EDRI-gram newsletter - Number 6.11, 4 June 2008

Wed Jun 4 08:06:12 PDT 2008

============================================================

           EDRI-gram

biweekly newsletter about digital civil rights in Europe

    Number 6.11, 4 June 2008

============================================================
Contents
============================================================

1. Hungarian Data Retention Law - challenged at the Constitutional Court
2. Social networking sites might be regulated in EU
3. Czech Parliament - close in implementing data retention directive
4. Deutsche Telekom under investigation for spying on its employees
5. ICO worried about a UK Government-owned traffic data database
6. Dutch Parliament lowers data retention term to 12 months
7. BitTorrent tracker sites threatened by draft ACTA agreement
8. Finish CSS decision overturned
9. Creative Commons Bulgaria Licence upheld in court
10. ENDitorial: A new "NSA FRAnchise" set up in Sweden?
11. Agenda
12. About

============================================================
1. Hungarian Data Retention Law - challenged at the Constitutional Court
============================================================

The Hungarian Civil Liberties Union (HCLU) has filed its complaint with the
Constitutional Court requesting an ex post examination for
unconstitutionality and the annulment of the data retention provisions of
Act C of 2003 on electronic communications.

On 15 March 2008, the regulations implementing the 2006/24/EC Directive
on data retention entered into force in Hungary. Act C of 2003 on electronic
communications did not need much amendment since it already comprised
numerous restrictive data retention provisions prior to the directive. The
only changes of the amendments were the retention of Internet communications
data and the elimination of the lax - but at least pre-defined - legal
purposes of the data processing. Moreover the amendments totally disregarded
the provision of the directive that data should be "available for the
purpose of investigation, detection and prosecution of serious crime".

The HCLU's main concern in its complaint was the retention of personal data
for "the stock" without previously defined purposes. A 1991 decision of
the Constitutional Court prohibited such data processing and the Act on
Protection of Personal Data adopted a year later, also contains this ban.
HCLU has also stressed that data retention might be detrimental not only to
privacy but also to other fundamental rights such as freedom of information,
freedom of the press, freedom of conscience and freedom of religion, freedom
of assembly and freedom of petition.

Constitutional complaint filed by HCLU against Hungarian telecom data
retention regulations (2.06.2008)
http://tasz.hu/en/node/826

(Contribution by Adam Foldes - Hungarian Civil Liberties Union)

============================================================
2. Social networking sites might be regulated in EU
============================================================

On 27 May 2008, the European Network and Information Security Agency (ENISA)
called for new legislation that would regulate social networking sites.
ENISA, which was created in 2004 to oversee online security measures in the
27 EU countries, issued a preliminary report of its General Report in which
it pointed out that social networking sites such as Facebook and MySpace
need more regulation to protect their users against
security risks. "Social networking sites are very useful social tools but we
must make recommendations for how to better protect people from the risks
these sites create," said Andreas Pirotti, executive director of ENISA and
author of the report. He suggested the EU legislation should be expanded in
order to "cover the taking of photos of people and posting them on the
internet".

In Pirotti's opinion, network security is under a permanent threat from
spammers or criminals. "Internet security is extremely important,
considering how much business takes place online now. We don't want
infrastructures to be disrupted, we don't want a digital 9/11 to happen," he
said. He also considers crucial to "raise awareness about how social
networking sites work. Few people realize that they can be offered up as
friends to people they don't know. Also, many people don't realize that it's
almost impossible to erase material once it has appeared on the internet".

Some of the threats related to social networking identified by ENISA are
related to face recognition, digital dossiers, reputation damage, social
engineering attacks on enterprises, phishing attacks, ID theft and others.
The report of the organisation includes 19 recommendations to social
networks on ways to improve their security practices.

Among other things, ENISA calls for a regulatory review of social networking
frameworks, an increased transparency of data handling practices, more
education for users on security, and the discouragement or even banning of
social networking in schools.

A study conducted by enterprise IT management company CA and the National
Cyber Security Alliance in 2006 found out that the majority of users of
social networking sites were not very aware of the security issues involved.
83 percent of them admitted having downloaded unknown files from unknown
users and 74 percent said that they were easily providing the personal data
online. Also, a Symantec report issued in 2007 showed that social
networking sites offer easy pickings for phishers. The security practices of
the respective sites make it easier to invade and to spread attacks to more
people.

Top EU security agency calls for policing of social network (27.05.2008)
http://www.infoworld.com/article/08/05/27/EU-security-agency-wants-social-network-scrutiny_1.html

EU may regulate social networking sites over security issues (27.08.2008)
http://arstechnica.com/news.ars/post/20080527-eu-may-regulate-social-networking-sites-over-security-issues.html

ENISA General Report 2007 - adopted, non designed version
http://www.enisa.europa.eu/doc/pdf/publications/AGR_full_disclaim.pdf

============================================================
3. Czech Parliament - close in implementing data retention directive
============================================================

Czech Parliament is close to approving the data retention implementation as
an Act amending the Electronic Communications Act (127/2005 Coll.). Due to
the early introduction of the data retention obligation in the text of the
2005 Act, the current amending draft law implementing the data retention
directive is more specific.

EDRi-member IuRe intended to take the opportunity to amend the Act in order
to respect privacy. IuRe prepared a set of amendments aiming to shorten the
retention period to 6 months (currently one year), to include data that are
subject to retention into the text of the Act (currently the data are
specified only in a Minister regulation, so it can be modified without
parliamentary debates) and to prevent intelligence services from accessing
the retained data. Risk of misusing the databases for other purposes than
those specified in the directive is obvious: the intentions to allow the use
of operational and localization data by the intelligence services leaked to
the press in November 2007 and it was acknowledged recently by the
Government.

IuRe's proposals to abolish reimbursements of data retention costs to
telecoms and ISP providers and the proposal to clearly entitle only the
Police to use the data were adopted by the Committee for Security of the
Chamber of Deputies.

Unfortunately, the proposal of the Committee for Security of the Chamber of
Deputies and other amendments proposed by individual MPs were not assumed by
the plenum at the third reading.

Following the current legislative procedure, the draft Amending Act is now
pending in the Senate, but there is no real chance to change its text.

The Czech Republic has thus implemented the data retention directive and
obliges providers to store data for one year costing tax payers around 6.5
million euro per year. The draft Amending Act leaves a backdoor for
intelligence services to use the databases. Also, the present form leaves to
the Minister of Transportation the decision on the scope of the retained
data.

More information (Czech only)
http://www.iure.org
http://www.slidilove.cz/

EDRi-gram: Dispute over data retention costs in Czech Republic (15.02.2006)
http://www.edri.org/edrigram/number4.3/czechdataretention

(Contribution by Helena Svatosova, EDRi-member Iuridicum Remedium - Czech
Republic)

============================================================
4. Deutsche Telekom under investigation for spying on its employees
============================================================

The giant German telecommunication company is under investigation by
national prosecutors for a presumed breach of privacy, after having spied on
the phone calls of its managers, journalists and even board members.

According to Der Spiegel newspaper, the former monopoly incumbent operator -
still 31.7% owned by the German government - illegally monitored the phone
calls of parts of its staff during 2005-2006 when the company was laying off
workers. It seems the company hired an outside agency to monitor contacts
between members of its supervisory board and journalists.

The company has partially admitted the allegations saying the monitoring was
carried out to find out who was leaking information to the press. Rene
Obermann, the chief executive of the group, stated the company had not been
aware of the issue and that the illegal actions were taken by
the security department of the company, which has been dissolved in the
meantime. "I am shaken to the core by these allegations. We take the
situation most seriously. We have called in the public prosecutor's office
and will support them in their full investigation of these allegations" he
said.

The company also claimed that the calls were not listened to, and that the
investigation was just trying to establish the date, the duration of the
calls and what phone numbers board members had called. "The allegations made
against the company do not relate to any unlawful use of the content of
calls - in other words they do not concern the tapping of calls.(...) Call
records are details of the time, duration and participants of calls" was the
company's statement.

Legal expert Thomas Hoeren said that in Germany there had been more and more
cases of companies watching their employees, which is not an issue as
actually this is allowed by the law. However, Deutsche Telekom broke more
than privacy laws by collecting all the telephone data from their CEOs and
the people supervising the company which is not only a violation of data
protection or privacy regulations but also a violation of telecommunications
secrecy, which is protected under criminal law. If a company allows its
employees to use the telephones in their offices for private use, as was
Deutsche Telekom's case, they are no longer considered as employees but also
as private persons. So, the company was not allowed to monitor its
employees' telephone connections. Hoeren also stated there was no
justification for a company to violate telecommunications secrecy and he
also considered there was an implicit violation of press freedom.

"The interesting problem in this case is that state attorneys are now
investigating what happened at Deutsche Telekom, but this can only lead to a
punishment for individuals acting as representatives of Deutsche Telekom.
The company as such is out of bounds. What people now want are increased
sanctions against the company, not just against the individuals behind the
company. In the current situation, Deutsche Telekom can only get a fine of
perhaps 25,000 euros, which is nothing for them" said the expert.

Prosecutors are examining now whether or not to open a case of violation of
data protection laws against Deutsche Telekom.

Prosecutors investigate Deutsche Telekom over data misuse (29.05.2008)
http://www.out-law.com//default.aspx?page=9153

Prosecutors probe Deutsche Telekom on data misuse (29.05.2008)
http://www.reuters.com/article/rbssTechMediaTelecomNews/idUSWEA833920080529

Prosecutors probe Deutsche Telekom (29.05.2008)
http://ap.google.com/article/ALeqM5jjHggMdkSqAgBRq4C243Fj88zOQQD90V82IO1

Telekom Breaks More than Privacy Laws in Criminal Spy Case (27.05.2008)
http://www.dw-world.de/dw/article/0,2144,3363041,00.html

============================================================
5. ICO worried about a UK Government-owned traffic data database
============================================================

The new Communications Data Bill proposed by the Home Office has met the
opposition of the Information Commissioner's Office (ICO) which has shown
concerns related to the proposals of building one Government-owned database
with records of phone calls, email and Internet use in the UK.

In ICO's opinion, the action is not justified. "If the intention is to bring
all mobile and internet records together under one system, this would give
us serious concerns and may well be a step too far. We are not aware of any
justification for the state to hold every UK citizen's phone and internet
records. (...) We have real doubts that such a measure can be justified, or
is proportionate or desirable. We have warned before that we are
sleepwalking into a surveillance society. Holding large collections of data
is always risky - the more data that is collected and stored, the bigger the
problem when the data is lost, traded or stolen" said Jonathan Bamford,
assistant Information Commissioner.

ICO is worried not only in connection to breaches of civil liberties but
also about the amount of power the Government will get over the information.
"Such a measure would require wider public discussion. Proper safeguards
would be needed to ensure that the data is only used for the proper purpose
of detecting crime" stated Bamford.

There are also doubts that the Government is able to guaranty the safety of
the system against internal as well as external misuse. The system might
prove too massive to be properly managed by the Government, ending up in a
huge loss of public money.

The concerns are also related to the fact the UK Government has a bad
history in keeping personal private data. As previously reported in the
EDRI-gram, HM Revenue and Customs lost 25 million people's personal details
in November, the Army lost a large amount of data with stolen laptops and a
contractor to the DVLA lost three million drivers' personal details in
December.

Privacy watchdog opposes giant telecoms database (27.05.2008)
http://www.out-law.com//default.aspx?page=9147

Home Office calls for a 'Big Brother' database (22.05.2008)
http://www.heise.de/english/newsticker/news/108305

EDRI gram - UK Government will store all phone, Internet traffic data
(21.05.2008)
http://www.edri.org/edrigram/number6.10/uk-isp-traffic-data

EDRi-gram: Personal sensitive data keep on being lost in UK (30.01.2008)
http://www.edri.org/edrigram/number6.2/uk-losing-personal-data

============================================================
6. Dutch Parliament lowers data retention term to 12 months
============================================================

The Dutch Parliament has lowered the data retention term in its
implementation of the Data Retention directive to 12 months. The law
has still to pass the Dutch Senate, which has been more critical of data
retention in the last four years. A lot is still unclear about the law
and many concerns, like the absence of evidence for the resulting
interference with the right to private life and private communications,
have not been adequately addressed yet. Still, the legislature will try
to finalize the law before the summer break of the Parliament.

Interestingly, the three-party coalition forming the present Government
was split into three camps, arguing for 6, 12 and 18 months
respectively. The government kept arguing for 18 months, but a majority
voted for an amendment lowering the term to 12 months. This term
traces back to a report of the Erasmus University about the usefulness
and necessity of data retention for telecommunication traffic and
location data. After failing to prove such usefulness and necessity for
data older than 3 months, the researchers had talks with police
representatives. Based exclusively on those talks, the report
recommended a 12 month retention period. Later on, the Dutch Council of
State referred to that research and the proposed reasonable term of 12
months when it advised the government to lower the term.

Although the debate focused a lot on the retention term and the lack of
evidence, there are many other issues that were debated. The Parliament
also spoke about European developments, such as the procedure of Ireland
before the European Court of Justice and the constitutional challenge in
Germany. It also discussed the extent of parliamentary involvement with
the contents of the decree which will contain more details about data
retention in practice. The law now contains a list of data to be
retained, after concerns were raised that this was the core of a data
retention obligation and that the list would have to be agreed upon in
Parliament. Unfortunately, the list is not very precise. It is as
general as the list in the directive and seems to contain a mistake. Whereas
the data retention directive does not require the retention of the
destination for Internet use other than e-mail or telephony, the Dutch list
does not make this distinction anymore.

The costs of data retention for the sector and consumers were also an
issue of debate, but the available cost estimates are still vague. One
of the reasons is that the precise scope of the data retention
obligation for Internet traffic is unclear. General costs of data
retention will not be reimbursed. The question about storage of the data
in centralized or decentralized facilities has been evaded. At first,
the data will be stored by the providers but this could change in the
future. An amendment that would have restricted the possibility of
claiming complete data sets - to be used for data mining in the context
of combating terrorism - didn't make it. If the law is passed, both
national security and law enforcement agencies will have the possibility
to claim complete parts of the collection of data to be retained.

EDRi-gram: Dutch study fails to prove usefulness and necessity data
retention (29.05.2005)
http://www.edri.org/edrigram/number3.13/retention

EDRi-gram: Dutch DPA advises negatively on Dutch draft data retention
(31.01.2007)
http://www.edri.org/edrigram/number5.2/dpa-dutch

Data Retention 12 Months (only in Dutch, 22 May 2008)
http://webwereld.nl/articles/51188/wet-bewaarplicht-toch-12-maanden.html

The data retention implementation law as sent to the Dutch Senate (only in
Dutch, 22 May 2008)
http://www.eerstekamer.nl/9324000/1/j9vvgh5ihkk7kof/vhv5hp6u4zyt/f=y.pdf

(Contribution by Joris van Hoboken - EDRi-member Bits of Freedom -
Netherlands)

============================================================
7. BitTorrent tracker sites threatened by draft ACTA agreement
============================================================

A new international trade agreement, the Anti-Counterfeiting Trade
Agreement (ACTA), which is now under discussion might strengthen criminal
sanctions against BitTorrent tracker sites for exploiting copyright material
online.

The tracker sites state they do not profit from Internet users sharing
music, movies and software, saying that the server and bandwidth costs are
supported by donations and advertising revenues. However, rights holder
organisations claim that BitTorrent administrators exploit copyright
material online and make a nice profit out of it.

A discussion paper that has been leaked online by Sunshine Media, the
company that runs the Wikileaks.org website, is under circulation now among
the US, EU, Canada, Japan, Korea, Mexico, New Zealand, and Switzerland, on
the proposed ACTA. The paper includes "the types of provisions that could be
included in the agreement" and suggests "criminal sanctions to be applied to
(Intellectual Property Rights) infringements on a commercial scale (where
there are) significant willful infringements without motivation for
financial gain to such an extent as to prejudicially affect the copyright
owner (e.g. internet piracy)".

The discussion paper states "deterrent-level" penalties should be applied by
the Governments against criminal copyright infringement, and it also
proposes powers to seize and destroy equipment. The ACTA proposal in the
case of simple filesharers accused of civil infringement is the possibility
of the rights holder of asking compensations "including measures to overcome
the problem of rights holders not being able to get sufficient compensation
due to difficulty in assessing the full extent of the damage".

ISPs might face new sanctions as the ACTA will force them to hand over
personal information pertaining to "claimed infringement" or "alleged
infringers". ACTA might also attempt to introduce "remedies against
circumvention of technological protection measures used by copyright owners
and the trafficking of circumvention devices".

What the discussion paper also proposes is that ACTA create its own
governing body to be overseen by a committee made up of representatives from
member nations. According to a European Commission official, formal
negotiations on ACTA are expected to start this week in Geneva.

NGOs, such as IP Justice, heavily criticised the new negotiations: "After
the multilateral treaty's scope and priorities are negotiated by the few
countries invited to participate in the early discussions, ACTA's text will
be 'locked' and other countries who are later 'invited' to sign on to the
pact will not be able to re-negotiate its one-sided terms."

Meanwhile, in UK, the Police has arrested six people for allegedly sharing
music files via the defunct BitTorrent tracker OiNK.cd. Apparently the 6
persons were detained in "in relation to uploading pre-release music".
OiNK.cd was shutdown seven months ago in a Police raid at the Middlesbrough
home of its administrator.

International copyright talks seek BitTorrent-killer laws (27.05.2008)
http://www.theregister.co.uk/2008/05/27/acta_leak/

Copyright deal could toughen rules governing info on iPods, computers 
(26.05.2008)
http://www.canada.com/topics/technology/science/story.html?id=ae997868-220b-4dae-bf4f-47f6fc96ce5e

BitTorrent tracker Mininova faces legal action (19.05.2008)
http://www.theregister.co.uk/2008/05/19/mininova_faces_legal_action/

Embattled ACTA Negotiations Next Week In Geneva; US Sees Signing This Year 
(30.05.2008)
http://www.ip-watch.org/weblog/index.php?p=1071

UK cops arrest six alleged BitTorrent music uploaders (2.06.2008)
http://www.theregister.co.uk/2008/06/02/onk_further_arrests/

============================================================
8. Finish CSS decision overturned
============================================================

The Helsinki Court of Appeal overturned the initial decision taken by the
Helsinki District Court ruling that Content Scrambling System (CSS) used
in DVD movies is "ineffective".

The decision of the Court of Appeal was taken a year after the first ruling
concluded that "CSS protection can no longer be held 'effective' as defined
in law."

The defendant's counsel Mikko Vdlimdki explains on his blog that the Appeal
Court said that circumventing an access control would have been lawful. But
the court considered that the defendants circumvented a full copy protection
system (CSS), not just an access control, which is actually wrong.

Also Vdlimdki points out that the court considered that "it is ok to
circumvent if the circumvention happens without installing additional
software. The court claimed that you always need to install some kind of
"hack" software for Linux systems in order see DVDs. Again, the court erred.
In fact, you only need a (legal) player software like VLC or Mplayer, and
with some Linux distros player cabale of showing DVDs comes standard. In the
district court the technical witness from the Finnish criminal police
answered as questioned that with his Ubuntu installed fresh on the system
you just throw the DVD in and it shows the movie's icon on the destop, there
you just double-click and voila. You don't need *any* additional software in
that case."

The counsel announced that the decision would be appealed to the Supreme
Court in Finland, because the Appeal Court decided on the case and made
these errors because it took the decision only based on the case
documentation.

Usually, it takes between 3-5 months for the Supreme Court to decide whether
they take the case.

Court of Appeal overturned the CSS decision (26.05.2008)
http://www.turre.com/blog/?p=156

Finnish Appeals Court Overturns Decision That Said It Was Okay To Circumvent
Ineffective DRM (28.05.2008)
http://www.techdirt.com/articles/20080527/1606231237.shtml

EDRi-gram: CSS protection used in DVDs is "ineffective" (6.06.2007)
http://www.edri.org/edrigram/number5.11/css-dvd-finland

============================================================
9. Creative Commons Bulgaria Licence upheld in court
============================================================

Veni Markovski from EDRi-member ISOC Bulgaria reports on his blog on the
first case when the CreativeCommons Licence was upheld in court in Bulgaria.

The Bulgarian blogger Elenko Elenkov filed a lawsuit against the newspaper
"24 hours" for having used one of his photos, licenced under the
CreativeCommons BY-SA, in one of their edition on 20 September 2007 on the
cover page and on page 3. The picture did not mention the author or the
licence used, but rather attributed the photo on page 3 to "The Internet".

The correction printed four days later by the newspaper was under the
headline and said that "pictures from the Internet forums also have an
author", and that the picture was published "in one of the Internet
forums", and acknowledged that the author was Elenko Elenkov.

Elenko claimed that the correction published by the newspaper is impairing
his image rather than admitting him as the author and claimed more than the
50 euros offered by the "24 hours" newspaper as compensation, even though
the newspapers is the second biggest in Bulgaria.

On the first hearing in this case at the Sofia Court on 27 May 2008, the
newspaper admitted that they had breached Elenko's copyright, but the trial
will continue to determine the right compensation.

Creative Commons License Recognized in Bulgarian Court (28.05.2008)
http://blog.veni.com/?p=494

Elenko vs. "24 hours", Episode 7: "24 hours" acknowledged its mistake (only
in Bulgarian, 27.05.2008)
http://www.eenk.com/?p=1778

============================================================
10. ENDitorial: A new "NSA FRAnchise" set up in Sweden?
============================================================

Lex Orwell, a law proposal for total surveillance, is urgently being
pushed to a vote on 17 June 2008 by national security hawks in the
peaceful Kingdom of Sweden. It will mandate the "NSA franchise", the
FRA, to turn its forest of parabola ears and world's 5th largest super
computer to listen to you - or rather what you do, say and share on the
Internet - would an information package pass the Swedish borders.

FRA is the Swedish shorthand for The National Defence Radio
Establishment. An institution very active during the cold war but
without a clear task or purpose today since material from satellite
traffic from military activities the Baltics isn't particularly a la
mode any more. To stay in business, FRA has therefore for years pursued
a long term strategy to "improve raw material supply through
partnerships"  and to provide "on demand" intelligence to "support
government authorities and state owned companies regarding current IT
threats".

That does not make FRA into an "NSA franchise", does it? Well, a retired
FRA Intelligence Officer was recently quoted in a report to the Swedish
Journalist Fund for Education saying "Maybe FRA is a Swedish
organisation, which in limited ways cooperate with foreign intelligence
services. Or FRA is a part of an international surveillance group which
to a limited extent cooperate with the Swedish authorities. The problem
is that it is only FRA who knows."

While national security and "state secret privileges" are complex
matters of parliamentary checks and balances, the question is if Lex
Orwell got it right. Nobody in the public sphere seems to think so. In
answers from eight heavyweight institutions to the government's hearing
on Lex Orwell it is said it is "in breach of ECHR", "like wire-tapping
without a court order", "general surveillance (...) of the content of
telephone calls and messages", "lacking in understanding (...) of
privacy", "massive wire-tapping", "seriously flawed" and that "the State
is acquiring the telecommunications traffic". If this critique was
not enough, former director of the FRA himself says FRA activity is in
breach of European law. To the layman the set-up seems
indistinguishable from what allegedly is happening in the USA where AT&T
is accused of "violating the law and the privacy of its customers by
collaborating with the National Security Agency (NSA) in its massive,
illegal program to wiretap and data-mine Americans' communications".

Why should you care what is happening in Sweden? Well, it turns out that
Sweden is one of the countries that has actively blocked the
Commission's third pillar proposal from 2005 for protection of personal
data processed in the framework of police and judicial cooperation in
criminal matters. Professor Elspeth Guild writes in 2007: "A
battery of measures have been announced in the First and Third Pillars
(...) which are aimed at a substantial increase in surveillance of the
citizen, his or her movements, statements, actions and activities. At
the same time, the protection of the citizen from wrongful use of his or
her personal data has lagged very substantially behind for instance, the
continuing blockage of the Third Pillar Framework Decision on data
protection.". Statewatch told us already in 2006 that a "number of
delegations (CH, CZ, DK, IE, SE and UK) has expressed doubts against the
inclusion of data processed in a purely domestic context.". Why?

At about the same time the Commission answers the parliamentary question
E-1300/2007 whether Sweden has the right to conclude an exclusive
agreement with the USA on research into terrorism and civilian security
issues, saying would such research transfer personal data to third
countries, it would be regulated by European law: "It is important to
underline that exchange on either security research projects or on
threat assessment does not necessarily imply exchange of personal data
which are subject to the EU data protection rules. However, any such
activities must fully respect the fundamental rights, privacy and civil
liberties of individuals.".

Now, what about "raw material supply through partnerships"?

It is said that only four (4) Swedish libertarians in the ruling
coalition is needed to postpone Lex Orwell. Grab your phone and call
them. International calls are still free, as in free speech.

FRA's "Open Budget" for 2009-2011 (only in Swedish, 17.03.2008)
http://www.fra.se/bilagor/0319-bul2009-2011.pdf

FRA, brief presentation in English
http://www.fra.se/english.shtml

"Fvrsvarets Radioanstalt - 2003-2004" by Martin Jvnsson a report to 
"Journalistfonden fvr vidareutbildning" (only in Swedish, 27.02.2005)
http://periodista.se/FRA03_04.pdf

Video recording from San Francisco Ninth Circuit Court of Appeals, Hepting 
v. AT&T (23.01.2008)
http://www.youtube.com/watch?v=ppRKfXiXBLM

Collection of some Swedish institution's opinions of Lex Orwell (only in 
Swedish, 3.06.2008)
http://www.digitalidag.se/index.php?title=Sammanfattning_av_remissvaren&oldid=1268

Interview with Anders Wik, former FRA director (only in Swedish, 31.05.2008)
http://computersweden.idg.se/2.2683/1.165280

General information related to EFF's class action lawsuit against AT&T
http://www.eff.org/nsa/hepting

European parliament's legislative observatory page on DPFD
http://www.europarl.europa.eu/oeil/file.jsp?id=5279032

"Making the EU Citizens' Agenda Work" by Elspeth Guild (9.02.2007)
http://shop.ceps.be/BookDetail.php?item_id=1460

Council document 13918/06 (13.10.2006)
http://www.statewatch.org/news/2006/oct/eu-dp-issues-13918-06.pdf

Parliamentary question E-1300/2007 (1.06.2007)
http://www.europarl.europa.eu/sides/getAllAnswers.do?reference=E-2007-1300&language=EN

Article referred to in question E-1300/2007 (only in Swedish, 28.02.2007)
http://www.nyteknik.se/nyheter/innovation/forskning_utveckling/article42632.ece

(Contribution by Erik Josefsson)

============================================================
11. Agenda
============================================================

6-7 June 2008, Bremen, Germany
IdentityCamp - a barcamp around identity 2.0 and privacy 2.0
http://barcamp.org/IdentityCampBremen

17-18 June 2008, Seoul, Korea
The Future of the Internet Economy - OECD Ministerial Meeting
http://www.oecd.org/FutureInternet

23 June 2008, Paris, France
GigaNet is organizing an international academic workshop on "Global Internet
Governance: An Interdisciplinary Research Field in Construction"
http://tinyurl.com/2nww9t

26-27 June 2008, London, UK
International Conference on Digital Evidence
http://www.mistieurope.com/default.asp?Page=65&Return=70&ProductID=8914&LS=DigitalEvidence

30 June-1 July 2008, Louvain-la-Neuve, Belgium
First COMMUNIA Conference - Assessment of economic and social impact of
digital public domain throughout Europe
http://www.communia-project.eu/conf2008

7-8 July 2008, London, UK
Developing New Models Of Content Delivery Online & Innovative Strategies For
Effectively Tackling Copyright Infringement
http://www.isp-content-regulation.com/conference.agenda.asp

7-9 July 2008, Cambridge, UK
Privacy Laws & Business 21st Annual International Conference
http://www.privacylaws.com/templates/AnnualConferences.aspx?id=641

19-20 July 2008, Stockholm, Sweden
International Association for Media and Communication Research
pre-conference - Civil Rights in Mediatized Societies: Which data privacy
against whom and how ?
http://www.iamcr.org/content/view/301/1/

23-25 July 2008, Leuven, Belgium
The 8th Privacy Enhancing Technologies Symposium (PETS 2008)
http://petsymposium.org/2008/

8-10 September 2008, Geneva, Switzerland
The third annual Access to Knowledge Conference (A2K3)
http://isp.law.yale.edu/

22 September 2008, Istanbul, Turkey
Workshop on Applications of Private and Anonymous Communications
http://www.alpaca-workshop.org/

24-28 September 2008, Athens, Greece
World Summit on the Knowledge Society
http://www.open-knowledge-society.org/summit.htm

============================================================
12. About
============================================================

EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 28 members based or with offices in 17 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRI-grams.

All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and visibly on the
EDRI website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 2.0 License. See the full text at
http://creativecommons.org/licenses/by/2.0/

Newsletter editor: Bogdan Manolea <edrigram at edri.org>

Information about EDRI and its members:
http://www.edri.org/

European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.
unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edrigram-mk.php

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or
unsubscribing

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE