============================================================ EDRi-gram biweekly newsletter about digital civil rights in Europe Number 9.20, 19 October 2011 ============================================================ Contents ============================================================ 1. European action week on airline passenger surveillance 2. The latest developments on ACTA in the European Parliament 3. German police accused of using a Trojan backdoor for interceptions 4. Berlusconi's wiretapping law threatens online publishers 5. Phorm gets back on the European stage 6. EDPS's Opinion on net neutrality & privacy 7. European Parliament legal service confirms: ACTA may or may not be legal 8. ENDitorial: Belgian music industry acts to undermine copyright law 9. Recommended Action 10. Recommended Reading 11. Agenda 12. About ============================================================ 1. European action week on airline passenger surveillance ============================================================ Credit card details, hotel bookings, IP addresses, mobile phone numbers, and travel details: all this information is currently being transferred to law enforcement agencies in third countries. The storage and automatic processing of our data is supposed to enable law enforcement agencies to identify "unknown" suspects and to profile citizens as possible terrorists or people-traffickers. On 17 October 2011, EDRi and nopnr.org organised a public workshop with a keynote speech by U.S. travel expert and human rights advocate Mr Edward Hasbrouck. The aim of the workshop was to discuss the international agreements on the transfer, storage and processing of passenger name records (PNR) with the USA, Canada and Australia and the plans for a European travel surveillance system. The event launched a European action week on PNR including activists' workshops in Berlin and Vienna, discussions in the European Parliament and a meeting with Germany's Justice Minister Sabine Leutheusser-Schnarrenberger. The agreements from 2007 on the processing and transfer of airline passenger data, which have since then been provisionally applied, are currently being renegotiated by the EU. The agreement between the EU and Australia has already been signed by the Council last month and will be put to a plenary vote in the European Parliament on 27 October 2011. If the EP decides to give its consent to this agreement next week - despite the fact that it does not meet the minimum guarantees demanded by the EP in its previous resolutions - it would then be in force for seven years. The US-EU agreement, which aims to store the personal data of millions of transatlantic air passengers for 15 years, is still being negotiated. At the present time, the U.S. Department of Homeland Security (DHS) is not willing to countenance any concessions regarding the retention period or safeguards. However, air carriers are already transmitting travel data to the DHS each time we are taking the plane to the U.S. The information submitted by passengers when buying a ticket is freely available to any agencies in the U.S., where there are no data protection laws. In his speech at EDRi's offices (see slides below), Hasbrouck explained his work in the U.S. which includes a legal case against the DHS to obtain access to his own PNR data. He mainly criticised that the EU-U.S. agreement is not a treaty and can therefore not be enforced in U.S. Courts. Hasbrouck underlined that it does not recognize the fundamental right to freedom of movement (ICCPR, Article 12) and criticised the fact that it does not prohibit data mining or profiling. He also highlighted that the main reason for the agreement was to legitimise the already existing access by the U.S. to travel data. According to a DHS testimony to Congress, 5 Oct. 2011, an agreement is crucial "to protect U.S. industry partners from unreasonable lawsuits, as well as to reassure our allies, DHS has entered into these negotiations." In this context it is also worth noting that in May 2011, the DHS had already nearly 400 employees operating at airports and sea ports within the EU. This practice came to light after Mark Koumans, Deputy Assistant Secretary for International Affairs of the DHS, made a statement on the extensive range of cooperative activities between police forces in the EU and the U.S. police. In addition to the international agreements, the Commission made a proposal for a European Passenger Name Record (PNR) Directive, earlier this year, to place all travel in and out of the EU under surveillance. The Commission is not excluding the possibility of collecting and using of passenger name record data for rail transport in the future. This proposal is supported by the UK who is in favour of a PNR system for passengers travelling by sea. However, a leaked note by the Commission's own legal service in June this year questioned the necessity of a period of more than two years in the EU-PNR proposal. More worrying is European Union's own PNR system which intends to establish a new surveillance authority in each Member State (Passenger Information Unit), whose main purpose would be profiling of citizens based on their travel habits. Last year, the European Data Protection Supervisor (EDPS) also harshly criticized the proposal for a EU-PNR system: "The EDPS considers that the bulk transfer of data about innocent people for risk assessment purposes raises serious proportionality issues. (...) The EDPS questions in particular the proactive use of PNR data. While 're-active' use of data does not raise major concerns, as far as it is part of an investigation of a crime already committed, real time and proactive use lead to a more critical assessment." EDRi has serious concerns that storage and processing of travel data without given suspicion infringes the European fundamental right to data protection (Art. 8 Charter of Fundamental Rights) and argues that fundamental rights and freedoms in the context of 'transatlantic cooperation' are not taken into consideration. In a recent position paper sent to all relevant MEPs for their vote on the EU-Australia agreement, EDRi highlighted that the minimum standards requested by the European Parliament in two resolutions have not been met by the Commission. EDRi position paper on the EU-Australian agreement (27.09.2011) http://www.edri.org/files/2011PNR/27092011EDRi_AustraliaPNR.pdf Hasbrouck's slides from EDRi-noPNR workshop (17.10.2011) http://hasbrouck.org/IDP/PNR-Hasbrouck-OCT2011.pdf NoPNR.org campaign website http://www.nopnr.org/ Hasbrouck's action week in Europe (12.10.2011) http://hasbrouck.org/blog/archives/001963.html FAQ about PNR data http://wiki.vorratsdatenspeicherung.de/images/USA-EU_PNR-FAQ.pdf Opinion of the European Data Protection Supervisor (EDPS) on the EU-PNR proposal (18.10.2010) http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consul... Commission on the possibility to use PNR for rail transport (4.03.2011) http://www.europarl.europa.eu/sides/getAllAnswers.do?reference=P-2011-001225&language=EN (Contribution by Kirsten Fiedler - EDRi) ============================================================ 2. The latest developments on ACTA in the European Parliament ============================================================ After long, opaque and undemocratic negotiations, the Anti-Counterfeiting Agreement (ACTA) is making its first steps into the European Parliament. The long process of the ratification of ACTA, which will need to overcome the hurdles created by votes in all 27 EU national parliaments as well as in the European Parliament, has now started. The first step in the process at a European level, after a rubber-stamping of the text by the Council, is that each of the European Parliament Committees that considers it has an important perspective to add to the process will nominate itself to provide an "opinion" on the text. Currently, two committees - Legal Affairs and Civil Liberties, Justice and Home Affairs have decided to give opinions. In the Legal Affairs Committee (JURI), Marielle Gallo (EPP) is in charge of the dossier. On 17 October, the Civil liberties, Justice and Home Affairs Committee (LIBE) decided to produce an opinion, but it has not yet been decided which MEP will be in charge. The committee that will produce the final report to be approved by the whole parliament (theoretically taking due account of the "opinions" of the other committees) is the International Trade Committee (INTA), with Kader Arif (S&D Group, France) as Rapporteur. Having fought hard throughout its entire history for the right to have equal decision-making power on dossiers such as this one, the Parliament now appears almost afraid to take an independent, democratic decision. MEPs appear worried that rejecting the decision might look childish or, more bizarrely, rude, after all of the work that has been put into the Agreement up until now. Every European policy maker needs to be encouraged to consider the implications of ACTA. For this reason, EDRi, Access and the Trans-Atlantic Consumer Dialogue (TACD) worked together to produce a booklet, which provides an insight into the controversial and unacceptable parts of the proposal. The booklet outlines the lack of credibility, the threat to freedom of expression and access to culture; the dangers threatening privacy, and the chilling effect on innovation and the hindrance to trade that will be created if ACTA is adopted. All members of the European Parliament received the booklet last week. A translation of the booklet is available in German, Polish and Czech. Other languages (such as Romanian and French) will be added in due course and will be included on the web version of this article and announced via Twitter. EDRi Booklet on ACTA http://www.edri.org/files/acta-bklt-p2s.pdf Czech version http://www.slidilove.cz/sites/default/files/acta-argumenty_cz.pdf German version http://www.edri.org/files/acta-edri-broschuere.pdf Polish version http://www.edri.org/files/ACTA_booklet_PL.pdf EDRi-gram: ENDitorial: Countries start signing ACTA, preparatory docs still secret (5.10.2011) http://www.edri.org/edrigram/number9.19/acta-documents-secret (Contribution by Marie Humeau - EDRi) ============================================================ 3. German police accused of using a Trojan backdoor for interceptions ============================================================ According to EDRi-member Chaos Computer Club (CCC), the German government has been using a backdoor Trojan, a spyware that can retrieve private data, and also offers a remote control for uploading and executing other arbitrary programs. CCC has reverse engineered and analysed the respective programme and has concluded that the Trojan can receive uploads of arbitrary programs from the Internet and execute them remotely and that the activation of the computer's hardware, like the microphone or the camera, can be used for surveillance. Moreover, with the help of an additional module, it can be used to remotely control infected PCs over the Internet, watching screenshots of the web browser on the infected PC, including private notices, emails or texts in web based cloud services. On its website, CCC group includes a screen shot to show the Trojan in action. The use of spying software violates the country's constitutional law as it contains functions beyond the interception of Internet-based communication. In 2008, Germany's Federal Constitutional Court ruled that the secret infiltration of information technology systems was a grave infringement of civil rights and could only be justified in some criminal investigations, and so established strict legal limitations for such cases. The CCC analysis reveals this is a case of "Bundestrojaner" (federal Trojan), the colloquial German term for a government malware concept concealed as "Quellen-TK\" (meaning "source wiretapping" or lawful interception of the source). But, according to the constitutional court, Quellen-TK\ can only be used for wiretapping Internet telephony and has to be enforced through technical and legal means. The analysis concludes that not only were no technical safeguards introduced by the Trojan's developers to provide the use of the malware exclusively for wiretapping Internet telephony, but its design includes functionality to clandestinely add more components over the network from the start, creating a bridge-head to further infiltrate the computer. "This refutes the claim that an effective separation of just wiretapping internet telephony and a full-blown trojan is possible in practice - or even desired. Our analysis revealed once again that law enforcement agencies will overstep their authority if not watched carefully. In this case functions clearly intended for breaking the law were implemented in this malware: they were meant for uploading and executing arbitrary code on the targeted system," stated a CCC speaker. Markus Beyer, spokesperson for the Federal Interior Ministry said at a press conference on 8 October 2011 that the software was "freely available" and three years old, without however stating whether the software had been designed by or for the government. Chief government spokesperson Steffen Seibert stated at the same press conference that the German government was taking allegations about illegal surveillance software used by investigative authorities "very seriously" and would examine the claims made by CCC. "It would be a very grave incident and clearly against the law should the allegation be accurate," said Wolfgang Bosbach, chairman of the German Parliament's Internal Affairs Committee to Deutschlandfunk radio and, on 7 October 2011, the Free Democratic Party asked for an investigation and a ban on the use of the software until the allegations were cleared. German government accused of spying on citizens with state-sponsored Trojan (8.10.2011) http://www.zdnet.com/blog/bott/german-government-accused-of-spying-on-citize... Analysis of Government malware (only in German, 8.10.2011) http://www.ccc.de/system/uploads/76/original/staatstrojaner-report23.pdf Chaos Computer Club analyzes government malware (8.10.2011) http://ccc.de/en/updates/2011/staatstrojaner Possible Governmental Backdoor Found ("Case R2D2") (8.10.2011) http://www.f-secure.com/weblog/archives/00002249.html German Malware May Put PC's Camera at Risk (10.10.2011) http://www.bloomberg.com/news/2011-10-10/german-trojan-spyware-may-violate-c... ============================================================ 4. Berlusconi's wiretapping law threatens online publishers ============================================================ The Italian Parliament has resumed discussions on the very criticised governmental bill that would limit the publication of wiretaps in the news media, forcing at the same time websites to automatically publish corrections at request. But on 12 October 2011 the decision on the final text was postponed, after the paragraph 29 was amended so it will not apply to any blog. The draft bill was approved by the Senate in June 2011 but has been put aside due to strong criticism from civil society. However, Prime Minister Silvio Berlusconi, who would directly benefit from the law, has succeeded in inserting the draft bill on the agenda of the Chamber of Deputies a few days after it was approved by a legislative committee on 5 October, with very minor changes. "The latest amendments make no difference," Reporters Without Borders said adding: "Restricting the publication of tapped phone conversations in the media to this degree would gravely impede investigative journalism. It has all the hallmarks of a crude and dishonest device for gagging the media. It also has a distinctly political dimension. The government is trying to cover up the prime minister's sex scandals, many of which have been exposed by the publication of phone transcripts." The bill says that the media can publish a transcript from a telephone tap only if judges or lawyers consider it is not "essential for proving the guilt or innocence" of the person under investigation. The publication of any "inappropriate" phone tap material would be punishable by 6 months to 3 years in prison or a fine of 10 000 euro for a reporter and of up to 300 000 euro for an editor. Many journalists and bloggers demonstrated against the bill on 5 October in Rome. During three days, between 5 and 7 October, Wikipedia blocked access to all entries in its Italian-language version in protest against the bill "The obligation to publish on our site corrections required by the law, without even the right to discuss and verify the claim, is an unacceptable restriction of the freedom and independence of Wikipedia." "Wikipedia Italy is on strike against an idiotic proposed law," said Jimmy Wales, co-founder of Wikipedia, who considers that as Italy already has very good laws against defamation, the proposed bill "overreaches dramatically. I have never heard of any law like it anywhere else in the world." Now, the entire draft law has been apparently postponed until November. Draft Italian bill on wiretapping (only in Italian, 6.10.2011) http://www.senato.it/leg/16/BGT/Schede/Ddliter/35538.htm Investigative reporters and websites again threatened by proposed "gag law" (7.10.2011) http://en.rsf.org/investigative-reporters-and-07-10-2011,41145.html Blackout in Italy: "The first time Wikipedia worldwide has done anything of this kind" (6.10.2011) http://www.niemanlab.org/2011/10/blackout-in-italy-the-first-time-wikipedia-... A Summit on wiretapping, Berlusconi wants to reopen the game (only in Italian, 13.10.2011) http://www.repubblica.it/politica/2011/10/13/news/ddl_intercettazioni-231378... Wiretapping bill in November: a standard against websites and blogs today? (only in Italian, 14.10.2011) http://www.webmasterpoint.org/news/ddl-intercettazioni-a-novembre-norma-cont... Wiretapping bill in November, a brief limitation (only in Italian, 14.10.2011) http://www.ilsole24ore.com/art/notizie/2011-10-14/intercettazioni-novembre-s... ============================================================ 5. Phorm gets back on the European stage ============================================================ After its implementation in UK failed, Phorm wants a fresh start by placing its foot in the European market through a partnership deal with Romtelecom in Romania. With no public debate before the launch at the end of September, Romtelecom has presented a new service called MyClicknet, which basically implements the Phorm behavioural advertising solution with an opt-in approach. In practice, that means that almost all traffic (browsing and searches) on port 80 from Internet users that opt-in for such a system will be scanned in order to create a profile that can be sold to interested advertising companies. Romtelecom insists that no personal data is recorded or kept and the user is identified in the ad network based on an anonymous string of characters. Romtelecom also claims that the system will not scan any type of "delicate subjects", such as content related to smoking, pornography, alcohol, drugs, health issues or related to children under 14 years old. This would mean in practice that they will be actively using Deep Packet Inspection (DPI) in order to see if the content fits in one accepted category or not. Complaints against the system arose when Internet users saw their traffic redirecting to the Romtelecom opt-in page for its new service or, after joining the service, saw that traffic was being redirected to oix.net (the Phorm service). Romtelecom's reply was that the service is 100% anonymous and free and you need to opt-in (by clicking "Continue" on their redirect page) to get access to the service. Also, they say the system was checked with the Romanian DPA (Data Protection Authority) and they have implemented all the suggestions of the DPA. However, if the data protection law is fuzzy enough to be interpreted in such a way a similar service might be accepted by the DPA, the Romanian eprivacy law (no. 506/2004) is very clear regarding the obligation of confidentiality of the electronic communication providers. Article 4 states that the confidentiality of communications is guaranteed and any form of tapping or surveillance of the communication can be made only with the "prior written consent" of the users that are taking part in such communication. And if we think of the users of an Internet communication, there should be both the subscriber and the website. After receiving several complaints, the Romanian DPA announced that it will launch an investigation to see how personal data are protected in the MyClicknet service, but only after 28 October 2011. In the meantime, all its public relations are being temporarily suspended, because they need to move to a new location. Romanian re-Phorm-ation? (30.09.2011) http://symbioticweb.blogspot.com/2011/09/romanian-re-phorm-ation.html Romtelecom and their illeagal practices - Myclicknet traffic being intercepeted and analsed (only in Romanian, 6.10.2011) http://forum.softpedia.com/index.php?showtopic=810348&st=0 Clicknet from Romtelecom - adverstising, redirecting, spam (only in Romanian, 4.10.2011) http://m1ha1.blogspot.com/2011/10/clicknet-de-la-romtelecom-reclame.html MyClicknet - the wiretapping service of Romtelecom (only in Romanian, 17.10.2011) http://legi-internet.ro/blogs/index.php/2011/10/17/myclicknet-serviciul-de-i... EDRi-gram: Phorm given up by UK ISPs (15.07.2009) http://www.edri.org/edri-gram/number7.14/phorm-out-uk ============================================================ 6. EDPS's Opinion on net neutrality & privacy ============================================================ Peter Hustinx, the European Data Protection Supervisor (EDPS) adopted an opinion on 7 October 2011 on the European Commission Communication on the open internet and net neutrality in Europe, stressing the necessity of respecting the fundamental right to privacy and data protection of users, in particular in terms of confidentiality of communications. The Opinion addresses a very controversial subject and comes in the light of the Communication adopted by the Commission on 19 April 2011 and the Commission's public consultation preceding the Communication. It also takes into consideration the draft Council conclusions on net neutrality. Net neutrality refers to whether Internet service providers (ISPs) should be allowed to monitor network traffic, filter or restrict Internet access of their users. The idea is that "information on the Internet should be transmitted impartially, without regard to content, destination or source, and that users should be able to decide what applications, services and hardware they want to use. This means that ISPs cannot, at their own choice, prioritise or slow down access to certain applications or services such as Peer to Peer ('P2P'), etc." The EDPS draws attention to such practices on certain inspection techniques used by ISPs that may be highly intrusive, involving the monitoring of content of communications, websites visited, emails sent and received, the time when this takes place, enabling filtering of communications. In Hustinx's opinion, monitoring of the ISPs' compliance with data protection rules should be closely monitored. The confidentiality of communications is a fundamental right protected by the European Convention for the Protection of Human Rights and Fundamental Freedoms, the Charter of Fundamental Rights of the European Union as well as the EU ePrivacy Directive. Hustinx believes there is a tendency of increased monitoring and inspection techniques from ISPs which raises serious issues regarding the protection of users' privacy and personal data and therefore, more has to be done to devise and implementsatisfactory policies on the matter. He therefore calls on the Commission to initiate a debate involving all relevant stakeholders, for the clarification of the data protection legal framework applying in this case. In his Opinion, the EDPS has made some recommendations which include: the determination of legitimate inspection practices needed to ensure the smooth flow of traffic or carried out for security purposes; the determination of the cases when monitoring requires the users' consent (such as filtering aimed to limit access to certain applications and services, such as peer to peer); and, in such cases, the necessity of guidance regarding the application of the necessary data protection safeguards (purpose limitation, security etc). Hustinx also believes national authorities and BEREC should monitor the market situation. "This monitoring should result in a clear picture describing whether the market is evolving towards massive, real-time inspection of communications and issues related to complying with the legal framework." "Further analysis of the effects of new practices in relation to data protection and privacy on the Internet", is also necessary. Based on such analyses, additional legislative measures might be necessary in which case "the Commission should put forward policy measures aimed at strengthening data protection rules and ensuring legal certainty. New measures should clarify the practical consequences of the net neutrality principle and guarantee users the possibility." Opinion of the European Data Protection Supervisor on net neutrality, traffic management and the protection of privacy and personal data (7.10.2011) http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consul... Press Release "A serious policy debate on net neutrality must effectively address users' confidentiality of communication" (7.10.2011) http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/P... Busting net neutrality may amount to spying, says EU (13.10.2011) http://www.theregister.co.uk/2011/10/13/isps_traffic_managemnet_may_breach_e... EDRi-gram: EDRi's answer to net neutrality consultation (6.10.2010) http://www.edri.org/edrigram/number8.19/edri-net-neutrality-position EDRi-gram: Draft Council conclusions on Net Neutrality (27.07.2011) http://www.edri.org/edrigram/number9.15/net-neutrality-council-conclusions ============================================================ 7. European Parliament legal service confirms: ACTA may or may not be legal ============================================================ Several weeks ago, the International Trade Committee of the European Parliament asked for an opinion from the Parliament's internal legal service regarding ACTA's legality and whether or not documents must be made public. At the end of last week, the confidential response from the Legal Service was delivered. The result is that the lawyers believe that ACTA may indeed be, or possibly may not be, legal and in line with the existing legal framework of the European Union. In response to the question about whether ACTA is in line with existing EU legal provisions, the Legal Service explains that the text is open to interpretation but, on the face of it, the agreement appears to be in line with current EU law. Of course, if the interpretations of the other negotiating parties are different from those which the Legal Service has guessed at, then ACTA may, indeed, not be legal after all. Asked whether the preparatory documents of the Agreement must legally be published, the Legal Service is very precise: there is no obligation under international law to publish preparatory documents. They accept that preparatory documents may be used to interpret unclear agreements and that parts of ACTA are unclear. However, they helpfully point out that, as long as the documents are not made public by any of the negotiating partners, they cannot be used to assign meaning to the unclear sections of the text. The Legal Service chooses not to address the wisdom of adopting an international agreement, the meaning of which is likely to change if any of the negotiating partners subsequently chooses to publish documents in order to "prove" that its interpretation of the text is the correct one. The only minor point of concern in this context is that the European Parliament has already published the leaked text of the digital chapter (which refers to private companies unilaterally cutting citizens' Internet access) on its own website. This minor point means that the European Parliament has already shown that ACTA (by promoting lawless sanctions by private companies against citizens and their right to freedom of expression and due process) is in clear and unequivocal breach of the Treaty on European Union, which requires the Union to support democracy and the rule of law in its international relations. In the meantime, the Commission has provided a rather unexpected answer to a priority written question on the meaning of the previously unheard-of "fundamental principle" of "fair process" that is referred to in ACTA. The Commission does not seek to argue that the "fundamental principle" is a fundamental principle at all. Instead, it simply explains that the meaning of the term "fair process" can be found in the Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) of the World Intellectual Property Association which... contains no reference whatsoever to "fair process". The Commission expresses the hope and assumption that this is what the other ACTA negotiating partners also understood. In short, the "fundamental principle" is not a "fundamental principle" and its meaning is, at best, an educated guess on the part of the Commission. Parliamentary question http://www.europarl.europa.eu/sides/getDoc.do?type=WQ&reference=P-2011-008444&language=EN Parliament's leak of ACTA digital chapter http://www.europarl.europa.eu/meetdocs/2009_2014/documents/d-us/dv/supplemen... Backup of Parliament's leak http://www.edri.org/files/acta_disconnection.pdf (see footnote 6) FFII requests European Parliament's Legal Services' opinion on ACTA (15.10.2011) http://acta.ffii.org/?p=833 (contribution by Joe McNamee - EDRi) ============================================================ 8. ENDitorial: Belgian music industry acts to undermine copyright law ============================================================ We have all heard the music industry make claims about the vast amount of "piracy" going on, such as the estimation that from 2008 to 2015, the music industry was going to lose an amount equivalent to the combined national debt of Greece and Italy. The ever-impartial European Commission has been similarly apocalyptic in its analysis of the situation - describing illegal filesharing as "ubiquitous" in its report on application of the IPR Enforcement Directive. The question is, under such circumstances where any law has lost its legitimacy to such an extent that breaches are "ubiquitous," when losses are allegedly more than what entire countries produce in a whole year, what is the one thing that must be avoided at all costs? One must avoid robbing the law of any residual credibility that it still has. After being caught by a TV station trying to obtain royalties for the music apparently produced by noodles, sauces, foodmixers and hygiene products, Sabam, the Belgian collecting society, decided to put the blame where it clearly belongs - the Internet. Despite the fact that it is well known that DNS blocking does not work, despite the fact that The Pirate Bay reported an increase in traffic from Denmark when DNS blocking was proposed there, Sabam decided to waste the Belgian courts' time and Belgian taxpayers' money with a demand that thepiratebay.org and a number of related domains be blocked by the two largest Internet access providers in Belgium. The request was granted by the Court in Antwerp. A few hours after the court, in full awareness of the futility of the order, made this decision, Belgian "pirates" created depiraatbaai.be in order to circumvent the blocking order. The new domain name allows users to reach The Pirate Bay via an indirect and unblocked route. Unsurprisingly, the ridiculous ease with which the ruling was exposed as nonsense attracted a huge amount of publicity - serving both to make the law and law-makers look absurd and maximise awareness of opportunities for unauthorised access to copyrighted material online. Legitimacy of laws cannot ever be imposed by repressive measures. Legitimacy most certainly cannot be imposed by repressive measures which are comically ineffective. As long as the Internet retains the characteristics which are the basis of its success - openness and resilience - content cannot be definitively blocked. It is time to abandon measures that place creators and users in opposition to each other, time to abandon policies that serve only to illustrate the lack of understanding of the Internet by certain parts of industry and politicians and time to build a legal framework that earns respect and facilitates creation. IFPI losses 2008-2015 (20.01.2011) http://www.guardian.co.uk/technology/pda/2011/jan/20/ifpi-report-music-pirac... National debts (7.04.2011) http://www.economicshelp.org/blog/774/economics/list-of-national-debt-by-cou... European Commission IPRED implementation report (22.12.2010) http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2010:0779:FIN:EN:P... SABAM's questionable royalty claims (09.02.2011) http://www.techdirt.com/articles/20110209/04101413022/belgian-collection-soc... Sabam Video http://www.youtube.com/watch?v=HZAsa9QmQO8 (contribution by Joe McNamee - EDRi) ============================================================ 9. Recommended Action ============================================================ EDRi is Flattrable starting with this week! http://flattr.com/thing/417077/edri-on-Flattr CPDP 2011 Conference Multidisciplinary Privacy Award The award, to be presented at the annual Computers, Data Protection and Privacy (CPDP) Conference held in Brussels at the end of January 2012, will be given to the authors of the best multidisciplinary paper that describes new ideas in privacy and data protection. Eligible papers need to have been published or accepted for publication between 1 November 2010 and 31 October 2011. Deadline: 10 November 2011 http://www.cpdpconferences.org/privacyaward.html ============================================================ 10. Recommended Reading ============================================================ EPO, European Commission Renew Commitment To Unitary Patent (6.10.2011) http://www.ip-watch.org/weblog/2011/10/06/epo-european-commission-renew-comm... ============================================================ 11. Agenda ============================================================ 20-21 October 2011, Warsaw, Poland Open Government Data Camp http://opengovernmentdata.org/camp2011/ 25-28 October 2011, Berlin, Germany 1st Berlin Symposium on Internet and Society: Exploring the Digital Future http://berlinsymposium.org/ 27-29 October 2011, Barcelona, Spain Oxcars and FreeCultureForum 2011 Networks for a R-evolution http://www.2011.fcforum.net/en 31 October 2011, Mexico City, Mexico 2011 The Public Voice Civil Society Meeting http://thepublicvoice.org/events/mexicocity11/ 2-3 November 2011, Mexico City, Mexico 33rd International Conference of Data Protection and Privacy Commissioners Privacy: The Global Age http://www.privacyconference2011.org/index.php?lang=Eng 8-9 November 2011, Brussels, Belgium Hack4Transparency http://www.euhackathon.eu/ 9 November 2011, Bucharest, Romania Inet Conference: Access, Trust and Freedom: Coordinates for future Internet http://www.isoc.org/isoc/conferences/inet/11/bucharest-agenda.shtml 11-13 November 2011, Munich, Germany FIfF annual congress: Dialectics in Information Security: Colliding Interests of Anonymity, Integrity and Confidentiality http://fiff.de/2011 11-13 November 2011, Gothenburg, Sweden FSCONS is the Nordic countries' largest gathering for free culture, free software and a free society. http://fscons.org/ 24-25 November 2011, Vienna, Austria "Our Internet - Our Rights, Our Freedoms" Towards the Council of Europe Strategy on Internet Governance 2012 - 2015 http://www.coe.int/t/informationsociety/conf2011/ 25-27 January 2012, Brussels, Belgium Computers, Privacy and Data Protection 2012 http://www.cpdpconferences.org/ ============================================================ 12. About ============================================================ EDRi-gram is a biweekly newsletter about digital civil rights in Europe. Currently EDRi has 28 members based or with offices in 18 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRi-grams. All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and are visible on the EDRi website. This EDRi-gram has been published with financial support from the EU's Fundamental Rights and Citizenship Programme. Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 3.0 License. See the full text at http://creativecommons.org/licenses/by/3.0/ Newsletter editor: Bogdan Manolea <edrigram@edri.org> Information about EDRI and its members: http://www.edri.org/ European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation. http://www.edri.org/about/sponsoring http://flattr.com/thing/417077/edri-on-Flattr - EDRI-gram subscription information subscribe by e-mail To: edri-news-request@edri.org Subject: subscribe You will receive an automated e-mail asking to confirm your request. Unsubscribe by e-mail To: edri-news-request@edri.org Subject: unsubscribe - EDRI-gram in Macedonian EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edri/2.html - EDRI-gram in German EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/ - Newsletter archive Back issues are available at: http://www.edri.org/edrigram - Help Please ask <edrigram@edri.org> if you have any problems with subscribing or unsubscribing ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE