============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 9.8, 20 April 2011 ============================================================ Contents ============================================================ 1. Top 10 misleading statements of the European Commission on data retention 2. European Commission's Net Neutrality report 3. Implementation of the SWIFT agreement under review 4. French Parliament issues a positive report on Net Neutrality 5. Dutch government announces measures against downloading 6. Italian court found Google responsible for search suggestions to users 7.Privatised enforcement Series C: The law according to the Advocate General 8. ENDitorial:CoE: A New Notion of Media. For Better or For Worse? 10. Recommended Reading 11. Agenda 12. About ============================================================ 1. Top 10 misleading statements of the European Commission on data retention ============================================================ The European Commission adopted its evaluation report on the Data Retention Directive this week. In anticipation of the Commission to hide the numerous failures of the Directive by omission and dissemblance, EDRi produced a "shadow report" providing a more accurate assessment of the Directive, using the Commission's own methodology. The Commission lived down to our expectations, with the report itself and the Commissioner's press conference producing an imaginative selection of misleading statements. The following are ten of the most egregious examples: 1. The evaluation report shows value of "retained data" In its implementation report and its press spin, the Commission made repeated reference to the value of retained data for law enforcement purposes. What it studiously avoided saying is that the vast majority of the data used for law enforcement purposes do not rely on the Data Retention Directive. 2. The Madrid and London bombings showed the need for data retention The Commission seeks to justify the excesses of the Directive by referring to the terrorist attacks in Madrid and London. Retained data were indeed useful in Madrid - but the data used were retained by operators for billing purposes and, therefore, irrelevant to the data retention Directive. 3. "Data retention is a necessary measure" The European Commission neither sought nor was provided with any evidence that the extra data retained under the Data Retention Directive was either necessary or useful. In the absence of any evidence, it is impossible for the Commission to credibly make this statement. 4. "Industry needs data retention" It is equally not necessary for the industry, which fought against the measure prior to its adoption and has seen the range of rules and obligations get more and more onerous and fragmented as the Commission has lobbied for adoption of the Directive by the Member States. Why would the industry need an instrument which creates rather than removes barriers? 5. The Constitutional Courts did not criticise data retention per se. This is factually untrue in relation to Romania. 6. The Commission must take infringement proceedings against Member States that have not implemented the Directive It is remarkable that the Commission is acting vigorously against Member States that have not implemented the Directive, yet has taken no measures - and has threatened no measures - against Member States that have implemented it incorrectly in ways which further undermine citizens' rights. Examples include countries that have been identified in the report that have no process for deleting the data once it has exceeded the retention period. 7. The Directive was asked for by the Member States unanimously Member States have never unanimously asked for a data retention Directive. In fact, it was precisely because unanimity was not possible that the EU was not able to adopt data retention as a security measure. As a result of that failure of Member States to achieve unanimity, the Commission proposed a Directive, to force Member States that do not believe that data retention is necessary to impose it anyway. 8. There are no examples of abuses of retained data The Commission's document suggests that there are no examples of retained data being abused. This is despite the fact that the Commission is aware of at least two major abuses, namely: - German telecommunications giant Deutsche Telekom illegally used telecommunications traffic and location data to spy on about 60 individuals including critical journalists, managers and union leaders in order to try to find leaks. The company used its own data pool as well as that of a domestic competitor and of a foreign company. - In Poland retained telecommunications traffic and subscriber data was used in 2005-2007 by two major intelligence agencies to illegally disclose journalistic sources without any judicial control. 9. Some of the data retention is "permitted" by the E-Privacy Directive, rendering analysis of the impact of the Data Retention Directive complicated. This analysis is bizarre because the Commission itself made a statement when the E-Privacy Directive was adopted saying that the E-Privacy Directive "should neither prohibit nor approve any particular measure Member States may deem necessary," because a single market instrument could not place limits on a third pillar (i.e. law enforcement) policy area. No retention measure is therefore permitted by the E-Privacy Directive. 10. Data from 20 Member States shows an average of 148 000 requests per year for retained data Statistically correct, this statement by Commissioner Malmstrvm omits to mention that half of those requests were in one Member State, Poland, which has implemented the Directive in a way which permits vast abuses of the data being retained. Commissioner Malmstrvm in her speech went on to say that "if the data were not helpful, law enforcement authorities would presumably not spend human and financial resources on requesting them in those numbers". She is either unaware or indifferent to the fact that they are not asking for the data in those numbers - apart from Poland, they are asking for vastly fewer data. Commission statement on the E-Privacy Directive http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52002PC0338:EN:H... Commissioner Malmstrvm's speech on the evaluation report - Data Retention Directive - a valuable tool in fighting serious crime and terrorism, but in need of improvement (18.04.2011) http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/484&format=HTML&aged=0&language=EN&guiLanguage=en Official data retention evaluation report (18.04.2011) http://ec.europa.eu/commission_2010-2014/malmstrom/archive/20110418_data_ret... EDRi shadow data retention report (17.04.2011) http://www.edri.org/files/shadow_drd_report_110417.pdf Commission faces battle on data retention (19.04.2011) http://www.euractiv.com/en/infosociety/commission-faces-battle-data-retentio... (Contribution by Joe McNamee - EDRi) ============================================================ 2. European Commission's Net Neutrality report ============================================================ The European Commissioner for the Digital Agenda Neelie Kroes presented on 19 April 2011 its report on net neutrality, which brings nothing significant to the table, except strengthening the "wait and see" approach already presented at the Net Neutrality Summit in November last year. The Commission's report is already confirming the unequal treatment of Internet traffic, quoting the results of the survey made by BEREC (Body of European Regulators for Electronic Communications) in early 2010 in several EU member states: - Limits on the speed of peer-to-peer (P2P) file-sharing or video streaming by certain providers in France, Greece, Hungary, Lithuania, Poland and the United Kingdom; - Blocking or charging extra for the provision of voice over internet protocol (VoIP) services in mobile networks by certain mobile operators in Austria, Germany, Italy, the Netherlands, Portugal and Romania. However, the decision by Kroes is not to act, but to wait: "Together with national telecoms regulators, the Commission will spend 2011 closely looking at current market practices. At the end of 2011, I will present the findings and will publicly name operators engaging in doubtful practices." And even if something is wrong, the problems will be related just to the correct information of the consumer: "I will be looking particularly closely for any instances of unannounced blocking or throttling of certain types of traffic, and any misleading advertising of broadband speeds. If I am not satisfied that consumers can counteract such practices by switching providers, I will not hesitate to introduce more stringent measures." In fact the report itself praises the violations of the net neutrality principles, by supporting operators' claims: "It is widely accepted that network operators need to adopt some traffic management practices to ensure an efficient use of their networks and that certain IP services, such as for instance real-time IPTV and video conferencing, may require special traffic management to ensure a predefined high quality of service". La Quadrature du Net has been quick in qualifying the report as disappointing. Jirimie Zimmermann explained: "Mrs Kroes hides behind false free-market arguments to do nothing at all, pretending that competition and consumer law can successfully address the issue. In most Member States, mobile phone operators agree on engaging in the very same discriminations in their so-called 'mobile Internet' offers. These operators simply do not offer access to the universal platform of communications we call 'the Internet'. By turning a blind eye on these practices, the Commission covers anti-competitive behaviours that hinder innovation and violate users' freedom of communication." Neelie Kroes European Commission Vice-President for the Digital Agenda :The internet belongs to all of us. Press conference on Net Neutrality Communication Brussels (19.04.2011) http://europa.eu/rapid/pressReleasesAction.do?reference=SPEECH/11/285&format=HTML&aged=0&language=EN&guiLanguage=en Commission Communication: The open internet and net neutrality in Europe (19.04.2011) http://ec.europa.eu/information_society/policy/ecomm/doc/library/communicati... Net Neutrality: The European Commission Gives Up on Users and Innovators (19.04.2011) http://www.laquadrature.net/en/net-neutrality-the-european-commission-gives-... EDRi-gram: ENDitorial: Net neutrality - wait and see the end of the open Internet (17.11.2010) http://www.edri.org/edrigram/number8.22/net-neutrality-wait-and-see ============================================================ 3. Implementation of the SWIFT agreement under review ============================================================ A review prepared by the EU delegation of the joint review team on the implementation of the SWIFT (TFTP) agreement concluded that "all of the relevant elements of the Agreement have been implemented in accordance with its provisions, including the data protection provisions". The report has been accepted by EU Justice and Home Affairs Council. The agreement, which was signed on 28 June 2010, foresees the transfers to the USA of financial payment messages held by Society for Worldwide Interbank Financial Telecommunication (SWIFT), to be used in the Terrorist Finance Tracking Program (TFTP). Europol is the body which has the specific task to check whether requests from the US Treasury Department for SWIFT data comply with the terms of the TFTP Agreement, while the Europol Joint Supervisory Body (JSB) is to review Europol's activities. An inspection mandated by the JSB to check Europol's implementation of the TFTP Agreement has revealed a lack of audit of the data transfers in a report published in March 2011. The four requests made during the inspection were made in abstract terms, for broad types of data, which makes impossible compliance with Article 4(2) of the TFTP Agreement (which says that requests must be tailored as narrowly as possible). The JSB recommended that the requests had to contain more detailed information, specific to each request, and that the US authorities might need to provide certain additional information. Moreover, it has come out that there is a lot of information provided orally by the US Treasury Department to Europol staff with no written requests to allow the proper verification of compliance with the data protection standards. MEPs have shown their concerns related to the findings of the German report and expressed their disagreement to Europol's activity. "As Members of Parliament we feel betrayed reading this report (...) We voted in favour (of this agreement last year) in the trust that both parties would apply the adopted agreement" which "concerns the transfer of sensitive data belonging to our citizens", said Alexander Alvaro (ALDE, DE), Parliament's rapporteur on the TFTP agreement. Although the joint review prepared by the EU delegation had a different conclusion, it included recommendations contradicting its findings. Thus, the EU review team recommended "more publicly accessible information on the way the program functions, in as far as this is possible (...) in particular, the overall volume of data provided to the U.S. authorities and the number of financial payment messages accessed." It also suggested "further enhancing the Europol verification procedure referred to in Article 4," and "more verifiable statistical information on the added value of TFTP derived information to efforts to combat terrorism and its financing in order to further substantiate the added value of the program." It also recommended "improving some aspects of the provision of information to the general public on the rights accorded to them under the Agreement." As MEPs had asked the director of Europol to answer to their concerns, Europol issued an information note to the European Parliament on 8 April 2011. According to the information note, Europol had taken into consideration the JSB's recommendations and "comprehensively reviewed the process. A revised version was adopted and introduced in March 2011." "The procedural steps involved in the process include specific actions to assess the validity of the US request in terms of its compliance with the criteria established in Article 4, including a record of the verification officer's operational judgement and a record of the advice given by the Legal Affairs Unit and Data Protection Office (DPO). The DPO has seen every request since the Agreement entered into force, but following observations made by the JSB, Europol decided to make certain practical enhancements to the process to ensure a more efficient involvement of the DPO. As part of the process, a standard template is used as a formal record of the advice from each party and of the authorising officer's final decision," says the information note. Europol fails to audit the transfer of SWIFT financial data to the USA (9.03.2011) https://p10.secure.hostingprod.com/@spyblog.org.uk/ssl/spyblog/2011/03/09/eu... Report on the inspection of Europol's implementation of the TFTP agreement, conducted in November 2010 by the Europol Joint Supervisory Body (1.03.2011) http://www.bfdi.bund.de/SharedDocs/Publikationen/Allgemein/ReportGKIzuSWFT.p... EU Council: Report on the joint review of the implementation of the Agreement between the European Union and the United States of America on the processing and transfer of Financial Messaging data from the European Union to the United States for the purposes of the Terrorist Finance Tracking Program (17-18.02.2011) http://register.consilium.europa.eu/pdf/en/11/st08/st08142.en11.pdf Europol Activities in Relation to the TFTP Agreement Information Note to the European Parliament (8.04.2011) http://www.statewatch.org/news/2011/apr/eu-europol-report-on-implementation-... Committee on Civil Liberties, Justice and Home Affairs Press release- SWIFT implementation report: MEPs raise serious data protection concerns (14.03.2011) http://www.statewatch.org/news/2011/mar/ep-libe-swift-prel-mar-11.pdf ============================================================ 4. French Parliament issues a positive report on Net Neutrality ============================================================ Last week, a trans-partisan/cross party parliamentary mission set up by the Economic Affairs committee of the French National Assembly released a report on Net Neutrality. After working on the report for more than five months and conducting dozens of hearings, the mission led by Laure de La Raudihre (UMP, conservative) and Corinne Erhel (PS, socialist) presented a 145-page document covering most aspects of Net Neutrality. Overall, the report is extremely positive - probably one of the most detailed ever issued on the matter by public authorities in Europe. Although it draws to a large extent on the French electronic communication regulatory authority's (ARCEP) 10 proposals from September 2010, the report goes further on several aspects. In particular, the report includes a call for the legislative protection of Net Neutrality, which is defined as "the ability of Internet users to send and receive any application of their choice, to connect any device and use the programmes of their choice, as long as they don't harm the network with a quality of service that is transparent, sufficient and non-discriminatory (...)". Interestingly, the non-discrimination criteria is interpreted strictly, as the the authors explain that all traffic should be treated equally, thereby rejecting the so-called traffic differentiation. Traffic differentiation would have allowed for different treatments according to types of traffic. The document confines acceptable management of Internet traffic to cases of legal obligations, unforeseen congestion or if the network's security is at risk. By doing so, it draws a clear line between the Internet and managed services, which are defined as all electronic communications for which operators guarantee a specific quality of service and manage traffic to that aim. To make sure the difference between the Internet and managed services is clear, the report further proposes to reserve the "Internet" label to offers abiding by the principle of Net Neutrality. The most political aspect of the report is its strong stance against content blocking, as the parliamentary mission calls for systematic judiciary oversight of mandatory blocking measures. The mission therefore opposes the recently adopted legislation which grants the police the power to block child abuse websites (LOPPSI law). The rapporteurs also suggest that instead of acting preventively to block "illegal" communications, a repressive logical approach -"whereby illegal activities supported by such communications are condemned"- should be pursued. One of the shortcomings of the report, however, lies in the fact that it leaves out the issue of network management techniques and whether these should be regulated. In February, a preliminary version suggested that techniques such as Deep Packet Inspection should be monitored so as to ensure that they are not used in a way that jeopardizes the privacy of Internet users. It is unknown why this issue was eventually dropped from the final version. The work of the mission and the reception of the report by other members of the Economic Affairs committee of the French National Assembly is a positive step. But it remains to be seen if and how the report will actually translate into actual policies. Rapporteur Laure de La Raudihre has indicated that she is ready to table a legislative proposal to implement some of the recommendations of the report. But with the 2012 elections coming up in France and considering that the agenda of the French Parliament is already quite full, any vote on Net Neutrality before late 2012 is very unlikely. But the content of the report already gives a clear signal to telecoms operators that, for some lawmakers at least, the future of the Internet matters more than their narrow business interests. The proposals put forward in the document are the following: A. First axis: enshrine Internet Neutrality as a political goal Proposal #1: define the Net Neutrality principle Proposal #2: establish promotion of Net Neutrality as a political goal and give regulatory authorities the power to impose obligations suited for its promotion B. Second axis: strict supervision of Internet blocking Proposal #3: further question the justifications for legal blocking measures, despite their seeming legitimacy, due to their inefficiency and the adverse effects they may lead to Proposal #4: establish immediately a unified procedure which includes the intervention of a judge C. Third axis: protect the Internet's universality and guarantee its quality Proposal #5: reserve the "Internet" label to offers which respect the neutrality principle Proposal #6: create an Internet quality observatory Proposal #7: assign Arcep (national regulatory authority) the mission of guaranteeing an Internet of sufficient quality D. Fourth axis: ensure sustainable financing of the Internet Proposal #8: study the economic stakes attached to the Internet network Proposal #9: carefully assess the creation of a European "data call termination" The report (only in French, 13.04.2011) http://www.assemblee-nationale.fr/13/rap-info/i3336.asp ARCEP has published ten proposals and recommendations for promoting a neutral and high quality Internet (15.11.2010) http://www.arcep.fr/index.php?id=8571&L=1&tx_gsactualite_pi1[uid]=1317&tx_gsactualite_pi1[annee]=&tx_gsactualite_pi1[theme]=&tx_gsactualite_pi1[motscle]=&tx_gsactualite_pi1[backID]=26&cHash=2cde5a935b Net Neutrality: An Encouraging Report From the French Parliament (14.04.2011) http://www.laquadrature.net/en/net-neutrality-an-encouraging-report-from-the... Parliamentary Report recommend introducing Net Neutrality into the law (only in French, 13.04.2011) http://www.lemonde.fr/technologies/article/2011/04/13/un-rapport-parlementai... (contribution by Filix Triguer - La Quadrature du Net) ============================================================ 5. Dutch government announces measures against downloading ============================================================ On 11 April 2011, the Dutch government published its copyright policy plans for the coming years. The plans include restricting the currently existing private copying exception and the possibility to block access to websites facilitating copyright infringement. EDRi-member Bits of Freedom objected against the plans, which will lead to more repression while not providing a sustainable solution for the conflict between copyright and the internet. Currently, downloading material without authorisation is considered to fall within the scope of the private copying exception under the Dutch copyright act. The Dutch government wants to restrict this exception to the effect that downloading from an evidently illegal source shall be deemed unlawful. In addition, the government wants to make it possible for rightsholders to have Internet providers block access to websites and services facilitating copyright infringement, as a last resort. Although the government does not intend to prosecute individual internet users, it cannot guarantee that rightsholders will not do so in civil actions. In arguing for its plans, the government also refers to repressive copyright policies outside The Netherlands. As a justification for the restriction of the private use exception, reference is made to the Gallo report which was adopted in 2010. In addition, reference is made to draft legislation in the United States and policies in the United Kingdom regarding the blocking of websites. Digital rights organisation Bits of Freedom strongly objected to the new plans, stating that they will merely lead to repression of internet users and open the way to censorship. Dutch government copyright plans (only in Dutch, 11.04.2011) http://www.rijksoverheid.nl/documenten-en-publicaties/brieven/2011/04/11/spe... Press Release Bits of Freedom (only in Dutch, 11.04.2011) https://www.bof.nl/2011/04/11/persbericht-downloadverbod-slecht-voor-muzikan... (Contribution by Ot van Daalen - EDRi-member Bits of Freedom, Netherlands) ============================================================ 6. Italian court found Google responsible for search suggestions to users ============================================================ On 31 March 2011, an Italian court of Milan ruled that Google was responsible for its Google Suggest, the "autocomplete" function that suggests words and characters to complete a partial search for its users. The case was brought to court by a person whose name, when typed in the Google search field, was associated, through the "suggested searches" (now "related searches"), to the words "truffatore" (con man, swindler) and "truffa" (scam, fraud). The person's public image as an entrepreneur and provider of educational services in the field of personal finance suffered and the man's lawyer, Carlo Piana, argued that Google could control the content produced by its autocomplete function. Google defended itself by claiming that it was protected by the E-Commerce Directive exempting online service providers from liability for content they give access to but not created by them. "Google argued that it could not be held liable because it is a hosting provider, but we showed that this is content produced by them (and by the way, they do filter out certain content, including terms that are known to be used to distribute copyright infringing material), although through automated means," wrote Carlo Piana in a blog post. The court agreed, emphasizing that Google's autocomplete search was not entirely automatic and Google did have control over the defamatory suggestions its algorithms came up with. Moreover, Google had failed to intervene to correct the specific combination of words despite the warning sent by the office of the applicant. An ordinance last January had already called to intervene but Google did not take action, arguing that the system was based on statistical evaluations arising from users' searches and therefore the engine is not responsible for the content generated.. Google was ordered to filter out libellous "search suggestions" and to pay the man 1500 Euro for the rights affected, and 2300 Euro for various legal fees. According to a report by All Technology News, Google has already censored in 2011, in its auto-complete keyword search, some words related to alleged illegal piracy. Users no longer receive suggested entries for partially entered characters for some p2p platforms. Guido Scorza, a lawyer specializing in new media and technology law and founder of the Institute for Innovation policies believes the court's decision is "an erroneous interpretation that does not take into account the technological context and media provided for reference or the scope of certain types of behaviour in a typical environment". In his opinion, "a sequence of three words, with no punctuation or logical connection, on a blank page and just below a field of search, in 2011, is not a meaningful sentence, let alone a sentence of offensive content." "We believe that Google should not be held liable for terms that appear in autocomplete as these are predicted by computer algorithms based on searches from previous users, not by Google itself. We are currently reviewing our options," was Google's statement. Google has lost similar cases last year in France, Sweden and Brazil. Google is responsible for 'autofill' search terms, says Italian court (11.04.2011) http://www.out-law.com/default.aspx?page=11860 The Italian Court Decision (only in Italian, 31.03.2011) http://piana.eu/files/Ordinanza.pdf Autocompletion brings liability (5.04.2011) http://piana.eu/suggestions Google Suggest, convicted in Italy (only in Italian, 6.04.2011) http://punto-informatico.it/3125765/PI/News/google-suggest-colpevole-italia.... Words, just words (only in Italian, 6.04.2011) http://punto-informatico.it/3126383/PI/Commenti/parole-soltanto-parole.aspx EDRi-gram: First decision in the Italian criminal case against Google executives (24.02.2011) http://www.edri.org/edrigram/number8.4/decision-italy-vs-google-executives ============================================================ 7.Privatised enforcement Series C: The law according to the Advocate General ============================================================ The Advocate General of the European Court of Justice recently published his views with regard to the Scarlet/Sabam case C-70/10 in the European Court of Justice. This is a crucial case with regard to privatised enforcement, as it is the first time that the legality of this approach has been tested. The case came as a result of an attempt by the Belgian collecting society Sabam to require the small Belgian ISP Scarlet to install a filtering system to monitor all peer to peer traffic on its network and block files which Sabam ruled to be unauthorised. As Scarlet was a small, struggling ISP, Sabam hoped that they would comply to avoid high court costs. Since the start of the case, however, things have unravelled somewhat for Sabam. Firstly, Scarlet was taken over by the Belgian former incumbent Belgacom, which had the resources and ability to fight the case and, secondly, Sabam was humiliated by an undercover TV "sting" which showed them demanding royalties for artists that do not exist (such as Suzi Wan, a brand of noodles) and demanding royalty payments for use of their non-existent works. The Advocate General described the case as being about (paragraph 54) "delegating the legal and economic responsibility of the fight against illegal downloading to Internet access providers." Sabam's action in bringing the case has been very valuable to digital rights. If they had not brought this case, the European Commission would have been vigorously pushing in favour of exactly such measures, claiming that this approach was legal without immediate fear of contradiction. For example, in the recent Communication on the implementation of the IPR Enforcement Directive, the Commission argued that such injunctions might be applied, without contradicting any relevant EU law or human rights law. This is also the advice that it gave to the Court. Indeed, the Commission had already run a "dialogue on illegal up- and downloading" with the industry and the content industry with the aim of achieving "voluntary" breaches of the right to privacy and the right to communication that are at stake in the Scarlet/Sabam case, albeit without success. The view of the Advocate General is that the filtering and blocking demanded by Sabam would constitute an infringement of the fundamental rights to privacy and communication. As such, the requirements imposed by the Charter on Fundamental Rights and Convention of Human Rights in such cases would have to be met. In particular, the Advocate General explains that restrictions must be based on law, the law must pre-date the restriction and the law must be necessary, proportionate and effective. Interestingly (paragraph 113), he also says that Article 52.1 of the Charter creates an implicit obligation for the law to be properly legitimated by a legislative process. In paragraph 52 of the Opinion, the Advocate General explains that, according to the Charter on Fundamental Rights, the proportionality of a restriction of fundamental rights needs to be defined both by the legislator, when formulating the law on which the restriction is based and by the judge imposing the restriction. Not only does this contradict the Commission's input on in this particular case, it also places huge doubts over a wide range of Commission initiatives. For example, in recital 13 of the Child Exploitation Directive, the Commission bizarrely suggests "stimulating" internet providers to undertake blocking and filtering "voluntarily," circumventing the law, the legislator and the judge. It remains to be seen what lessons the European Commission will take from this ruling in its demands for more extra-judicial policing from Internet intermediaries. In particular, will the Commission stop funding projects, such as CIRCAMP, its entire raison d'etre being in fundamental contradiction with this Opinion? Advocate General's Opinion (only in French, 14.04.2011) http://curia.europa.eu/jurisp/cgi-bin/form.pl?lang=EN&Submit=rechercher&numaff=C-70/10 Court of Justice Press Release (14.04.2011) http://curia.europa.eu/jcms/upload/docs/application/pdf/2011-04/cp110037en.p... Circamp http://www.circamp.eu The Suzi Wan playlist http://www.humo.be/tws/actua/21679-3/basta-vs-sabam.html EU in "secret talks" to stop illegal downloads (28.01.2011) http://www.euractiv.com/en/infosociety/eu-secret-talks-illegal-downloads-new... (Contribution by Joe McNamee - EDRi) ============================================================ 8. ENDitorial:CoE: A New Notion of Media. For Better or For Worse? ============================================================ The fourth meeting of the Council of Europe (CoE) Committee of experts on new media (MC-NM) was held on 28-29 March 2011 in Strasbourg, with two main points on its agenda. The first one was a discussion on comments received in response of its public consultation on two draft recommendations on the protection of human rights with regards, to search engines and to social network services, respectively. This MC-NM work is led by The Netherlands representative (Sjoera Nas), with the help of the Secretariat. Both draft recommendations are accompanied by guidelines for providers of such services. The second agenda item was the discussion on a draft recommendation on a new notion of media. Discussions on both points started during previous meetings, in March and September 2010. The public consultation on social networks and on search engines will be allowed some more time, since only few responses have been received so far, mainly from civil society organizations, since only one main industry actor from the sector provided its comments. Unsurprisingly, the former confirmed that the main concerns of the civil society are to ensure a better data protection for citizens using this kind of services, as well as stronger legal protection of their freedom of expression and information, especially when they are threatened by content filtering and blocking practices. Unsurprisingly too, the fact that personal data are the major currency of so-called free services - especially when used for behavioral profiling and advertising purposes - is perfectly reflected in the Industry actor response. The simple fact that a single response was received from the web 2.0 industry reveals the need to regulate this sector - at least to make it healthier - for a better respect of fundamental rights. As a matter of fact, since the EU and some European countries at the national level started to deal with - and even to fine - a major US search engine company, it has led to understand that when a company operates in a given region or country, it has to abide by its law. Most probably, it would take the same process for social network services to "learn by example". At least, one would have expected some responses from European social networks, but they might not yet have understood that such process of jointly defining human rights guidelines with institutions like the Council of Europe - as the European association of Internet service providers (EuroISPA) and the Interactive Software Federation of Europe (ISFE, online games providers), respectively, did - would prove a better strategy for them than the vague development of "ethical codes of conduct" through a so-called self-regulation process. Most part of the March 2011 MC-NM meeting was however dedicated to the discussion of the draft recommendation on a new notion of media. As previously reported, this work is examining to which extent and under which conditions web 2.0 services should be considered as part of a "media ecosystem" (rather than the brave old traditional "media landscape") and consequently be regulated, partly or totally, by media laws, with all the issues at stake in terms of fundamental rights, democracy and the rule of law. After the intense discussions during the last MC-NM meeting in September 2010, the project has now developed into both a draft '"Recommendation on a new notion of media" and its draft "Appendix" providing two "Toolkits" with the purpose to help deciding whether and to which extent a web 2.0 service should be considered as a media. The first toolkit defines a set of criteria, each being qualified by numerous indicators. The second one gives directions on how to use and apply these criteria, accompanied by a list of examples. This "unorthodox presentation'" as it was acknowledged during the meeting, in addition to the rather unorthodoxically high amount of employed effort to define these criteria, indicators, and "policy maker manual" (it took the MC-NM Chair, Thomas Schneider, the Switzerland representative, a retreat in the Swiss mountains together with the Serbian and Bulgarian representatives and the Secretariat to come up with these documents!), are enough to show how tricky the issue is. The major difficulty is indeed to ensure that web 2.0 services would be considered as media and their use be protected as such, through provisions on freedom of the press and protection of journalism, in view of public interest and pluralism of opinions, and more generally speaking the protection of democratic values (an approach that EDRI would commend and advance) At the same time, to ensure that they would not be considered as media when this means that industry owners of these services would retain editorial control on their users' expression and information and would benefit from exemptions or derogations to, say, data protection obligations "to reconcile the right to privacy with the rules governing freedom of expression" as set forth ( though "solely for journalistic purposes or the purpose of artistic or literary expression") in article 9 of the European Data Protection Directive (an approach of web 2.0 services that EDRI would stand against and strongly fight). The current draft documents suggest a dual response to this dilemma. First, they recommend the adoption of a new and broad notion of media that considers a whole "media ecosystem" where media actors in the traditional sense coexist and interact with actors performing a whole set of functions. These would include, in addition to media production and distribution actors, not only users turned into ubiquitous prosumers, application designers and content aggregators, but also a number of "intermediaries" or "auxiliaries" (including from the Telecommunications sector) providing and operating infrastructures, networks and platforms. The recognition of such a media ecosystem would need to acknowledge that some of these new actors have become essential pathfinders to information, to the extent that they have the power to act as its gatekeeper. Not to mention that this ecosystem is also a market, where the dominant position at the national or global level that some actors have acquired should also be looked at as a media concentration issue with its democratic consequences and the related question on whether public service obligations should be imposed on these industry actors. Secondly, they advocate the adoption of a graduated and differentiated approach in terms of media policy when applied to such different actors, depending on their performed functions, their kind of interactions, keeping in mind that this media ecosystem develops in a fluid and multidimensional reality. To this end, a list of "media indicators" is suggested, and grouped under six criteria: (1) editorial control or oversight or moderation, (2) purpose, (3) intent, (4) outreach, (5) professional standards, and (6) third party expectation. For each criterion, a detailed list of indicators has the purpose of precising the media character (is a given web 2.0 service truly a media?) and of defining the appropriate scale of graduated and differentiated media policy to be applied (to which extent a given web 2.0 service performs a media function?). The discussion on the draft recommendation itself has rather quickly led to consensus within the group on the relevance of this new notion of media as an "ecosystem", reflecting this proteiform universe with the diversity and fluidity of its actors, their functions and interactions, although EDRI unsuccessfully opposed the now unfortunately unavoidable mention of "self-regulatory tools, including codes of conduct" that obviously go much further than the sole "journalist deontological codes" given such an extended notion of media. The discussion on the toolkits and especially the criteria and their sets of indicators was harsher, since it debated the practical issue of which media policies should be applied to which web 2.0 services, in which way and to which extent. EDRi made clear its position that, first and foremost, the document must clearly set what is NOT a media, and should NOT be considered as such in any circumstances, but rather as a pure communication service. This is needed to avoid the temptation by some governments, when it comes to media policy implementation at national level, to use the Council of Europe Recommendation and Toolkits for unintended purposes, or even to hijack them. This could result in repressive policies with regards to freedom of expression and freedom of information, that the Council of Europe institutions would not be able to oppose since these policies would have been "blessed" by its own recommendations! While EDRi acknowledges and commends the Council of Europe best intentions to uphold fundamental rights, freedom of the media and democracy in the new media sector with this work, it has to advocate serious caution with regards to the unintended consequences that might - or rather would probably - derive from such a process, and do its best to ensure that strong guaranties are provided to avoid their occurrence. To only take the first criterion as an example, its extended definition as "editorial control or oversight or moderation" rather than being restricted to "editorial control", is an issue in itself. The very difference between a traditional notion of media and such a new notion is mainly characterized by an ex-ante editorial control in the former case and an ex-post moderation (or more generally speaking an "oversight and capacity to act" on the content public availability) in the latter. The simple fact to group these functions, abilities and powers into a single criterion carries the risk of equating the role of a technical intermediary to that of an editorial board, which summarizes the whole issue of Internet content regulation by technical intermediaries through devolved regulation (sometimes called private censorship) that EDRi, together with many other digital rights organizations, has been fighting for more than 15 years! A revised version of the documents is expected for the next MC-NM meeting, but as the situation now stands, it is unlikely that such a clear distinction advocated by EDRi and supported almost only by The Netherlands representatives will be introduced, unless this Council of Europe activity gains more attention and stirs a strong controversy in the mean time. This new notion of media will be further discussed during the next European Dialogue on Internet Governance (EuroDIG) to be held in Belgrade on 30-31 May 2011, and will be again on the agenda of the next MC-NM meeting scheduled on 20-21 September 2011, only some days before the next Internet Governance Forum (IGF) to be held in Nairobi on 27-30 September 2011. CoE CDMC website http://www.coe.int/t/dghl/standardsetting/media/ CoE MC-NM group website http://www.coe.int/t/dghl/standardsetting/media/MC-NM/ EDRi-gram: Enditorial: Council Of Europe: Bad News As It Happens (06.10.2010) http://www.edri.org/edrigram/number8.19/council-of-europe-expert-groups EDRi-gram: New Media, Search Engines And Network Neutrality On 2010 CoE Agenda (07.04.2010) http://www.edri.org/edrigram/number8.7/coe-new-media-working-group CoE-EuroISPA "Human Rights Guidelines for Internet Service Providers" (2008) http://www.coe.int/t/dghl/standardsetting/media/Doc/H-Inf(2008)009_en.pdf CoE-ISFE "Human Rights Guidelines for Online Games Providers" (2008) http://www.coe.int/t/dghl/standardsetting/media/Doc/H-Inf(2008)008_en.pdf EuroDIG 2011 session on "New media" (30-31.05.2011) http://www.eurodig.org/eurodig-2011/programme/plenary/new-media IGF 2011 - Nairobi, Kenya (27-30.09.2011) http://www.intgovforum.org/ (Contribution by Meryem Marzouki, EDRI-member IRIS - France) ============================================================ 9. Recommended Reading ============================================================ Freedom House - Freedom of the Net 2011: A Global Assessment of Internet and Digital Media (18.04.2011) http://www.freedomhouse.org/template.cfm?page=664 Internet freedom in Azerbaijan: Joint Statement of Institute for Reporters' Freedom and Safety and Democracy Monitor (18.04.2011) http://www.irfs.az/content/view/6294/28/lang,eng/ Article 29 Working Party - Opinion 10/2011 on the proposal for a Directive on the use of passenger name record data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime (5.04.2011) http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp181_en.pdf Europe Creates Orphan Works Registry, Copyright ID System; Digitises EU Content (12.04.2011) http://www.ip-watch.org/weblog/?p=15265 Tim Berners-Lee: Web access is a "human right" (12.04.2011) http://www.networkworld.com/news/2011/041211-mit-berners-lee.html ============================================================ 10. Agenda ============================================================ 5-6 May 2011, Milano, Italy The European Thematic Network on Legal Aspects of Public Sector Information - public conference http://www.lapsi-project.eu/milan 17-18 May 2011, Berlin Germany European Data Protection Reform & International Data Protection Compliance http://www.edpd-conference.com 30-31 May 2011, Belgrade, Serbia Pan-European dialogue on Internet governance (EuroDIG) http://www.eurodig.org/ 2-3 June 2011, Krakow, Poland 4th International Conference on Multimedia, Communication, Services and Security organized by AGH in the scope of and under the auspices of INDECT project http://mcss2011.indect-project.eu/ 12-15 June 2011, Bled, Slovenia 24th Bled eConference, eFuture: Creating Solutions for the Individual, Organisations and Society http://www.bledconference.org/index.php/eConference/2011 14-16 June 2011, Washington DC, USA CFP 2011 - Computers, Freedom & Privacy "The Future is Now" http://www.cfp.org/2011/wiki/index.php/Main_Page 11-12 July 2011, Barcelona, Spain 7th International Conference on Internet, Law & Politics (IDP 2011): Net Neutrality and other challenges for the future of the Internet http://edcp.uoc.edu/symposia/lang/en/idp2011/?lang=en 24-30 July 2011, Meissen, Germany European Summer School on Internet Governance 2011 Applications open until 15 May 2011 http://www.euro-ssig.eu/ ============================================================ 11. About ============================================================ EDRi-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRi has 28 members based or with offices in 18 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRi-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and are visible on the EDRi website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram@edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring - EDRI-gram subscription information subscribe by e-mail To: edri-news-request@edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. Unsubscribe by e-mail To: edri-news-request@edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edri/2.html - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram@edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE