EDRI-gram newsletter - Number 5.3, 14 February 2007

EDRI-gram newsletter edrigram at edri.org
Wed Feb 14 11:05:39 PST 2007



biweekly newsletter about digital civil rights in Europe

    Number 5.3, 14 February 2007


1. Online police searches found illegal in Germany
2. MEPs support again the rules on defamation in Rome II
3. The ORG and FIPR week of e-voting events
4. Towards a committee for French on-line services regulation ?
5. European Central Bank found accountable in the SWIFT case
6. Belgium court backs decision against Google
7. European institutions try to impose a stronger position in the PNR debate
8. Bulgaria fails to protect citizen's personal data
9. House of Lords produces report against the AVMS directive
10. French Court decides on the sequel of Les Miserables
11. Recommended reading
12. Agenda
13. About

1. Online police searches found illegal in Germany
The German Federal Supreme Court (BGH) in Karlsruhe ruled, on 5 February,
that, according to the German Code of Criminal Procedure (StPO), online
police snooping was illegal.

As the court argued, StPO had no provisions to allow the authorities to
perform online snooping, the code allowing only overt searches.

Magistrate Ulrich Hebenstreit had already ruled against house searches
arguing that such searches had to take place in the presence of the person
affected. He emphasized that the data stored on computers could often be
confidential and compared online spying measures to electronic

The Protection of the Constitution Act on the German federal state of North
Rhine-Westphalia has recently included a provision that allows online PC
searches against which a complaint of unconstitutionality is presently being

Consequently, Federal Minister of the Interior Wolfgang Schduble, is now
asking the legislators to create a legal basis for the criminal prosecutors
to perform online searches ,that he considers indispensable.

Jvrg Crozier, President of the German Criminal Police Office, asked also for
new legislation to support these actions and stated "We have to be able to
keep up with new technologies when unscrupulous criminals hide on the
Internet, where they can plan their attacks and prepare their criminal

At the same time, he wanted to assure the German citizens that they
shouldn't worry about the Government monitoring them in a way that would
violate their rights. "These measures will not even affect 99.9 percent of
the population."

Ziercke stated that the Internet was playing a major part in the war against
terrorism, child pornography, neo-Nazi propaganda and other types of crimes
but can also play an important role in committing those crimes.
"The Internet is the criminal platform of the future. In fact, it is the
criminal platform of today."

On the other hand, Burkhard Hirsch, the former vice president of the lower
chamber of Germany's Federal Parliament and a member of the opposition Free
Democratic Party (FDP), considers online search by the police of a PC
as "worse than a major eavesdropping operation." He declared to the German
newsmagazine DerSpiegel that spying a computer through the Internet is
a "more brutal form of intrusion" than previous criminal investigation

Surreptitious online searches of PCs are illegal (6.02.2007)

German criminology czar believes that online searches
are urgently needed (7.02.2007)

Germany outlaws secret police snooping (6.02.2007)

EDRI-gram: Proposal of computers online searching in Germany (20.12.2006)

2. MEPs support again the rules on defamation in Rome II

The European Parliament has voted in its second reading on the Rome II
Regulation to reintroduce the rules regarding the defamation by media or
publications via the Internet and other electronic networks. The Rome II
regulation is establishing the rules on the applicable law to
non-contractual obligations.
The member states and media organizations wanted a simple formula to be
introduced and not to apply the general principle - the applicable law to be
that of the country in which the defamed person lives. That would
practically mean that every media company would have to know the privacy and
defamation laws of every European country.

At the first reading in July 2005, MEPs had approved a compromise amendment
that regulated the violation of privacy by a printed or audiovisual media.
The Council decided to delete this provision from its Common Position. In
the vote in plenary, MEPs decided to reintroduce the same rules, as adopted
at the first reading.

The Parliament's amendment suggests that in the case of print or broadcast
media the law which should apply in disputes is the law of the country to
which the publication or broadcast is most directed. That must be determined
in particular by the language of the publication or broadcast or by sales or
audience size in a given country as a proportion of total sales or audience
size or by a combination of those factors. If that is not an easy fact to
determine, the relevant law will be the one of the country where editorial
control is exercised. This provision will apply also to publications via the
Internet and other electronic networks. Regarding the right to reply, the
applicable law should be the law of the country in which the publisher or
broadcaster has its habitual residence.

Strong disagreemnts between the Council and the Parliament still exist
especially on the defamantion rules. According to Commission Vice-President
Franco Frattini, who spoke before the vote, on the approved rules on
defamation, "there is no way they will get through" in the Council.

MEP Diana Wallis stated her satisfaction on the result of the vote, but also
warned: "We may not have reached the end of the story of Rome II; by again
passing these amendments there will almost certainly have to be a
conciliation process to iron out the final difficulties between the European
law-making institutions."

The text adopted by the Parliament should go now through the conciliation
procedure, where Member States and MEPs, equally represented, will have to
debate further to find a compromise and approve the Regulation.

Rome II: MEPs reintroduce rules on defamation (18.01.2006)

European Parliament stands firm on cross-border defamation law(2.02.2007)

EDRI-gram: Rome II: Applicable law and freedom of expression (29.06.2005)

EP Legislative Observatory Rome II file

3. The ORG and FIPR week of e-voting events

Last week there were three e-voting events hosted in London by EDRI members,
the Open Rights Group (ORG) and the Foundation for Information Policy
Research (FIPR).

On 6 February guests saw a screening of the documentary film
"Hacking Democracy" which reveals in detail the failings of e-voting and
e-counting systems in the United States.

After the film a lively panel, chaired by ORG's e-voting co-ordinator Jason
Kitcat, discussed the film's implications particularly given e-voting pilots
planned in the UK for May 2007. On the panel were John Pugh MP (Liberal
Democrat); Russell Michaels, one of the film's co-directors and Dr Rebecca
Mercuri, an e-voting expert from the United States.

On 8 February there were two events which gathered, for the first time, a
wide array of e-voting experts and activists from around the world. In the
afternoon the European e-Voting Activism Workshop was started with a keynote
by Harri Hursti, a Finnish security expert who has demonstrated a number of
major security flaws in US election systems. Mr Hursti discussed how he
compromised an optical counting system to provide the finale for "Hacking
Democracy". He also shared his views on the wide variety of ways in which
e-voting and e-counting systems are vulnerable to fraud and error.

Subsequently experts from Belgium, France, Germany, Ireland, The Netherlands
and the United States presented the problems they were experiencing with the
introduction of e-voting in their countries. Attendees were struck by the
strong  similarities between all the presentations:

- Governments would, with extremely weak standards in place, contract the
running and monitoring of elections to private companies;
- These companies would do minimal testing and withhold the results of those
- Problems and possible indications of fraud would arise during and after
elections. Further investigation would be impossible due to failings in the
technology and/or due to obstruction by vendors and government.

After the workshop's broad overview of e-voting, the evening event
"e-Voting: A challenge to democracy?" provided time for more detailed

Margaret McGaley, the founder of Irish Citizens for Trustworthy e-Voting,
reported on the thus-far abortive attempts to introduce e-voting machines to
the Republic of Ireland. She noted that early in the process experts had
offered advice but weren't listened to. After pushing on at great expense
the Irish government were forced to create an Independent Commission on
Electronic Voting which found serious flaws in the Nedap voting machines and
software purchased.

Dr Anne-Marie Oostveen, a founder of the Dutch "We don't trust voting
computers" foundation, reported how in the Netherlands the government
position went from 'trust us' to uncertainty. "We don't trust voting
computers" demonstrated on national TV several important hacks on the Nedap
machines used in the majority of Dutch municipalities. The result was the
withdrawal of SDU machines from elections and the creation of an independent
commission to examine the voting process.

Colm MacCarthaigh, a founding member of Irish Citizens for Trustworthy
e-voting, now following the Dutch situation since it has become resident in
The Netherlands, tied together the Dutch and Irish stories. He commented on
how the Irish independent commission's report had provided information on
the Nedap machines which had helped the Dutch activists find flaws more
quickly. The successful Dutch hacks, in their turn, helped apply more
pressure on the Irish government.

Dr Rebecca Mercuri presented the latest developments concerning voting
technology in the United States. She noted how vendors, when forced to
create voter-verified paper audit trails, had created unreliable, barely
usable systems which had created new problems of their own. In place of
e-voting machines Ms Mercuri advocated the use of paper ballots, perhaps
optically or barcode scanned. To conclude Ms Mercuri argued that Internet
voting, as proposed for the UK's 2007 pilots, was an inherently flawed
technology that should not be pursued.

One question which kept being asked after every one of our events was, why
are governments pushing so hard for e-voting technology when the problems
are so evident? We just don't understand it.

The events ended with the activists resolved to meet more often and
collaborate through a newly formed umbrella grouping, 'Europeans for
Verifiable Elections'. The Open Rights Group will continue its campaign
against e-voting in the UK and our sister organisations will carry on their
work across Europe.

Audio, video and slides from the events will be available soon

Europeans for Verifiable Elections

(Contribution by Jason Kitcat - EDRI-member Open Rights Group)

4. Towards a committee for French on-line services regulation ?

French Internet regulation history seems to repeat itself, as shows a
recently unveiled administrative decree project, which aims at
creating a "National Commission for the deontology of on-line public
communication services".

The Commission would be in charge of elaborating "deontological
recommendations" towards professional on- line communication services,
including fixed and mobile telecom operators, ISPs, publishing and
distributing services. The Commission would also be in charge of attributing
"quality labels" to these services.

However, these recommendations would also indirectly apply
to the users of these services, through subscribing contractual
clauses, especially since a "quality label" may be withdrawn by the
Commission when it is found that "deontological recommendations" are not
respected. The Commission should include of 23 members nominated by the
French Prime minister for 5 years. Besides representatives of different
ministries, one magistrate and one member of the French Conseil d'Etat, the
Commission should include 14 members representing both - and in parity -
online communication services users and professionals.

French digital rights organizations have soon denounced this new
attempt of censorship. EDRI member IRIS notes that this proposal
sounds very similar to the first attempt of Internet regulation in
France in... 1996, through what was popularly called the "Fillon
Amendment" to the Telecom law. This amendment was found
unconstitutional in July 1996, and then its major provisions were
censored since, according to article 34 of the Constitution,
fundamental freedoms may only be limited by the legislator, while in
this case there were no specified binding principles for recommendations
to be made by an administrative Commission, with strong impact on
freedom of expression.

IRIS reminds that these arguments from the Constitutional council examining
the 1996 law still apply and may well be reused against a 2007
administrative decree before the competent jurisdiction.

Draft of administrative decree (in French only, 07.02.2007)

Polemics on the regulation of French Internet  (in French only, 09.02.2007)

APRIL Press release - Internet Regulation : always the good old
methods...(in French only, 12.02.2007)

IRIS Press release - + Fillon Amendment ; 2.0 : help, the public expression
+deontology ; returns ! (in French only, 14.02.2007)

(Contribution by Meryem Marzouki, EDRI-member IRIS - France)

5. European Central Bank found accountable in the SWIFT case

On 1 February, Peter Hustinx, the European Data Protection Supervisor (EDPS)
gave his opinion on the role of the European Central Bank (ECB) in the SWIFT
case, considering the bank as accountable along with SWIFT for failing
compliance with the European privacy laws in the secret US investigation
into terrorist finances.

By using SWIFT's services in its own payment operations, the ECB has become
a joint controller being thus co-responsible in ensuring compliance with
data protection rules, meaning observing the purpose limitation principle,
informing to data subjects, and ensuring guarantees at the transfer of
personal data to third countries.

"Just as other banks, the ECB can not escape some responsibilities in the
SWIFT case which has breached the trust and private lives of many millions
of people. Secret, routine and massive access of third country authorities
to banking data is unacceptable. The financial community should therefore
provide payment systems which do not violate European data protection laws"
affirmed Hustinx in a written statement. He gave the ECB until April to
demonstrate that it complies with data protection laws.

However, the ECB does not admit any responsibility in the matter considering
data protection was not its concern but financial stability was. It also
considers the legislators should have given clearer guidance.

"The monitoring of SWIFT activities that do not affect financial stability
is not a matter for central bank oversight and, therefore, the US Treasury
subpoenas of SWIFT were outside the purview of central bank oversight. The
Oversight Group has no authority to oversee SWIFT with regard to compliance
with data protection laws," was ECB statement.

The bank said it would notify the organisations for whom it conducts
transactions and ask for their consent before sharing their data. It also
appreciated the initative of the EU and US data protection authorities,
intelligence agencies and financial regulators to find a way to properly
monitor international organisations like SWIFT.

The EDPS also addressed the ECB asking them to transfer data to third
parties only when they can guarantee the privacy protection of the owners of
the data transferred. The punitive actions that Hustinx could take against
ECB are limited. As SWIFT has no credible alternative, asking the ECB to
stop using their services would not be a reasonable measure.

EDPS calls on ECB to ensure that European payment systems comply with data
protection law - Press release (1.02.2007)

ECB blamed (again) for SWIFT privacy debacle (1.02.2007)

Hands off our bank data, Europe tells US (23.11.2006)

EDRI-gram: SWIFT found in breach of Belgian laws (11.10.2006)

6. Belgium court backs decision against Google

In the case brought by Copiepresse, a trade group representing 17 Belgium
newspapers, against Google for publishing links to newspaper articles
without permission, the Brussels Tribunal upheld its previous decision and
ruled that Google violated the copyright law.

Google was ordered to remove Belgian newspaper content from its search
engine results. The search engine is no longer allowed to refer to articles,
pictures or drawings of Copiepress members without previous agreements that
are to be negociated, non-compliance being fined by 25 000 Euros per day.

The ruling also says that  any other copyright holder could get in touch
with Google and notify its copyright infringement. In this case Google has
to remove the content within 24 hours or pay a 1 000 euros a day fine.

Google will appeal the judgment as it considers that making reference to a
page is no violation of the law and is actually in favour of the Belgian
newspapers by sending Internet users to their websites.

"Search tools such as Google Web Search and Google News are of real benefit
to publishers because they drive valuable traffic to their websites and
connect them to a wider global audience," said the Google spokeswoman.

Some Belgian journalists have also considered that the court ruling will
lead to newspapers loosing readers as the traditional print newspapers are
in decline.

"We want more readers, not less readers. Belgian newspapers will not make
the internet work by trying to stand against the tide of global change,"
said a journalist.

The Belgium press plays at who gains looses with Google (Only in

Google must respect copyright (Only in French 13.02.2007)

Google to pay #2.4m over 'copyright breach' (13.02.2007)

Google will appeal Copiepresse decision (13.02.2007)

Belgian Court Decision (13.02.2007)

EDRI-gram : Belgium says no to Google News (26.09.2006)

7. European institutions try to impose a stronger position in the PNR debate
The European Parliament intends to strengthen its opposition to the US
demands related to the transfer of European air passenger data (PNR).

Following the debate that took place on 31 January 2007 in the European
Parliament, the vote on the position that EU should have concerning the new
PNR agreement to be signed with USA on 31 July 2007 was delayed.

The end of the temporary agreement with the US gets closer and the US
maintain their threat to fine non-compliant airlines and deny them the
landing rights in the US. The American authorities already indicated that
they had no intention of changing the terms of the agreement to a better
data protection and privacy standards.

The Commission and the Council of Ministers have come to join the EP in its
position to this matter and they are very likely to ask for a shorter list
of data categories and the limitation of the access to these data only to US
immigration officers.

Very strong positions were expressed during the session by Guenther Gloser,
Germany's deputy foreign minister and the European commissioner in charge of
justice and home affairs issues, Franco Frattini.

"There is therefore the need to negotiate a very solid and stable legal
framework which will enable the exchange of PNR data with the United States
with full respect of data protection and privacy rights." said Frattini.

He expressed his concern related to the U.S. Automated Targeting System,
system by means of which millions of people have been assessed since 2002,
information made public only recently. The system is considered illegal even
in US by the Congress and some privacy advocates.

The Commissioner also added: "I have said on a number of occasions that the
right to privacy is for me non-negotiable. It has to be respected, fully and
completely. Legal certainty is also an important element for air-carriers.
It must be taken into account, as it has been from the very beginning. ..the
Commission is committed to continuing to give due consideration to privacy
on the one hand and legal security on the other, as they form key principles
of this file, without forgetting the importance of preventing and fighting
terrorism and related transnational crimes."

He also stressed the fact that the negotiations would be very challenging
requiring imagination and effort both from EU institutions as well as from
the US "in order to reach a very robust, solid solution."

In the absence of an agreement, the airlines will be placed in a very
delicate situation between being fined by US for failing to provide the data
or sued for non-complying with European data protection laws in case they do

New developments in this matter will probably occur during this week's EP

Data transfer to US: MEPs raise pressure (1.02.2007)

Europe preps for battle with U.S. over traveller data (1.02.2007)

European Parliament: Joint debate on a new agreement on Passenger Name
Records (PNR) and on SWIFT data (31.01.2007)

EDRI-gram : EU-US PNR agreement formally adopted by the EU Council

8. Bulgaria fails to protect citizen's personal data

A recent report made public by the Bulgarian National Audit Office about the
activity of the Commission for Personal Data Protection (CPDP) in Bulgaria
in the period 1 January 2003 - 31 December 2005 shows that CPDP has failed
in achieving its main purpose - to protect the citizen's personal data.

Parts of the National Audit Office report have been translated by Bulgarian
NGO Access to Information Programme and published on Statewatch. According
to the report, the CDPD has spent approx. 1.35 million Euro for its
activities, but has completed only 17 investigations at citizens'
complaints. The Commission has failed in creating the mandatory registry of
personal data processors and hasn't imposed any sanction so far.

Moreover, there is no policy in place, strategy or established goals for the
personal data protection field. The National Audit Office has considered
that CPDP did not function as a permanent working body since the main part
of its staff has predominantly maintained working relations with other

The report noted that no legal provisions regulates the registration
procedure, and the CPDP had not adopted written rules, procedures and
methodology for exercising control over the activities of the
administrators. The objects of control, the types of control activities and
their scope are not explicitly defined, the powers of the controllers are
defined vaguely and incompletely.

The flaws of the present data protection legislation and its implementation
have been highlighted by Access to Information Programme. The insufficient
protection of personal data in Bulgaria was criticized in the European
Commission monitoring reports in the pre-accession process, as well.

Bulgaria: The Commission for Personal Data Protection in Bulgaria has done
little for the protection of personal data - 1.35 million. Euro were spent
instead (01.02.2007)

Audit Report of the CDPD (only in Bulgarian, 30.01.2007)

Access to Information Programme - Bulgaria

9. House of Lords produces report against the AVMS directive
A report of the Lords European Union Committee offered new reasons to oppose
the Commission's draft Audiovisual Media Services Directive (AVMS),
successor of the Television Without Frontiers Directive, that will extend
television regulation to some Internet video services.

The Directive was approved in its first reading by the Parliament in
December 2006 and should be backed now by the Council of Ministers.

The Directive, as it is now drafted, applies only to commercial TV-like
services, but concerns still exist on the vagueness of what this would cover
and the fear that the regulation might be wrongly applied to other content
such as that of blogs.

Lord Freeman, chairman of the Lords European Union Committee stated: "Such
an attempt risks damaging the new media industry, which is a vibrant and
important sector of the UK's economy."

The report warned that the Directive might cause production companies
outside of the EU to try and escape the regulation, considering UK would be
one of the main victims of this action.

The Lords committee considers that EU as regulator should not help to
preserve the dominance of the players already established on the market and
does not see the necessity to introduce "quantitative restrictions on
advertising in a market which is now clearly open to competition".

"We are concerned that the identification of some of media services as
'television-like', may lead some to conclude that eventually 'like services'
should be regulated in a 'like-manner', i.e. a perfectly 'level playing
field'," said the report. "If these services are to be included at all we
agree that they must be regulated differently, but the wording and
definitions in the latest versions of the text may encourage the idea that
they can and should be regulated in the same way as television. We would
consider such a move now or in the future to be a grave error."

The EU presidency, presently hold by Germany, expressed its wish to finalise
the Directive by June 2007. The new act should be implemented within 2 years
into the national legislations of the member countries.

Television Without Frontiers - Report with Evidence - House of Lords -
European Union Committee, 3rd Report of Session 2006-07 (23.01.2007)

Lords oppose new media Directive (8.02.2007)

EDRI-gram: New Audiovisual Directive: First Reading in EU Parliament
completed (20.12.2006)

EP Legislative Observatory AVMS Directive file

10. French Court decides on the sequel of Les Miserables

The French Cour de Cassation (the highest Appeal Court in France) has taken
a decision regarding a sequel of the famous French book Les Miserables,
that was contested by one of the descendants of Victor Hugo. The Court
has refused to ban the appearance of the sequel and has taken into
consideration the right of adaptation and not just the moral right of
integrity. However, the procedure is not over yet.

The case started six years ago when the great-great-grandson of Victor
Hugo, Pierre Hugo, considered that two books published and marketed by Plon
publisher as the sequels of the famous "Les Miserables" were breaching
the moral rights of the author.

Victor Hugo's masterpiece is in the public domain, but, under the French
law, the moral rights of the author are considered timeless and are passed
on to descendants.

The Court of Appeal decided in March 2004 that Hugo's heirs were right in
their demands and condemned Plan in paying a symbolic 1 Euro as damages.
The Appeal Court considered that no sequel could be made on such a
masterpiece as Les Miserables, without breaching the moral right of the
author, that thought that his work was complete. However, Plon appealed the
decision to the Cour de Cassation.

The Cour de Cassation has reached a different conclusion. It considered that
a sequel of a work is mainly related with the right of adaptation, which is
one of the limited rights of the author (seventy years after its
death) contrary to the moral rights that are timeless. Since the work is in
the public domain, anyone has the right to write a sequel of that work. A
different opinion would mean the extension of this limited right and a
violation if the freedom to create new works. Therefore the mere writing of
a sequel could not be considered a breach of the moral rights of a work,
irrespective of the work quality.

Consequently, the case was sent back to the Court of Appeal, where
different judges should consider if the twobooks are really infringing the
moral rights of the author.

Les Misirables, sequel or end ? (only in French, 2.02.2007)

Heir of Victor Hugo fails to stop Les Mis II (31.01.2007)

11. Recommended reading

Data Protection Working Party - Opinion 1/2007 on the Green Paper on
Detection Technologies in the Work of Law Enforcement, Customs and other
Security Authorities

12. Agenda

15-16 February 2007, Brussels, Belgium
Scientific Publishing in the European Research Area
Access, Dissemination and Preservation in the Digital Age

19-23 February 2007, Geneva, Switzerland
Provisional Committee on Proposals Related to a WIPO Development Agenda:
Third Session

18-20 February 2007, Salamanca, Spain
International Association for Development of the
Information Society Web Based Communities 2007 Conference

22 February 2007, Amsterdam, Netherlands
The Future of Ambient Intelligence

13-14 March 2007 Brussels, Belgium
The EU RFID Forum 2007

16 March 2007, Hannover, Germany
European Commission conference on Mobile TV at CeBIT

1-4 May 2007, Montreal, Canada
7th Conference on Computers, Freedom, and Privacy (CFP2007)

18-19 May 2007, Brasov, Romania
eLiberatica - The Benefits of Open and Free Technologies - Romanian IT Open
Source and Free Software Conference

13. About
EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 25 members from 16 European countries.
European Digital Rights takes an active interest in developments in the EU
accession countries and wants to share knowledge and awareness through the
EDRI-grams. All contributions, suggestions for content, corrections or
agenda-tips are most welcome. Errors are corrected as soon as possible and
visibly on the EDRI website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 2.0 License. See the full text at

Newsletter editor: Bogdan Manolea <edrigram at edri.org>

Information about EDRI and its members:

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.

unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users

- Newsletter archive

Back issues are available at:

- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or

----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820            http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

More information about the cypherpunks-legacy mailing list