. If it was under consideration at the time of the investigation then it is a scandal," said Peter Althin, a lawyer defending the PirateBay founders who also added that if it was found that the discussion between the police officer and Warner Brothers started before the end of the investigation, which took a year and a half, it was possible that the prosecution would have to forget about its findings and start again. Max Peezay is a-Ok! (16.04.2008) http://courtblog.thepiratebay.org/2008/04/16/max-peezay-is-a-ok/ Pirate Bay-probing cop on Warner Brothers payroll (18.04.2008) http://www.theregister.co.uk/2008/04/18/pirate_bay_probing_cop_joins_warner… 'Judicial scandal' in Pirate Bay case (18.04.2008) http://www.thelocal.se/11188.html/ IFPI demands $2.5m in damages from The Pirate Bay(1.04.2008) http://www.theregister.co.uk/2008/04/01/ifpi_wants_damages_from_pirate_bay/ Music industry dealt Pirate Bay blow (16.04.2008) http://www.thelocal.se/11144/20080416/ Record companies sue Pirate Bay four (31.03.2008) http://www.thelocal.se/10818/20080331/ ============================================================ 6. Changes in the German copyright law ============================================================ The extension of the copyright law aimed at fighting illegal file-sharing adopted on 11 April 2008 by the German Government creates concerns on how the p2p-related lawsuits will be considered under the new law. The new text forces the ISPs to reveal the names and IP addresses of the file sharers. However, some lawyers warn that the procedure is limited by conditions that could turn against the music industry in court procedings . The present procedure is as follows: industry detectives report the IP numbers of file sharers to the German police who traces the suspects and prosecutes those who offer more than 1000 tracks. However, the industry can demand the police files of all file sharers and has already sued 16 000 of them for civil damages. With the new law, the music industry fears it will no longer have access to this police data and moreover, a prosecuted file-sharer will only have to pay 100 euros instead of 1 000 or more as until now. The old bounties were considered as unfair and irresponsible. Other elements may be unfavourable to the record industry. The limitation to "commercial-scale" file sharers in the new law prevents the industry from catching the small illegal file sharers it has been tracking down lately. The law also makes it more expensive for the industry which has now to support the costs of the legal cases. It is too early yet to decide whether the new law is really good news for file sharers as there is no clear definition of the term "commercial level" for which the 100 euro fine has to be paid in case of law infringement. At this point, the privacy advocates as well as rights holders believe that the interpretation of the law will be in the hands of the court. Music industry slams new German law on file-sharing (13.04.2008) http://www.earthtimes.org/articles/show/198521,music-industry-slams-new-ger… New German copyright makes P2P lawsuits cheaper, more confusing (16.04.2008) http://www.p2p-blog.com/item-603.html EDRi-gram: File-sharers' identification refused by German prosecutors (29.08.2007) http://www.edri.org/edrigram/number5.16/file-sharing-germany ============================================================ 7. France considering new rules for web 2.0 ============================================================ A French Parliamentary report suggests a change in the law (LCEN) that implements the European Directive on e-commerce in order to make clearer the distinction between editing and hosting activities in the new applications related to Web 2.0. The report of the Deputy Jean Dionis du Sijour on the application of the LCEN was updated on 16 April 2008, after the first version was submitted to the Parliament on 23 January. The update concerns some of the latest court decisions in France that established the responsibility of some websites for others' RSS feeds or for user-generated content. The report specifies that the law has created a hosting status that is different from that of an editor and that "this distinction must not be emptied by the court decisions." The report also claims that the law needs to be changed in order to comply with the new applications available, such as hosting collaboratives websites or online auctions. This could be helpful in order to avoid the situation already presented in EDRi-gram, when Paris Tribunal condemned 3 different French websites for linking to another website containing gossip information on a French actor. But the report also suggests increasing the obligations on the hosting companies, especially by making public the methods used to fight illegal activities, that would prove their good will. This provision could be enforced by an independent authority, like the French Data Protection Authority (CNIL). But the French Government does not seem to share this opinion. The new State Secretary in charge with information society, Eric Besson, made clear in the first public appearance that he didn't think that the law needed to be changed. "I will not be the Minister of Internet castration" he declared in a public meeting to Dailymotion, one of the biggest video-sharing French websites. Since Mr. Besson has an objective to present to the French Government by 31 July 2008 the new plan on information society, he may discuss also the problems of the new type of applications on the Internet. Do we need a law to regulate web 2.0 ? (only in French, 16.04.2008) http://www.01net.com/editorial/378317/faut-il-une-loi-pour-reguler-le-web-2… Information report on the application of the LCEN (only in French, 16.04.2008) http://www.assemblee-nationale.fr/13/rap-info/i0627.asp Eric Besson ready to re-discuss the hosters status (only in French, 16.04.2008) http://www.zdnet.fr/actualites/internet/0,39020774,39380497,00.htm EDRi-gram: France: Linking can be damaging to your pockets (9.04.2008) http://www.edri.org/edrigram/number6.7/linking-decison-france ============================================================ 8. ENDitorial: Will France Introduce the Digital Guillotine in Europe? ============================================================ Ever since DADVSI, the French implementation of the European Copyright Directive, Internet users in France have faced increasingly disproportionate threats of punishment for claims of copyright infringement. The latest scheme promoted by the content industry against unauthorized sharing of music and films on Internet is called "flexible response" or "three strikes, you're dead". The principle is simple: repeated infringements result in getting cut off from the Internet. A claimed copyright infringer is identified by automated Internet traffic filtering and by a rightsholders' denunciation. After a complaint to the ISP, a letter is sent warning the alleged infringer that he might be being cut off from the Internet. In the early versions of this scheme the punishing fines were to be sent out automatically, but the fines were later replaced by the proposal to cut off Internet access instead. The proposal further includes the creation of an administrative authority responsible for enforcement, making sure the disconnected Internet users are not able to use the Internet again for a set period of time. The scheme is unclear as to the possibility to appeal a mistaken claim or to whether a punished Internet user can also be sued in a civil law suit. State authorised software for securing Internet connections has been proposed as one solution to uphold legal protection of innocent citizens. Promoted by the French President Sarkozy, flexible response has become known as the suggested main measure in the Olivennes report, which until recently was generally thought to provide the basis for both French and European legislation to come. But not so any more; a majority vote in the European Parliament on the 10 April 2008 suggests otherwise. In contrast to the French solution, the Swedish government has rejected such a regime as disproportionate. The Swedish Ministers of Justice and Culture concluded in March 2008 that ostracism from the Internet as punishment in a society whose daily activities are increasingly intertwined with the digitally networked environment is not proportional to the infringement of copyright, especially without intention for commercial gain. Its only justification, that of deterrence, has been shown repeatedly to be ineffective. The Swedish Government has also pointed out that large owners of media content should "not use the copyright laws to defend old business models" but should do more to provide attractive alternatives to unlicensed filesharing services. In an effort to bring the Swedish Government's policy decision to the European discussion, and to oppose Sarkozy's plans, MEP Christofer Fjellner (EPP) initiated a cross partisan platform together with former French Prime Minister MEP Michel Rocard (PSE) and MEP Guy Bono (PSE), Rapporteur for the European Parliament's Report on Creative Industries. Together they signed, with more than 90 MEPs supporting them, an amendment to the report which effectively rejects flexible response: "Calls on the Commission and the Member States to recognise that the Internet is a vast platform for cultural expression, access to knowledge, and democratic participation in European creativity, bringing generations together through the information society; calls on the Commission and the Member States, therefore, to avoid adopting measures conflicting with civil liberties and human rights and with the principles of proportionality, effectiveness and dissuasiveness, such as the interruption of Internet access." Following the tabling, the internal debate over the amendment intensified and was complicated when the liberal group (ALDE) unexpectedly asked to split the amendment into two parts and vote on them separately, presumably to save flexible response. The first part related the Internet and the importance of rights and proportionality had overwhelming support, while the second part explicitly mentioning "interruption of Internet access" was harder to support for many French MEPs who would not go against the explicit will of their own government. However, with a close vote on the second part, the amendment ended up being passed in its entirety. In the aftermath of the European Parliament's decision, the French Minister of Culture, Ms. Christine Albanel, has clearly announced her intention to move on with the Olivennes proposal. She is currently planning to put it to vote in the French Parliament before the summer. Accordingly, to this date, there are no indications that Sarkozy's decision to use the French Presidency to propagate this scheme at the European level has been revised. In Brussels it is also unclear whether the initiative by MEPs Fjellner, Rocard and Bono will have an impact. Neither of them is listed as a speaker or moderator at the next High Level Conference on Counterfeiting and Piracy on the 13 May 2008, while MEPs who voted in favour of flexible response are. It is a matter of public interest to ensure that there is a balanced debate and that seats are reserved for politicians representing the European Parliament's position on what otherwise risk to be a very controversial conference. In media and the political blogosphere the impact of the vote is increasing. Of particular interest is the correlation between the Member States with a well developed Internet infrastructure and the way their MEPs voted: the digitally advanced Nordic countries have all clearly rejected the French digital guillotine. Amendment 1 by Christofer Fjellner and amendment 2 by Michel Rocard and Guy Bono and others. Report Cultural industries in Europe. Rapporteur Guy Bono (2.04.2008) http://www.europarl.europa.eu/sce/data/amend_motions_texts/doc/P6_AMA(2008)… http://www.europarl.europa.eu/sce/data/amend_motions_texts/doc/P6_AMA(2008)… High Level Conference on Counterfeiting (13.05.2008) http://www.bordermeasures.com/spip.php?article123 Press review http://www.laquadrature.net/en/press-review European Parliament Says No to Internet Ban (10.04.2008) http://sigfridinenglish.wordpress.com/2008/04/10/european-parliament-says-n… Digital economy : head or tail ? (20.04.2008) http://www.laquadrature.net/en/digital-economy-head-or-tail Vote results Bono report http://www.ffii.be/bono (Contribution by Jirimie Zimmermann - La Quadrature du Net and Erik Josefsson - EDRi-member Electronic Frontier Foundation) ============================================================ 9. Recommended Reading ============================================================ More than 250 million Europeans regularly use Internet, says Commission's ICT Progress Report More than half of Europeans are now regular Internet users, 80% of them have broadband connections and 60% of public services in the EU are fully available online. Two thirds of schools and half of doctors make use of fast Internet connections, thanks to strong broadband growth in Europe. These are the findings of a Commission report on the results achieved so far with i2010, the EU's digital-led strategy for growth and jobs. http://ec.europa.eu/information_society/eeurope/i2010/mid_term_review_2008/… ============================================================ 10. Agenda ============================================================ 28-29 April 2008, Vienna, Austria PRISE Final Conference -Towards privacy enhancing security technologies - the next steps http://www.prise.oeaw.ac.at/conference.htm 9-10 May 2008, Florence, Italy Digital communities and data retention http://e-privacy.winstonsmith.info/ 10 May 2008, Florence, Italy Big Brother Awards Italy 2008 http://bba.winstonsmith.info/ 12 May 2008, Bled, Slovenia Workshop on ethics and e-Inclusion http://ec.europa.eu/information_society/newsroom/cf/itemdetail.cfm?item_id=… 15-17 May 2008, Ljubljana, Slovenia EURAM Conference 2008 - Track "Creating Value Through Digital Commons" How collective management of IPRs, open innovation models, and digital communities shape the industrial dynamics in the XXI century. http://www.euram2008.org 20-23 May 2008, New Haven, CT, USA 18th Annual Computers, Freedom, and Privacy conference http://cfp2008.org/ 30-31 May 2008, Bucharest, Romania eLiberatica 2008 - The benefits of Open and Free Technologies http://www.eliberatica.ro/2008/ 6-7 June 2008, Bremen, Germany IdentityCamp - a barcamp around identity 2.0 and privacy 2.0 http://barcamp.org/IdentityCampBremen 17-18 June 2008, Seoul, Korea The Future of the Internet Economy - OECD Ministerial Meeting http://www.oecd.org/FutureInternet 23 June 2008, Paris, France GigaNet is organizing an international academic workshop on "Global Internet Governance: An Interdisciplinary Research Field in Construction" http://tinyurl.com/3y9ld8 26-27 June 2008, London, UK International Conference on Digital Evidence http://www.mistieurope.com/default.asp?Page=65&Return=70&ProductID=8914&LS=… 30 June - 1 July 2008, Louvain-la-Neuve, Belgium First COMMUNIA Conference - Assessment of economic and social impact of digital public domain throughout Europe http://www.communia-project.eu/conf2008 7-9 July 2008, Cambridge, UK Privacy Laws & Business 21st Annual International Conference http://www.privacylaws.com/templates/AnnualConferences.aspx?id=641 7-8 July 2008, London, UK Developing New Models Of Content Delivery Online & Innovative Strategies For Effectively Tackling Copyright Infringement http://www.isp-content-regulation.com/conference.agenda.asp 23-25 July 2008, Leuven, Belgium The 8th Privacy Enhancing Technologies Symposium (PETS 2008) http://petsymposium.org/2008/ 19-20 July 2008, Stockholm, Sweden International Association for Media and Communication Research pre-conference - Civil Rights in Mediatized Societies: Which data privacy against whom and how ? http://www.iamcr.org/content/view/301/1/ 8-10 September 2008, Geneva, Switzerland The third annual Access to Knowledge Conference (A2K3) http://isp.law.yale.edu/ 24-28 September 2008, Athens, Greece World Summit on the Knowledge Society The deadline for articles submission is 10 May 2008 http://www.open-knowledge-society.org/summit.htm ============================================================ 11. About ============================================================ EDRI-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRI has 28 members based or with offices in 17 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 2.0 License. See the full text at http://creativecommons.org/licenses/by/2.0/ Newsletter editor: Bogdan Manolea <edrigram(a)edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request(a)edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. unsubscribe by e-mail To: edri-news-request(a)edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edrigram-mk.php - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram(a)edri.org> if you have any problems with subscribing or unsubscribing ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

[tor-talk] Tor users trackable with common proxy?
by Koh Choon Lin 06 Jul '18

06 Jul '18

Hi I would like to ask for members of this list about the following statement: "The authorities in Singapore are understood to have the ability to track down a person online even if he or she uses anonymizing facilities such as Virtual Private Networking, TOR onion routing, or other forms of proxy servers, and even if encryption is involved. This is because all internet traffic in Singapore is directed through a common proxy choke with date, time and IP stamping operation in place." http://www.sgpolitics.net/?p=7343 -- Regards Koh Choon Lin _______________________________________________ tor-talk mailing list tor-talk(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

Re: [liberationtech] Modern FIDONET for net disable countries?
by The Doctor 06 Jul '18

06 Jul '18

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/27/2012 11:54 AM, Jerzy Eogiewa wrote: > I wonder, is some FIDONET type service existing for countries where > all telecom is disabled? Kind of "sneakernet" for large packets of > messages to be delivered. There are a couple of projects like that right now, but I do no know how much action they are seeing. https://github.com/sanity/tahrir https://github.com/endymion/sneakernet Project Byzantium has considered using this to synch the datastores of unlinked meshes via sneakernet: https://github.com/campadrenalin/EJTP-lib-python Also, the FidoNET protocol is alive and well: http://sourceforge.net/projects/fidoip/ http://control.zcu.cz/~flidr/fido/ > 1- I write message to [username, address or hash], encrypt with > public/private pair. 2- Trusted "sneakernet" collector with some > software physically arrives and grabs my message, updates my 'ball' > (or blob?) of crypted messages, in case other > sneakernet collector comes. That would be doable. I am playing with something like that for CouchDB. > 3- Maybe when delivery is 100% confirmed this gets added to ball so > it can be pruned? Say, if originating nodes get their packets back (the distribution cycle is complete), and expire the message? > And so on. Bitcoin style blockchain confirmation seems useful? That might not be a good idea. Not only would it result in a list that can be used to identify nodes, but it also increases overhead and complexity. Perhaps 'best effort' is the way to go about this. It would be useful to determine the capabilities of existing implementations to see how many reimplementations of wheels could be avoided. - -- The Doctor [412/724/301/703] [ZS|Media] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ Nondeterminism means never having to say you're wrong. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlDeIwgACgkQO9j/K4B7F8HUCACg8bYUyJLpICmEUIUxZ1rPVhtB CsQAn0QYRuBTD4H4sM4/PJY/z6OudM96 =LG8L -----END PGP SIGNATURE----- -- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE

1 0

What can I do about my computer freezing?
by NICETY7078＠aol.com 06 Jul '18

06 Jul '18

My computer freezes when I use AOL and sometimes when I'm just using the basic functions of Windows 98. My defragmentor keeps starting over and over and my scan disk never finds anything wrong, but there has to be. Any advice? NICETY7078(a)aol.com ANSWERS:

1 0

What can I do about my computer freezing?
by NICETY7078＠aol.com 06 Jul '18

06 Jul '18

My computer freezes when I use AOL and sometimes when I'm just using the basic functions of Windows 98. My defragmentor keeps starting over and over and my scan disk never finds anything wrong, but there has to be. Any advice? NICETY7078(a)aol.com ANSWERS:

1 0