EDRI-gram newsletter - Number 4.7, 12 April 2006
EDRI-gram newsletter
edrigram at edri.org
Wed Apr 12 09:09:41 PDT 2006
============================================================
EDRI-gram
biweekly newsletter about digital civil rights in Europe
Number 4.7, 12 April 2006
============================================================
Contents
============================================================
1. Article 29 asks for safeguards on data retention
2. US wants access to retained traffic data
3. Free parental control software in France
4. Changes in the Slovenian Intelligence Agency Act
5. Lie detectors in Russian airports
6. UK teachers are spied in classrooms
7. Legal actions against file-sharers in Europe
8. Recommended reading
9. Agenda
10. About
============================================================
1. Article 29 asks for safeguards on data retention
============================================================
Article 29 Data Protection Working Party has adopted its opinion on data
retention directive as adopted by the Council on 21 February 2006, pointing
out major criticism to the adoption and to the present text agreed by the
Parliament.
The Working Party recalls its previous concerns and reservations expressed
in its last Opinion 113 of 21 October 2005 on the then draft Directive. The
decision to retain communication data for the purpose of combating serious
crime was considered as an unprecedented one that may endanger the
fundamental values and freedoms all European citizens.
The privacy experts consider of utmost importance that the Directive is
implemented and accompanied in each Member State by measures protecting
privacy. The Directive leaves room for interpretation and therefore adequate
and specific safeguards are necessary to protect the vital interests of the
individual, mainly the right to confidentiality when using publicly
available electronic communications services.
The Working Party also thinks the provisions of the Directive should be
interpreted and implemented in a harmonised way and proposes a uniform,
European-wide implementation of the Directive that would respect the highest
level possible of personal data protection. This should also be done in
order to reduce the considerable costs borne by the service providers when
complying with the Directive.
Article 29 is suggesting that the member states should implement adequate
safeguards at least on Purpose specification, Access limitation, Data
minimization, Data mining, Judicial/ independent scrutiny of authorized
access, Retention purposes of providers, System separation and Security
measures.
The data retention directive is heavily criticized also by other privacy
authorities. Peter Hustinx, the European data protection supervisor
considered the lawmakers had not protected the privacy of Europeans.
His opinion is that "The data retention directive - turned the rules
upside down. We were not very pleased with that - we still think there is
too little in terms of safeguards."
Hustinx also stated: "I believe that politicians, people - you, I, everyone
else - have to be aware of the real threats. At the same time, that is not
going to justify disproportionate solutions - it is going to hurt the
texture of trust and confidence... I think we have reached a point that more
and more people start wondering whether legislation is getting excessive and
that is a good thing. We have to build in safeguards and keep asking the
question of 'is this necessary?'"
Opinion 3/2006 on the Directive 2006/XX/EC on the retention of data
processed in connection with the provision of public electronic
communication services (25.03.2006)
http://europa.eu.int/comm/justice_home/fsj/privacy/docs/wpdocs/2006/wp119_en.
pdf
Tech must not invade privacy, says EU data protection head (7.04.2006)
http://www.silicon.com/0,39024729,39157943,00.htm
EDRI-gram : Opinion EU privacy authorities on data retention (17.11.2004)
http://www.edri.org/edrigram/number2.22/dataretention
EDRI-gram : Renewed rejection of data retention by European institutions
(5.10.2005)
http://www.edri.org/edrigram/number3.20/retention
============================================================
2. US wants access to retained traffic data
============================================================
Unites States has indicated in a recent meeting with the EU Council that it
will be interested in accessing the traffic data collected by the European
countries according with the recent Directive on Data Retention. Also the US
officials expressed concerns over the draft Framework Decision on Data
Protection.
During the EU-US informal High Level meeting on Freedom, Security and
Justice on 2-3 March 2006, in Vienna, the US officials mentioned in the
context of fighting terrorist use of Internet that they were "considering
approaching each Member State to ensure that the data collected on the basis
of the recently adopted Directive on data retention be accessible to them."
The Presidency and the Commission replied that these data were accessible
like any other data on the basis of the existing MLA agreements (bilateral
as well as EU/US agreement). The Commission would convene an expert meeting
on this subject.
During the same meeting the US officials lobbied against the provisions in
article 15 of the proposal for a framework decision on the protection of
personal data processed in the third pillar. " US side expressed serious
concerns about the negative impact that the draft Framework Decision on data
protection would have on its bilateral relations with Member States if it
was to be adopted in its present form (see in particular Article 15 of the
draft). The Presidency indicated that agreements already concluded would not
be affected by the new legislation. In addition, Member States were divided
on the need for such a provision." Article 15 refers to Transfer to
competent authorities in third countries or to international bodies.
The Proposal for a Council Framework Decision on the protection of personal
data processed in the framework of police and judicial co-operation in
criminal matters was initiated in October 2005 when a draft version was sent
to the Council. Opinions on the draft have been received from the European
Data Protection Supervisor, Conference of European Data Protection
Authorities and European member countries. A new version of the Decision,
still under discussion within the Multidisciplinary group on organised crime
(MDG) - Mixed Committee, was published by Statewatch at the end of March
2006.
The conclusions of the G6 of interior ministers of the EU call for a rapid
adoption of the framework decision on the sharing of information under the
availability principle in police and judicial cooperation in criminal
matters, i.e. without waiting for the third pillar data protection framework
decision. This would constitute a serious unbalance with regard to the
processing of personal information under the third pillar. Tony Bunyan,
Statewatch editor, commented " in other words state agencies should be
allowed to exchange information and "intelligence" without any data
protection rights for the individual being in place."
EU Council: Report of the EU-US informal High Level meeting on
Freedom, Security and Justice on 2-3 March 2006 in Vienna (27.03.2006)
http://www.statewatch.org/news/2006/apr/eu-us-jha-7618-06.pdf
Data Protection, EU doc no 6450/1/06, REV 1 (23.03.2006)
http://www.statewatch.org/news/2006/mar/eu-dp-coun-draft-pos-6450-rev1-06.pdf
EDRI-gram : Draft directive data protection in EU police co-operation
(21.09.2005)
http://www.edri.org/edrigram/number3.19/dataprotection
Conclusions of the Meeting of the Interior Ministers of France, Germany,
Italy, Poland, Spain and the United Kingdom, Heiligendamm (23.03.2006)
http://www.statewatch.org/news/2006/mar/06eu-interior-minister-conclusions.ht
m
============================================================
3. Free parental control software in France
============================================================
As a result of the agreement signed between the French ISPs and the Ministry
of the Family on 16 November 2005, starting with 1 April 2006, most of the
ISPs started providing a free of charge parental control software to their
subscribers.
The agreement signed between ISPs and the French authorities has followed
strong protests relayed in the media, after EDRi-member IRIS unveiled in
September 2005 the intention of the government to impose by law "by default"
filtering by ISPs for the purpose of parental control. After this, the
intentions of the government have been downsized excluding " by default"
parental control installed by the ISP. The current agreement still raises
many concerns, especially since no real information is provided on the
software and its criteria.
Starting with 1 April 2006 new subscribers will have the software included
in the connection kit with a window opening automatically on the software.
Previous complaints addressed the lack of simple access to such kind of
software as well as to their insufficient efficiency.
For the old subscribers, the ISPs will develop an information campaign
through e-mails, newsletters and on their home pages and those interested
will be able to get the software from their access provider's site.
Several providers are already in the position to provide the software while
others are on the point of perfecting their parental control system.
Providers like AOL, already advanced in this direction, can ensure various
profiles according the child's age, with semantic filtering, more efficient
than the URL filtering systems. Other providers like Wanadoo are clearly
asking any new subscriber, when installing the connection kit, whether the
filtering software should be installed or not.
As regards to the software it seems that many ISPs are using the one
developed (and updated with lists) by a Spanish company, Optenet.
This company has signed a contract with the French Ministry of Education
last April.
Meryem Marzouki from EDRi-member IRIS notes that "very little information is
provided to the user about who chooses the predefined white and black lists,
according to which criteria etc. Also, no information is provided on the
"plain language" analysis of websites, which are neither on white lists nor
on black lists. "
The ISPs filter more the Internet (in French only, 4.04.2006)
http://www.01net.com/editorial/311150/securite/les-fai-filtrent-plus-net/
Mandatory and free of charge parental control on the Internet (in French
only, 16.11.2005)
http://www.01net.com/article/295101.html
Automatic filtering of contents : the moral order toughens (in French only,
16.09.2005)
http://www.iris.sgdg.org/info-debat/comm-filtrage0905.html
============================================================
4. Changes in the Slovenian Intelligence Agency Act
============================================================
The proposed changes of Slovenian Intelligence Agency Act (ZSOVA) raised
questions about its unconstitutionality. The government would like to
exclude the current 6-month limitation for use of special operative methods,
e.g. mail monitoring, recording of telephone conversations etc. The
Government invoked cooperation with EU and NATO in the fight against
terrorism as the reason for the proposed changes.
There are two main changes being proposed. According to the first one, the
competence to ordain measures that invade individual's information privacy
would be transferred from the president of Ljubljana Circuit Court to the
president of the Slovenian Supreme Court. Legal experts find this solution
better, but still not optimal, as the decision-making is still in the hands
of one single person. A panel of 3 Supreme Court judges would be a better
option.
The second and most important change is the exclusion of the current 6-month
limitation for the concentrated and continuous monitoring of
telecommunications. If the proposed changes pass through the Parliament, the
Slovenian Intelligence agency (SOVA) will theoretically be able to perform
surveillance over individual's communications for months, years or even
decades.
Under the current legislation, SOVA may monitor written correspondence and
record telephone conversations (of individuals that may pose a threat for
national security) for the maximum period of 3 months. Exceptionally, the
duration of surveillance may be extended for a month each time, but the
total duration must not exceed 6 months. According to the proposed changes
to the Slovenian Intelligence Agency Act, the President of Slovenian Supreme
Court would be authorised to extend the duration of measures for another 3
months each time, without any limitation of total duration.
According to Goran Klemencic from the Faculty of Criminal Justice and
Security, the proposed change violates article 37 of the Slovenian
Constitution, which says that encroachment upon individual's right to
privacy of correspondence and other means of communication may "be suspended
for a period of time where it is so necessary for criminal proceedings or
national security." Besides, Klemencic says that such a solution would also
be disproportionate (regardless of court warrant), as "it cannot be
admissible that law enables unlimited concentrated surveillance of an
individual".
This act broadens the power of the Slovenian Military Intelligence Agency,
as well.
The government wants the Parliament to discuss and pass the proposed changes
using the quick procedure option, where the possibilities for extending
discussions and filing amendments are vastly reduced.
Longer time of secret surveillance? (only in Slovenian, 14.03.2006)
http://www.privacyblog.net/index.php?p=151
Changes to Slovenian Intelligence Agency Act - Will SOVA be able to perform
continuous eavesdropping (only in Slovenian, 16.03.2006)
http://www.slo-tech.com/script/forum/izpisitemo.php?threadID=211601#neprebran
o
Contestable Slovenian Intelligence Agency Act (only in Slovenian,
14.03.2006)
http://24ur.com/bin/article.php?article_id=3070870
(Contribution by Aljaz Marn, EDRI observer, privacyblog.net, Slovenia)
============================================================
5. Lie detectors in Russian airports
============================================================
Lie detectors will be used in Russian airports as part of the security
measures starting with July 2006.
Meant to identify terrorists or other types of criminals, a lie-detecting
device developed in Israel, known as "truth verifier," will be first
introduced in Moscow's Domodedovo airport as early as July. The technology,
already used by UK insurance companies, is said to be able to detect answers
coming from imagination or memory.
The passengers will use a handset to answer four questions right after the
X-ray check of luggage and shoes and in the beginning, only the suspicious
passengers will take the test. Those failing the test will be further on
interrogated in a separate cubicle as Vladimir Kornilov, the IT director for
East Line, said.
Eventually the procedure will be used for all passengers. Officials state
that the process should not exceed a minute per passenger.
Airline passengers face lie detector tests (6.04.2006)
http://www.telegraph.co.uk/news/main.jhtml?xml=/news/2006/04/06/wlie06.xml
============================================================
6. UK teachers are spied in classrooms
============================================================
Teachers protest against the installation of 50 CCTV systems with
microphones in UK schools, used as surveillance measures by the school
management.
While observation in class was supposed to help teachers in improving their
performances, the headmasters, who have also used two-way mirrors to survey
the teachers, grade them according to the way they perform in class under
observation.
TES (The Times Educational Supplement) reported on 7 April that teachers
were being "observed to death" and that surveillance was being used more
like a punishment. Observed lessons are often graded on a scale of
outstanding to poor.
The National Association of Schoolmasters Union of Women Teachers (NASUWT),
the largest teachers' union in UK, has proposed a conference motion to use
"all means necessary" to stop the "yet another example of management
bullying". NASUWT survey has found out that one in five teachers was
observed more than six times last year. The union also expressed
disagreement on the short notice given to some teachers on the installation
of surveillance devices.
Mary Bousted, general secretary of the Association of Teachers and Lecturers
(ATL), said she had met an Oxford graduate having quitted teaching after
only a year for having been officially observed at least once every
three weeks,".
Heads spy on teachers (10.04.2006)
http://www.theregister.co.uk/2006/04/10/cctv_teachers/
Teachers revolt against spy in the classroom (7.04.2006)
http://www.tes.co.uk/2216214
============================================================
7. Legal actions against file-sharers in Europe
============================================================
About 2000 new legal actions are taken in 10 countries by the International
Federation of Phonographic Industry (IFPI) against file-sharers amounting
now to a total number of 5500 cases outside US.
IFPI persists in its actions against uploaders, stating it targets
persistent file-sharers, who typically upload thousands of music files.
"The campaign started in major music markets where sales were falling
sharply; now these legal actions have spread to smaller markets." said John
Kennedy, the chairman and chief executive of IFPI.
In UK only, where the music industry states a loss of over #1.1bn over the
last three years, there are 153 ongoing cases. The first cases have occurred
in Portugal as well where the IFPI states sales of tradition al music
formats have fallen by 40% in the last four years.
Geoff Taylor, IFPI general counsel and executive vice president said the
action was aimed at uploaders, but downloaders had to be reminded that their
actions were also illegal and also predicted that the copyright owners would
go after ISPs as well as users.
The IFPI is also keen in warning parents that they are responsible for their
children's online activities. As an example, last year Sylvia Price was
fined #2,500 after her 14-year-old daughter was accused of sharing music on
the internet.
If the IFPI wins the cases, the defendants could end up paying several
thousand euros. On average, those settling with the IFPI pay around
2,633 euros. Although the industry says that these cases are helping to win
the war on illegal file-sharers and are encouraging people to use legal
services, a report suggests that illegal downloads keep growing in spite of
the legal risks.
IFPI bases its actions on a report made by Jupiter Research stating 35%
illegal file-sharers have reduced and even stopped while only 14% of them
increased their activity and the legal actions were the main reasons for
those who stopped their illegal music consumption.
However, XTN data, a research firm, suggested in its report that fear of
legal action was the least effective in encouraging people to use commercial
services and that more efficient measures would be cheaper prices, the
removal of digital rights management (DRM), and more user-friendly services.
"Clunky software, difficulty in finding tracks and over zealous protection
limiting where customers can play music they've bought are continuing to
fuel file-sharing," said Greig Harper, founder of XTN Data.
He also said: "We're the only big, anonymous UK survey - I'd be surprised if
people were so honest to an organisation interested in suing them. There are
probably seven million people in the UK file sharing to some extent, even if
it's just picking up a track once a month, so legal action against so many
people isn't really a realistic option."
File-sharers face legal onslaught (4.04.2006)
http://news.bbc.co.uk/2/hi/technology/4875142.stm
2000 cases against the P2P-ers (in French only, 5.04.2006)
http://www.ratiatum.com/news3002_2000_plaintes_contre_des_P2Pistes.html
U.K. music biz vexed by file sharing (4.04.2006)
http://news.com.com/2100-1025_3-6057571.html
Thousands more file sharers sued (4.04.2006)
http://www.theregister.co.uk/2006/04/04/ifpi_sues_more_people/
============================================================
8. Recommended reading
============================================================
Racism, Racial Discrimination, Xenophobia and all forms of Discrimination:
Comprehensive Implementation of and follow-up to the Durban Declaration and
Programme of Action - Report of the Intergovernmental Working Group on the
effective implementation of the Durban Declaration and Programme of Action
on its fourth session.
The report contains the all presentations, discussions, conclusions from the
Chair and final recommendations from the High Level Seminar on Racism and
the Internet that took place during 16-17 January 2006.
Full report (20.03.2006)
http://www.ohchr.org/english/bodies/chr/docs/62chr/E.CN.4.2006.18.pdf
EDRI-gram : Combating Racism on Internet
http://www.edri.org/edrigram/number4.2/internetracism
============================================================
9. Agenda
============================================================
12 April 2006, Dublin, Ireland
Royal Irish Academy
"Enabling Open Access to Scientific Data and Information within the Modern
Knowledge Economy; the Case for a Scientific Commons"
http://www.codataweb.org/codata-ria/
15 April 2006,
Deadline funding applications Civil rights organisations and
initiatives are invited to send funding applications to the German
foundation 'Bridge - B|rgerrechte in der digitalen Gesellschaft'. A total of
15 000 euro is available for applications that promote civil rights in the
digitised society.
http://www.stiftung-bridge.de
21-23 April 2006, Yale Law School, USA
Access to Knowledge Conference
Yale Information Society Project
http://islandia.law.yale.edu/isp/a2kconfmain.html
27-28 April 2006, Washington, USA
IP Disputes of the Future - TACD
This conference will ask what will be the IP disputes in new fields of
technology, and how advances in biotechnology and information technologies
will change the nature of IP disputes.
http://www.tacd.org/docs/?id=287
30 April - 2 May 2006, Hamburg, Germany
LSPI Conference 2006 The First International Conference on Legal, Security
and Privacy Issues in IT
http://www.kierkegaard.co.uk/
2-5 May 2006, Washington, USA
CFP2006
The Sixteenth Conference on Computers, Freedom & Privacy
http://www.cfp2006.org
3-6 May 2006, Wiesbaden, Germany
LinuxTag - Europe's biggest fair and congress around free software
http://www.linuxtag.org
10 May - 23 July 2006, Austria
Annual decentralized community event around free software lectures, panel
discussions, workshops, fairs and socialising
http://www.linuxwochen.at
19 - 23 May 2006, Geneva, Switzerland
A new round of consultations on the convening of the Internet Governance
Forum will be held at the United Nations in Geneva on 19 May. The
consultations will be followed by a meeting of the IGF Advisory Group on
22 - 23 May 2006.
http://www.intgovforum.org
19-20 May 2006, Florence, Italy
E-privacy 2006
Trusted Computing, Data retention: privacy between new technologies and new
laws.
The central theme of this year's edition is data retention, but several
interventions on other relevant aspects of privacy protection are planned,
including Trusted Computing and the new issues raised by the draft reform of
Italian Criminal Law, with specific reference to Cybercrime.
http://e-privacy.firenze.linux.it
20 May 2006, Florence, Italy
Big Brother Award Italia 2006
Nominations accepted until 21 April 2006
http://bba.winstonsmith.info
21 June 2006, Luxembourg
Safer Internet Forum 2006 Focus on two topics: "Children's use of new media"
and "Blocking access to illegal content: child sexual abuse images"
http://europa.eu.int/information_society/activities/sip/si_forum/forum...
26-27 June 2006, Berlin, Germany
The Rising Power of Search-Engines on the Internet: Impacts on Users, Media
Policy, and Media Business
http://www.uni-leipzig.de/journalistik/suma/home_e.html
16 - 28 July 2006, Oxford, UK
Annenberg/Oxford Summer Institute: Global Media Policy: Technology and New
Themes in Media Regulation Application
deadline 1 May 2006.
http://www.pgcs.asc.upenn.edu/events/ox06/index.php
2-4 August 2006, Bregenz, Austria
2nd International Workshop on Electronic Voting 2006 Students may apply for
funds to attend the workshop until 30 June 2006.
http://www.e-voting.cc/stories/1246056/
===========================================================
10. About
===========================================================
EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 21 members from 14 European countries and 5 observers
from 5 more countries (Italy, Ireland, Poland, Portugal and Slovenia).
European Digital Rights takes an active interest in developments in the EU
accession countries and wants to share knowledge and awareness through the
EDRI-grams. All contributions, suggestions for content, corrections or
agenda-tips are most welcome. Errors are corrected as soon as possible and
visibly on the EDRI website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 2.0 License. See the full text at
http://creativecommons.org/licenses/by/2.0/
Newsletter editor: Bogdan Manolea <edrigram at edri.org>
Information about EDRI and its members:
http://www.edri.org/
- EDRI-gram subscription information
subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe
- EDRI-gram in Macedonian
EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/index.php?option=com_content&task=view&id=626
&Itemid=4&lang=mk
- Newsletter archive
Back issues are available at:
http://www.edri.org/edrigram
- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or
unsubscribing.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
More information about the cypherpunks-legacy
mailing list