====================================================================== EDRi-gram biweekly newsletter about digital civil rights in Europe Number 10.17, 12 September 2012 ======================================================================= Contents ======================================================================= 1. Belarusian authorities harass online opposition groups 2. Spanish website gets back seized domain names. After 18 months. 3. Russia: Old and new in online censorship 4. Unitary patent brings back the software patents debate 5. EDRi on child protection policy 6. EDPS opinion on the EU database for asylum seekers 7. ENDItorial:CET(A)CTA bCriminal sanctions provisions broadly identical 8. Recommended Action 9. Recommended Reading 10. Agenda 11. About ======================================================================= 1. Belarusian authorities harass online opposition groups ======================================================================= As elections in Belarus approach, independent or pro-opposition journalists and Internet users are harassed by the Belarusian authorities, pressured and even put to jail. "The call for an election boycott by some opposition figures has joined the long list of subjects that are off limits. Those who mention the boycott, such as opposition groups on social networks, are immediately sanctioned. It is illusory to talk of free elections in such a media environment," stated Reporters Without Borders. As reported by the human rights group Viasna on 31 August, the mobile phone company BelCel blocked access to the pro-opposition news websites Charter97 and BelPartizan. The State Security Committee arrested a series of moderators of online communities who were interrogated and beaten, their apartments were searched and their laptops confiscated. Pavel Yeutsikhiyeu, one of the moderators of the "Webve had enough of this Lukashenkob group on the Russian social network VKontake, was sentenced by Minskbs Kastrychnitski district court on 31 August to five days in prison on a charge of disturbing public order and Andrey Tkachou, the administrator of the Only SHOS group, was sentenced to seven days in prison on the same charge. The authorities also hacked into two online discussions groups obtaining the names of their presumed moderators and administrators and removed much of the content of these groups. The group b Webve had enough of this Lukashenkob is now controlled by the State Security Committee after having been hacked, deleted and restored. The secret services do not delete information from the community, but publish libel against group's administrators. Also OSCE has again showed deep concern over the situation in Belarus. b I have repeatedly called on Belarusian authorities to stop persecuting journalists and bloggers. Unfortunately, recent detentions and searches in Minsk and elsewhere in the country show continued efforts to muzzle dissenting voices and clamp down on freedom of expression online,b said the OSCE Representative on Freedom of the Media, Dunja Mijatovic who added: b The Belarusian authorities are using such charges to control the media and Internet communities. The detentions are a strike against freedom of expression and contravene OSCE commitments which Belarus has pledged to uphold.b Opposition journalists and cyber-dissidents hounded in run-up to election (3.09.2012) http://en.rsf.org/belarus-opposition-journalists-and-cyber-03-09-2012,43321.... OSCE Press Release - OSCE media freedom representative concerned by arrest of social media activists in Belarus (4.09.2012) http://www.osce.org/fom/93345 KGB continues crackdown on social network groups (4.09.2012) http://spring96.org/en/news/56709 Crackdown on social networks: interrogations, searches, arrests (31.08.2012) http://spring96.org/en/news/56544 ======================================================================= 2. Spanish website gets back seized domain names. After 18 months. ======================================================================= After one year and a half battle with the US authorities, the sports streaming and download Spanish site Rojadirecta has succeeded in winning back its domain names, after the authorities dropped the lawsuit against it on 29 August 2012. The .org and .com domains of Rojadirecta were seized in January 2011 as part of operation b Operation In Our Sitesb, on a very questionable basis of intellectual property rights violation, and without any court order. The site had already been considered as legally operating in Spain by two Spanish courts. After the seizure, Rojadirecta continued its operation as usual under .es and .me domains and decided to fight back and sued the US government. b We immediately initiated talks with the government, through our legal representatives in San Francisco and New York, in order to obtain the return of (our domains). Since it was impossible at that stage to recover domains amicably, we filed a complaint against the Government, the Department of Homeland Security and the Immigration and Customs Enforcement agency of the United States of America,b said Rojadirectabs owner, the Spanish company Puerto 80. This is not the first case of this type. In 2010 music blog Dajaz1 had its domain name seized which was returned after more than 12 months. It turned out that the seizure, initiated by the RIAA, was a mistake. The concern is that the US government may repeat such abuses without any consequence for them. b I expect that we may see a few more such cases as well. Unfortunately, though, we may not get a clear legal ruling telling the government it can't do this b meaning that they'll be free to continue to abuse their powers in such a manner going forward,b stated Mark Lemley from Puerto 80 legal team. U.S. Returns Seized Domains to Streaming Links Site (After 18 Months) (30.08.2012) http://torrentfreak.com/u-s-returns-seized-domains-to-streaming-links-site-a... Oops: After Seizing & Censoring Rojadirecta For 18 Months, Feds Give Up & Drop Case (29.08.2012) http://www.techdirt.com/articles/20120829/12370820209/oops-after-seizing-cen... The U.S. Government withdraws complaint against the Rojadirecta domains and the Court orders their return (up-dated 5.09.2012) http://blog.rojadirecta.me/2012/08/30/us-government-withdraws-lawsuit-agains... Rojadirecta wins the fight with the USA Government and recovers its domains (only in Spanish, 30.08.2012) http://www.elmundo.es/elmundo/2012/08/30/navegante/1346315790.html EDRi-gram: Spanish sports streaming domain seized by US authorities without warning (9.02.2011) http://www.edri.org/edrigram/number9.3/rojadirecta-domain-name-seized-us ======================================================================= 3. Russia: Old and new in online censorship ======================================================================= A new Russian law intended to protect minors from b harmfulb content entered into force on 1 September 2012 bringing forth confusion and, at the same time, hilarious and even dangerous results. "The lawbs vagueness and inconsistencies render its repressive provisions even more threatening and are encouraging journalists to censor themselves. The vague definition of bharmful contentb leaves too much room for interpretation and increases the probability of overblocking. As defined, the requirement to put age ban labels on content is absurd and dangerous. On the grounds of protecting minors, this law is likely to place serious obstacles on the mediabs ability to provide the public with general news coverage. We urge parliament to clarify this law and to strike out those provisions that violate the constitution and international agreements that Russia has ratified," stated Reporters Without Borders said. Under the final version of the law, the media must prevent children from seeing content that contains violence, sex or rude words or content encouraging them to smoke or drink alcohol. Vladimir Pikov, the spokesman of Roskomnadzor (the Federal Service for Supervision in the Sphere of Telecom, Information Technologies and Mass Communications), said on 29 August 2012 that, with the exception of news agencies, all online media had to place age bans on their content. Moreover, Pikov stated that when it was complicated to place a ban label to individual articles, then the entire website had to be labelled. This has led to cases when online media representatives decided to label their entire site in order to avoid any risk. A Russian channel will censor b The Simpsonsb cartoon series banning scenes of violence, drinking, and smoking before 11 pm. b Under the new law we cannot show bThe Itchy & Scratchy Showb from bThe Simpsonsb before 11 pmb, said general director Lev Makarov. Moreover, the majority party of the Russian Parliament has announced the intention to introduce new amendments to the libel law to find and punish those posting anonymous insults on the Internet. Russia amended the law on libel during this spring adding harsh new administrative punishments for defamation. In October 2011, the Upper House Commission for Development of Civil Society approved a draft law "Against Internet Extremism," suggesting all postings on the Internet are public and thus, Internet libel would be punished with sentences of up to five years in prison just as the mass-media libel. b The law already includes the norms providing responsibility for journalists b both the media companies and authors. But what shall we do if some anonymous user makes insulting statements? We will consider the questions connected with legislation improvement in this direction so that anonymity no longer gives such people the illusion of impunity,b said deputy speaker of the Lower House and member of the Culture Committee Sergey Zheleznyak. This new amendment will allow police officers to find the identity of anonymous libels and, according to Zheleznyak, it will apply to Internet users, not just journalists. Major threat to news coverage from law "protecting minors" online (1.09.2012) http://en.rsf.org/russie-major-threat-to-news-coverage-from-01-09-2012,43314... Russia To Censor bSouth Parkb and bThe Simpsonsb (30.08.2012) http://www.inquisitr.com/316980/russia-to-censor-south-park-and-the-simpsons... United Russia mulls amendments to track anonymous Internet slanderers (29.09.2012) http://rt.com/politics/united-russia-internet-slanderers-814/ ======================================================================= 4. Unitary patent brings back the software patents debate ======================================================================= The Committee on Legal Affairs (JURI) of the European Parliament is preparing these days in view of the discussion on unitary patent on 17 and 18 September 2012. The issue of interest is whether these discussions will bring back the return of software patents as it seems to be the case, having in view the recent patent wars in the US (like that of Apple against Samsung). There is also the threat of letting companies monopolise the market thus preventing innovation and the introduction of new products. Several groups, like April and FSFE, call for a general mobilisation to contact all MEPs, so that the European Parliament finally tackles the issue of the software patentability. "Software patents are a real scourge for companies and software developers. They do not contribute to innovation whatsoever, but prevent us from developing new products while exposing us to ever increasing legal uncertainty," stated GC)rald SC)drati-Dinet, April's patent advisor. Although European laws prohibit software patents, the European Patent Office (EPO) has been trying for years to legalize software patents and, under the new proposal to be discussed, the power and control on the law on patentability would be left to an organisation, without any democratic control or the opinion to go before an independent court. Under the current proposal, the EPO has the right to award a patent, but also takes the final decision on whether it remains valid when someone complains, while the final court to decide on patent complaints should be the European Court of Justice which has already warned that the current proposal is incompatible with EU laws. The patent system should be politically controlled by the European Parliament and should benefit of proper checks and balances. Ideally, the European Parliament must ensure that computer programs are excluded from patentability, making clear that they cannot be patented just because they run on generic data processing hardware. I call! http://call.unitary-patent.eu/campaign/call2/unitary-patent-juri-2012 General mobilisation against the return of software patents in Europe (3.09.2012) http://www.april.org/en/general-mobilisation-against-return-software-patents... No patents on software: Unitary patent threatens innovation in Europe (7.09.2012) http://fsfe.org/news/2012/news-20120907-01.en.html EU: the unitary patent (5.09.2012) http://fsfe.org/campaigns/swpat/current/unitary-patent.html ======================================================================= 5. EDRi on child protection policy ======================================================================= The interests of children should be put first, even if that means allowing them to learn and adapt to online risks An unseen threat is the scariest threat of all. An unseen threat to our children provokes our most basic protective instincts, which is exactly as it should be. The internet is a public space and it is as safe or dangerous to allow a child to wander in its various neighbourhoods as for them to wander through any city. The challenge is to fight the temptation to be over-protective and instead allow our societybs children and young people to develop into responsible adults. Panic and assumptions lead to policies that are counterproductive. Effective child protection measures are those based on facts and not fear. The European commission has sought the facts, financing truly impressive research on which solid policy can be based. The European Unionbs kids online research project on the experience of European children online is excellent, setting global standards for both scope and quality. Bizarrely, however, the commissionbs recent communication on a bEuropean strategy for a better internet for childrenb only briefly references this research. Instead, it is pushing internet companies to adopt unspecified voluntary measures that will not be subject to the rigours of democratic decision-making, will not be based on research and risk being either useless or, even worse, counterproductive. The threat of the implementation of bad policies as a result on over-reliance on industry bsolutionsb is very real. For example, it would seem logical for internet providers to offer strong internet filtering to protect children. The public relations value of such a service is tempting. However, research from the UK office for standards in education indicates that students are safest when they are not using strongly filtered internet connections. Instead, children gain better knowledge, awareness and security by using open services, which allow them to learn about, confront and adapt to risk. The commission has been funding child abuse image (child pornography) prevention hotlines for several years. On the basis of direct or indirect reports from these hotlines, internet providers in many EU countries voluntarily remove images or sites from their services. The commission is now demanding a quicker takedown of such images. However, despite funding the hotlines, the commission can produce no statistics as regards how fast sites are removed in each EU member state, nor on the causes of delays. In other words, the commission is asking for an unspecified improvement on an unknown baseline value that it is unable to make available. This is simply not good enough. Worse still, the commission cannot produce any reliable data on the number of prosecutions b or even investigations. Criminal activity must be treated more seriously than this. It is difficult to understand the basis of the commissionbs apparent belief that companies instinctively know what is in the best interests of children and society and will put these interests ahead of their own profits. Companies frequently have conflicts between their own interest and that of the public. It is unwise and inappropriate to devolve policy-making to them on such an important issue. Children deserve better, a policy for child protection must be based on evidence and not the public relations needs of parts of industry or even of the commission itself. If any policy area deserved to be treated with more diligence, it is this one. We need European leadership on this issue, not facile nonsense about corporations regulating children, free speech and our digital heritage. Article published in TheParliament.com (7.09.2012) http://www.theparliament.com/latest-news/article/newsarticle/child-protectio... (Article by Joe McNamee - Executive Director of European Digital Rights EDRi) ======================================================================= 6. EDPS opinion on the EU database for asylum seekers ======================================================================= On 5 September 2012, the European Data Protection Supervisor (EDPS) issued his opinion on the amended Commission proposal for a Regulation of the European Parliament and of the Council on the establishment of EURODAC database for the comparison of the fingerprints of asylum seekers. EURODAC was established by an EC regulation on 11 December 2000 concerning the establishment of a database for the comparison of the fingerprints of asylum seekers for the effective application of the Dublin Convention. On 30 May 2012, the Commission adopted a proposal concerning a modification of the EURODAC Regulation that also provides access to EURODAC data for law enforcement purposes by Member States' law enforcement authorities and Europol. Peter Hustinx, EDPS, stated in his opinion that while the availability of a database with fingerprints could be a useful additional tool in combating crime, this new amendment represents "a serious intrusion into the rights of a vulnerable group of people in need of protection." "Just because the data has already been collected, it should not be used for another purpose which may have a far-reaching negative impact on the lives of individuals," said Peter Hustinx who added that such an intrusion risking the stigmatisation of individuals should have a strong justification and that the Commission has not b provided sufficient reason why asylum seekers should be singled out for such treatment." Hustinx asked the Commission to provide solid evidence and reliable statistics for the need to access EURODAC data and added that in case such a need is supported by evidence, the access to the database should be subject to strict, appropriate safeguards. The EDPS also recommended that the access to the data by law enforcement entities should also be subject to b specific and clearly defined criteria such as a substantiated suspicion that the perpetrator of a terrorist or other serious criminal offence has applied for asylumb and that the request for access for law enforcement purposes should be verified by an independent authority or, preferably, submitted for prior judicial authorisation. Other recommendations are that the proposal should clearly emphasize that the transfer to third data is prohibited, that it should specify more clearly the rules on retention or deletion of data and that it should include an improvement of the provisions on data security. Among the conditions for access, the EDPS included the consultation of the Visa Information System, the existence of a substantiated suspicion that the perpetrator of a terrorist or other serious criminal offences has applied for asylum and the b substantial contribution for law enforcement purposes and clarifying what is understood by reasonable groundsb Privacy czar: Civil rights at stake in asylum database proposal (6.09.2012) http://www.euractiv.com/specialreport-data-protection/eu-advisor-commissions... EDPS Press Release - EURODAC: erosion of fundamental rights creeps along (5.09.2012) http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/P... Opinion of the European Data Protection Supervisor on the amended proposal for a Regulation of the European Parliament and of the Council on the establishment of "EURODAC" (5.09.2012) http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consul... ======================================================================= 7.ENDItorial:CET(A)CTA b Criminal sanctions provisions broadly identical ======================================================================= Towards the end of July 2012, a rather strange and surprising e-mail was sent from the General Secretariat of the Council of the European Union to the Member States and the European Commission. The e-mail explained that the criminal sanctions provisions of the draft EU/Canada trade agreement are modelled on those in ACTA. This, the General Secretariat of the Council worries, presents a problem as, on the one hand, the conclusion and implementation of CETA are a declared priority of the Union while, on the other, the European Parliament will need to be asked to approve the final text of the Agreement. Member States told EDRi were baffled by the e-mail. On the one hand, after all the controversy surrounding ACTA, they could not understand why such a blunt e-mail was sent in the first place. After all of the leaks surrounding ACTA, a more subtle message would have been logical. Secondly, after the adoption of the Lisbon Treaty, the task of coordinating such policies is now the responsibility of the Commission, so it was not clear why the Council took it upon itself to even ask the question. Member States are not the only ones that are somewhat surprised by the Council's e-mail b the European Commission told the press only two weeks previously b that language being negotiated on CETA regarding Internet is now totally different from ACTA.b Has the Council been given the wrong draft of CETA? This seems like the only possible explanation. After everything that happened with ACTA, it hardly seems possible that the Commission would be seeking to mislead the public. Many Member States still do not understand the political problems that surrounded ACTA and are therefore generally not opposed to provisions from ACTA being put into CETA. However, only two Member States clicked on b reply allb when responding to the Council's e-mail b one was a well-known supporter of ACTA from western Europe and, surprisingly, the other was one of the b newb Member States from South-East Europe. The response from the South-East European member state also raised opposition to the inclusion of camcording in the draft Agreement. Camcording is such a non-issue that it was abandoned by the negotiating parties in ACTA, so it is bizarre that even stronger wording has now made its way into CETA. Even more strange is that a policy has found its way into the draft EU/Canada trade deal that is neither an EU policy nor a Canadian policy, but a US one. Michael Geist points in a blog post to a Wikileaks cable where the US described as b disingenuousb a Canadian claim that their anti-camcording legislation was an independent policy change that was not the result of lobbying pressure from the US. Michael Geist blog: Wikileaks Cables Show Massive U.S. Effort to Establish Canadian DMCA (29.04.2011) http://www.michaelgeist.ca/content/view/5765/125/ Council E-Mail (07.2012) Cannot publish yet to protect source Don't believe every leak you read says EU Commission on CETA (11.07.2012) http://www.itworld.com/internet/285634/dont-believe-every-leak-you-read-says... (Contribution by Joe McNamee - EDRi) ======================================================================= 8. Recommended Action ======================================================================= Join Global Advocates: Oppose Expanding ITU Authority to the Internet (7.09.2012) https://www.cdt.org/blogs/ellery-biddle/0709global-advocates-oppose-expandin... ======================================================================= 9. Recommended Reading ======================================================================= Chip and Skim: cloning EMV cards with the pre-play attack (10.09.2012) http://www.lightbluetouchpaper.org/2012/09/10/chip-and-skim-cloning-emv-card... http://www.cl.cam.ac.uk/~rja14/Papers/unattack.pdf http://www.pcworld.com/businesscenter/article/262197/emv_protocol_flaw_allow... http://www.bbc.com/news/technology-19559124 Illegal file-sharing activity generally logged within three hours, according to new study (6.09.2012) http://www.out-law.com/en/articles/2012/september/illegal-file-sharing-activ... http://www.cs.bham.ac.uk/~tpc/Papers/P2PMonitor.pdf Europeanabs huge cultural dataset opens for re-use (12.09.2012) http://bit.ly/SbKfPb ======================================================================= 10. Agenda ======================================================================= 14-17 September 2012, Brussels, Belgium Freedom not Fear 2012 http://www.freedomnotfear.org/ http://www.freedom-not-fear.eu 17-22 September 2012, Helsinki, Finland Open Knowledge Festival http://okfestival.org/ 20-21 September 2012, Trier, Germany The proposed general Data Protection Regulation. Strengthening the EU's Data Protections Architecture? https://www.era.int/cgi-bin/cms?sprache=en&_bereich=artikel&_aktion=detail&idartikel=122913 26 September 2012, Cambridge, UK Open Data across Europe in Local and National Government - Practical achievements and challenges http://www.opening-up.eu/content/open-data-conference 27 September 2012, Paris, France Open Data - La Conferance http://www.opendata-laconference.com/agenda.html 7-10 October 2012, Amsterdam, Netherlands 2012 Amsterdam Privacy Conference http://www.apc2012.org/ 11-12 October 2012, Amsterdam, Netherlands Economies of the commons 3 - Sustainable Futures for Digital Archives http://ecommons.eu/ 25-28 October 2012, Barcelona, Spain Free Culture Forum 2012 http://fcforum.net/ 3-4 November 2012, Baku, Azerbaijan Best Bits b a strategic gathering of NGOs around Internet governance and Internet principles http://igf-online.net/bestbits.pdf 6-9 November 2012, Baku, Azerbaijan Seventh Annual IGF Meeting: "Internet Governance for Sustainable Human, Economic and Social Development" http://www.intgovforum.org/cms/ 9-11 November 2012, Fulda, Germany Digitalisierte Gesellschaft - Wege und Irrwege FIfF Annual Conference in cooperation with Fuldaer Informatik Kollquium http://www.fiff.de/2012 4 December 2012, Brussels, Belgium 3rd Annual European Data Protection and Privacy Conference http://www.eu-ems.com/summary.asp?event_id=123&page_id=983 23-25 January 2013, Brussels, Belgium CPDP 2013 Conference - Reloading data protection CfP by 19 October 2012 http://www.cpdpconferences.org/callforpapers.html 6-8 May 2013, Berlin, Germany re:publica 2013 http://re-publica.de/12/2012/08/28/der-termin-steht-vom-06-08-mai-2013-geht-... 31 July b 4 August 2013, Geestmerambacht, Netherlands Observe. Hack. Make. - OHM2013 https://ohm2013.org/ ============================================================ 11. About ============================================================ EDRi-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRi has 32 members based or with offices in 20 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRi-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and are visible on the EDRi website. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram@edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring http://flattr.com/thing/417077/edri-on-Flattr - EDRI-gram subscription information subscribe by e-mail To: edri-news-request@edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. Unsubscribe by e-mail To: edri-news-request@edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/mk/vesti/edri - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided by Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram@edri.org> if you have any problems with subscribing or unsubscribing. ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE