============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 9.11, 1 June 2011 ============================================================ Contents ============================================================ 1. Battle over Passenger Data is heating up 2. UN report examines online censorship 3. European IP policy is crippling the European digital economy 4. G8 and e-G8 Summit on Internet freedom 5. EDPS: Data Retention Directive fails to meet data protection requirements 6. Finland: Blocking of domestic websites ruled illegal 7. Internet FoE: How should Europe battle online censorship? 8. MEPs approve body scanners on airports on a voluntarily basis 9. OSCE findings on Estonian e-voting 10. Internet governance dialogue in Belgrade 2011 11. Recommended Action 12. Recommended Reading 13. Agenda 14. About ============================================================ 1. Battle over Passenger Data is heating up ============================================================ In late May 2011, the new draft agreements on the transfer and retention of air passenger data between the EU and the United States and Australia respectively have leaked to the public. The re-negotiation of the agreements from 2007, which have since then been provisionally applied, had become necessary after the European Parliament refused to vote on them in May 2010. The new agreements do not substantially improve the situation with regards to the old ones. They both require that data of air passengers is transferred to public authorities (DHS in the US, Customs and Border Protection in Australia) ahead of a flight; they allow for profiling, i.e. the use of data for sorting assengers into risk categories based on pre-defined and secret criteria without an initial suspicion or criminal lead; and they allow for retention of the data up to 5.5 (Australia) and 15 (US) years. There are also provisions for onward transfer of the data to third agencies and countries. The agreement with the US met heavy criticism both among EU member states as well as among Members of the European Parliament, and provoked an emergency reaction from the UK Justice secretary as well as the US ambassador to the EU. At the moment, there are talks with the negotiator (DG Home Affairs of the European Commission) to re-open the text, though improvements have been made very unlikely by a recent resolution of the US Senate that rejects European privacy demands. The agreement with Australia is less prominent, but still highly relevant. There is a small blocking minority in the Council, consisting of Germany, France, Belgium, Czech Republic, Ireland, Austria and Portugal, that is mainly concerned about the provisions on transfer to third countries, and sometimes about the retention periods (Germany, France). The Commission is not willing to re-negotiate, though. The Council of Justice and Home Affairs Ministers on 9th/10th June might overcome the blocking minority and the parliamentary reservations from some countries, and adopt the agreement. At the moment, a veto in the European Parliament is unlikely. In the worst case, the Australia agreement may be concluded before the summer break and open the floodgates for other such agreements, and for the first time accepting profiling and preventive policing. Privacy activists from EDRi members Mensenrechten.be, Digitale Gesellschaft and FoeBuD, as well as from EDRi observer AK Vorrat and other groups, met in Brussels from 27th to 30th May to do a legal, technical and political analysis, coordinate their short-term work and plan for long-term collaboration with others. A mailing list will be set up shortly. Comprehensive PNR Wiki by AK Vorrat http://wiki.vorratsdatenspeicherung.de/Passenger_Name_Record EDRi: Commission plans to present flawed, illegal PNR proposal as "fait accompli" (23.05.2011) http://www.edri.org/_illegal_PNR EC COM(2011) 280 final - Proposal for a Council Decision on the signature of the Agreement between the European Union and Australia on the processing and transfer of Passenger Name Record (PNR) data by air carriers to the Australian Customs and Border Protection Service (19.05.2011) http://www.statewatch.org/news/2011/may/eu-com-pnr-australia.pdf EU Council Document 10453/11 - Draft Agreement between the United States of America and the European Union on the use and transfer of Passenger Name Record data to the United States Department of Homeland Security (20.05.2011) http://www.statewatch.org/news/2011/may/eu-usa-pnr-agreement-20-5-11-fin.pdf The Guardian: US to store passenger data for 15 years (25.05.2011) http://www.guardian.co.uk/world/2011/may/25/us-to-store-passenger-data ============================================================ 2. UN report examines online censorship ============================================================ The right to seek, receive and impart information, and the right to express oneself freely - rights which enable the exercise of a range of other human rights - are increasingly being limited by impediments in online communications, according to a report by the United Nations Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression, Frank La Rue. EDRi took part in an expert group that supported the Special Rapportur's preparation of the report, which looks at prevailing tendencies in global online freedoms. It will be submitted to the UN Human Rights Council this week. The report draws attention to mounting evidence that international Internet-related policy and domestic regulations are failing to recognise and respond appropriately to the changing makeup of public space in which free speech is exercised. It reminds governments of their positive obligation to protect these rights in a digital environment, denouncing the surge in measures criminalising legitimate online expression. Some of the findings include inadequate data protection and a "worrying trend of States obliging or pressuring private actors to hand over information of their users". It also reminds members of the international community that the States' responsibility to protect the rights of users also entails a duty to investigate and prosecute the perpetrators of cyber-attacks directed at the websites of organizations and individuals documenting government abuses. Expressing "deep concern" about the growing number of laws that are enabling monitoring, filtering and control of online content, the Special Rapporteur concludes that these are often largely out of synch with their purported aims. Increasingly sophisticated means of blocking content deemed to be illegal are being introduced and implemented without the involvement of an impartial regulatory body or a court order. Appropriate safeguards against abuse and the means to challenge unwarranted interference were also often found to be absent. This situation may result in the censorship of a considerable amount of legal online material. The report also raises a number of important issues concerning intermediary liability, identifying some of the serious implications of offering the private sector "unprecedented influence over individuals' right to freedom of expression and access to information." "Holding intermediaries liable for the content disseminated or created by their users severely undermines the enjoyment of the right to freedom of opinion and expression, because it leads to self-protective and over-broad private censorship, often without transparency and the due process of law." While praising legislative measures such as those introduced in Chile and soon to be adopted in Brazil which clarify the legal position of intermediaries, and welcoming provisions which limit their liability (as in the case of "safe harbour" provisions in the US and E-Commerce Directive guarantees in the EU), the Rapporteur admonishes attempts to pressure third parties into complying with special interests, expressing "alarm" at proposals to disconnect users based on accusations of violations of intellectual property or other rights. These include efforts to penalize alleged offenders by suspending their Internet services through laws based on the idea of "three strikes" or "gradual response" - laws which are currently in force in France. The report concludes with recommendations, the majority of which are directed at governments, calling for intensified efforts to ensure that international human rights obligations are being met. It also addresses commercial actors with a warning to be consistent with their responsibilities, urging them to "continuously review the impact of their services and technologies on the right to freedom of expression of their users". It is not at all clear how the struggle to maintain Net neutrality will unfold, but the potential for creeping restrictions which protect business and State interests rather than those of citizens, and the weighty implications of this trend are becoming increasingly obvious. The preservation of open and free "virtual public spaces" will ultimately depend on the extent to which its beneficiaries are prepared to involve themselves in a much more vigorous debate about the way that Internet governance will be shaped. UN Report http://www2.ohchr.org/english/bodies/hrcouncil/docs/14session/A.HRC.14.23.pd... ============================================================ 3. European IP policy is crippling the European digital economy ============================================================ European policy makers are strangling the digital economy, hurting consumers and putting Europeans' fundamental rights at risk, according to a report into the failures of IP policy making in Europe, published by EDRi on 24.05.2011. The report sets out how the EU has been making policy "blind", building its strategies on faith not fact and ignoring objective, robust evidence. The report sets out a series of proposals that would add up to a radical change of direction for EU IP policy. Following them would see Europe maximise the value that society can get from works covered by intellectual property at the same time as sustaining flourishing creative industries. The result would be a boost to the EU economy, an improved environment for creators, innovators and consumers, and a safeguarding of fundamental rights of European citizens. The report recommends that the EU: - Harmonise exceptions to copyright to create legal certainty across the EU about the permitted uses of works covered by IP; - Establishes pan-European licensing arrangements as a matter of priority, and tie future enforcement policy to the successful development of such proposals; - Abandons repressive enforcement measures that would materially damage people's fundamental rights; - Establishes a moratorium on the exporting of repressive IP enforcement to third countries; - Makes a firm commitment to robust, objective evidence and re-evaluation of policy on the basis of it. IPRs play an important role incentivising and rewarding creativity and innovation. But the report argues that these benefits are now being outweighed by IPRs' damaging effects on the creation and dissemination of culture and technological innovation, and on fundamental rights such as privacy and freedom of expression. EDRi advocacy coordinator Joe McNamee said: "Policy makers face a choice. They can enable a radical expansion of society's ability to access the world's trove of information, culture and knowledge. Or they can unnecessarily prevent a wide range of valuable activities from taking place and, for no sound reason, pursue repressive enforcement measures that cripple the democratising potential of new technology. Currently the EU is choosing the latter. This report argues forcefully for a change of track to embrace new technology and the best of what it offers." EDRi Report http://www.edri.org/files/IPR_shadowreport_110523.pdf ============================================================ 4. G8 and e-G8 Summit on Internet freedom ============================================================ The results of the 37th edition of the G8 Forum that took place in Deauville, France on 26-27 May 2011 and of the e-G8 meeting on Internet issues organised by the French Presidency immediately before, are sending a mixed message, on the one hand recognizing the "openness, transparency and freedom of the Internet" and on the other hand announcing the "commitment to ensuring effective action against violations of intellectual property rights in the digital arena, including action that addresses present and future infringements." The civil society, represented by a large number of groups and associations, including EDRi, sent a statement, before the e-G8 and G8 meetings, urging the G8 Member States to "publicly commit to expanding internet access for all, combating digital censorship and surveillance, limiting online intermediary liability, and upholding principles of net neutrality. Additionally, a petition was launched by digital rights group Access - G8: Protect the Net! - calling on the leaders of the Group of 8 to commit to citizen-centred internet policies, which was signed by internet users from over 100 countries. The concerns were mostly related to the continuous tendencies of the governments to limit the freedom of the Internet for political or economical reasons. "Many G8 countries are actively pursuing policies that would similarly seek to restrict and control access; (...) the increase of restrictive policies in both the developed and developing world is a regressive and deeply worrying trend," reads the statement which also showed concern related to the lack of representation of the civil society at the e-G8 and G8 meetings as the invite list was mostly limited to representatives of governments and corporate leaders. During the e-G8 forum, which was meant to prepare the issues related to the Internet for the G8 summit, the civil society representatives such as Jirimie Zimmermann, co-founder of La Quadrature du Net, and John Perry Barlow, co-fonder of the Electronic Frontier Foundation and author of the Declaration of the Independence of Cyberspace, also tried to voice these concerns. Access, together with Zimmerman, staged an ad-hoc counter-forum civil society press conference at the e-G8. Zimmerman led a panel of experts including Harvard scholars Lawrence Lessig and Jochai Benkler, US journalist Jeff Jarvis, former board member of ICANN Susan Crawford and Secretary-general of Reporters without Borders Jean-Francois Julliard, who collectively expressed their disappointment over the lack of adequate civil society representation as well as the direction of the discussions. "The free Internet must be defended before thought is given to regulating content," said Julliard, "The priority for G8 governments should be defending the Internet." The Declaration on "Renewed Commitment for Freedom and Democracy" released at the end of the G8 summit, includes 19 paragraphs on the Internet and related issues and confirms to some extent the concerns expressed by the civil society. The Declaration commits to defending intellectual property rights rather than human rights such as the freedom of expression: "Regarding the protection of the intellectual property, especially copyrights, trade marks, commercial secrets and patents, we recognise we must establish legislation and national frameworks to improve this aspect. That is why we reaffirm our commitment to take firm measures against the violations of the intellectual property rights within the digital space, especially by procedures enabling the prevention of present and future infringements." The human rights organisation, Article 19, believes the Declaration has failed to recognise the protection of human rights "as a core principle above all others", having included it within a framework "to be balanced with rule of law and protection of intellectual property." In the groups' opinion, the Declaration ignores several international human rights treaties, while endorsing restrictions on Internet speech "by increasing enforcement of intellectual property such as through the controversial Anti Counterfeiting Trade Agreement (ACTA) and domestic "three-strikes laws" which fail to fully recognise - and often violate - the right to freedom of expression." Civil Society Statement to the e-G8 and G8 http://letter.accesslabs.org/Civil%20Society%20Statement%20to%20the%20eG8-fi... G8 Declaration - Summit of Deauville - May 26-27, 2011 http://www.g20-g8.com/g8-g20/g8/english/live/news/renewed-commitment-for-fre... G8-The Deauville Declaration on Internet Fails to Recognise Importance of Human Rights Including Freedom of Expression (28.05.2011) http://www.i-policy.org/2011/05/g8-the-deauville-declaration-on-internet-fai... eG8 Forum: Speeches by Jirimie Zimmermann & John Perry Barlow (partially only in French, 24-25.05.2011) http://www.waebo.com/eg8-discours-de-jeremie-zimmermann-john-perry-barlow.ht... The Counter-forum Civil Society Press Conference, May 25 @ e-G8 http://vimeo.com/24218524 Civil Society Petition - G8: Protect the net! https://www.accessnow.org/page/s/g8-protect-the-net Access Blog: World Rallies to Save the Internet from G8 https://www.accessnow.org/policy-activism/press-blog/world-rallies-to-save-t... ============================================================ 5. EDPS: Data Retention Directive fails to meet data protection requirements ============================================================ Peter Hustinx, the European Data Protection Supervisor (EDPS) adopted, on 31 May 2011, an opinion on the European Commission's Evaluation Report on the Data Retention Directive submitted on 18 April 2011 to the Council and the European Parliament. The EDPS has several times expressed his concerns related to the necessity for retaining data on such a large scale in view of the rights to privacy and data protection and has called for a clear demonstration that such a measure is necessary and proportionate. On the basis of the Commissions' Evaluation Report, the EDPS has drawn the conclusion that the Data Retention Directive does not meet the requirements set out by the rights to privacy and data protection, primarily because the necessity for data retention has not been sufficiently demonstrated. Hustinx also believes that data retention could be regulated in a less privacy-intrusive way and that the Directive lacks foreseeability. "Although the Commission has clearly put much effort into collecting information from the Member States, the quantitative and qualitative information provided by the Member States is not sufficient to draw a positive conclusion on the need for data retention as it has been developed in the Directive. Further investigation of necessity and proportionality is therefore required, and in particular the examination of alternative, less privacy-intrusive means" says the EDPS. Also, in Hustinx's opinion, the present Directive leaves too much room for Member States to decide on the purposes for which the data may be used, on who can access the data and under which conditions. Therefore, the EDPS calls on the Commission to seriously consider "all options in the impact assessment including the possibility of repealing the Directive". An eventual future data retention directive should be considered only if the necessity of data retention, "supported and regulated by the EU, could be sufficiently demonstrated, which includes a careful consideration of alternative measures." The respective directive should be exhaustive (with a clear and precise purpose), proportionate (without going beyond what is necessary), comprehensive and should "genuinely harmonise rules on the obligation to retain data, as well as on the access and further use of the data by competent authorities." EDPS - Press Release (31.05.2011) http://europa.eu/rapid/pressReleasesAction.do?reference=EDPS/11/6&format=HTML&aged=0&language=EN&guiLanguage=en Opinion of the European Data Protection Supervisor on the Evaluation report from the Commission to the Council and the European Parliament on the Data Retention Directive (31.05.2011) http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consul..., EDRi-gram: Top 10 misleading statements of the European Commission on data retention (20.04.2011) http://www.edri.org/edrigram/number9.8/data-retention-evaluation EDRi-gram: Data retention in EU Council Meeting (18.05.2011) http://www.edri.org/edrigram/number9.10/data-retention-eu-council ============================================================ 6. Finland: Blocking of domestic websites ruled illegal ============================================================ The Helsinki Administrative Court has ruled that domestic websites may not be placed on the secret blocking blacklist maintained by the police. This is the latest turn in a long legal fight by Finnish activist Matti Nikki, whose website lapsiporno.info (translates as "childporn.info") was put on the secret blacklist in February 2008 and has remained on the list ever since. The Finnish blocking blacklist is based on a law passed in 2006 that allows the police to create and maintain a secret list of websites in order to prevent access to child pornography on foreign websites. The blacklist is distributed to Internet service providers (ISPs), who may direct attempts to access blacklisted sites to a page which says access is blocked due to the child pornography blocking list. Using the secret blacklist is optional for ISPs, but the Communications Minister at the time, Suvi Linden, made public statements in 2008 that if the ISPs did not start using the list voluntarily, it would be made mandatory. After an initial wave of adoption, the list has been silently falling into disuse. Nikki criticized the secret blacklist vocally, and discovered a large part of the secret list by trying to load websites that he found links to. When he published the list of websites he had discovered to be blocked, police accused him of distributing child pornography and eventually put his website on the secret blacklist. One of Nikki's findings was that the top five Google search results for "gay porn" were all blacklisted, even though there was nothing related to children on the sites. Other brilliant highlights from the secret blacklist include www.w3.org (yes, the World Wide Web Consortium!) and the memorial page of a deceased Thai princess. An officer of the Central Criminal Police famously quipped "Google is a browser" when asked why Google is not blacklisted even though its search results contained the same links for which Nikki's pages were placed on the blacklist. Nikki appealed to the Administrative Court about his website being on the secret blacklist. The Administrative Court ruled in May 2009 that it was not possible to complain about being on the blacklist. Nikki appealed to the Supreme Administrative Court, which ruled in September 2010 that indeed it was possible to complain about being on the list and thus cleared the way for complaints by Nikki and others who thought their sites had been put on the list without a valid basis. The case was returned to the Administrative Court, which has now ruled that domestic sites may not be placed on the list. However, the court did not rule on whether Nikki's site could be blocked if it were abroad. Thus, legal uncertainty continues as to precisely what kinds of websites may be blocked. One of the three judges filed a dissenting opinion to the ruling. In his view, lapsiporno.info is circumventing the law by "distributing foreign child porn via a website in Finland". Nikki's site does not in fact distribute child pornography in any way. It only contains domain names from the secret blocking list, all of which appear to host legal content. Out of nearly a thousand domain names that Nikki found to be on the blocking list, only a dozen seemed to contain illegal content and Nikki withheld them from the list on his website. Nikki has instead reported actual child porn websites to the police himself - only to find them still online a year later as they turned up on the police's blacklist. Nikki has also analysed child porn distribution mechanisms and suggested methods for attacking the phenomenon, but these have fallen on deaf ears. Chasing criminals in "inaccessible" countries such as USA, UK and continental Europe might entail real work - it seems easier to just sweep the criminal activity under a carpet. The Administrative Court held that Nikki had to pay his own legal fees, because "since the law is unclear, inclusion of his website on the blacklist cannot be seen to have resulted from an error by the authorities". This sends a message that complaining about actions of authorities, even if they acted against the law, will be expensive for a citizen. Nikki is again considering an appeal to the Supreme Administrative Court. At the same time, IFPI Finland has started a court process to block The Pirate Bay at ISP level, which would - if successful - create a new category of blocked sites. The court ruling (only in Finnish) http://effi.org/e/lapsiporno.info-hao-2011.pdf HS.fi: IFPI Finland orders Elisa internet service provider to prevent its clients from accessing Pirate Bay website: http://www.hs.fi/english/article/IFPI+Finland+orders+Elisa+internet+service+... IFPI Press Release (only in Finnish) http://antipiracy.fi/ajankohtaista/217/suomalaiset-musiikkituottajat-haastav... EDRi-gram: Finland: Complaints not allowed for the Police child-porn censorship list http://www.edri.org/edri-gram/number7.12/lapsiporno-trial-finland EDRi-gram: ENDitorial: Finnish web censorship http://www.edri.org/edrigram/number6.4/finland-web-censorship (Contribution by Timo Karjalainen- EDRi-member Electronic Frontier Finland (Effi)) ============================================================ 7. Internet FoE: How should Europe battle online censorship? ============================================================ On 23 May 2011, there was an event in the International Press Centre in Brussels, hosted by ECIPE. Participants in the event were Erika Mann (Executive Vice President, CCIA; Board Member, ICANN), William Echikson (Head of Free Expression, EMEA, Google), Marietje Schaake (Member of the European Parliament, the Netherlands), Hosuk Lee-Makiyama (Director, ECIPE), Uri Rosenthal (Dutch Minister for Foreign Affairs) and Carl Bildt (Swedish Minister for Foreign Affairs). Erika Mann said that the politics and governments were dividing the Internet. With regard to the EU, she said that preaching of freedom across the world would not have the desired effect if the EU did not implement this freedom in its own legal system. William Echikson noted that Google's business depended on the free flow of information. As regards current challenges, he referred to the Italian YouTube case, in which three Google employees were convicted of privacy violations because students at a school in Turin uploaded a video to YouTube that showed the bullying of an autistic child. He said that, in this particular case, convicting Google employees was the same as making a postman for carrying the contents of the post. Marietje Schaake MEP (ALDE Group, the Netherlands) said that we needed a global internet strategy. She also said that there were some remarks from China that the EU could not ask other countries to respect the freedom of the Internet if the EU did not guarantee such freedom to its own citizens. Ms Schaake described some of the challenges related to the Internet. They were: (1) Net neutrality, (2) Enforcement of Intellectual Property Rights, (3) ACTA, (4) Cybersecurity. The Dutch MEP also said that the potential solutions to the last three of these challenges should be investigated as to whether they are a "medicine" to the problem or a "disease" in their own right. Finally, Ms Schaake concluded that EU e-policy should mainstream the Internet freedom and ensure that there was a democratic oversight and transparency. Uri Rosenthal pointed out that the freedom of expression is the core of every free nation. Moreover, freedom of expression opened the door to many other human rights. On the Internet, freedom of expression had to be defended. In order to do that, the public and private sector should act together. This is because the Internet freedom was a multi-stakeholder issue. Mr Rosenthal said that the Netherlands proposed EU-level restrictions on exporting equipment used for limiting the freedom of the Internet and supports for circumvention technologies. The Dutch Minister for Foreign Affairs also expressed his support to cyber dissidents around the world. Carl Bildt said that the present progress in information technology was only the beginning of the Internet. He added that, since the Internet is so valuable for development that the EU should support its fast development. He stated that freedom and security were also important. In order to ensure these goals, there was a need of a global strategy. This is because a global impact could be achieved only by a global action. The Swedish Minister for Foreign Affairs also noted that Sweden provided financial support to NGOs located all around the world to fight against filtering and blocking. He argued that setting people free allowed development. With regard to the recent US Strategy for cyberspace, he said that he supported it. However, the EU should also support it. In an amusing swipe at President Sarcozy, in response to a reference to the "civilised Internet", he replied "Civilised Internet? Perhaps we should first launch a civilised telephone system where people only say nice things." Carl Bildt remarks on Digital Authoritarianism at The European Centre for International Political Economy (ECIPE) Brussels (23.05.2011) http://www.regeringen.se/sb/d/7417/a/169243 ECIPE Study http://www.ecipe.org/digital-authoritarianism-human-rights-geopolitics-and-c... (Contribution by Daniel Dimov - EDRi intern) ============================================================ 8. MEPs approve body scanners on airports on a voluntarily basis ============================================================ As the European Commission plans new rules to add body scanners to the list of EU-authorised methods for passenger screening, the European Parliament, which has the right to veto, made its position known on 24 May 2011, by approving a report that backs the use of body scanners provided they don't interfere with passenger privacy or pose health risks. MEPs on the Transport Committee agreed that the use of body scanners in EU airports would enhance security but considered the method should be used voluntarily. The report, that is to be voted in the plenary on 23 June, asks for several conditions to be met on body scanners, including a ban on scanners using ionising radiations, like x-rays, and the necessity of using the least harmful technology, so as to ensure the passengers' health. "We need to be sure that the new equipment will not impact people's health. Therefore, x-ray scans should be rejected," said Luis de Grandes Pascual, the MEP who drafted the report. The US Transportation Security Administration has insisted, in its turn, that the radiation from airport body scanners poses no threat to health and that every x-ray backscatter unit was operating "well within applicable national safety standards". MEPs believe the use of body scanners should be made by also ensuring the protection of the personal data, dignity and privacy, the report asking for the use of only "stick figures" without body images being produced, and without storage of the obtained figures. To be sure of that, "the technology used must not have the capabilities to store or save data". Moreover, the passengers must be able to opt for a manual search instead of a body scan and the scans should be random and non-discriminatory. According to the report, the Member States should provide extra control points and security staff to ensure that passengers are not slowed down by the need to pass through body scanners. MEPs also call for international aviation security coordination with mutual recognition of measures and one-stop security systems in order to ensure that passengers, luggage and cargo at EU airports are screened only once. Presently, body scanners are in use in UK and Dutch airports and have been tested in Germany, Italy, France and Finland. MEPs back body scanners but want strict safeguards (26.05.2011) http://www.europarl.europa.eu/en/headlines/content/20110520STO19907/html/MEP... Information on body scanners and safety from TSA http://www.tsa.gov/approach/tech/ait/safety.shtm Information on body scanners from the European Commission http://ec.europa.eu/transport/air/index_en.htm Controversial body scanners continue to cause transatlatic divide (26.05.2011) http://www.independent.co.uk/life-style/health-and-families/controversial-bo... Strict safeguards needed for airport body scanners, say MEPs (24.05.2011) http://www.europarl.europa.eu/fi/pressroom/content/20110523IPR19946/html/Str... Draft Report on aviation security, with a special focus on security scanners - Committee on Transport and Tourism (23.02.2011) http://www.europarl.europa.eu/meetdocs/2009_2014/documents/tran/pr/834/83438... EDRi-gram: EESC condemns body scanners as a breach of fundamental rights (23.02.2011) http://www.edri.org/edrigram/number9.4/body-scanners-breach-privacy ============================================================ 9. OSCE findings on Estonian e-voting ============================================================ In its report of 16 May 2011, the Office for Democratic Institutions and Human Rights (ODIHR) of the Office of Security and Cooperation in Europe (OSCE) found Estonia's March 6 parliamentary elections, including the Internet voting, as trustworthy, although several elections monitors have pointed out a series of procedural and technical issues. "The Riigikogu elections were conducted in an environment characterized by respect for fundamental rights and freedoms and a high degree of trust in the impartiality of the election administration. Election stakeholders expressed confidence in the overall process, including the Internet voting. Voters had an opportunity to make an informed choice among a field of candidates representing a variety of political alternatives," is ODIHR's conclusion. However, the report expresses the belief that there is room for "improvement of the legal framework, oversight and accountability, and some technical aspects of the internet voting system." The weakest point, according to the report, is that the Estonian legislation doesn't deal with significant issues such as the situations that would allow the National Electoral Committee (NEC) to declare Internet voting invalid or the way in which the voters should become aware of the fact that they had to recast their ballots on election day. Another point of emphasis was that none of NEC staff or members had the necessary know-how to carry out oversight procedures without strongly relying on the IT department of the Parliament and therefore, the report recommended the development of technical expertise within the committee. Also, the results of the test made by NEC on the e-election system were not made public and therefore more transparency would be necessary. A disaster recovery plan was also recommended in the report, as the system maintenance, as performed during the elections, might create security issues. After the elections, student Paavo Pihelgas asked in court for the invalidation of the electronic voting results claiming the software used in the electronic voting was flawed and a virus could theoretically change a vote without the voter's knowledge. The student conducted a series of experiments with volunteers in order to prove his point. According to the law, the Supreme Court can nullify election results in case of violation of voter rights that had or may have had a significant effect on the election outcome. As Pihelgas participated in the test wilfully, the Supreme Court's Constitutional Review Chamber decided on 21 March that his voter's rights had not been infringed as long as he had knowingly put himself into the situation where his vote hadn't reached the electoral committee web server. Therefore, since only an established violation can lay at the basis of the nullification of the election result, a hypothetical possibility that someone's computer may have been infected with a similar type of virus without that voter's knowledge, could not constitute enough cause for nullification. In this matter, the OSCE recommended the creation of a mechanism that would allow a voter to check whether his or her vote had been changed. OSCE Calls for Enhancements to Internet Voting (17.05.2011) http://news.err.ee/Sci-Tech/2cf34a80-6dfd-4764-aa67-1d2cf4ca879e Supreme Court Rejects Last Voter Complaint (23.05.2011) http://news.err.ee/Politics/bbb598aa-586b-4981-9f7e-88273b5a25c0 Parliamentary Elections - 6 March 2011 - OSCE/ODIHR Election Assessment Mission Report (16.05.2011) http://www.osce.org/odihr/77557 ============================================================ 10. Internet governance dialogue in Belgrade 2011 ============================================================ The 4th European Dialogue on Internet Governance (EuroDIG) took place in Belgrade on 30-31 May 2011 covering a lot of debates on a large area of issues on concepts of Internet Governance, from freedom of expression to privacy and cybersecurity. The opening session was marked by Internet freedom concepts with the opening video speech by Carl Bildt, the foreign minister of Sweden who noted that "the blocking and filtering of content, popular in certain quarters, should be avoided. I think it is a disturbing fact that more governments have become more sophisticated in trying to monitor the behaviour and also, to a certain extent to censor, the content of the net. We must send a strong message that according to the values that we represent, this is simply not acceptable." He also claimed that Europe should have a unitary voice asking for freedom on the Internet: "I would say that from the European point of view, our emphasis should be on the freedom issues of the net, the other voices in the world that are pressing in another direction and we should be on our guard against those particular tendencies. And I think we need to develop as unified and as strong European voice on these issues as we can." His speech follows a similar stand for Internet freedom taken a few days before, in an event held on 23 May 2011 in Brussels (reported in a previous EDRi-gram article). In a data protection workshop on the first day, the panel, including Katarzyna Szymielewicz from EDRi-member Panoptykon Foundation Poland, participants debated the review of the privacy standards, with an emphasis on the right to oblivion, as a new principle to be included in the review of the data protection legislative tools. The workshop also underlined the tension between the right to privacy and some new business models, a tension which should not lead to diminishing the protection of privacy. A plenary on "new media" of the second day involved a lot of participants trying to debate the notion of new media, editorial control, trust in mass medium sources and freedom of expression. The discussion drew on the current work undertaken by the Council of Europe to develop a "new notion of media", already covered in the EDRi-gram. An interesting debate on the paid vs. free media focused on the fact that for the free media there is a price to be paid as well, but it is just not visible. You can pay by giving your personal information or you can pay via advertisement. Another part of the debate was if the media law needed to be changed and in what direction. In this respect, Meryem Marzouki from EDRi underlined that such a regulation on a new media should be possible only if the purpose was "to ensure plurality of views and to ensure the public interest." The conclusions of the meeting underlined the openness of conversations, the challenge of incorporating different perspectives and the importance of maintaining a bottom up approach to internet policy issues. An active participation of the youth is also worth noting, some of them also participants in the New Media Summer School, with strong public positions in favour of preventing censorship and promoting freedom of expression and net neutrality during the debates. The next EuroDIG conference will take place in Sweden in 2012. Eurodig 2011 (30-31.05.2011) http://www.eurodig.org Carl Bildt at EuroDIG 2011 (30.05.2011) http://www.youtube.com/watch?v=GLLpW4s7WTo New Media Summer School (27.05.- 1.06.2011) http://newmediasummerschool.eu/ EDRi-gram: ENDitorial:CoE: A New Notion of Media. For Better or For Worse? (20.04.2011) http://www.edri.org/edrigram/number9.8/coe-new-notion-of-media ============================================================ 11. Recommended Action ============================================================ Open letter against ACTA - expression of concern initiated by some European medialabs collaborate in LABtoLAB, a two year programme of collective reflection on informal learning. (05.2011) http://www.labtolab.org/~labtolab/wiki/index.php/Acta_expression_of_concern#... ============================================================ 12. Recommended Reading ============================================================ Internet matters: The Net's sweeping impact on growth, jobs, and prosperity. (05.2011) http://www.mckinsey.com/mgi/publications/internet_matters/pdfs/MGI_internet_... State of the Internet in Europe (25.05.2011) http://owni.fr/2011/05/25/carte-internet-europe-regulation-filtrage-copyrigh... Google boss: anti-piracy laws would be disaster for free speech (18.05.2011) http://www.guardian.co.uk/technology/2011/may/18/google-eric-schmidt-piracy Author Attitudes Towards Open Access Publishing (27.04.2011) http://www.intechweb.org/public_files/Intech_OA_Apr11.pdf Freedom of Connection, Freedom of Expression: UNESCO launches new publication (25.05.2011) http://portal.unesco.org/ci/en/ev.php-URL_ID=31398&URL_DO=DO_TOPIC&URL_SECTION=201.html ============================================================ 13. Agenda ============================================================ 2-3 June 2011, Krakow, Poland 4th International Conference on Multimedia, Communication, Services and Security organized by AGH in the scope of and under the auspices of INDECT project http://mcss2011.indect-project.eu/ 3 June 2011, Florence, Italy E-privacy 2011 and Big Brother Awards 2011 http://e-privacy.winstonsmith.org/ 4-5 June 2011, Bonn, Germany PolitCamp 2011 http://11.politcamp.org 12-15 June 2011, Bled, Slovenia 24th Bled eConference, eFuture: Creating Solutions for the Individual, Organisations and Society http://www.bledconference.org/index.php/eConference/2011 14-16 June 2011, Washington DC, USA CFP 2011 - Computers, Freedom & Privacy "The Future is Now" http://www.cfp.org/2011/wiki/index.php/Main_Page 11-12 July 2011, Barcelona, Spain 7th International Conference on Internet, Law & Politics (IDP 2011): Net Neutrality and other challenges for the future of the Internet http://edcp.uoc.edu/symposia/lang/en/idp2011/?lang=en 24-30 July 2011, Meissen, Germany European Summer School on Internet Governance 2011 http://www.euro-ssig.eu/ 27 - 30 October 2011, Barcelona, Spain Free Culture Forum 2011 http://fcforum.net/ ============================================================ 14. About ============================================================ EDRi-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRi has 28 members based or with offices in 18 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRi-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and are visible on the EDRi website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram@edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request@edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. Unsubscribe by e-mail To: edri-news-request@edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edri/2.html - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram@edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE