============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 10.6, 28 March 2012 ============================================================ Contents ============================================================ 1. EU-US PNR Agreement: A bad day for civil liberties in Europe 2. EU-US joint commitments on privacy and protection of personal data 3. France: Biometric ID database found unconstitutional 4. ICANN will cooperate in taking down websites for copyright infringements 5. CoE's Internet Governance strategy places emphasis on users' rights 6. New German court decision on traffic filtering 7. Italy: Problematic Internet blocking decision against fraudulent website 8. ENDitorial: European Parliament defends itself and democracy from ACTA 9. Recommended Action 10. Recommended Reading 11. Agenda 12. About ============================================================ 1. EU-US PNR Agreement: A bad day for civil liberties in Europe ============================================================ On 27 March 2012, the Civil Liberties (LIBE) Committee of the European Parliament decided to back the new air passenger data deal with the United States. In her recommendation, the Dutch Liberal MEP Sophie in 't Veld called on her colleagues to reject it. However, to her regret, the LIBE Committee has endorsed the Agreement despite inadequate legal safeguards. EDRi had repeatedly pointed out the serious flaws of the Agreement to the Parliamentarians in the LIBE Committee. The new text does not only severely undermine fundamental rights but also largely ignores the criteria set by the European Parliament itself. In its resolutions of May and November 2010, Parliamentarians asked for a reduction of the retention period, for "push" only as a method of transfer and for a clear prohibition of profiling - none of these conditions have been met in the new Agreement. The Commission has neither provided evidence that the collection, storage and processing of personal data is proportionate at all, let alone why it appears to believe that 15 years of data retention are necessary and proportionate. Furthermore, the proposed Agreement does not provide for sufficient protections and rights for citizens. According to the revised Agreement, any individual is entitled to "request" their PNR data from the US Department of Homeland Security (DHS). However, since the Agreement does not address what citizens are entitled to receive an answer, the DHS can decline this request. Moreover, the DHS has decided that its use of PNR data is exempt from the Privacy Act even for U.S. citizens. In the upcoming plenary vote MEPs now have to either defend fundamental rights and European citizens' right to privacy and reject the Agreement - or undermine the Parliament's own credibility and vote in favour of the deal. EDRi comments on the US air passenger data deal (2012) http://edri.org/files/2012EDRi_US_PNRcomments.pdf Opinion of the European Data Protection Supervisor (9.12.2011) http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consul... Article 29 Data Protection Working Party letter to LIBE on PNR (6.01.2012) http://ec.europa.eu/justice/data-protection/article-29/documentation/other-d... (contribution by Kirsten Fiedler - EDRi) ============================================================ 2. EU-US joint commitments on privacy and protection of personal data ============================================================ At the 28 November 2011 EU-US Summit, President Obama and Presidents Van Rompuy and Barroso announced that the US and the EU are determined to finalise negotiations on a comprehensive EU-US data privacy and protection agreement. On 19 March 2012, a High Level Conference on Privacy and Protection of Personal Data took place to discuss commercial data privacy questions, held simultaneously in Washington and Brussels. The conference was extremely well attended by high-level EU regulators and provided valuable insights into the respective priorities. Before the Conference, European Commission (EC) Vice-President Viviane Reding and U.S. Secretary of Commerce John Bryson released an EU-US joint statement on data protection in which they stated that this was a defining moment for global personal data protection and privacy policy and for achieving further interoperability of our systems on a high level of protection. The conference wad organised in the context of the EC's legislative proposals to reform and strengthen the fundamental right to data protection and unify the EU's data protection laws and enforcement rules and President Obama's privacy blueprint, including the Consumer Privacy Bill of Rights. Stakeholders in the US are very interested in the ongoing data protection reform in the European Union - notably in the proposal for a "one-stop-shop" and a consistent regulatory level playing field across all EU Member States. Viviane Reding, started by saying that today, in a digital economy, the scare of sharing personal information has increased being a crucial factor of economic growth, therefore the protection of citizens' right is inevitable: trust in digital economy is possible only when a solid protection is settled. That's why data protection is a strong policy priority for the European Commission and the European Parliament, as well as for all the 27 Member States. Notably she underlined three prominent elements: 1. The principles of data protection are as valid today as in 1995 and EU has to reaffirm the importance of this fundamental right 2. Technology innovations have made our DP rules a key factor for our digital single market because, in order to flourish, our economy needs trust: lack of trust indeed discourages citizens from buying online and giving their personal information on line. 3. European and American companies expect that the new European data law will provide a legal playing field, regardless of where the company operates in the 27 members: the goal is to create only one rule for Europe - making sure that the one stop shop for data protection regulation is for all EU Member States; this is the only way EU will be a more attractive place to do business. US authorities have developed efforts to comply with safe harbours - but more efforts are needed: a dialogue is needed to improve the safe harbour agreement and to go even further; stronger interoperability standards are needed as well to complete the puzzle to provide legal certainty to businesses and citizens. John Bryson, US Secretary of Commerce, who came in with a video message, reported that President Obama had asked the Congress to enact legislation but also to move ahead on a voluntary basis through codes of conduct, underlying the importance of a collaborative approach. The other speakers in the first panel also all broadly welcomed both the EU proposals and the Obama White Paper. However, Douwe Korff, representing EDRi, said that these exchanges of mutual compliments were excessive: there were still major issues to be resolved. In particular, in Europe, data protection is a fundamental right, accorded to "everyone" (Charter of Fundamental Rights). The European civil society in principle welcomed the proposed EU Regulation insofar as it sought to achieve data protection at a high level, although quite a few issues still needed improving or clarifying. By contrast, in the US privacy much less protection is given under the Constitution: although the recent Jones decision by the Supreme Court has shown progress, there were still important limitation on the US Fourth Amendment guarantees; the "third party" doctrine undermined principles that are seen as crucial in Europe, notably purpose-limitation; and in important areas privacy protection was denied to non-US citizens altogether. Although the conference as such was limited to privacy in the commercial context, the debate should also note the major issue of private-sector data being used for law enforcement and national security purposes without appropriate safeguards: that was the elephant in the room that no-one mentioned. From a European perspective, it was essential that privacy in the USA should be placed on a comprehensive statutory basis that met the international standards, as enshrined in the only binding global data protection instrument, Council of Europe Convention No. 108 (currently being updated). The President's proposals for a Consumer Privacy Bill of Rights would only result in an acceptable situation if that Bill would become a binding law, meeting the new Convention standards. In the second panel, Representative Ed Markey (D-MA)'s speech was revealing: he presented a good update on the status of the COPPA (Children's Online Privacy Protection Act) revisions and, as the long-standing co-chair of the Congressional Privacy Caucus, provided a fascinating historical summary of the various federal privacy initiatives of recent decades. He highlighted that in the US people shared the same concerns and values as within EU, in particular the fundamental principles of knowledge, notice and right to say "No" to the use of their private info, but something gets lost in translation from principle to practice. In his opinion, the DP Regulation can assure a high level of protection and, therefore, is a good example to follow: US Congress needs to act to protect privacy as a right. Notably, he insisted on the need to protect 15 years old and younger from behavioural targeting ads and to create, for this purpose, a safe harbour for children. He commended Viviane Reding for the strong response to Google new privacy policy and asked for investigation in the US of Google new privacy policy. In the third panel, Peter Hustinx, the European Data Protection Supervisor, had a slightly optimistic message for the US. In outlining his understanding of the interoperability requirements highlighted in the Joint Statement, he suggested that an adequacy finding could result from the implementation of the White Paper, even if it did not result in a comprehensive law, as adamantly requested by Francoise Le Bail, Director-General for Justice at the European Commission. Mr. Hustinx emphasized the need for sufficiently common principles and their binding implementation as far more important than the specifics of the regulatory regime. The fourth panel focussed on the enforcement of privacy (and other matters) by the US Federal Trade Commission, and was thus linked to the fifth panel which specifically discussed the Safe Harbor. FTC representatives strongly emphasised their commitment to strong enforcement, and pointed to two recent agreements with Google and Yahoo. However, David Smith, the UK Deputy Information Commissioner with primary responsibility for data protection, said that when he looked at the websites of a small random sample of companies that said they complied with the Safe Harbor, he found that about 1/3 of them did not even appear to have a privacy statement, another 1/3 had one but it did not meet the Safe Harbor standards, and the final 1/3 seemed to have a privacy statement that more or less reflected the Safe Harbor requirements. Douwe Korff intervened to say that was what he found too, and said that in spite of the two recent cases (the effects of which still needed to be seen), the Safe Harbor appeared to be largely a fig leaf behind which US companies in practice continued to operate contrary to basic privacy principles. Another intervener, Edward Hasbrouck, pointed out that the FTC's remit was limited in some important respects, and for instance did not cover transportation and, thus, airline passenger data. EU Conference: Privacy and Protection of Personal Data (19.03.2012) http://ec.europa.eu/justice/events/eu-us-data/index.html Recorded webcast of the Conference (19.03.2012) http://scic.ec.europa.eu/str/indexh264.php?sessionno=0cdf61037d7053ca59347ab... Viviane Reading's speech: Towards a New "Gold Standard" in Data Protection?(19.03.2012) http://ec.europa.eu/commission_2010-2014/reding/pdf/speeches/20120319speech-... EU-U.S. joint statement on data protection by European Commission Vice-President Viviane Reding and U.S. Secretary of Commerce John Bryson (19.03.2012) http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/12/192 (Thanks to Douwe Korff - EDRi-member FIPR- UK) ============================================================ 3. France: Biometric ID database found unconstitutional ============================================================ The French Constitutional Council found the law proposing the introduction of a new biometric ID for French citizens as unconstitutional. The law was referred to the Constitutional Council on 7 March 2012, by more than 200 members of the French Parliament, a day after the French National Assembly passed the 10-article law under the pretext of combating "identity fraud". According to the bill, more than 45 million individuals in France would have their fingerprints and digitized faces stored in what would be the largest biometric database in the country. The biometric ID card was to include a compulsory chip containing personal information, such as fingerprints, a photograph, home address, height, and eye colour. A second, optional chip was to be implemented for online authentication and electronic signatures, to be used for e-government services and e-commerce. The opposing parliamentarians challenged the compatibility of the bill with the citizens' fundamental rights including the right to privacy and the presumption of innocence. In passing the bill, the National Assembly ignored CNIL's (French Data Protection Authority) report of October 2011 that was criticizing the creation of the centralized biometric database. It also entirely ignored the general opposition at the European level. In 2011, EDRi and 80 other civil liberties organizations asked the Council of Europe to study whether biometrics policies respect the fundamental rights of every European. Moreover, previous experiences in France with biometric passports (highly criticised as well) have proven entirely unreliable with about 10% of the issued passports having been fraudulently obtained. The bill does not take into consideration either the position of the European Court of Human Rights which in 2008 condemned UK for breaching the right to privacy after the creation of a file including data on all people involved in a crime, irrespective of their position (victim, witness, suspect or guilty). On 22 March, the Constitutional Council found unconstitutional four articles of this law, as well as part of other two articles. The council reminded that "the collection, registration, preservation, consultation and communication of personal data have to be justified by a general interest reason and carried put properly and proportionally". While the Council found no problem related to the general interest, it clearly raised the issue of proportionality. "Regarding the nature of the recorded data, the range of the treatment, the technical characteristics and conditions of the consultation, the provisions of article 5 touch the right to privacy in a way that cannot be considered as proportional to the meant purpose". The Council also had objections against the creation of the huge biometric database considering the fact that the National Assembly had authorized the use of the database by the police for extended purposes from the identification of an accident victim to finding the authors of law infringements or crimes. The confusion in the bill text between an identity document and an electronic payment means was also sanctioned by the Council. The idea was that the ID could contain data allowing the owner to apply an electronic signature in view of electronic transactions. The Council drew the attention on the fact that the law did not specify the nature of the data and did not provide any guarantee for the integrity and confidentiality of these data and considered that the legislator has exceeded its competence in this matter. In other words, that the government did not really know what they were talking about. The new electronic identity card judged as unconstitutional (only in French, 23.03.2012) http://www.lemonde.fr/societe/article/2012/03/23/la-nouvelle-carte-d-identit... France: Constitutional Council censors the database created to fight the identity theft (only in French, 23.03.2012) http://www.rfi.fr/france/20120323-france-conseil-constitutionnel-censure-fic... Decision n0 2012-652 DC on the Law regarding the identity protection (only in French, 22.03.2012) http://www.conseil-constitutionnel.fr/conseil-constitutionnel/francais/les-d... "A Time Bomb For Civil Liberties": France Adopts a New Biometric ID Card (8.03.2012) https://www.eff.org/deeplinks/2012/03/french-national-assembly-proposes-new-... ============================================================ 4. ICANN will cooperate in taking down websites for copyright infringements ============================================================ During its 43rd international meeting that took place in San Josi, Costa Rica between 11 and 16 March 2012, ICANN (the Internet Corporation for Assigned Names and Numbers) expressed its intention to increase its cooperation with global law enforcement agencies and governments, to combat copyright infringements. There are 22 registries containing domain names registered in a top-level domain and over 700 registrars accredited by ICANN. During an open session with the Government Advisory Committee (GAC), the ICANN board confirmed its intention to meet the expectations included by GAC in a document with 12 recommendations. "There has been some agreement on 11 of the 12 recommendations made by law enforcement authorities to the registrar accreditation agreement; we will work to ensure agreement meets expectations and give registrars the incentive to accept recommendations right away," said Kurt Pritz, ICANN senior vice president in charge of stakeholder relations. Thus ICANN, not only isn't taking position against abuses of the domain system in order to preserve the basic structure and principles of the Internet, but actually takes part in an increasing tendency of controlling and censoring the Internet. One of the12 recommendations was the inclusion of a clause in the registrars' agreements that would hold them responsible (by negligence) for registering domains engaging in criminal activities. Another one was for registrars to keep detailed information of domain buyers, (including their source IP addresses and transaction information), and to validate the contact information given by them. ICANN was also urged to review the compliance of the registrars with enforcement agreements before renewing their contracts. And ICANN has shown its willingness to meet the requirement: "Complaints on compliance started coming in the last six to nine months, a team of 12 is now in place and will improve the quality of service," said Rod Beckstrom, ICANN CEO and president. Furthermore, prior to its meeting, ICANN has even produced a "Thought Paper on Domain Seizures and Takedowns" which is actually a guide for government officials on how to seize, takedown and censor websites including sections such as "guide for preparing domain name orders, seizures & takedowns" and "checklist of information to submit with a legal or regulatory action." The paper "offers guidance for anyone who prepares an order that seeks to seize or take down domain names. Its purpose is to help preparers of legal or regulatory actions understand what information top level domain name (TLD) registration providers such as registries and registrars will need to respond promptly and effectively to a legal or regulatory order or action. The paper explains how information about a domain name is managed and by whom," says ICANN about its own paper. Domain seizures for copyright infringement likely to go global (14.03.2012) http://news.idg.no/cw/art.cfm?id=B2318066-9100-36AE-6DA668DCC8BE64C8 Thought Paper on Domain Seizures and Takedowns (8.03.2012) http://blog.icann.org/2012/03/thought-paper-on-domain-seizures-and-takedowns... Rather Than Speaking Out Against Domain Seizures, ICANN Provides A 'How To' Manual (12.03.2012) http://www.techdirt.com/articles/20120312/01013718069/rather-than-speaking-o... ============================================================ 5. CoE's Internet Governance strategy places emphasis on users' rights ============================================================ On 15 March 2012, the 47 Council of Europe (CoE) member states adopted an Internet governance strategy to protect and promote human rights, the rule of law and pluralistic democracy online. The strategy, which covers 40 lines of action for the period 2012-2015, refers to 6 major areas: Internet's openness, the rights of users, data protection, cybercrime, democracy and culture, and children and young people. It is meant to identify "challenges and corresponding responses to enable state and non-state actors together to make the Internet a space which is inclusive and people-centred" and has in view the international legal framework, including the human rights law, which is "as a matter of principle, equally applicable on-line as it is off-line." The main action lines of the strategy include the maximisation of rights and freedoms for internet users, developments in data protection and privacy, the enhancing of the rule of law and an effective co-operation against cybercrime, the maximisation of the Internet's potential to promote democracy and cultural diversity and the protection and empowering of children and youth. The strategy has in view the development of soft law instruments such as high-level "framework of understanding and/or commitments" to protect the "Internet's universality, integrity and openness as a means of safeguarding freedom of expression regardless of frontiers and Internet freedom," protection standards to ensure a free cross-border flow of legal online content and human rights standards on network neutrality. Preserving core values such as human rights, democracy and rule of law in the online environment is vital in the CoE's opinion as well as the necessity for citizens to be properly informed in order to use Internet services responsibly. The strategy has in view that the protection of personal data and the respect for privacy on the Internet are indispensable. Another direction considered in the strategy is an increased data collection through the European Audiovisual Observatory and improved public services through the Internet so as to better take advantage of the potential of the Internet for democracy and cultural diversity. The CoE Convention on data protection ("Convention 108") is also considered the best available instrument to protect and promote data protection and therefore, the strategy has in view its modernisation and the strengthening of its implementation. "The strategy's adoption is the validation by member states that the CoE's core values - human rights, rule of law, democracy - for the Internet are a priority. There is a realisation that the Internet is enabling and affecting people in many ways, and that there is a need to embrace its influence. The strategy provides orientation and promotes a holistic and sustainable approach to the Internet, with people and their rights and freedoms at its heart. In doing so, it champions multi-stakeholder dialogue as the way forward for Internet policy making", said Lee Hibbard, Head of the Information Society Unit in CoE. Internet Governance - Council of Europe Strategy 2012-2015 (15.03.2012) https://wcd.coe.int/ViewDoc.jsp?Ref=CM(2011)175&Language=lanEnglish&Ver=final&BackColorInternet=C3C3C3&BackColorIntranet=EDB021&BackColorLogged=F5D383 Council Of Europe Passes Internet Governance Strategy (15.03.2012) http://www.ip-watch.org/2012/03/15/council-of-europe-passes-internet-governa... ============================================================ 6. New German court decision on traffic filtering ============================================================ A Higher Regional Court in Hamburg ruled on 14 March 2012 that the file-hosting site RapidShare had to proactively filter the files uploaded by its users. A court's press release stated RapidShare was required to block its users from uploading a list of 4 000 files allegedly infringing copyrights. The present ruling comes to confirm three separate previous rulings by a lower court in cases brought by German booksellers, book publishers and a music rights group. "The judgement confirms that Rapidshare must take effective measures against the use of illegal content on its service," said a German bookseller's association. RapidShare's spokesman Daniel Raimer explained that the copyright holders were leaving out essential details of the court ruling that were actually quite positive for the site. "There is a possible reason for the rushed approach, particularly that of the Booksellers Association. In the hearing, the Higher Regional Court indicated that it would deviate from its former position under which RapidShare's business model was not tolerated by the legal system." The German verdict appears to be in contradiction with a ruling by the European Court of Justice (ECJ) which ruled in February 2012 in the case Sabam vs. Netlog that hosting sites could not proactively filter copyrighted content because that would violate the users' privacy and hinder freedom of information. ECJ decided that a national court is precluded from issuing an injunction against a hosting service provider which requires it to install a filtering system "capable of identifying electronic files containing musical, cinematographic or audio-visual work in respect of which the applicant for the injunction claims to hold intellectual property rights, with a view to preventing those works from being made available to the public in breach of copyright" with the purpose to filter information "which is stored on its servers by its service users; which applies indiscriminately to all of the users as a preventative measure; exclusively at its expense and for an unlimited period" RapidShare has not yet decided whether it would appeal the verdict and is probably waiting for the written decision to be made public. Court Orders RapidShare to Filter User Uploads (15.03.2012) http://torrentfreak.com/court-orders-rapidshare-to-filter-user-uploads-12031... Copyright Illegal Downloads: Higher Regional Court of Hamburg decides duties for the online storage service "Rapidshare" (only in German, 15.03.2012) http://justiz.hamburg.de/presseerklaerungen/3334434/pressemeldung-2012-03-15... German court orders Rapidshare to filter user uploads (19.03.2012) http://arstechnica.com/tech-policy/news/2012/03/german-court-orders-rapidsha... ECJ - Judegement Sabam vs Netlog (16.02.2012) http://curia.europa.eu/juris/document/document.jsf?text=&docid=119512&pageIndex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=158253 ============================================================ 7. Italy: Problematic Internet blocking decision against fraudulent website ============================================================ The Italian Antitrust Authority (AGCM) has started ordering the blocking some websites involved in the online sale of fashion products, following several complaints made by consumers. It is the first blocking measure ordered by this Authority (enforced through the collaboration with the antitrust department of the Guardia di Finanza), which relied on the Consumer Code and e-commerce rules. In its blocking order, the Authority does not charge the provider with selling counterfeited products, but for the infringement of rules related to warranties, delays and delivery conditions.. This decision has been adopted against the company called "Private Outlet," which is part of the e-commerce "private club," where members can join for free and take advantage of special promotions of famous brands fashion products with high discounts. AGCM has intervened after several reports of fraudulent behaviour, because Private Outlet allegedly "spread, through its website, content liable to mislead consumers about the availability of the products offered for sale": it has considered the elements collected enough to proceed a preliminary investigation and to demand the company to suspend any activity. In order to ensure the efficiency of the measure and ostensibly to offer better protection for consumers, the Authority ordered the ISPs to completely block all domains that refer to the Private Outlet network on the whole Italian territory. Granted that consumers protection is necessary and that the complaints are may well be valid, it seems that this kind of measure actually goes far further beyond what the Italian rules actually mandate. Firstly, because these rules allow the Authority only to "demand the provider to prevent or put an end to the committed infringements", secondly, because the jurisdiction to issue provisional orders against third parties has always been exercised by the ordinary courts and, finally, because AGCM has provided these orders without the participation in proceedings of the subjects required to bear the measures and offer a defence. We are talking about the exercise of an interlocutory power (which has all the characteristics of a criminal seizure) that, apparently, the Competition Authority believes itself to be mandated to exercise: this is contrary to what has been stated in some decisions of the Court, that have always attributed this power to the ordinary judicial body. Moreover, blocking of IP address may not be sufficient to avoid the perpetuation of fraud (the provider could, for instance, change the address or even change its name): is it possible that the Authority cannot imagine more effective and less controversial measures? Measures which restrict fundamental rights that are not necessary and proportionate and that do not genuinely meet objectives of general interest are in beach of the European Convention on Human Rights. Text of the provision - page. 89 (only in Italian, 12.03.2012) http://www.agcm.it/bollettino-settimanale/5906-bollettino-82012.html Vajont.com case (libel slander) - Court's decision declares unlawful the blocking (only in Italian, 14.03.2012) http://www.fulviosarzana.it/blog/liberta-di-stampa-e-di-espressione-il-tribu... and http://www.fulviosarzana.it/blog/esclusiva-lordine-di-revoca-integrale-del-b...; Moncler Case (counterfeiting) - Court's decision rescinds the blocking (only in Italian, 4.11.2011) http://brunosaetta.it/diritto/moncler-non-basta-la-parola.html (Contribution by Elena Cantello - EDRi intern) ============================================================ 8. ENDitorial: European Parliament defends itself and democracy from ACTA ============================================================ The decision of this week of the European Parliament not to refer ACTA to the European Court of Justice was a decision which has ramifications far beyond the ACTA dossier itself. It is one which will have long-term effects on the institutional standing of the European Parliament. The functioning of the EU decision-making process relies on a broadly equal balance between the three main institutions - the Commission, the Parliament and the Council (Member States). The European Parliament is the only directly elected institution. It is therefore particularly important that it is robust and independent. The less powerful the Parliament is in this institutional triangle, the less direct influence that citizens can bring to bear in the preparation of legislation that affects every one of them. In controversial dossiers, the European Commission and/or the Member States have often sought to overrule the position (or expected position) of the European Parliament, exploiting personal or institutional weak points, pushing the Parliament's democratic scrutiny of the dossier in question to one side. Instead of judging a proposal on its merits, career ambitions of individual MEPs or domestic political concerns are the primary factors that decide the position of the Parliament. This is what happened with the Data Retention Directive, where the UK Presidency of the Council essentially bullied the Parliament into submission. On the basis of the Parliament's scrutiny of the Directive, it would have been rejected. However, by a mixture of pressure from the UK Presidency on the Parliament as a whole and the German government on German MEPs, the Directive was approved. The fact that the Parliament could be persuaded to abandon its position on a policy on the basis of bullying and domestic political pressures inflicted damage on the institution that is still visible today. In the past few months, the ACTA dossier has become very similar. As the likelihood of a rejection of the proposed Agreement by the Parliament grew, the European Commission, with support from Parliamentarians motivated by other priorities than the defence of the prerogatives of the only democratically elected EU institution, has sought to use every possible machination to prevent the Parliament from taking its vote. The first such tactic was the referral of the dossier to the European Court of Justice. If this measure was really based on genuine concerns about ACTA's legality, it would have been done far earlier - and certainly before the dossier had been handed over to the European Parliament. From that point on, the question was (and still remains) whether the European Parliament is strong enough as an institution to defend itself from having its decision-making process visibly and publicly undermined in this way. The pro-ACTA lobby in the Parliament has used the Commission's plan for a Court referral as a basis to undermine the Parliament's decision-making. Every possible argument and strategy that could be used to prevent a vote is therefore being brought to bear inside the Parliament to support the Commission's attempt to circumvent the Parliament's role in the decision-making process. The same lobby is even seeking to persuade the Parliament that it does not have the political right, even if it has the legal right, to reject the Agreement after years of (untransparent) negotiation. This is why they argue that rejection would "irrevocably affect Europe's credibility as a trusted global trade partner". The argument to the Parliament is therefore "do not use your legal rights. Do not seek to bring democracy into this process, it will make the EU look bad." More surprisingly, elements within the Parliament are seeking to undermine the Parliament. For example, elements of the Parliament's legal service are arguing that the Parliament's rules of procedure can be understood to say things they don't say. The ostensibly neutral and non-political lawyers argue that the Rule of Procedure, which say that the Parliament should suspend its work if the Parliament itself refers a decision to the Court, argue that - presumably on the basis that the drafters of the Parliament's rule were incompetent - the rules meant to say that deliberations should be suspended if any institution refers a proposal to the Court. With help from the industry and Commission lobbies, the anti-Parliament elements in the Parliament generated a whole queue of implausible delaying tactics on the production line. Do the rules of procedure of the Parliament say what they do not say? Maybe the Parliament should delay a vote for over a year to be on the safe side. Or perhaps this question should be referred to the Constitutional Affairs Committee to spend a few months reflecting on - with the Parliament suspending its work in the meantime. Perhaps the Parliament should produce an interim report, asking for non-binding undertakings from the Commission and Member States about implementation of ACTA, thereby wasting another few months. It is a very positive sign that the European Parliament has decided to resist the siren calls of the pro-ACTA lobby. It is a positive sign that the Parliament is showing a new courage to stand up for its democratic role in the decision-making process. However, there are still numerous possibilities for delay and even a vote in favour of ACTA's disastrous provisions. The courage shown this week gives grounds for cautious (and, above all, non-complacent) optimism. Full overview of the delay plans http://edri.org/acta_revival Industry lobbying on ACTA http://www.edri.org/files/acta_misinformation.pdf Mr Wieland sacrifices the Parliament's broader interests (27.03.2012) http://acta.ffii.org/?p=1216 European Parliament Rejects Referral Of ACTA To EU High Court (27.03.2012) http://www.ip-watch.org/2012/03/27/european-parliament-rejects-referral-of-a... Cooperative efforts in ACTA Digital Chapter (2012) http://www.edri.org/files/2012EDRiPapers/Article27.pdf (Contribution by Joe McNamee - EDRi) ============================================================ 9. Recommended Action ============================================================ 28 March 2012: Events on the Document Freedom Day http://documentfreedom.org/ ============================================================ 10. Recommended Reading ============================================================ EDRi Cooperative efforts in ACTA Digital Chapter (03.2012) http://www.edri.org/files/2012EDRiPapers/Article27.pdf ENISA: Study on data collection and storage in the EU http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverable... Commission gives up blocking VPN services, but still blocks ToR (26.03.2012) http://www.daten-speicherung.de/index.php/eu-commission-gives-up-blocking-to... ============================================================ 11. Agenda ============================================================ 29 March 2012, Reykjavmk, Iceland Reykjavmk Digital Freedoms Conference http://rdfc.is/ 30 March - 1 April 2012, Berlin, Germany Wikimedia Chapters Meeting 2012 http://meta.wikimedia.org/wiki/Wikimedia_Conference_2012 13 April 2012, Biefeld, Germany Big Brother Awards Germany http://www.bigbrotherawards.de/ 16-18 April 2012, Cambridge, UK Cambridge 2012: Innovation and Impact - Openly Collaborating to Enhance Education OER12 and the OCW Consortium's Global Conference http://conference.ocwconsortium.org/index.php/2012/uk 25 April 2012, Helsinki, Finland Finnish Internet Forum http://www.internetforum.fi/ 26-28 April 2012, Belgrade, Serbia SHARE 2 Conference http://www.shareconference.net/en 2-4 May 2012, Berlin, Germany Re:Publica 2012: ACTION! http://re-publica.de/12/en 14-15 June 2012, Stockholm, Sweden EuroDIG 2012 http://www.eurodig.org/ 18-22 June 2012, Samos, Greece Samos 2012 Summit on Open Data for Governance, Industry and Society Academic Papers Submission Deadline: 29 April 2012 http://samos-summit.blogspot.com/ 20-22 June 2012, Paris, France 2012 World Open Educational Resources Congress http://www.unesco.org/webworld/en/oer 2-6 July 2012, Budapest, Hungary Policies and Practices in Access to Digital Archives: Towards a New Research and Policy Agenda http://www.summer.ceu.hu/sites/default/files/course_files/Policies-and-Pract... 9-10 July 2012, Barcelona, Spain 8th International Conference on Internet Law & Politics: Challenges and Opportunities of Online Entertainment http://edcp.uoc.edu/symposia/idp2012/cfp/?lang=en 11-13 July 2012, Vigo, Spain The 12th Privacy Enhancing Technologies Symposium (PETS 2012) http://petsymposium.org/2012/ 12-14 September 2012, Louvain-la-Neuve, Belgium Building Institutions for Sustainable Scientific, Cultural and genetic Resources Commons. http://biogov.uclouvain.be/iasc/index.php 7-10 October 2012, Amsterdam, Netherlands 2012 Amsterdam Privacy Confernece http://www.ivir.nl/news/CallforPapersAPC2012.pdf ============================================================ 12. About ============================================================ EDRi-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRi has 28 members based or with offices in 18 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRi-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and are visible on the EDRi website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram@edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring http://flattr.com/thing/417077/edri-on-Flattr - EDRI-gram subscription information subscribe by e-mail To: edri-news-request@edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. Unsubscribe by e-mail To: edri-news-request@edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edri/2.html - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram@edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE