EDRI-gram newsletter - Number 5.1, 17 January 2007

EDRI-gram newsletter edrigram at edri.org
Wed Jan 17 11:35:22 PST 2007



biweekly newsletter about digital civil rights in Europe

   Number 5.1, 17 January 2007


1. EDRI signs the Joint Statement for SCCR 1st Special Session
2. Copyright extension term rejected by EU commissioned report
3. EU knew about the US's system profiling all visitors
4. Is DRM fading out ?
5. New Italian law to block child pornography websites
6. Millions of credit cards scrutinized in Germany
7. Sony loses DRM case in France
8. Changes in the UK ID card scheme
9. Prison or fine for French p2p users ?
10. Recommanded Reading
11. Support EDRI-gram
12. Agenda
13. About

1. EDRI signs the Joint Statement for SCCR 1st Special Session

Standing Committee on Copyright and Related Rights' (SCCR) Special Session
is taking place right now at Geneva. The meeting (and another in June 2007)
aims to fix the proposed Broadcast Treaty so that it could be ratified by
the end of  this year in a diplomatic conference. If no consensus is found
on the content, there will be no conference and - most likely - no treaty at

EDRI is participating to the meetings together with other NGOs (EFF, CPTech,
IP-justice etc) as an observer. The organizations have prepared together a
joint statement ", which is also endorsed by a large number of technology
companies and which main message is that nobody has been able to argue why a
treaty is needed at all.

However, in the spirit of constructive engagement if the treaty is to
be moved forward in any form, the statement provides with least
minimum requirements, at both the principle and the practical
language level, notwithstanding more comprehensive specific proposals
by some of the signatories. Of major importance is the first of these

"We believe that the current rights-based approach of the treaty must
be abandoned entirely.  We understand that some parties to these
negotiations have equated 'signal protection' with granting 'rights
to prohibit' certain uses of broadcasts. We believe that rights in
any form are not signal protection, or signal-based protection, and
we cannot support their inclusion in any potential new Instrument in
connection with Broadcasting."

EDRI is also particularly concerned with the possibility that the
draft treaty proposal allows for control over Internet
retransmissions of broadcasts and cablecasts. As demonstrated at
previous occasions, the power of such statements lay in the coalition
of diverse industry and NGOs that sign up, even though not optimal
from each signatory, including EDRI, point of view. It remains that
the core message EDRI wants to convey with its endorsement is that
there should be no additional layer of rights for broadcasting
organizations and that the statement opposes the treaty applications
to the Internet, in case the text continues to take a rights-based
approach rather than a signal theft or signal protection approach.

The meeting will end at Friday and a more detailed report will be
found from the next EDRI-gram.

Joint Statement of Certain Civil Society, Private Sector and Rightsholders
Representatives for the First Special Session of the SCCR

Wipo Casting Treaty Blog

Meeting Documents - SCCR 1st Special Session

EDRI-gram: The broadcast treaty stalled by WIPO General Assembly

( Thanks to Ville Oksanen - EDRI-member Electronic Frontier Finland )

2. Copyright extension term rejected by EU commissioned report

The Recasting of Copyright & Related Rights for the Knowledge Economy is a
new study commissioned by the European Union and produced by the Institute
for Information Law - University of Amsterdam. The report covers an
extensive ground in the EU copyright domain taking into consideration the
problems of harmonization in the copyright field, but also the new
challenges and debates regarding the extension of the copyright term for
sound recordings or consumer awareness and acceptance of copyright.

The report is strongly rejecting the music industry's call for the extension
of the term for neighbouring rights:
"The authors of this study are not convinced by the arguments made in favour
of a term extension. The term of protection currently laid down in the Term
Directive (50 years) is already well above the minimum standard of the Rome
Convention (20 years), and substantially longer than the terms that
previously existed in many Member States.(...)
An examination of the underpinnings of existing neighbouring rights regimes
does not lend support to claims for term extension. Whereas copyright
(author's right) protects creative authorship, the rights of phonogram
producers are meant to protect economic investment in producing sound
The market dominance of the 'majors' is an economic factor to be taken into
consideration. A term extension would in all likelihood strengthen and
prolong this market dominance to the detriment of free competition."

The EU report is confirming what other national reports have already pointed
out. During the similar UK debate, the report commissioned by the Gowers
review on the economic evidence on copyright term extension showed that it
was "very likely that a term extension of the type under consideration would
cause a net welfare loss to society" and estimated the loss to 155
million pounds per year.

The Minister for Science and Innovation, Malcolm Wicks, has announced that
it will be leaving the question of copyright term extension in
sound recordings to the European Commission.

The same EU study finds that "An assessment of the acceptance of copyright
by the general public is more difficult to make. For this purpose empirical
data on p2p file sharing and software sharing were analysed as 'indicators
by proxy'. These surveys make clear that unauthorised use and distribution
is the norm for approximately 50 per cent of the populations concerned."

Regarding the results of the harmonization process, the report states that
it "has produced mixed results at great expense, and its beneficial effects
on the Internal Market remain largely unproven and are limited at best" and
also "advises the EC legislature not to undertake any new initiatives at
harmonisation, except where a clear need for amendment of the existing
acquis can be demonstrated."

The Recasting of Copyright & Related Rights for the Knowledge Economy
Executive Summary

UK will leave question of term extension to EU (11.01.2007)

3. EU knew about the US's system profiling all visitors

New controversial issues appear in the case of Passanger Name Record (PNR)
deal with US that show the level of privacy from the US authorities is very
far from the European standards. As Statewatch revealed, the EU Council
Presidency admitted that the Council of the European Union and the European
Commission had known about the US's "Automated Targeting System" (ATS)
profiling all visitors.

The issue has become critical after the Homeland Security Department (DHS)
posted a Notice on the Federal Register in November 2006 showing that PNR
data on travellers from the EU are included in the ATS used by DHS Customs
and Border Protection (CBP) branch.

ATS is a system that U.S. has used for some years to assess risks to
transport. Until August 2006 the system was believed to target cargo
shipments. However the DHS notice of November revealed the fact that CBP was
using this system to target passengers as well, using, collecting and
storing PNR data received from airlines databases.

The system creates a risk assessment score and it is not limited to fighting
terrorism and crime. Moreover the data is preserved for a 40 year period and
can be shared with other US Government organizations and foreign governments
or organizations.

ATS system not only violates US Congressional prohibitions on passenger
risk-assessment schemes ignoring the privacy rights of the US citizens but
also the right of citizens all over the world.

According to the agreement reached between EU and the US Government in 2004
the transfer of data was allowed with some safeguards, including 3.5 year
period of retention and some rights of access by European citizens to
correct their data. The US Government promised to use the data only to fight
terrorism and organised crime and not to share these data with other
agencies or for risk-assessment scoring.

The concerns of data protection organisations and bodies come from the fact
that US has shown to have constantly broken the agreement. As ATS uses PNR
received from EU carriers, CBP uses the data for the profiling of risk
assessments although the agreement was only for the verification of the data
people on a watch-list. The data are preserved for 40 years for risk
assessment profiling purposes which obviously exceeds by far the 3.5 year
period established in the agreement or the case-to-case provision for a
person suspected of terrorism.

The data is not only used to combat terrorism or organized crime as agreed
but also for general law enforcement purposes and the safeguards imposed by
the agreement, including the right to correct data by the European citizens,
are not observed.

Although the Finnish Presidency of EU claims to have made all the efforts in
reaching a political consensus on the promotion of the Framework Decision on
data protection and in increasing the safeguards for data protection, it has
also come out that the Council of Europe and the European Commission had
been aware of the existence of ATS since 2005. The Finnish Presidency stated
it had sent an official enquiry to the US authorities to clarify the ATS
relation to the PNR agreement but data protection advocates show strong
reserves to whether the EU will be able to negotiate efficiently in this

"The EU Presidency statement that the Council and Commission have known
about the ATS for over a year is quite extraordinary. During this period
they renegotiated the EU-USA PNR agreement claiming it was on the same terms
as that agreed in 2004 when they clearly knew it was not. The Council and
the Commission knew about it but did nothing until the existence of the ATS
was made public and now they have asked for clarification" stated Tony
Bunyan, Statewatch editor.

The past history on this issue has shown that the US Government has not
observed the agreement and that EU has continuously weakened its demands
related to data protection safeguards.

Privacy International and the American Civil Liberties Union have called for
the repeal of the EU-US agreement on PNR data transfers by appealing to the
Council of the European Union, the European Commission, the European
Parliament, and privacy commissioners in 31 countries across Europe.

Address to the European Parliament by Minister for European Affairs Paula
Lehtomaki on Data Protection (12.12.2006)

PI and ACLU call for repeal of EU-US agreement on data transfers

4. Is DRM fading out?
2007 has started with news showing the fading away of the
DRM systems that have created many problems with consumers and
interoperability without having clear results in the actions against illegal

Thus, one of the biggest record companies, EMI, has announced at the
beginning of the 2007 that it will no longer produce DRM protected CDs. EMI
considered that the technology was not efficient enough for the CDs.
However, the decision was limited to the classical CDs and was not related
to the distribution of online music in an MP3 format.

But the major record companies have started a serious discussion regarding
also selling music online with DRMs. It is expected that in 2007 the music
industry revenues from Internet downloads and mobile content stop their
increase and possibly even decline. However, the number of Internet users is
increasing and it is very possible for people in the industry to "have a
very different conversation in January when the dust clears and they realize
just how bad this year really was" as Eric Garland, CEO of peer-to-peer
(P2P) tracking firm BigChampagne points out.

Major brands in the Internet industry, such as Amazon or Myspace, are
discussing with the record companies for new business models, where music
could be sold without embedded DRM.

In France the plans for selling music online without DRMs seem more
advanced. VirginMusic has announced that in 2007 it will sell over 200 000
music files in an MP3 format with no copy-protection system, that could be
played on any kind of music software. FnacMusic says it will start a similar
system on 17 January 2007, when 150 000 music files will be offered to the
public, with more files to be added in the next months. Other record
companies have announced their intentions to have the same approach in the
future months.

EMI abandons CD DRM (8.01.2007)

Ailing music biz set to relax digital restrictions (2.01.2007)

One major should announce abandoning the DRMs (only in French, 3.01.2007)

FnacMusic starts selling DRM free MP3s (only in French,

5. New Italian law to block child pornography websites

At the beginning of 2007 a ministerial decree was signed by Communications
Minister Paolo Gentiloni that obliges Internet Service Providers to block
child pornography sites within 6 hours from being announced to do so.

The body that has the responsibility to notify the ISPs on the sites that
must be blocked will be "Centro nazionale per il contrasto della
pedopornografia" (The National Centre against Child Pornography),
coordinated by the Post Police under the supervision of the Ministry of
Communications. The Centre has to create and update a list of sites
considered as containing child pornography and keep informed those
responsible by notifying the ISPs.

The notifying procedure will be established within the Ministry of
Communications but the filtering systems that the ISPs are supposed to use
in order to block the sites have not been determined. The decree will oblige
ISPs to study and find the technical system to comply with the law starting
with 1 March 2007, when it enters into force.

Italy's penal code stipulates severe punishments for the distribution and
publication of child pornography. According to minister Paolo Gentiloni.
"The decree reinforces the fight against child pornography and the
exploitation of minors through the Internet".

The decree has been well received by many bodies including the Ministry of
Family, the Osservatorio sui diritti dei Minori (Children Rights
Observatory), Osservatorio sociale (Social Observatory) or Save the
Children organisation. While appreciating the introduction of the law, some
stated the measure is not enough to stop child abuse and argued on behalf of
international measures.

According to EDRI-member ALCEI this measure comes as a worsening of the
censure situation in Italy, as such kind of legal provisions have not proven
efficient in the past in protecting children and stopping child abuse or
preventing any kind of violence for that matter. However this paves the way
for more censorship that might be applied to other types of information that
may be considered forbidden.

Paolo Nuti, Vice-president of Association of Italian Internet Providers
signalled certain problems that the application of the decree might cause.
Blocking a certain IP address may lead to blocking not only the site in view
but other related sites that might have nothing to do with child

Italy enacts law to block child porn Web sites (only in Italian, 2.01.2006)

Italy will block many other sites (4.01.2006)

"Gentiloni Decree" opposes pedopornography - ALCEI release of 10 January
2007 (only in Italian, 10.01.2006)

6. Millions of credit cards scrutinized in Germany

During an operation carried out by the German police, prosecuting
authorities and State Office of Criminal Investigation (LKA) of the federal
state of Saxony-Anhalt millions of credit card transactions were scrutinized
in September 2006.

A spokesman from LKA stated that indeed a large amount of credit cards were
verified although he could not confirm the number of 22 millions for 2006.
But he stated that approx. 22 million credit cards were scrutinized in 2005.

According to Der Spiegel, an individual offered online information to the
police directing the agents of Zentralstelle gegen Kinderpornografie
(Central Office for Combating Child Pornography) in Halle to a suspicious
Internet site offering child pornographic material. For a period of 20 days,
the amount of about 60 euro payable by credit card was asked to customers
for the access to the site. The credit cards companies were asked to give
information on whom transferred that amount of money to a suspicious bank
account abroad, over that period of time. It seems that all credit cards
companies cooperated with the police.

DAV (German Bar Association) has expressed its concern related to this
action and decided to examine closely the legal ramifications of this new
criminal investigation approach as Hartmut Kilger, DAV President told
Reutlinger General-Anzeiger. "Voluntarily handing over such data to the
authorities is dubious behavior, because what it amounts to is the
outsourcing of profiling-type data trawling operations to private
companies" he stated.

Surprisingly, privacy watchdogs consider this type of approach is providing
no grounds for legal objections. Thilo Weichert, the Data Protection
Commissioner of the federal state of Schleswig-Holstein thinks that banks
are entitled to make credit card information related to suspects available
to the prosecuting authorities, under certain conditions, and remarked that:
"The means applied here boil down to a classical method of criminal
investigation, to which no legal objections can be raised."

Child pornography operation occasions scrutiny of millions of credit card
transactions (9.01.2007)

Lawyers' association criticizes scrutiny of credit card transactions

7. Sony loses DRM case in France

Sony UK and Sony France have lost a case has won a case against The French
consumer protection association UFC Que Choisir  because they did not inform
the consumers about the lack of interoperability of their products and
services to other devices.

The decision taken by the Nanterre Tribunal has found Sony liable for
misleading the consumers by "the fact that Sony did not explicitly and
clearly informed the consumer that the music players sold could read only
the music files downloaded on the only legal site Connect." The decision
also considered that Sony UK had not explicitly stated in its contract that
the music files downloaded from the Connect website could be read only by
the music players dedicated for the Sony trademark.

The tribunal found as well that Sony was responsible for tied selling
(ventee liie) because the 2 separate contracts were closely inter-related:
downloading of music files from the Connect website is subordinated to
buying a dedicated product.

Sony France was obliged by the court to pay 10 000 Euro damages to UFC Que
Choisir and to show on its homepage the judge decision for 3 months. Until
now the court ruling has not been made public by Sony France, that pays 1000
Euro per day for not complying with this part of the decision. Sony can
appeal the decision, but this will not suspend the application of the
present ruling.

This could be just the first step for the French consumers rights
organization, that has started a similar trial against Apple for its
services iPod and iTunes. A decision could be taken by the court during

The decision is one of the first taken after the DADVSI law entered into
force in August 2006. However, the interoperability of the Sony system was
not taken into consideration by the court since the DADVSI law foresees an
Authority for DRMs that should look into this sort of problems. However, the
Authority has not been created yet, because it is still waiting for the
secondary legislation.

Sony condemned for having linked music files to its player ( in
French only, 4.01.2007)

The DRM condemned for cheating and tied selling ( in French only, 5.01.2007)

Decision UFC vs Sony ( in French only, 15.12.2006)

8. Changes in the UK ID card scheme

The initial plan of the UK Government regarding the national ID scheme was
meant to use photographs, fingerprints and iris scans in a National
Identity Register. The Home Office's Strategic Action Plan for the National
Identity Scheme considers now that the iris scans is just an option
and only the ten fingerprints will be taken for each new applicant.

According to Home Office officials, the iris scan was dropped due to the
high costs of this process. They also claimed the decision was also related
"with international obligations, most international countries are using
facial and fingerprint recognition so it is to come in line with that."
However, a return to iris scanning in the future could still be possible.

The UK Government stated in December that the initial-planned single
database National Identity Register would also be dropped. The information
should have been split between 3 existing databases in the Department for
Work and Pensions, Home Office and Identity & Passport Service.

But it seems that the Information Commissioner Richard Thomas' last year
warnings that Britain was "waking up to a surveillance society that is
already all around us" were not enough. This week Tony Blair has announced
again that a single database might be possible and has presented plans to
make it easier for departments to share information.

The reactions to this new announcement were quick to appear. Oliver Heald,
the Conservative constitution affairs spokesman, accused the Government of
"moving one step closer to a Big Brother state with a database from the
cradle to the grave."

Civil society group NO2ID accused the government of outright deception. Phil
Booth, NO2ID's National Coordinator said: "NO2ID's warnings
about the database state are coming true. Mr Blair doesn't trust us, but he
expects us to put absolute trust in all government departments. By tearing
down the fundamental safeguard of confidentiality, he intends to give them
all the right to talk about us behind our backs, which means more power to
intervene in our lives when it suits them".

Government drops iris scan plan (8.01.2007)

Government now can't be trusted with personal details, says NO2ID

Blair wants Whitehall to share your data (16.01.2007)

9. Prison or fine for French p2p users ?

The French Minister of Culture, Renaud Donnedieu de Vabres, considered in
December 2006 that there should be no prison for those downloading only a
few works from the Internet. However, just a couple of weeks after this
statement an Internet user was condemned by a French court to imprisonment
for having downloaded movies from the Internet.

"Prison for Internet users is over" was the statement of the Minister of

Howeve, on 11 January 2007 in Nantes, an Internet user was sentenced to two
months of imprisonment and payment of damages - 10 euro/film to SEV (Video
Editor Union) and the national film federation.

As a clarification to the DADVSI law, a letter from the Ministry of Justice
was to be issued to all prosecutors to adapt their judgements on the basis
of the severity of the copyright infringement in order to avoid imprisonment
for little P2P pirates and apply this punishment only to severe crimes. So
far, this seems to be ignored by French prosecutors.

The little pirates will not go to jail (only in French, 26.12.2006)

Prison for Internet users is really not over ! (only in French, 12.01.2007)

10. Recommanded Reading

Study on the Economic impact of open source software on
innovation and the competitiveness of the Information and Communication
Technologies (ICT) sector in the EU. Final Report. (20.11.2006)

11. Support EDRI-gram

European Digital Rights needs your help in upholding digital rights
in the EU.

Thanks to your last years donations EDRi has been able to issue 24 editions
of EDRi-gram in 2006. To continue with EDRi-gram we again ask
for your support.

If you wish to help us promote digital rights, please consider making
a private donation, or interest your organisation in sponsorship. We
will gladly send you a confirmation for any amount above 250 euro.

KBC Bank Auderghem-Centre, Chaussee de Wavre 1662, 1160 Bruxelles,
Name: European Digital Rights Asbl
Bank account nr.: 733-0215021-02
IBAN: BE32 7330 2150 2102

12. Agenda

17-19 January 2007, Geneva, Switzerland
Special Session of the Standing Committee on Copyright and Related Rights
(SCCR): First Session

20 January 2007, Paris, France
Big Brother Awards France

24 January 2007, Brussels, Belgium
Towards a new European Patent System

28 January 2007, Europe-wide
Data Protection Day: An initiative of the Council of Europe with the support
of the European Commission

19-23 February 2007, Geneva, Switzerland
Provisional Committee on Proposals Related to a WIPO Development Agenda:
Third Session

1-4 May 2007, Montreal, Canada
7th Conference on Computers, Freedom, and Privacy (CFP2007). The deadline
for proposals is 20 January 2006

18-19 May 2007, Brasov, Romania
eLiberatica - The Benefits of Open and Free Technologies - Romanian IT Open
Source and Free Software Conference

13. About
EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 25 members from 16 European countries.
European Digital Rights takes an active interest in developments in the EU
accession countries and wants to share knowledge and awareness through the
EDRI-grams. All contributions, suggestions for content, corrections or
agenda-tips are most welcome. Errors are corrected as soon as possible and
visibly on the EDRI website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 2.0 License. See the full text at

Newsletter editor: Bogdan Manolea <edrigram at edri.org>

Information about EDRI and its members:

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.

unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users

- Newsletter archive

Back issues are available at:

- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or

----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820            http://www.ativel.com
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

More information about the cypherpunks-legacy mailing list