============================================================
EDRi-gram
biweekly newsletter about digital civil rights in Europe
Number 9.9, 4 May 2011
============================================================
Contents
============================================================
1. The "Virtual Schengen Border" or "Great Firewall of Europe"
2. European Commission stumbles in ACTA opinion rebuttal
3. Facebook takes down activist groups' profiles
4. Don't use "crispy" on the Turkish Internet!
5. Data Retention has arrived in Austria
6. Copyright complaint leads to public domain music library takedown
7. The curious case of Internet filtering in Ireland
8. French Digital Council with no representative from Internet users
9. BitTorrent site blocked by Italian court
10. Privatised enforcement series D: Anatomy of a self-regulation proposal
11. ENDitorial: Defending the Open Internet
12. Recommended Action
13. Recommended Reading
14. Agenda
15. About
============================================================
1. The "Virtual Schengen Border" or "Great Firewall of Europe"
============================================================
During a meeting in February 2011 of the Council of the European Union's Law
Enforcement Work Party (LEWP), a forum for cooperation on issues such as
counter terrorism, customs and fraud, a disturbing proposal was tabled to
create a "Great Firewall of Europe" by blocking "illicit" web material at
the borders of the bloc with the intention to "to propose concrete measures
towards creating a single secure European cyberspace."
According to the proposal, the secure European cyberspace would have a
"virtual Schengen border" and "virtual access points" whereby "the Internet
Service Providers would block illicit contents on the basis of the EU
blacklist".
Some of the concerns raised by civil liberty groups are that there is no
clarification as to what this "illicit content" means and that innocent
sites are routinely included on such blacklists. Broadband providers are
very concerned by this proposal which would actually impose Europe-wide
censorship and believe that illegal content should be removed at the source
by the cooperation between the police and web hosting firms and not by
network blocking which, being easy to circumvent, is no real solution.
"Most absurd of all, despite all of the costs in terms of democracy, freedom
of speech and even the economy, there is no analysis of any benefit or
expected benefit that, even mistakenly, the architects of this madness
expect to outweigh the cost", stated EDRi Advocacy Coordinator Joe McNamee.
Alarm over EU 'Great Firewall' proposal (29.04.2011)
http://www.telegraph.co.uk/technology/news/8481330/Alarm-over-EU-Great-Firew...
Europe's 'single secure cyberspace' plan under attack (2.05.2011)
http://www.computerworld.com/s/article/9216321/Europe_s_single_secure_cybers...
Outcome of proceedings of Joint meeting of the Law Enforcement Working Party
and the Customs Cooperation Working Party on 17 February 2011- Summary of
discussions (3.03.2011)
http://register.consilium.europa.eu/pdf/en/11/st07/st07181.en11.pdf
============================================================
2. European Commission stumbles in ACTA opinion rebuttal
============================================================
Last week, the European Commission posted a rebuttal to a widely cited
opinion document by prominent European academics on the Anti-
Counterfeiting Trade Agreement (ACTA). The Commission however made
several factual errors in its rebuttal, according to an analysis by
Ante Wessels of the Foundation for a Free Information Infrastructures
(FFII). In some cases, the Commission even appears to have forgotten
its own prior statements on ACTA.
In their opinion document, the European academics noted several
incompatibilities between ACTA and the EU acquis, in addition to
serious concerns on fundamental rights, data protection and a lack of
balance of interests. They called upon the European Parliament and on
national legislators and governments to withhold consent of ACTA until
these concerns were addressed.
The Commission has now published a point-by-point rebuttal of this
opinion document. In general, it claims that most concerns of the
academics do not apply because a number of ACTA provisions are
optional, or because EU legislation already contains similar measures.
Ante Wessels of the FFII disagrees with the Commission. Stating that
it "is too much work to address all the flaws in the Commission's
notes", he limits his remarks to three topics.
1. His first comments are related to the awarded damages. The EU
directive 2004/48, also known as IPRED, both in general and in detail,
specifies that awarded damages can only be based on unfair
profits by the infringer and on actual losses incurred by the
rightholder. ACTA concurs in general, but goes further by stating that
judicial authorities must also be able to consider additional elements
such as the suggested retail price.
In other words, under IPRED, a judge would be hard-pressed to award
Microsoft 130 Euro in damages for patent infringement per copy of Linux
downloaded. After all, not every such download replaced the sale of a
Windows copy. On the other hand, ACTA does mandate the possibility of
such a decision. It thereby forces the reasoning by the music sector
that every infringement corresponds to a lost sale to be codified in
law for all industries.
The Commission however sees no conflict between ACTA and IPRED,
because it considers both ways to arrive at awarded damages as "fair".
Let this reasoning henceforth be known as "the European fairness
doctrine of legal equivalence". Furthermore, the Commission claims
that considering the retail price and the value of infringed goods or
services is optional in ACTA. As Mr Wessels notes, it seems to have
missed that ACTA does require providing for these possibilities in
law. They are only optional in the sense that nobody will hold a gun
to the rightholders' heads forcing them to ask the judicial
authorities to take these additional elements into account.
2. The second discussion point centres around border measures. The
academics noted that ACTA requires border measures for a broad
category of trademark infringements, while present EU legislation only
does so in case of "counterfeit goods". The Commission denies this
point by stating that it actually insisted on the much broader ACTA
definition, in order to give the EU more flexibility when reviewing
the applicable EU legislation. Mr Wessels does not understand this
reasoning, given that ACTA lays down minimum requirements rather than
maxima. As a result, the EU will have to broaden the scope of its
relevant legislation to comply with ACTA, and the Commission takes
explicit credit for this achievement in its attempted rebuttal of that
exact same statement.
The Commission also argues that illegitimate claims of trademark
infringements do not pose problems for the generic medicines industry,
even though the Dutch Minister of Economic Affairs has stated the
opposite in the past. Finally, the Commission also tries to calm fears
over patent-based border seizures, by noting that civil remedies to
patent-related issues are optional in ACTA. Mr Wessels remarks that it
is possible to opt out of civil remedies to patent-related issues, but
that the Commission has already publicly confirmed that, unlike the
US, they will not take advantage of this option.
3. The final observations are about the criminal measures in ACTA. The
Commission says that it can consent without any problems to the ACTA
criminal measures, because they will not require changes to EU
legislation. It compares the ACTA situation to the TRIPS agreement,
but Mr Wessels notes that the Community never signed on to the TRIPS
criminal measures exactly because it was not competent to do so.
Instead, only the individual member states ratified the TRIPS criminal
measures. In case of ACTA, the Community is not competent either as
far as criminal measures are concerned, but the Commission
nevertheless did agree to them rather than leaving it solely to the
member states.
In summary, even though the Commission has had over three months to
analyse the opinion by the academics and formulate a reply, it appears
that the said reply was hastily written and poorly vetted before it was
published. The Commission's comments ignore prior statements made by
the Commission itself, focus on misreadings of the ACTA text and
suggest a lack of awareness concerning EU competency. The European
Parliament however still has to decide on whether or not to give its
assent to the proposed agreement before it can be ratified.
The EU Commission lacks basic reading skills (1.05.2011)
http://acta.ffii.org/wordpress/?p=598
Comments on the "Opinion of European Academics on Anti-Counterfeiting Trade
Agreement" (27.04.2011)
http://trade.ec.europa.eu/doclib/docs/2011/april/tradoc_147853.pdf
Opinion of European Academics on ACTA (20.01.2011)
http://acta.ffii.org/?p=373
(contribution by Jonas Maebe - volunteer with the EDRi-member Liga voor
Mensenrechten, Belgium)
============================================================
3. Facebook takes down activist groups' profiles
============================================================
Facebook has just deleted about 50 UK activist groups' profiles and users'
accounts without any notification to the owners of the accounts.
While the reasons are not very clear, a possible explanation being that the
respective groups have technically breached their terms and conditions by
using a "profile" rather than a "page", there are suspicions that Facebook
might have acted after a law enforcement complaint and the purge could
be linked to the wider crackdown on protest by authorities in Britain.
In any case, Facebook's action is questionable especially as the platform
performed the takedowns without any notification. Facebook exercises a
significant power over political activity and speech.
EDRi-member Open Rights Group asks Facebook to responsibly correct the
situation by contacting the users of the deleted accounts and working with
them to transfer their contacts and other information to the format that
Facebook considers appropriate to reinstate the suspended pages (with the
technical changes such as addition of organisation URLs), to create a
notification system rather than directly deleting accounts and to put in
place a process to migrate from a "profile" to a "page".
Facebook did react and has lately notified a number of profile owners about
migrating their profile to a page, as it does have such a process.
But the idea is that we should be able to understand the risks of using such
powerful platforms as Facebook and that the lack of alternatives will only
lead to increasing their power and to a gradual limitation of our autonomy
and power. A solution would be to use self-hosted, open source platforms in
order to avoid reliance upon corporate power structures.
A number of people from the groups that had their accounts deleted have just
signed up to the experimental Diaspora, through independent co-operating
"pods" like My Seed.
Diaspora, just like other open source social platforms, is intended as a
network of independent servers, each hosting some users, who can move
between them, and talk to people using other servers. Although only at its
beginnings, this approach may lead to decentralised, privacy-friendly and
censorship resistant platforms.
Corporations may not protect your free speech and privacy (1.05.2011)
http://www.openrightsgroup.org/blog/2011/corporations-may-not-protect-your-f...
FaceBook Takedowns
http://wiki.openrightsgroup.org/wiki/FB_takedowns
Facebook political takedowns: Burying bad news? (29.04.2011)
http://www.openrightsgroup.org/blog/2011/facebook-takedowns:-burying-bad-new...
Over 50 political accounts deleted in Facebook purge (29.04.2011)
http://blog.ucloccupation.com/2011/04/29/over-50-political-accounts-deleted-...
============================================================
4. Don't use "crispy" on the Turkish Internet!
============================================================
The Turkish Telecommunication Communication Presidency (TIB) has reached an
unprecedented level of censorship by recently banning 138 words and terms
from the Internet, many of which being simple, every-day words.
On 28 April 2011, TIB sent a notification to all service providers and
hosting companies in Turkey with the list of banned words and terms that
included words like "animal", "sister-in-law", "crispy", "confession",
"breath", "hot", "adult" or "local", placing thus sites of supermarkets,
restaurants, food home delivery, football supporters' clubs and others in
difficulty.
"Providing a list and urging companies to take action to ban sites that
contain the words and threatening to punish them if they don't has no legal
grounds," stated Yaman Akdeniz, a cyber-rights activist and a law professor
at Istanbul Bilgi University, in a phone interview for the H|rriyet Daily
News & Economic Review.
Akdeniz required information and documents from TIB on several issues in
relation to the list, arguing that such documents were of public interest
according to Article 1 of Law No. 4982 that stipulates "the right to
information according to the principles of equality, impartiality and
openness that are the necessities of a democratic and transparent
government".
Based on Article 5 of the law, "the hosting company is not responsible for
controlling the content of the websites it provides domains to or
researching/exploring on whether there is any illegal activity or not. They
are responsible for removing illegal content when they are informed and
there is the technical possibility of doing so", said the expert.
Following the strong reaction against TIB's action, the authority said the
list had been sent to hosting firms for informatory purposes. However, the
notification letter said the authority would punish companies for not
following its directions to ban domains containing "forbidden words,"
without specifying what kind of punishment it meant.
Devrim Demirel, founder and chief executive officer of BerilTech, said he
had received TIB's letter via an email, which, in his opinion, was neither
ethical nor secure. "Requests with such important implications should be
sent officially to each company's office address, with the respective seal
and signatures," said Demirel who also believes that "banning access to
websites is in itself a censoring service."
Moreover, Demirel warned about the negative technical implications and
expressed his opinion that "the TIB personnel who worked on the issues
related to banning access are not endowed with the necessary technical
knowledge and skills."
The financial implications should be considered as well. Banning access to
certain domains that include the black-listed terms might lead to financial
losses. "There is no guarantee in the existing related legislation that I
will not be asked to compensate the company in such a case," said Demirel.
Pushing things even further, the list does not include only Turkish terms
but also English words because of their meanings in Turkish, such as "pic,"
short for picture, which is banned because it means "bastard" in Turkish or
the past tense of the verb "get" because "got" means "butt" in Turkish.
138 Words Banned from the Internet (29.04.2011)
http://www.bianet.org/english/freedom-of-expression/129626-138-words-banned-...
TIB's 'forbidden words list' inconsistent with law, say Turkish web
providers (29.04.2011)
http://www.hurriyetdailynews.com/n.php?n=tibs-forbidden-words-list-inconsist...
EDRi-gram: Turkey adds popular blogging platform to blocking list
(9.03.2011)
http://www.edri.org/edrigram/number9.5/turkey-blocks-blogger
============================================================
5. Data Retention has arrived in Austria
============================================================
While the Czech Constitutional Court has recently declared the national data
retention legislation unconstitutional, the Legal Services of the German
Bundestag has found it impossible to ensure the legality of the Data
Retention Directive and the European Commission itself still struggles to
prove the necessity and proportionality of the Directive, the Austrian
Parliament adopted on 28 April 2011 the pending regulations necessary for
the implementation of the EU Data Retention Directive in Austria.
In the respective parliamentary session, the Coalition Government primarily
planned to celebrate some new ministers following a government reshuffle
within the conservative party (VVP). However, the debate on the data
retention legislation was set on the agenda later in the evening when the
live TV coverage had already ended. This plan to hide the issue from the
public was evaded by the opposition by raising a so-called objection debate,
i.e. a MP asked for the deletion of the topic from the agenda - an issue
that has to be discussed first.
This means that interested citizens got the chance to follow the hot debate
live on their TV screens: While the opposition again raised concerns about
the compatibility with fundamental rights and accused the ruling parties
(SPV - social democrats and VVP - conservatives) of spying on the citizens,
the government dug their heels in and refused any compromise. Minister of
infrastructure Doris Bures (SPV) - in charge of the necessary amendment of
the telecoms regulations - argued that she was just executing EU provisions
and the implementation was necessary to avoid EU sanctions.
Furthermore, she claimed the implementation of the EU directive would cover
the absolute necessary minimum only. This is true as it regards the
retention period of the collected data which will be limited to six months.
Unfortunately, this is not true at all as it regards the access to the
retained data which is not subject to a judicial decree in all cases. On the
contrary, the amendments of the Austrian Security Police Act and the Code of
Criminal Procedures foresee a wide range of possibilities for the public
prosecution and the Police to access the data pre-emptively e.g. "in case of
an general danger". This broad exemptions have been introduced by the
minister of interior and the minister of justice - both led by members of
the conservative party VVP - and after the public consultation for the draft
law on the telecom-part has been closed.
Simultaneously, the safeguards foreseen are relatively weak and the remedy
provisions are not well established. A fact which was even stated in an
expertise from the legal services of the Austrian Chancellery just a few
weeks ago.
Despite this, the implementation of the Data Retention in Austria was
adopted later the day with the consent of the delegates of the coalition
partners SPV and VVP. The opposition formed by the green party and the two
right wing parties FPV and BZV voted unanimously against the "dishonourable
law".
The Austrian Journalists Association was shocked when they realised that,
seemingly, no exemptions are foreseen for "sensitive professions" such as
journalists, lawyers, hot lines for pastoral or social care, medical care
and the-like. Something the government has promised all the time and used
for the reassurance of the respective interest groups.
By return, the opposition announced to bring the data retention provisions
to the Constitutional Court. Provided three quite diverse proponents from
the green and the right wing side find a consensus in this matter, they
would form at least one third of the delegates. This is the minimum number
that enables MPs to file a constitutional complaint right after the
respective law has passed the parliament and yet before the law enters into
force on 1 April 2012.
If the opposition cannot find an agreement, the civil society is already
raring to go. The Privacy Groups 'Arge Daten', 'AKVorrat' and others have
already signaled that they are willing to file a complaint on the very first
date possible. Unlike to the members of the parliament, citizens have the
possibility to file a complaint against a law only when this law is already
in force and in case they are personally affected by the provisions in
question.
Data Retention passes the Austrian Parliament - Opposition criticises
infringement of fundamental rights (Parlamentskorrespondenz Nr. 408,
28.04.2011, only in German)
http://www.parlament.gv.at/PAKT/PR/JAHR_2011/PK0408/index.shtml?utm_source=twitterfeed&utm_medium=twitter
Austrian Telecom Act - TKG 2003 (only in German)
http://www.parlament.gv.at/PAKT/VHG/XXIV/I/I_01074/index.shtml
Code of Criminal Procedures 1975 and Austrian Security Police Act
http://www.parlament.gv.at/PAKT/VHG/XXIV/I/I_01075/index.shtml
Parliamentary Debate on the implementation of the Data Retention Directive
in Austria (only in German, 28.04.2011)
http://www.youtube.com/watch?v=n7_MS6Bho7Y (1/3)
http://www.youtube.com/watch?v=TkDB-Z039Kk&feature=related (2/3)
http://www.youtube.com/watch?v=AprycbCW-ew&feature=related (3/3)
Expertise from the legal services of the Austrian Chancellery on the
Austrian provisions to implement the EU data retention directive (only in
German, 3.03.2011)
http://www.unwatched.org/files/docs/kritikdatenschutzrat_DiePresse_20110303....
Austria: Data retention adopted, opposition plans to file complaint
http://www.unwatched.org/20110429_VDS_in_Oesterreich_beschlossen
Defending press freedom starts in one's home country - Press release from
the Austrian Journalists Association (only in German, 2.05.2011)
http://www.ots.at/presseaussendung/OTS_20110502_OTS0055/verteidigung-der-pre...
Parliament's decision on data retention not easy to comprehend - Press
release from the Interne Service Providers Austria (only in German,
2.05.2011)
http://www.ots.at/presseaussendung/OTS_20110428_OTS0334/ispa-parlamentsbesch...
EDRi's Shadow evaluation report on the Data Retention Directive (2006/24/EC)
(17.04.2011)
http://www.edri.org/files/shadow_drd_report_110417.pdf
(Contribution by Alice Sedmidubsky - unwatched.org)
============================================================
6. Copyright complaint leads to public domain music library takedown
============================================================
International Music Score Library Project (IMSLP), the largest public domain
music library on the Internet, has been recently taken offline following a
complaint from the UK's Music Publishers Association which convinced
registrar GoDaddy to takedown their website.
The action was brought over a single 90 year-old classical piece by
Rachmaninoff. The UK's Music Publishers Association (MPA) issued a DMCA
(Digital Millenium Copyright Act) takedown notice, not to the IMSLP site,
but to their domain registrar, GoDaddy: "We understand that
Godaddy are the sponsoring registrar for the website IMSLP.org
which makes available unlicensed copyright protected sheet music notation
which is an infringement of copyright. By assisting this website, Godaddy
are liable to pay damages for secondary copyright infringement once notice
of the infringement has been given," said the MPA's notice.
GoDaddy complied right away, seizing IMSLP's domain name and thus taking
them completely offline.
IMSLP reacted immediately, stating that GoDaddy did not first notify the
owner before seizing the domain and explaining why MPA's request was
unsubstantiated. Additionally, its assertion that the work under question
was under US copyright was a lie. IMSLP explained that Rachmaninoff's work
The Bells, Op.35 was a work which "is definitely NOT under copyright in the
USA. It was published in 1920 in full score, parts and vocal score by A.
Gutheil, by then a division of Serge Koussevitzky's Edition Russe de
Musique, headquarted at the time in Berlin, with branch offices in Moscow
and Paris.
As both the composer and the author of the Russian-language translation of
Edgar Allan Poe's public domain text were Russian nationals (who had fled
the Revolutionary government), the work was quite ineligible for protection
under US law and was actually public domain there the minute the first copy
was either sold, rented or offered for sale or rent under the author's
authority."
"There are approximately 180 different laws in force worldwide at present.
It is simply not possible for anyone - not even a major commercial concern
like Amazon - to keep daily track of 180 or more different copyright laws,
each with different exemptions for fair use and other purposes, etc. - many
of which are also frequently subject to changes, from either legislative
amendments or judicial interpretations", explained the site.
Following IMSLP's reaction and threat to sue, MPA withdrew their complaint
from GoDaddy. "While IMSLP encourages open discussion of copyright issues,
we have zero tolerance for underhanded tactics. To MPA's credit, they have
voluntarily retracted their claim. IMSLP will also be working on technical
measures to prevent any future attacks," stated IMSLP representatives.
This time the conflict was solved quite rapidly. In 2007, Universal Edition,
an Austrian music publisher, forced a shut down of the site and it took
IMSPL 9 months of reorganization to recover.
Publishers Force Domain Seizure of Public Domain Music Resource (22.04.2011)
http://torrentfreak.com/publishers-force-domain-seizure-of-public-domain-mus...
IMSLP, Copyright & the MPA (UK)(23.04.2011)
http://imslpjournal.org/imslp-copyright-the-mpa-uk/
Public Domain Website Forced Offline Over Copyright Complaint (21.04.2011)
http://www.zeropaid.com/news/93191/public-domain-website-forced-offline-over...
============================================================
7. The curious case of Internet filtering in Ireland
============================================================
One of the most important developments for freedom of expression online has
been the growth of internet filtering systems, which have rapidly been
adopted by national governments as the "solution" to various forms of
internet wrongdoing. Ireland is no exception to this trend, and last month
it was revealed that the Garda Smochana (the national police force) is now
attempting to introduce a system whereby ISPs would block access to websites
alleged to host child abuse images.
It is somewhat ironic that this news becomes public just as both Germany and
the Netherlands have decided to abandon similar systems, having found that
they are ineffective as a means of tackling child abuse images. Even leaving
aside considerations of effectiveness, however, the proposed Irish system
still presents a number of significant concerns.
A fundamental principle under Article 10 of the European Convention on Human
Rights is that measures which have the effect of restricting freedom of
expression must be "prescribed by law". In this case, however, the Irish
system would not have any legal basis whatsoever, much less any judicial
oversight or control. Instead, it would involve the police in telling ISPs
what domains to block on a "self-regulatory" basis. Consequently, it would
seem on the face of it that the proposed system would violate Article 10.
The European Commission recently reached the same conclusion about
self-regulatory blocking systems (p.30) as did a government study which was
decisive in causing the Dutch blocking system to be abandoned.
A further problem relates to the secret manner in which the government and
the police have attempted to introduce this system. There has been no public
consultation or debate of any kind regarding blocking - instead, information
has only dripped out in response to freedom of information requests and
leaks from ISPs. This is particularly worrying given that (as Lessig points
out) internet filtering is an inherently opaque process, which is prone to
operating in an unaccountable way and to being extended beyond its original
purposes. In the Irish context, the secrecy surrounding the introduction of
filtering doesn't bode well for the future.
The nature of the proposed blocking is also worrying. What Irish police have
suggested is based on the CIRCAMP model, which attempts to block material by
using DNS tampering. In short, the police would notify ISPs to block
example.com or subdomain.example.com and the ISP would then
configure their DNS servers to redirect all attempts to visit any material
hosted on those (sub)domains. The effect would be massive overblocking,
where users would be unable to visit any page hosted on a particular domain,
irrespective of whether it had any connection whatsoever with the blocked
material. Last February, a similar approach in the United States saw over
84,000 innocent websites being wrongfully blocked, and there is no reason to
think that the Irish approach would be any more precise.
Finally, one particularly unusual aspect of the proposals is the way in
which the police seek to introduce monitoring of users. According to the
proposals, where a user attempts to view a blocked domain name, police would
"obtain details of other websites visited by the user, along with other
technical details, in order that [they] can identify any new websites that
require blocking". This, in effect, seeks the full browsing history of
users - whether or not there has been any attempt on their part to view
child pornography! (Bearing in mind that DNS tampering results in massive
overblocking, it is quite likely that a user may have their browsing history
disclosed due to an attempt to visit example.com/innocent_content when the
entirety of example.com has been blocked due to a single image or page
elsewhere in the site.) This raises fundamental privacy and data protection
concerns, particularly given that a user can often be identified by viewing
their browsing history, and has therefore been referred to the Data
Protection Commissioner for investigation.
Given these problems, it must be hoped that these proposals are abandoned.
But quite apart from these particular proposals, it is now also time to look
at the other systems of internet filtering in Ireland that have developed on
an ad hoc basis. In particular, Irish mobile phone companies have been
engaged in self-regulatory blocking for some time, in a manner which
often affects innocent users due to crude DNS systems. Similarly, the
largest Irish broadband provider Eircom recently settled an action brought
by the music industry by (amongst other things) agreeing to block access to
The Pirate Bay and "related domain names". These systems have developed
without any real public scrutiny or oversight and it is time to consider the
effect which they have on users, whether they are subject to adequate
transparency and oversight mechanisms and whether or not they are effective
at achieving their goals.
Garda plans to introduce web blocking in Ireland (29.03.2011)
http://www.digitalrights.ie/2011/03/29/garda-plans-to-introduce-web-blocking...
Governmental filtering of websites: The Dutch case (2009)
http://cli.vu/pubdirectory/363/manuscript.pdf
Garda plans for web blocking referred to Data Protection Commissioner
(29.03.2011)
http://www.digitalrights.ie/2011/03/29/garda-plans-for-web-blocking-referred...
An Object Lesson in Overblocking (17.02.2011)
http://www.cdt.org/blogs/andrew-mcdiarmid/object-lesson-overblocking
Original article: The curious case of internet filtering in Ireland
(11.04.2011)
http://www.tjmcintyre.com/2011/04/curious-case-of-internet-filtering-in.html
(contribution by TJ McIntyre - EDRi-member Digital Rights Ireland)
============================================================
8. French Digital Council with no representative from Internet users
============================================================
On 27 April 2011, French President Nicolas Sarkozy officially installed the
National Digital Council (Conseil national du numirique - CNN) which is to
advise the French government on digital issues. Among the 18 personalities
belonging to the newly established body, there is no representative of
Internet users but only of private companies.
On the occasion of the establishment of the council, Sarkozy seemed to want
to reconcile the Internet by recognizing some errors related to the
most criticised Hadopi and Loppsi laws.
However, this impression was soon after clarified as Sarkozy's
statements were meant to justify the creation of CNN "useful at the time of
the elaboration of the two laws having instituted (...) to formalize even
more the dialogue between the economy actors and the Internet." The
president had no intention of amending these laws which, in his opinion, are
the best tools to defend copyright.
Furthermore, while CNN was created to advise and give recommendations to the
government for "the development of the Internet in France" and in order "to
avoid past errors", it has come up that, actually, the decree on the
creation of CNN, which deviates from the original recommendations drafted by
Pierre Kosciusko-Morizet, shows a significant decrease of its powers. The
government has decided to limit the role of the body by refusing to
systematically consult it in all draft texts in the digital area.
The decree says that "the National Digital Council has the mission to
enlighten the government and to participate in the public debate in the
digital domain" and therefore, it can be "consulted by the government in any
legislative and regulation draft measures susceptible of having an impact on
the digital economy".
The council will however be able to make its recommendations and will draft
an annual activity report that will be submitted to the President of the
Republic, the Prime Minister and the minister in charge of the digital
economy. The report will not be seen by the Parliament, as it was
recommended in Pierre Kosciusko-Morizet's report.
The decree has raised serious criticism particularly as the council members
include no representation from civil society. Jirimie Zimmermann, co-founder
and spokesperson of La Quadrature du Net considers CNN, "one more machine
where the citizens are not even represented" and which "will never be
legitimate".
The Council officially gathered on 27 April 2011 when its 18 members elected
Gilles Babinet, founder of Musiwave, as its president.
Sarkozy answered the critics arguing that the consumers have their own
authorities and gave assurances as to CNN's independence. On this occasion,
the opposition has again reacted and asked once more for the abrogation of
the infamous Hadopi laws. Meanwhile, Hadopi authority continues its
graduated response activities passing to the second phase of the operation.
The National Digital Council forgets about the Internet users (only in
French, 27.04.2011)
http://www.01net.com/www.01net.com/editorial/532070/le-conseil-national-du-n...
Nicolas Sarkozy comforts Hadopi but recognises errors (update) (only in
French, 28.04.2011)
http://www.01net.com/editorial/532061/nicolas-sarkozy-conforte-hadopi-mais-r...
CNN will not be systematically consulted by the government (only in French,
30.04.2011)
http://www.numerama.com/magazine/18664-le-cnn-ne-sera-pas-consulte-systemati...
No representative of the public at the National Digital Council (update only
in French, 27.05.2011)
http://www.numerama.com/magazine/18605-aucun-representant-du-public-au-conse...
============================================================
9. BitTorrent site blocked by Italian court
============================================================
On 21 April 2011, an Italian court ordered all Italian ISPs to block the
BitTorrent search website BTjunkie considered by the public prosecutor as
one of the most prominent havens for pirated media. BTjunkie IP addresses
and its domain name were to be made inaccessible by all Italian ISPs by
blocking users' access to the site.
The court order follows an investigation by the Guardia di Finanza (GdF),
the Italian police body responsible for cybercrime. The authorities claim
that BTjunkie was one of the most frequently visited BitTorrent sites in the
country and blame the BitTorrent site for the failure of the Italian
pay-per-view TV-station Dahlia TV, which had to close down in March 2010 due
to financial problems.
This comes after the permanent blocking of The Pirate Bay in 2010 after a
long legal action started in 2008. Although The Pirate Bay won an appeal
with the Court of Bergamo which ruled that no foreign website could be
censored for alleged copyright infringement, the Supreme Court reviewed the
case and ruled that ISPs could be forced to block BitTorrent sites, even if
they were not hosted in Italy or operated by Italian citizens.
Therefore, according to the decision by the Supreme Court, sites offering
torrent files linking to copyrighted material are considered as being
engaged in criminal activity .
"I'm disappointed with the Italian judicial system. We will do our best to
fight for Italian people's right to communicate. At the moment I can suggest
to try any of the other popular torrent sites and checking TorrentFreak
later for an update on alternative methods for accessing BTjunkie from
Italy", stated BTjunkie's owner to TorrentFreak who also stated he did not
intend to appeal the decision.
Yet, very soon after the court decision has been made public, a new and
ad-free proxy site, proxyitalia.com, was launched allowing
Italians to browse an uncensored web and access BTjunkie, as well as The
Pirate Bay.
This only shows the futility of blocking actions. Hundreds of thousands of
Italian BitTorrent users still use The Pirate Bay website against the
national blocking order and there are dozens of other options.
Italian Court Orders All ISPs to Block BTjunkie (21.04.2011)
http://torrentfreak.com/italian-court-orders-all-isps-to-block-btjunkie-1104...
BTJunkie - access blocked (only in Italian, 22.04.2011)
http://punto-informatico.it/3140477/PI/News/btjunkie-accesso-inibito.aspx
Internet: operation of the Financial Guard against piracy (only in Italian,
21.04.2011)
http://www.ansa.it/web/notizie/regioni/sardegna/2011/04/21/visualizza_new.ht...
BTjunkie Starts Proxy to Bypass Italian Blockade (25.04.2011)
http://torrentfreak.com/btjunkie-starts-proxy-to-bypass-italian-blockade-110...
============================================================
10. Privatised enforcement series D: Anatomy of a self-regulation proposal
============================================================
How does it happen that an industry or a sector of industry signs up
"voluntarily" to arbitrarily punish their consumers and to restrict freedom
of speech? One of the most interesting and telling examples is the ongoing
"public/private dialogue to fight online illegal activities".
In November 2009, the European Commission Directorate General for Justice
Liberty and Security (the relevant units are now part of DG Home Affairs)
invited a variety of Internet companies (but no civil society
representatives) to a meeting to discuss, in very vague terms, the issue of
illegal content online - concentrating on child abuse, terrorism and
racism/xenophobia. In that meeting, no particular problem was identified
that needed to be solved and various existing approaches were presented to
fight such content.
At that meeting, the European Commission offered to prepare draft
recommendations to form the basis of future discussions. This text would
formally be the Commission's "understanding" of industry's views and not,
legally speaking, a proposal from the Commission. As a result, the
Commission's proposals would not need to go through either any internal
approval systems in the Commission or, being a non-legislative proposal,
through the Council of the EU or European Parliament. This loophole permits
the Commission to make proposals to industry informally, but with the threat
of legislation permanently in the background.
The Commission subsequently produced the set of recommendations (see link
below), which listed a variety of circumstances where "Internet providers"
could "remove or disable access" to content, without any judicial oversight
and without any clear obligations for public authorities to act against the
criminally illegal content - a public/private dialogue where the public has
to do nothing and the private does everything, outside the democratic
process and the rule of law.
The Commission then organised another meeting in May 2010, at which EDRi
asked to participate. During that meeting, EDRi repeatedly asked for
information on what specific problems with illegal content hosted in Europe
had been identified that this project sought to address. No response was
forthcoming. Industry participants echoed this call and asked why, if the
Commission is only talking about hosting providers, it did not make
reference to hosting providers rather than "internet providers" in its
proposed text. No answer was forthcoming. At the end of that event, the
Commission promised to take the concerns into account and to produce a
revised set of recommendations. Meanwhile, EDRi and the European ISP
Association (EuroISPA) prepared a joint letter explaining the minimum
requirements to be respected.
In December 2010, another draft recommendation set was put forward by the
Commission, which was virtually identical to the one in May. A day-long
meeting was organised where the same questions were asked by EDRi and by
industry, with the Commission again failing to provide any information
regarding the nature of the problem that the process was supposed to solve.
After the meeting, EDRi joined with both EuroISPA and the European Telecoms
Networks Operators Association (ETNO) to again put the concerns and demands
of both civil society and industry in writing. Six months later, the only
response that the letter has received is that it would not be answered
before June.
This whole process has been a solution in search of a problem, exploiting a
loophole where individual services in the Commission can make proposals of
major importance to freedom of communication without any bureaucratic or
democratic oversight using the pretence that they are not Commission
proposals at all.
EDRi/EuroISPA letter (07.09.2010)
http://www.edri.org/files/090710_dialogue_NTD_illegal_content_EuroISPA-EDRI....
Commission recommendations (last 4 pages are relevant)
http://www.edri.org/files/Draft_Recommendations.pdf
(contribution by Joe McNamee - EDRi)
============================================================
11. ENDitorial: Defending the Open Internet
============================================================
At an event organised by Brussels think-tank Security and Defence Agenda,
EDRi's advocacy coordinator debated freedom and security online with:
- Robert Madelin, Director General of DG Information Society of the
European Commission,
- Erika Mann, Member of the Board of ICANN and Vice President of the
Computer and Communications Industry Association,
-Suleyman Anil, Head of the Cyber Defence Section of NATO.
This is EDRi's opening speech:
Thank you for the invitation to speak this evening on a topic that is of
major importance to free speech, innovation and the economy.
The topic for discussion this evening is vast - so I will restrict myself to
just six words from the programme - "cooperation between public and private
actors".
The security of our fundamental rights is at risk when our activities are
regulated by commercial whims. The security of the Internet as an asset for
the global economy is at risk by the creation of virtual borders as
disproportionate responses to new problems.
Ultimately, faced with unwanted behaviour online, there are only three
options: accommodate it, address the unwanted activity itself or break the
Internet.
Or rather, break what gives the Internet its value.
The Internet is of such value for the fundamental rights and the economy
because of its openness - a true single market without border guards and
iron curtains. This maximises the potential for communication and allows
anyone to invent the next big thing. We cannot and must not destroy this
openness simply because it is exploited by criminals.
Every effort at regulation creates borders. Every move to devolve policing
activities to internet providers, domain name registrars, IP address
registries or whoever drops another rotten apple into the barrel of free
and open networks.
DG HOME of the European Commission and the FBI are working globally and
domestically to recruit private internet operators like Wild West
vigilantes - literally every single intermediary in the value chain of the
Internet is being pressed into extra-judicial service. It is only the very
core of the internet itself that has not yet been press ganged into service.
Only yesterday we discovered that the Council of Ministers is discussing the
creation of a cyber "Chinese Wall" around Europe. This is far removed from
the insightful statement in the recent European Commission Communication on
net neutrality that "the internet owes much of its success to the fact that
it is open and easily accessible."
Sadly, therefore, the Egyptian "kill switch" is nothing more than the end of
the continuum that Europe and US are already rushing along. We are not there
yet, but this is the path and this is the danger.
And much of this regulation is in response to complaints from industries
that are out of step with the digital world. They are out of step with the
digital world and, instead of adapting, they demand that the world move to
their beat.
What few people realise is that this whole scenario has already happened. In
the early nineties, some countries banned Internet telephony and filtered it
out of their networks.
The result was a dream scenario for criminals, who exploited the high prices
of the monopolies, smuggling voice calls over unlicenced dedicated lines and
unlawfully hooking them into the national telephone network.
Then, along came Skype, with automatic encryption, the regulation became
pointless and was repealed and all of the efforts to stop time to the
benefit of fat old monopolies had failed. Business had lost out due to lack
of competition. Citizens had lost out to high prices. Monopolies lost out by
not being challenged to adapt to technological reality. Only the criminals
won - bad regulation is oxygen for criminals and poison for fundamental
rights.
Nowadays, it would be absurd to suggest a ban on Internet telephony -
although some mobile operators would disagree. All fixed operators now
accommodate Skype. They now make money from receiving calls generated on
Skype. They have innovated, finally moved with the times and now exploit
rather than seek to destroy the core value of the Internet.
If the same issues arose today, there would be demands for Skype.com to be
blocked, deep packet inspection to search for Skype data packets. And
Europol would be asking for public education campaigns to warn consumers
about the links of internet telephony to organized crime.
After all, there was organised crime involvement in internet telephony,
which means that all countermeasures are justified. A vicious circle of bad
regulation leading to criminality leading to the excuse to maintain and
re-enforce the bad legislation.
Now the outdated industry is the content industry. And we are faced with
ever-more damaging enforcement measures for laws which are so utterly
illegitimate in the eyes of citizens that infringements are, in the words of
the European Commission, "ubiquitous".
Not that the content industry is alone - the same phenomenon is repeated to
protect national gambling monopolies and tax receipts from national gambling
operators. And all too often online child abuse is abused to push through
policies that, while being useless for fighting child abuse, are
subsequently recycled for commercial purposes.
Because of this, policing the edge of the network has become more difficult.
Slowly but surely, the enforcement measures are moving deeper into the
network, first pushing Internet providers to police their own consumers and
now, increasingly, using the structure of the Internet itself to vainly try
to fight infringements created by illegitimate law.
And again we are faced with filtering, again we are faced with blocking of
websites and again regulators seek to accommodate rusty old industries.
The good news is that it is possible to have a public electronic
communications network that has no copyright infringements
- We had it with AOL, whose closed walled garden approach was unable
to compete with the openness, flexibility and innovation of the Internet
- We had it with CompuServe, whose closed walled garden approach also
could not survive the Internet's openness,
- We had it with Minitel, which proved that a network where the
telecoms company has full control of access to its customers is
uncompetitive and can only fail.
Excessive, badly targeted and counter-productive regulation is the biggest
security threat that the citizens and the online economy faces.
We must work together to defend the open internet.
We must work together to support legislation that demands innovation rather
than facilitating stagnation.
We must work together to defend the rule of law, faced with efforts to put
our freedoms in the unwilling hands of internet intermediaries.
(contribution by Joe McNamee - EDRi)
============================================================
12. Recommended Action
============================================================
Europeana will organise a series of hackathons to showcase the potential of
the API usage for data providers, partners and end-users. The hackathons are
informal workshops bringing together competent and enthusiastic software
developers to build cool projects within a day or two (sketches, prototypes,
even working applications).
Europeana and partner institutions are organising simultaneous hackathons in
4 European countries (UK, Sweden, Poland, Spain) in the week 6 - 11 June
2011
http://version1.europeana.eu/web/api/hackathons
============================================================
13. Recommended Reading
============================================================
English translation of the Czech Constitutional Court data retention
decision
http://www.edri.org/files/DataRetention_Judgment_ConstitutionalCourt_CzechRe...
Impossible to Ensure Legality of EU Communications Data Retention
Directive Says German Parliament (26.04.2011)
http://www.vorratsdatenspeicherung.de/content/view/446/79/lang,en/
============================================================
14. Agenda
============================================================
5-6 May 2011, Milan, Italy
The European Thematic Network on Legal Aspects of Public Sector
Information - public conference
http://www.lapsi-project.eu/milan
17-18 May 2011, Berlin Germany
European Data Protection Reform & International Data Protection Compliance
http://www.edpd-conference.com
30-31 May 2011, Belgrade, Serbia
Pan-European dialogue on Internet governance (EuroDIG)
http://www.eurodig.org/
2-3 June 2011, Krakow, Poland
4th International Conference on Multimedia, Communication, Services and
Security organized by AGH in the scope of and under the auspices of INDECT
project
http://mcss2011.indect-project.eu/
3 June 2011, Florence, Italy
E-privacy 2011 and Big Brother Awards 2011
http://e-privacy.winstonsmith.org/
4-5 June 2011, Bonn, Germany
PolitCamp 2011
http://11.politcamp.org
12-15 June 2011, Bled, Slovenia
24th Bled eConference, eFuture: Creating Solutions for the Individual,
Organisations and Society
http://www.bledconference.org/index.php/eConference/2011
14-16 June 2011, Washington DC, USA
CFP 2011 - Computers, Freedom & Privacy
"The Future is Now"
http://www.cfp.org/2011/wiki/index.php/Main_Page
11-12 July 2011, Barcelona, Spain
7th International Conference on Internet, Law & Politics (IDP 2011): Net
Neutrality and other challenges for the future of the Internet
http://edcp.uoc.edu/symposia/lang/en/idp2011/?lang=en
24-30 July 2011, Meissen, Germany
European Summer School on Internet Governance 2011
Applications open until 15 May 2011
http://www.euro-ssig.eu/
============================================================
15. About
============================================================
EDRi-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRi has 28 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRi-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and are visible on
the EDRi website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/
Newsletter editor: Bogdan Manolea