============================================================ EDRI-gram biweekly newsletter about digital civil rights in Europe Number 6.19, 8 October 2008 ============================================================ Contents ============================================================ 1. The European Parliament voted the Telecoms Package 2. Sarkozy snubbed by Barroso in the three strikes approach 3. The European Union wants to introduce virtual body screening in airports 4. First meeting of the Fundamental Rights Platform 5. Social Networks - on the European Commission's Agenda 6. Third Phorm trials started, but privacy concerns remained 7. RapidShare needs to check every file for copyright infringement 8. Serbia: Conference on Regulation of online Freedom of Expression 9. An update on the Italian PirateBay case 10. Recommended Action 11. Recommended Reading 12. Agenda 13. About ============================================================ 1. The European Parliament voted the Telecoms Package ============================================================ The Package of rules governing the Internet and telecoms sectors proposed by the European Commission in view of supporting competition and providing clearer information and a wider range of services to consumers was approved by the European Parliament on 24 September 2008, in the first reading. The measures that would have allowed a control on Internet users were rejected. The package including four legislative proposals was proposed on 13 November 2007 and had in view the establishment of a new EU telecoms authority, the introduction of functional separation in order to boost competition, a review of radio-spectrum management and a range of consumer protection measures. Following a strong pressure from the consumers, privacy groups and telecoms industry, the MEPs rejected the idea that ISPs should filter all downloads and punish the infringers of anti-piracy rules, being thus transformed into a sort of online police. The key amendments in this respect were Amendment 166 to the Harbour report and Amendment 138 to the Trautmann report, both adopted by the EP. "They state that users' access may not be restricted in any way that infringes their fundamental rights, and (166) that any sanctions should be proportionate and (138) require a court order. They both reinforce the principle established on April 9th in the Bono report, that the Parliament is against cutting off people's Internet access as a sanction for copyright infringement. Cutting off Internet access was not explicitly in the Telecoms Package, but it did open the door to 3-strikes. These amendments close that door." as Monica Horten correctly points out. The EP decided that personal data processing should not require the user's prior consent. Also, there was no clear decision on the issue of whether IP addresses should be considered as personal data. However, the EP approved the application of a prior consent clause to software such as cookies, which are installed in the users' computers and which provide information on their behaviour to the companies having created them, such as search engines. Another amendment requires the telecom companies to inform the national telecom regulators if they suffered serious data security breaches, that might affect their users' privacy. The Parliament's vote was welcomed by most interested parties being considered as a good step in the direction of privacy, the protection of personal data, and principles of proportionality and separation of powers. The European consumers organisation, BEUC stated: "Today MEPs voted to reinforce consumer rights and competition in telecoms markets across Europe. We hope the Council will follow the same line towards improving and facilitating consumers' daily lives. Many consumers still suffer from problems with their telecom providers: from complicated information to very long-term contracts, not to mention difficulties in switching. Concretely, thanks to today's move, consumers could benefit from more transparent information about tariffs and conditions of contracts." La Quadrature du Net, the group of citizens acting for individual rights and freedoms and supported by French as well as international NGOs, wanted to thank "all MEPs who have worked in this direction, and all citizens who mobilized en masse to alert their delegates on these issues. We'd like to thank particularly the MEPs who have been able to reconsider their positions as they became aware of the risks to the rights and freedoms of their fellow-citizens." However, the body still warns on some issues of concern particularly that of the danger that the adopted Amendment 138 may be withdrawn. Amendment 138 states that no restriction on the rights and freedoms of end users can be taken without prior decision of the judicial authority, only in cases when public safety is concerned. There is strong support for the adoption of the telecoms package by the end of the mandate of the present Parliament, at the middle of 2009. The next step in this issue will be the next Telecoms Council which is planned for the end of November. Parliament backs major telecoms, Internet overhaul (25.09.2008) http://www.euractiv.com/en/infosociety/parliament-backs-major-telecoms-inter... MEPs back altered telecoms reform (25.09.2008) http://www.out-law.com/page-9456 European Parliament votes against 3-strikes (24.09.2008) http://www.iptegrity.com/index.php?option=com_content&task=view&id=173&Itemid=9 Telecoms Package : European democracy's victory already threatened (26.09.2008) http://www.laquadrature.net/en/telecoms-package-european-democracys-victory-... EDRIgram: The telecom package debated by the European Parliament (10.09.2008) http://www.edri.org/edrigram/number6.17/telecom-package-debated ============================================================ 2. Sarkozy snubbed by Barroso in the three strikes approach ============================================================ Barroso, President of the European Commission has refused French President Sarkozy's request to withdraw Amendment 138 included in the Telecoms Package recently voted by the European Parliament. Amendment 138 which basically reinstates the legal issue of the freedom to communicate of Internet users, reaffirming that only threats to public security can justify the restriction to the free circulation of information on the Internet without a court decision, was voted with a large majority by the MEPs, fact which largely displeased EU French presidency who has continuously pushed and pressed for the application of the three strike approach introduced by its "Criation et Internet" draft bill. Sarkozy sent a letter to Barroso asking for the withdrawal of the amendment which would force France to give up its draft law. If the Commission does not reject the amendment, France would be in the position to obtain the refusal of the entire Telecoms Package which would practically be impossible. Therefore, Sarkozy is trying to obtain the withdrawal of the amendment by the Council of Ministers during the meeting scheduled for 27 November, before the second reading of the European Parliament that will take place during the first term of 2009. "Sarkozy tries to force his way through in Council, and his close staff does not hide that they want to subsequently outstrip the European Parliament by having the French bill adopted in emergency procedure before the second reading on the Telecoms Package" says La Quadrature du Net. But Mr. Barroso, president of the EC sent a non-receipt denial by reminding the French President that the amendment was voted with 573 pro votes against 74 and stating that the EC will "respect this democratic decision of the European Parliament" adding that the "amendment is a significant reminder of the legal principles that are inherent keys to the legal order of the European Union, especially as regards the citizens' fundamental rights". The position was stranghtned by the European Commission spokesman for information society issues, Martin Selmayr that said: "The European Commission respects this democratic decision of the European Parliament. In our opinion this amendment is an important re-affirmation of the basic principles of the rule of law in the EU, in particular the fundamental rights of its citizens." The European Commission has therefore accepted the amendment thus forcing France to accept the report. The Commission has invited France to discuss the issue at the Council of Ministers meeting where an agreement has to be reached between the Council and the EP in order to pass the Telecoms Package. As the Commission has no legislative power it can only act as negotiator between the two bodies. If France goes on with its plans to present its Creation et Internet draft law on 18 November, it might be under violation of a European provision in progress of being adopted. "The French President seems to have too soon forgotten how the European Union institutions work by pretending to ignore the co-decision principle" stated MEP Guy Bono, co-author of the amendment. On the other hand, the British Government which in July seemed ready to pursue a gradual response approach for p2p users now denies any such attempt. The British Prime Minister stated in a response to a petition asking him not to force ISPs to spy on their users for the purpose of monitoring copyrighted content. "Unfortunately, much of the media reports around this issue have been incorrect. There are no proposals to make ISPs liable for the content that travels across their networks. Nor are there proposals for ISPs to monitor customer activity for illegal downloading, or to enforce a '3 strikes' policy." Letter from Sarkozy to Barrosso (only in French) http://www.ecrans.fr/IMG/pdf/Lettre_Barroso.pdf President Sarkozy requires the withdrawal of Amendment 138 (only in French, 4.10.2008) http://www.numerama.com/magazine/10783-President-de-l-UE-Sarkozy-exige-le-re... Gradual response: Barroso said no to Nicolas Sarkozy (only in French, 6.10.2008) http://www.numerama.com/magazine/10791-URGENT-Riposte-Graduee-Barroso-dit-no... UK Prime Minister Denies Three Strikes Proposal... After Europe Tossed It (5.10.2008) http://www.zeropaid.com/news/9791/UK+Prime+Minister+Denies+Three+Strikes+Pro... Graduated response: Europe must resist Sarkozy's authoritarianism (6.10.2008) http://www.laquadrature.net/en/graduated-reponse-europe-must-resist-sarkozys... Graduated Response : The Lesson (7.10.2008) http://www.laquadrature.net/en/graduated-response-lesson EDRIgram: French law on 'graduate response' opposed by ISOC Europe (10.09.2008) http://www.edri.org/edrigram/number6.17/3strikes-opposed-isoc-europe ============================================================ 3. The European Union wants to introduce virtual body screening in airports ============================================================ A draft European Commission regulation has in view the introduction of millimetre wave imaging scanners in airports to be used "individually or in combination, as a primary or secondary means and under defined conditions". The scanner will provide a "virtual strip search" of travellers within the EU. The regulation is meant to be introduced in all the EU countries by the end of April 2010. The new technology creates an image of an unclothed body. The system has already been tested on a voluntary basis at Heathrow's Terminal Four. The procedure involves the beaming of electromagnetic waves of passengers the result being a virtual three-dimensional "naked" image from reflected energy. The black and white images obtained are alarmingly graphic raising privacy concerns. The European Union follows the example of the Unites States where scanners have been used in New York and Los Angeles airports because the technology shows body contours thus revealing any possible hidden objects such as guns or knives. The draft regulation has raised a lot of concern from the privacy advocates. "I don't think people are aware of what these scanners can do and how demeaning it is to have your body on display. Heathrow was right to discontinue their use and they should not be used in Britain except as an alternative to strip searches" said Gareth Crossman, Director of Policy at Liberty. In his turn, Tony Bunyan, the editor of Statewatch, believes the technology would subject "people including women, old people and children to such a shameful and undignified experience" adding: "It would appear that this is yet another case of 'if it is technologically possible it should be used' without any consideration of proportionality, privacy and civil liberties." Concerns over the safety of the new technology to be introduced have also been expressed. Paolo Costa, Chairman of the European Parliament's Transport Committee wrote a letter to the Commission in which he addressed several questions related to the procedure such as whether the technology is safe from the health point of view or the way in which the images will be stored and destroyed. UK Shadow Home Secretary Dominic Grieve wanted to emphasise the fact that, even if the scanners may prove to be effective security instruments, the UK government has to take into consideration first the UK security requirements "rather than the dictates of Brussels" and that the implementation must be done "in a proportionate manner". "Ministers need to explain publicly and transparently what these proposals are and why they are suitable to the UK" he added. Another concern was expressed by Timothy Kirkhope, a Conservative Euro-MP from the transport committee who is worried that the new security regulations may be introduced without discussions or without consulting the public. "It must not be the case that unelected Commission officials, or security bureaucrats, can introduce these measures without elected MEPs or MPs being able to anything about it," he said. Commission Regulation of supplementing the common basic standards on civil aviation security laid down in the Annex to Regulation (EC) No 300/2008 http://www.statewatch.org/news/2008/sep/eu-com-aviation-security.pdf ACLU Backgrounder on Body Scanners and "Virtual Strip Searches" (6.06.2008) http://www.aclu.org/privacy/35540res20080606.html Paolo Costa's letter to the European Commission (26.09.2008) http://www.statewatch.org/news/2008/sep/eu-com-aviation-security-costa-lette... EU to introduce 'virtual strip searches' at airports by 2010 (1.10.2008) http://www.telegraph.co.uk/news/worldnews/europe/3110533/EU-to-introduce-vir... ============================================================ 4. First meeting of the Fundamental Rights Platform ============================================================ On 7-8 October 2008 the European Union Agency for Fundamental Rights (FRA) held the first meeting of its Fundamental Rights Platform (FRP) in Vienna. Representatives from about 100 NGOs and other Fundamental Rights Organisations - EDRi amongst them - were invited to discuss and make suggestions on potential strategic objectives of the Agency and for priorities for the FRA Work Program 2009 and 2010. The Fundamental Rights Platform is part of FRAs newly defined structure and focus. With a Council Regulation of February 2007 the former European Monitoring Centre on Racism and Xenophobia (EUMC) got an increased thematic area of operation and was renamed to European Union Agency for Fundamental Rights. By a Council Decision of February 2008 a Multi-annual Framework for the work of FRA in the years 2007-2012 was established, which served as a basis for the discussions of the platform on the strategic direction and thematic priorities of the Agency. The discussions of the FRP were organised in four working groups. The rapporteurs of these groups will create a common report, which will be presented to the FRA management board on 23 October 2008. Amongst the main strategic objectives that were discussed in the working groups was, that FRA should work on increasing the visibility of Fundamental Rights issues, increase their recognition in the EU policy making process and that it should maintain its monitoring function and its role as a Fundamental Rights watchdog. The thematic priorities of FRAs work in the coming years are predefined by the Multi-annual framework adopted by the European Council. While most participants agreed, that it should be avoided to create a kind of shopping list of most important Fundamental Rights issues, topics like data protection and privacy, children's rights, rights of migrants and access to justice were expressed by participants to be important to be addressed by the Agency as well as by the members of the Fundamental Rights Platform. Next steps to be taken by the FRP will be to define its organisational structures and mechanisms of representation. In November 2008 the FRA will begin to draft its 2010 work program. A consultation process on this will start at the beginning of 2009 and there will be a meeting of the FRP in 2009 as well, where the necessary decisions on the organisational and representative structures can be taken. European Union Agency for Fundamental Rights http://fra.europa.eu/ Council Regulation establishing FRA http://fra.europa.eu/fra/material/pub/FRA/reg_168-2007_en.pdf FRA Multi-annual framework http://fra.europa.eu/fra/index.php?fuseaction=content.dsp_cat_content&catid=471f0d2f0ed70 (contribution by Andreas Krisch - EDRi) ============================================================ 5. Social Networks - on the European Commission's Agenda ============================================================ Viviane Reding, Commissioner for Information Society and Media, gave her first public speech on social networks at the Safer Internet Forum on 26 September 2008, which confirms the interest of the EU bodies on this topic. The commissioner emphasized the growth of the social networks in Europe: "56% of the European online population visited social networking sites last year and the number of regular users is forecast to rise from today's 41.7 million to 107.4 million in the next four years. In 2007 9.6 million British belonged to the country's social networking community, with 8.9 million and France and 8.6 million in Germany. In Europe users spend 3 hours per month on average on social networking sites according to comscore.com." While praising their success in promoting cultural diversity and enhanced interactivity and, at the same time, in bringing new economic opportunities for the European industry, Reading mentioned also the new issues raised by the social networks on data privacy and protection of minors. On the occasion of this event, the submissions to the public consultation on Age Verification, Cross Media Rating and Social Networking initiated earlier this year by the EC were made public. Other EU bodies, such as ENISA have called for new legislation that would regulate social networking sites. According to its recent report, ENISA pointed out that social networking sites such as Facebook and MySpace need more regulation to protect their users against security risks. But the Commissioner took the stance of self-regulation in relation to social networking and announced that the Commission wants to act as a facilitator: "For this purpose the Commission has convened a Social Networking Task Force, which held two meetings in 2008 with 17 operators of social networking sites used by under-18s (e.g. MySpace, Facebook, YouTube, Bebo, Hyves, StudiVZ, and Skyrock), a number of researchers and child welfare organisations. The objective is to agree on voluntary guidelines for use of social networking sites by children, to be adopted voluntarily by the European industry." The European Commissioner speech and announced actions seem to forget about the security and privacy issues raised by the use of the social networks, focusing and involving only child welfare organisations. The importance of the privacy aspects of the online social networks is emphasized by the European Data Protection Authorities gathered in the plenary of the Article 29 Working Party, that have announced that it is preparing an opinion on online social networks. The working party has sent out a questionnaire on data protection and privacy related issues to Social Network Services and a consolidated version of the opinion is being prepared. Social Networking Sites: Commissioner Reding stresses their economic and societal importance for Europe (26.09.2008) http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/08/587&format=HTML&aged=0&language=EN&guiLanguage=en Consultation Age Verification, Cross Media Rating and Social Networking - submissions http://ec.europa.eu/information_society/activities/sip/public_consultation/i... The Article 29 Working Party- 67 plenary session (2.10.2008) http://ec.europa.eu/justice_home/fsj/privacy/news/docs/pr_02_10_08_en.pdf EDRi-gram: Social networking sites might be regulated in EU (4.06.2008) http://www.edri.org/edrigram/number6.11/social-networking-eu ============================================================ 6. Third Phorm trials started, but privacy concerns remained ============================================================ Following a complaint placed in July 2008 by campaigners against the British companies BT and Phorm for their allegedly illegal secret ISP-level adware trials, the London Police decided not to investigate the case arguing there had been implied consent of their customers. BT started its third trial of Phorm technology on 30 September, this time asking the consumers to opt-in. Phorm is used to monitor a user's web browsing history, taking a copy of the places the user goes to and search terms he (she) looks for. Then, adverts related to that history are placed on websites that have signed up to use Phorm, such as BT, Talk Talk and Virgin. Phorm has been criticised being considered to break laws on unwarranted interception of data. Privacy advocates are also concerned by the information that the technology gathers about a user's web browsing habits. "The matter will not be investigated by the City of London Police as it has been decided that no Criminal Offence has been committed. One of the main reasons for this decision is the lack of Criminal Intent on behalf of BT and Phorm Inc in relation to the tests. It is also believed that there would have been a level of implied consent from BT's customers in relation to the tests, as the aim was to enhance their products" wrote detective sergeant Barry Murray in an email to Alex Hanff, the anti-Phorm campaigner having compiled the dossier against the two companies. In the police's opinion, the matter is considered a civil dispute and "there is no suggestion that Criminal Intent exists." Nicholas Bohm, lead counsel of the Foundation for Information Policy Research, considers the police's explanation "pathetic" and argues that Phorm breaks several criminal laws, especially if there is no consent. "City of London Police's response expresses massive disinterest in what occurred. Saying that BT customers gave implied consent is absurd. There was never any behaviour by BT customers that could be interpreted as implied consent because they were deliberately kept in the dark. As for the issue of whether there was criminal intent, well, they intended to intercept communications. That was the purpose of what they were doing. To say that there was no criminal intent is to misunderstand the legal requirements for criminal intent" he said. In February, after the first two trials of the technology used to intercept and profile subscribers' Internet usage, BT and Phorm were advised by the Home Office that the technology was covered by the Regulation of Investigatory Powers Act (RIPA), governing wiretapping. The system could be legal if consent was obtained but it appears that no consent had been asked during those trials. The Information Commissioner Office (ICO) asked in April 2008 that Phorm ad-targeting system should be "opt in" and stated it would monitor Phorm trials and commercial rollout to ensure the observation of the data protection laws. ICO said that after its discussions with Phorm, there appeared to be no infringement of the laws regarding personal data. Information Society Commissioner Viviane Reding had asked the UK Government to give, by the end of August, an explanation of how Phorm's technology conformed with EU data protection and privacy laws. The Department for Business, Enterprise and Regulatory Reform (BERR) responded in September, basically considering that Phorm's products are capable of being operated with the users' knowledge and consent, and if the users are "presented with an unavoidable statement about the product and asked to exercise a choice about whether to be involved." But, as Nicholas Bohm has shown, unless the ISPs have the explicit consent of both the customers whose profile is used as well as the advertising websites using it, they are likely to commit an offence under the Regulation of Investigatory Powers Act (RIPA). "The inevitable conclusion is that an ISP who operates the Phorm system will commit offences under RIPA s1 on a large scale. Phorm is inciting the commission of those offences, which is itself an offence at common law (and will be an offence under section 44 of the Serious Crime Act 2007 when it is brought into force to replace the common law offence)" said Bohm. The question is whether UK authorities are aware that communications between Internet users and website owners during web browsing are legally private just like the communications between any two private people. They think future Phorm deployments can be legal. On the other hand, they refused to make public their answer to the European Commission about the first two secret trials. Without having a clear answer on these issues, BT started on 30 September a new trial of the Phorm technology, this time by asking consent to its users for the participation in the trial. The company has even envisaged incentives such as offering to donate to charities if its users opt to let their Internet use profile for advertisers, an upgrade to a faster broadband package at no extra cost, a reduction in the bill, free music or anti-virus software download vouchers or others. Digital rights campaigners have fought against Phorm for some time now and have shown that there is no protection for UK citizens from corporations wanting to illegally intercept private communications. The European Commission lawyers are analysing the UK government's explanation of why no action has been taken. Phorm warned about web data rules (9.04.2008) http://news.bbc.co.uk/2/hi/technology/7339263.stm Police drop BT-Phorm probe (22.09.2008) http://www.theregister.co.uk/2008/09/22/bt_phorm_police_drop/ Phorm mulls incentives for ad targeting wiretaps (26.09.2008) http://www.theregister.co.uk/2008/09/26/phorm_webwise_incentives_survey/ 4 good reasons not to take part in the BT Webwise trial (30.09.2008) http://www.openrightsgroup.org/2008/09/30/4-good-reasons-not-to-take-part-in... What BERR want from Phorm - and what we think they're missing (19.09.2008) http://www.openrightsgroup.org/2008/09/19/what-berr-want-from-phorm-and-what... The Phorm "Webwise" System (18.05.2008) http://www.cl.cam.ac.uk/~rnc1/080518-phorm.pdf EDRi-gram: UK: Phorm targeted advertising practices - under pressure (28.03.2008) http://www.edri.org/edrigram/number6.6/phorm-uk-ifpr ============================================================ 7. RapidShare needs to check every file for copyright infringement ============================================================ A Hamburg court in Germany has ruled that the free file-hosting service RapidShare.de is not doing enough to combat piracy, so they should check content for copyright infringement before it is made available on the Internet . The decision was given in the legal conflict between RapidShare and GEMA, a German copyright collective organisation, that has been going fro some years. RapidShare already has a system in place to check against the uploading of already deleted material. The system is based on a MD5 Hash filter, but it was not considered enough by the court because any file can be changed with just a few bytes in order to bypass the filter. Not even the fact that the company has six employees working full time to remove infringing content was enough for the court that claimed that RapidShare has to "pro actively check content before publishing it" if there had been similar infringements in the past. They also have the obligation to log the IP addresses of alleged infringers. The judge also ruled that Rapidshare cannot argue that it is impossible to stay in business if it would have to check every single file: "A business model that doesn't use common methods of prevention cannot claim the protection of the law." The decision will be impossible to implement in the case of the password protected archives that can't be checked for copyright infringement. Also, the case could have limited effects to the Internet free file-hosting, since RapidShare has its main office in Switzerland and there are other free-hosting services available in almost every corner of the world. Hamburg decision on RapidShare.de (only in German, 2.07.2008) http://webhosting-und-recht.de/urteile/Oberlandesgericht-Hamburg-20080702.ht... Court: Rapidshare has to check all uploads for copyright infringement (30.09.3008) http://www.p2p-blog.com/item-859.html Rapidshare Loses in Court - Must Proactively Remove Copyrighted Content (1.10.2008) http://www.zeropaid.com/news/9781/Rapidshare%20Loses%20in%20Court%20-%20Must... EDRi-gram: RapidShare sues German rights holder association (9.05.2007) http://www.edri.org/edrigram/number5.9/rapidshare-gema ============================================================ 8. Serbia: Conference on Regulation of online Freedom of Expression ============================================================ On 8 and 9 September 2008, the Faculty of Political Sciences of the University of Belgrade hosted the international conference on regulation of freedom of expression on the Internet, organized by the Programme in Comparative Media Law and Policy (PCMLP) of the University of Oxford. EDRi-member Metamorphosis Foundation participated with a presentation of the Macedonian experiences in this area. The dean of the Faculty of political sciences Milan Podunavac reported that as part of the efforts to overcome the negative legacy from the Serbian past-as a postwar, post-dictatorial and post-communist society-the faculty intends to introduce a subject for media law and new media law. The Ambassador of the Council of Europe (CoE), Constantin Jerokostopulos, indicated that the freedom of expression and communication must be respected, with an exception of the contents defined as illegal by the law. Jelena Surculija, Assistant Minister of Telecommunications and Information Society and PCMLP representative for Serbia pointed out that regulatory challenges include authenticity of the information and availability of content published abroad in countries where such content is illegal. She differentiated between blogging as form of expression dealing mainly with personal information and perceptions, including publishing on Facebook.com-like systems, and citizen journalism as a new form of journalism which for the time being remains unacknowledged due to issues of ethics and media registration. Prof. David Goldberg from the University of Oxford started with the basic assumption that "blogging is simply a form of expression, of writing, and as such it is entitled to maximum protection." He pointed out that it is a "misleading metaphor to speak about 'balance.' The default position is promotion of freedom of expression with some very limited exceptions." Speaking about the challenges, prof. Goldberg suggested the possible need to define a new term for political blogs - plogs, and also noted that current estimates on the number of blogs probably underestimate their quantity, considering also the fact that "22 of the 100 most popular websites are blogs." Referring to a recent UK case when a convicted criminal posted a threat to his arresting officer ("PC Lloyd, God help your newborn baby") and was charged under Telecommunications Act, prof. Goldberg stated that there's "no need for new laws, there's plenty of legislation lying around" which can be used to tackle the blogging-related problems. On the other hand, the need for anti-SLAP legislation-preventing centers of power such as corporations to use strategic lawsuits against the public-grows, to insure freedom of expression for the individual authors or content providers. Council of Europe Expert Ad Van Loon also pointed out that human rights protection, and especially freedom of expression, lies at the core of the CoE regulatory framework for content on the internet. These rights remain under threat in countries which do no meet their international obligations, but can also be influenced by other factors, such as copyright. Legal experts Slobodan Kremenjak, Attorney-at-Law, and Snezana Smolovic-Green from the Association of the Independent Electronic Media presented the legal framework for protection of personal data and privacy protection in online and offline media. Serbian institutions responsible for these areas include the Ombudsman and the Representative for information of public importance. In this context, prof. Dirk Voorhoof from the University of Gent Belgium pointed out that the related right to anonymity can be jeopardized by various threats, both legal and technical. Media law expert Inger Hoedt-Rasmussen provided insight in the Danish experiences in the area of protection of rights of children on the internet, based on the premise that bad things are just a small part of the possibilities offered by the new technologies. The threats can be minimized through awareness raising and increasing of knowledge much better than through state mechanisms of control and censorship. She noted that kids as digital natives have far more knowledge and skills about the new technologies than their parents who attempt to help them. The dangers, such as paedophile predators, did not appear because of the internet, they were part of life in the past too. Caregivers had modes of preventing such threats in the past, such as instructing choir boys when going on tour to immediately report if some "uncle" follows them around claiming he's very interested in music. During the panel devoted to regulation and/or self-regulation on the internet, Andrei Richter, the director of the Moscow Media Law and Policy Institute pointed out the serious issues present in Russia and the Commonwealth of Independent States. The most drastic example is the arrest and murder of the owner of the website Ingushetia.ru. He referred to the little known fact that Belarus is among the most productive post-Soviet republics in terms of internet content production, second only to EU-member Baltic States, while the states of Central Asia, which have very liberal legislative framework, lag behind. Prof. Richter pointed out that repressive legal frameworks often take the back seat to education levels and cultural factors in preventing content creation, which in turn incites freedom of expression. Due to its size, Russia has the largest content production in absolute terms, and "it is clear that (the Government) cannot control the internet any more." Influencing factor is whether the states treat the internet as mass media or not, which implies varied status in legislative terms. For instance in Georgia where mass media have nominal protection this leads to increased freedom of expression on the internet. In Russia, sadly "the whole system of self-regulation consists of a telephone call from the security services." Participants in the discussion concurred that the situation in Serbia used to be similar. Metamorphosis Foundation representative Filip Stojanovski spoke about the situation in Macedonia as an example of a Western Balkans country. In general, there is no formal regulation of the internet. ISPs claim that they do not filter the content published on their servers, and remove content only by court order. In some cases the generally accepted value of freedom of expression leads to tolerance to forms of hate speech. Lack of official standards for the governmental websites combined with the silence of the administration makes it harder for the citizens to get the information from the state structures. Spam is a form of regulated content - forbidden by the Law on Electronic Communications (2005) but to the best of the public knowledge, the regulatory body in charge of enforcing this law (aek.mk) has not implemented these provisions so far. Positive examples of self/regulation include the house rules of blogging service Blogeraj, the efforts to increase privacy protection by the Directorate for Personal Data Protection and the NGO sector, chiefly the project Children's Rights on the Internet - Safe and Protected. Slobodan Markovic, president of the Center for Internet Development from Belgrade addressed freedom of expression issues related to the internet domain names. On global level ICANN implements the Domain Name Dispute Resolution Policies. Through an inclusive consensus building process, the relevant stakeholders in Serbia established a new domain registrar. The mechanism for resolution of disputes relies on court arbitration, which is part of the original contract for purchase of domains. In a similar painless fashion the process of migration from the old .yu to the new .rs top domain is taking place. The owners of the old domains have an advantage in the process of (re)registration, and the old addresses will remain valid for about a year more. Participants in the conference included representatives of the state institutions, regulatory bodies, the nongovernmental and the business sector of Serbia. Both the panels and the subsequent discussions served to pass on the knowledge helpful to inciting reform processes toward the harmonization of the legal and institutional frameworks with the European standards. Conference Agenda (08.09.2008) http://pcmlp.socleg.ox.ac.uk/html/Sept08agenda.pdf Serbia: Conference on Regulation of Freedom of Expression on the Internet (22.09.2008) http://www.metamorphosis.org.mk/content/view/1241/lang,en/ (contribution by Filip Stojanovski - EDRi-member Metamorphosis Foundation - Macedonia) ============================================================ 9. An update on the Italian PirateBay case ============================================================ The Bergamo Criminal Court overrules the seizure, but establishes a case law that is a violation of civil rights. On 16 August 2008 ALCEI reported to the Italian Data Protection Authority the violations of law contained in the pre-emptive seizure order issued by the Justice for preliminary investigation of the Bergamo Tribunal. In that report, ALCEI pointed out that: - the wrong and manipulative extension of the provision that disciplines a pre-emptive seizure to include the hijacking of online traffic; - the enforcement of a court order outside Italian jurisdiction and, what's even worse, not based on any actual criminal offense, but on "statistical" hypotheses based on data that have no scientific reliability; - the misconduct by the Bergamo Guardia di Finanza that, without any court order, ordered internet access providers to redirect all requests of connection from Italy to the thepiratebay.org website to another site, placed in the UK and managed by an organization backed by music industry. While we are waiting for the decision of the Data Protection Authority (that we hope will come soon) the Bergamo Court has overruled the pre-emptive seizure order with a decision that, instead of solving the problems arising from the first decision, creates worst issues. The Bergamo Court, in fact, has overuled the seizure, but only on the legal basis. As it has been pointed out by ALCEI, that "seizure" cannot be interpreted as "traffic hijacking". But the court did not, as it should have done, evaluate first of all the lack of Italian jurisdiction. By not doing so, the Bergamo tribunal has created a dangerous case law that, by reciprocity, allows any foreign magistrate to investigate and take to court an Italian citizen, with the additional absurdity that even in the absence of any evidence that a crime has been committed, a legal prosecution can be based on hypothetical "statistic calculation". Furthermore, by asserting the validity of the public prosecutor investigation, the Court has de facto established the automatic liability not only of internet providers, but also of search engines, and the possibility of using, as an investigative tool, data and information with no solid ground. And also, by saying that even if pre-emptive seizure has been wrongly enforced , it is "in theory compatible with" sect.14D.L.VO 70/03 (EU E-commerce directive implementation, dealing with ISP liability), the Court of Bergamo on the one hand allows "owners of ideas" to push for an additional and barbaric copyright law amendment while, on the other hand, it reaffirms an obvious error of interpretation of law by affirming the role of ISPs as "sheriffs of the net". ALCEI expresses serious concern about this court decision that fails to offer clear references for citizens and enterprises, increases confusion and the perception that, when copyright is involved, law is not "equal for all". ALCEI - An update on the Piratebay case (8.10.2008) http://www.alcei.org/?p=38 ALCEI Press release - The Piratebay case. The Bergamo Criminal Court overrules the seizure, but establishes a case law that is a violation of civil rights. (only in Italian, 7.10.2008) http://www.alcei.it/index.php/archives/132 ALCEI : Dangerous Ordinance on PirateBay (only in Italian, 8.10.2008) http://punto-informatico.it/2430933/PI/News/alcei-pericolosa-ordinanza-sulla... EDRi-gram: Italian justice wants to "seize" a foreign website (27.08.2008) http://www.edri.org/edrigram/number6.16/italy-blocks-piratebay (contribution by EDRi-member ALCEI - Italy) ============================================================ 10. Recommended Action ============================================================ Consultation on the early challenges regarding the "Internet of Things" http://ec.europa.eu/information_society/tl/activities/consultations/index_en... Commission consults on how to put Europe into the lead of the transition to Web 3.0 (29.09.2008) http://europa.eu/rapid/pressReleasesAction.do?reference=IP/08/1422&format=HTML&aged=0&language=EN&guiLanguage=en ============================================================ 11. Recommended Reading ============================================================ FOI in the EU: When is a "document" not a "document"? by Tony Bunyan The European Commission has put forward a number of changes to the Regulation on access to EU documents adopted in 2001. Controversially it proposes to change the definition of a "document" which in turn affects which would or would not be listed on its public register of documents. Does this have anything to do with the fact that the European Ombudsman has just ruled that the Commission must abide by the existing definition of a "document" in the Regulation and that it must list all the documents it holds on its public register? http://www.statewatch.org/news/2008/sep/foi-in-the-eu-what-is-a-document.pdf ============================================================ 12. Agenda ============================================================ 10-11 October 2008, Paris, France The Exchange and Storage of Data - Issues of Sovereignty, European and International Technical Cooperation, and Fundamental Human Rights http://www.libertysecurity.org/article2224.html 11 October 2008, Worldwide Action day "Freedom not fear" Protests, demonstrations and activities against the surveillance mania http://wiki.vorratsdatenspeicherung.de/Freedom_Not_Fear_2008 13-15 October 2008, Strasbourg, France First PrivacyOS "Open Space" Conference EDRi is a partner of the PrivacyOS project - a thematic network for privacy protection infrastructure within the current European Commission4s ICT Policy Support Programme. http://www.privacyos.de/index.php?option=com_content&view=section&layout=blog&id=3&Itemid=37 15-17 October 2008, Strasbourg, France 30th International Data Protection and Privacy Conference http://www.privacyconference2008.org/ 18 October 2008, Berne, Switzerland Big Brother Awards Switzerland 2008 http://www.BigBrotherAwards.ch/ 20-21 October 2008, Strasbourg, France European Dialogue on Internet Governance (EuroDIG) http://www.eurodig.org/ 20-21 October 2008, Amsterdam, Netherlands Marking the public domain: relinquishment & certification Third Communia Workshop http://communia-project.eu/node/109 21 October 2008, Brussels, Belgium Workshop "International Transfers of Personal Data" Organized by the European Commission with the Article 29 Data Protection Working Party and the United States Department of Commerce's International Trade Administration. http://ec.europa.eu/justice_home/news/events/news_events_en.htm#personal_dat... 22 October 2008, Brussels, Belgium New Legal Requirements for the Electronic Communications Sector: Security Breach Notification, Content Filtering and Data Retention http://www.fitce.be/node/151 24 October 2008, Bielefeld, Germany Big Brother Awards Germany 2008 http://www.BigBrotherAwards.de/ 25 October 2008, Vienna, Austria Big Brother Awards Austria 2008 http://www.BigBrotherAwards.at/ 13-14 November 2008, Chisinau, Moldova IFLA/EBLIDA/eIFL Conference on copyright and libraries Copyright: Enabling Access or Creating Roadblocks for Libraries? Registration by 1 November 2008 http://www.eblida.org/index.php?page=draft-programme-2 25-26 November 2008, Brussels, Belgium World e-Parliament Conference 2008 http://www.ictparliament.org/worldeparliamentconference2008/ 3-6 December 2008, Hyderabad, India Third Internet Governance Forum http://www.intgovforum.org 9-10 December 2008, Madrid, Spain Future Internet Assembly http://www.future-internet.eu/home/future-internet-assembly/madrid-dec-2008.... http://www.fi-madrid.eu/ 10-11 December 2008: Tilburg, Netherlands Tilting perspectives on regulating technologies, Tilburg Institute for Law and Technology, and Society, Tilburg University http://www.tilburguniversity.nl/tilt/conference 27-30 December 2008 Berlin, Germany 25C3: Nothing to hide The 25th Chaos Communication Congress http://events.ccc.de/congress/2008/ 18-20 March 2009, Athens, Greece WebSci'09: Society On-Line http://www.websci09.org/ ============================================================ 13. About ============================================================ EDRI-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRI has 28 members based or with offices in 17 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 2.0 License. See the full text at http://creativecommons.org/licenses/by/2.0/ Newsletter editor: Bogdan Manolea <edrigram@edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request@edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. unsubscribe by e-mail To: edri-news-request@edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edrigram-mk.php - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram@edri.org> if you have any problems with subscribing or unsubscribing ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE