EDRI-gram newsletter - Number 6.19, 8 October 2008

Wed Oct 8 13:20:37 PDT 2008

============================================================

           EDRI-gram

biweekly newsletter about digital civil rights in Europe

    Number 6.19, 8 October 2008

============================================================
Contents
============================================================

1. The European Parliament voted the Telecoms Package
2. Sarkozy snubbed by Barroso in the three strikes approach
3. The European Union wants to introduce virtual body screening in airports
4. First meeting of the Fundamental Rights Platform
5. Social Networks - on the European Commission's Agenda
6. Third Phorm trials started, but privacy concerns remained
7. RapidShare needs to check every file for copyright infringement
8. Serbia: Conference on Regulation of online Freedom of Expression
9. An update on the Italian PirateBay case
10. Recommended Action
11. Recommended Reading
12. Agenda
13. About

============================================================
1. The European Parliament voted the Telecoms Package
============================================================

The Package of rules governing the Internet and telecoms sectors proposed by
the European Commission in view of supporting competition and providing
clearer information and a wider range of services to consumers was approved
by the European Parliament on 24 September 2008, in the first reading. The
measures that would have allowed a control on Internet users were rejected.

The package including four legislative proposals was proposed on 13 November
2007 and had in view the establishment of a new EU telecoms authority, the
introduction of functional separation in order to boost competition, a
review of radio-spectrum management and a range of consumer protection
measures.

Following a strong pressure from the consumers, privacy groups and telecoms
industry, the MEPs rejected the idea that ISPs should filter all downloads
and punish the infringers of anti-piracy rules, being thus transformed into
a sort of online police.

The key amendments in this respect were Amendment 166 to the Harbour
report and Amendment 138 to the Trautmann report, both adopted by the EP.
"They state that users' access may not be restricted in any
way that infringes their fundamental rights, and (166) that any
sanctions should be proportionate and (138) require a court order.
They both reinforce the principle established on April 9th in the Bono
report, that the Parliament is against cutting off people's Internet
access as a sanction for copyright infringement. Cutting off Internet
access was not explicitly in the Telecoms Package, but it did open the door
to 3-strikes. These amendments close that door." as Monica Horten correctly
points out.

The EP decided that personal data processing should not require the user's
prior consent. Also, there was no clear decision on the issue of whether IP
addresses should be considered as personal data.

However, the EP approved the application of a prior consent clause to
software such as cookies, which are installed in the users' computers and
which provide information on their behaviour to the companies having created
them, such as search engines. Another amendment requires the telecom
companies to inform the national telecom regulators if they suffered serious
data security breaches, that might affect their users' privacy.

The Parliament's vote was welcomed by most interested parties being
considered as a good step in the direction of privacy, the protection of
personal data, and principles of proportionality and separation of powers.

The European consumers organisation, BEUC stated: "Today MEPs voted to
reinforce consumer rights and competition in telecoms markets across Europe.
We hope the Council will follow the same line towards improving and
facilitating consumers' daily lives. Many consumers still suffer from
problems with their telecom providers: from complicated information to very
long-term contracts, not to mention difficulties in switching. Concretely,
thanks to today's move, consumers could benefit from more transparent
information about tariffs and conditions of contracts."

La Quadrature du Net, the group of citizens acting for individual rights and
freedoms and supported by French as well as international NGOs, wanted to
thank "all MEPs who have worked in this direction, and all citizens who
mobilized en masse to alert their delegates on these issues. We'd like to
thank particularly the MEPs who have been able to reconsider their positions
as they became aware of the risks to the rights and freedoms of their
fellow-citizens." However, the body still warns on some issues of concern
particularly that of the danger that the adopted Amendment 138 may be
withdrawn. Amendment 138 states that no restriction on the rights and
freedoms of end users can be taken without prior decision of the judicial
authority, only in cases when public safety is concerned.

There is strong support for the adoption of the telecoms package by the end
of the mandate of the present Parliament, at the middle of 2009. The next
step in this issue will be the next Telecoms Council which is planned for
the end of November.

Parliament backs major telecoms, Internet overhaul (25.09.2008)
http://www.euractiv.com/en/infosociety/parliament-backs-major-telecoms-internet-overhaul/article-175719?Ref=RSS

MEPs back altered telecoms reform (25.09.2008)
http://www.out-law.com/page-9456

European Parliament votes against 3-strikes (24.09.2008)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=173&Itemid=9

Telecoms Package : European democracy's victory already threatened
(26.09.2008)
http://www.laquadrature.net/en/telecoms-package-european-democracys-victory-already-threatened

EDRIgram: The telecom package debated by the European Parliament
(10.09.2008)
http://www.edri.org/edrigram/number6.17/telecom-package-debated

============================================================
2. Sarkozy snubbed by Barroso in the three strikes approach
============================================================

Barroso, President of the European Commission has refused French President
Sarkozy's request to withdraw Amendment 138 included in the Telecoms Package
recently voted by the European Parliament.

Amendment 138 which basically reinstates the legal issue of the freedom to
communicate of Internet users, reaffirming that only threats to public
security can justify the restriction to the free circulation of information
on the Internet without a court decision, was voted with a large majority by
the MEPs, fact which largely displeased EU French presidency who has
continuously pushed and pressed for the application of the three strike
approach introduced by its "Criation et Internet" draft bill.

Sarkozy sent a letter to Barroso asking for the withdrawal of the amendment
which would force France to give up its draft law. If the Commission does
not reject the amendment, France would be in the position to obtain the
refusal of the entire Telecoms Package which would practically be
impossible. Therefore, Sarkozy is trying to obtain the withdrawal of the
amendment by the Council of Ministers during the meeting scheduled for 27
November, before the second reading of the European Parliament that will
take place during the first term of 2009. "Sarkozy tries to force his way
through in Council, and his close staff does not hide that they want to
subsequently outstrip the European Parliament by having the French bill
adopted in emergency procedure before the second reading on the Telecoms
Package" says La Quadrature du Net.

But Mr. Barroso, president of the EC sent a non-receipt denial by reminding
the French President that the amendment was voted with 573 pro votes against
74 and stating that the EC will "respect this democratic decision of the
European Parliament" adding that the "amendment is a significant reminder of
the legal principles that are inherent keys to the legal order of the
European Union, especially as regards the citizens' fundamental rights".

The position was stranghtned by the European Commission spokesman for
information society issues,  Martin Selmayr that said: "The European
Commission respects this democratic decision of the European Parliament. In
our opinion this amendment is an important re-affirmation of the basic
principles of the rule of law in the EU, in particular the fundamental
rights of its citizens."

The European Commission has therefore accepted the amendment thus forcing
France to accept the report. The Commission has invited France to discuss
the issue at the Council of Ministers meeting where an agreement has to be
reached between the Council and the EP in order to pass the Telecoms
Package. As the Commission has no legislative power it can only act as
negotiator between the two bodies. If France goes on with its plans to
present its Creation et Internet draft law on 18 November, it might be under
violation of a European provision in progress of being adopted.

"The French President seems to have too soon forgotten how the European
Union institutions work by pretending to ignore the co-decision principle"
stated MEP Guy Bono, co-author of the amendment.

On the other hand, the British Government which in July seemed ready to
pursue a gradual response approach for p2p users now denies any such
attempt. The British Prime Minister stated in a response to a petition
asking him not to force ISPs to spy on their users for the purpose of
monitoring copyrighted content. "Unfortunately, much of the media reports
around this issue have been incorrect. There are no proposals to make ISPs
liable for the content that travels across their networks. Nor are there
proposals for ISPs to monitor customer activity for illegal downloading, or
to enforce a '3 strikes' policy."

Letter from Sarkozy to Barrosso (only in French)
http://www.ecrans.fr/IMG/pdf/Lettre_Barroso.pdf

President Sarkozy requires the withdrawal of Amendment 138 (only in
French, 4.10.2008)
http://www.numerama.com/magazine/10783-President-de-l-UE-Sarkozy-exige-le-retrait-de-l-amendement-138.html

Gradual response: Barroso said no to Nicolas Sarkozy (only in French,
6.10.2008)
http://www.numerama.com/magazine/10791-URGENT-Riposte-Graduee-Barroso-dit-non-a-Nicolas-Sarkozy.html

UK Prime Minister Denies Three Strikes Proposal... After Europe Tossed It
(5.10.2008)
http://www.zeropaid.com/news/9791/UK+Prime+Minister+Denies+Three+Strikes+Proposal...+After+Europe+Tossed+It/

Graduated response: Europe must resist Sarkozy's authoritarianism
(6.10.2008)
http://www.laquadrature.net/en/graduated-reponse-europe-must-resist-sarkozys-authoritarianism

Graduated Response : The Lesson (7.10.2008)
http://www.laquadrature.net/en/graduated-response-lesson

EDRIgram: French law on 'graduate response' opposed by ISOC Europe
(10.09.2008)
http://www.edri.org/edrigram/number6.17/3strikes-opposed-isoc-europe

============================================================
3. The European Union wants to introduce virtual body screening in airports
============================================================

A draft European Commission regulation has in view the introduction of
millimetre wave imaging scanners in airports to be used "individually or in
combination, as a primary or secondary means and under defined conditions".
The scanner will provide a "virtual strip search" of travellers within the
EU.

The regulation is meant to be introduced in all the EU countries by the end
of April 2010. The new technology creates an image of an unclothed body. The
system has already been tested on a voluntary basis at Heathrow's Terminal
Four.

The procedure involves the beaming of electromagnetic waves of passengers
the result being a virtual three-dimensional "naked" image from
reflected energy. The black and white images obtained are alarmingly graphic
raising privacy concerns.

The European Union follows the example of the Unites States where scanners
have been used in New York and Los Angeles airports because the technology
shows body contours thus revealing any possible hidden objects such as guns
or knives.

The draft regulation has raised a lot of concern from the privacy advocates.
"I don't think people are aware of what these scanners can do and how
demeaning it is to have your body on display. Heathrow was right to
discontinue their use and they should not be used in Britain except as an
alternative to strip searches" said Gareth Crossman, Director of Policy at
Liberty. In his turn, Tony Bunyan, the editor of Statewatch, believes the
technology would subject "people including women, old people and children to
such a shameful and undignified experience" adding: "It would appear that
this is yet another case of 'if it is technologically possible it should be
used' without any consideration of proportionality, privacy and civil
liberties."

Concerns over the safety of the new technology to be introduced have also
been expressed. Paolo Costa, Chairman of the European Parliament's Transport
Committee wrote a letter to the Commission in which he addressed several
questions related to the procedure such as whether the technology is safe
from the health point of view or the way in which the images will be stored
and destroyed.

UK Shadow Home Secretary Dominic Grieve wanted to emphasise the fact that,
even if the scanners may prove to be effective security instruments, the UK
government has to take into consideration first the UK security requirements
"rather than the dictates of Brussels" and that the implementation must be
done "in a proportionate manner". "Ministers need to explain publicly and
transparently what these proposals are and why they are suitable to the UK"
he added.

Another concern was expressed by Timothy Kirkhope, a Conservative Euro-MP
from the transport committee who is worried that the new security
regulations may be introduced without discussions or without consulting the
public. "It must not be the case that unelected Commission officials, or
security bureaucrats, can introduce these measures without elected MEPs or
MPs being able to anything about it," he said.

Commission Regulation of supplementing the common basic standards on civil
aviation security laid down in the Annex to Regulation (EC) No 300/2008
http://www.statewatch.org/news/2008/sep/eu-com-aviation-security.pdf

ACLU Backgrounder on Body Scanners and "Virtual Strip Searches" (6.06.2008)
http://www.aclu.org/privacy/35540res20080606.html

Paolo Costa's letter to the European Commission (26.09.2008)
http://www.statewatch.org/news/2008/sep/eu-com-aviation-security-costa-letter.pdf

EU to introduce 'virtual strip searches' at airports by 2010 (1.10.2008)
http://www.telegraph.co.uk/news/worldnews/europe/3110533/EU-to-introduce-virtual-strip-searches-at-airports-by-2010.html

============================================================
4. First meeting of the Fundamental Rights Platform
============================================================

On 7-8 October 2008 the European Union Agency for Fundamental Rights (FRA)
held the first meeting of its Fundamental Rights Platform (FRP) in Vienna.

Representatives from about 100 NGOs and other Fundamental Rights
Organisations - EDRi amongst them - were invited to discuss and make
suggestions on potential strategic objectives of the Agency and for
priorities for the FRA Work Program 2009 and 2010.

The Fundamental Rights Platform is part of FRAs newly defined structure
and focus. With a Council Regulation of February 2007 the former
European Monitoring Centre on Racism and Xenophobia (EUMC)  got an
increased thematic area of operation and was renamed to European Union
Agency for Fundamental Rights.

By a Council Decision of February 2008 a Multi-annual Framework for
the work of FRA in the years 2007-2012 was established, which served as
a basis for the discussions of the platform on the strategic direction
and thematic priorities of the Agency.

The discussions of the FRP were organised in four working groups. The
rapporteurs of these groups will create a common report, which will be
presented to the FRA management board on 23 October 2008.

Amongst the main strategic objectives that were discussed in the working
groups was, that FRA should work on increasing the visibility of Fundamental
Rights issues, increase their recognition in the EU policy making process
and that it should maintain its monitoring function and its role as a
Fundamental Rights watchdog.

The thematic priorities of FRAs work in the coming years are predefined
by the Multi-annual framework adopted by the European Council. While
most participants agreed, that it should be avoided to create a kind of
shopping list of most important Fundamental Rights issues, topics like
data protection and privacy, children's rights, rights of migrants and
access to justice were expressed by participants to be important to be
addressed by the Agency as well as by the members of the Fundamental
Rights Platform.

Next steps to be taken by the FRP will be to define its organisational
structures and mechanisms of representation. In November 2008 the FRA will
begin to draft its 2010 work program. A consultation process on this will
start at the beginning of  2009 and there will be a meeting of the FRP in
2009 as well, where the necessary decisions on the organisational and
representative structures can be taken.

European Union Agency for Fundamental Rights
http://fra.europa.eu/

Council Regulation establishing FRA
http://fra.europa.eu/fra/material/pub/FRA/reg_168-2007_en.pdf

FRA Multi-annual framework
http://fra.europa.eu/fra/index.php?fuseaction=content.dsp_cat_content&catid=471f0d2f0ed70

(contribution by Andreas Krisch - EDRi)

============================================================
5. Social Networks - on the European Commission's Agenda
============================================================

Viviane Reding, Commissioner for Information Society and Media, gave her
first public speech on social networks at the Safer Internet Forum on 26
September 2008, which confirms the interest of the EU bodies on this topic.

The commissioner emphasized the growth of the social networks in Europe:
"56% of the European online population visited social networking sites last
year and the number of regular users is forecast to rise from today's 41.7
million to 107.4 million in the next four years. In 2007 9.6 million British
belonged to the country's social networking community, with 8.9 million and
France and 8.6 million in Germany. In Europe users spend 3 hours per month
on average on social networking sites according to comscore.com."

While praising their success in promoting cultural diversity and enhanced
interactivity and, at the same time, in bringing new economic opportunities
for the European industry, Reading mentioned also the new issues raised by
the social networks on data privacy and protection of minors.

On the occasion of this event, the submissions to the public consultation
on Age Verification, Cross Media Rating and Social Networking initiated
earlier this year by the EC were made public.

Other EU bodies, such as ENISA have called for new legislation that would
regulate social networking sites. According to its recent report, ENISA
pointed out that social networking sites such as Facebook and MySpace need
more regulation to protect their users against security risks.

But the Commissioner took the stance of self-regulation in relation to
social networking and announced that the Commission wants to act as a
facilitator: "For this purpose the Commission has convened a Social
Networking Task Force, which held two meetings in 2008 with 17 operators of
social networking sites used by under-18s (e.g. MySpace, Facebook, YouTube,
Bebo, Hyves, StudiVZ, and Skyrock), a number of researchers and child
welfare organisations. The objective is to agree on voluntary guidelines for
use of social networking sites by children, to be adopted voluntarily by the
European industry."

The European Commissioner speech and announced actions seem to forget
about the security and privacy issues raised by the use of the social
networks, focusing and involving only child welfare organisations.

The importance of the privacy aspects of the online social networks is
emphasized by the European Data Protection Authorities gathered in the
plenary of the Article 29 Working Party, that have announced that it is
preparing an opinion on online social networks. The working party has sent
out a questionnaire on data protection and privacy related issues to Social
Network Services and a consolidated version of the opinion is being
prepared.

Social Networking Sites: Commissioner Reding stresses their economic and
societal importance for Europe (26.09.2008)
http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/08/587&format=HTML&aged=0&language=EN&guiLanguage=en

Consultation Age Verification, Cross Media Rating and Social Networking -
submissions
http://ec.europa.eu/information_society/activities/sip/public_consultation/index_en.htm

The Article 29 Working Party- 67 plenary session (2.10.2008)
http://ec.europa.eu/justice_home/fsj/privacy/news/docs/pr_02_10_08_en.pdf

EDRi-gram: Social networking sites might be regulated in EU (4.06.2008)
http://www.edri.org/edrigram/number6.11/social-networking-eu

============================================================
6. Third Phorm trials started, but privacy concerns remained
============================================================

Following a complaint placed in July 2008 by campaigners against the British
companies BT and Phorm for their allegedly illegal secret ISP-level adware
trials, the London Police decided not to investigate the case arguing there
had been implied consent of their customers. BT started its third trial of
Phorm technology on 30 September, this time asking the consumers to opt-in.

Phorm is used to monitor a user's web browsing history, taking a copy of the
places the user goes to and search terms he (she) looks for. Then, adverts
related to that history are placed on websites that have signed up to use
Phorm, such as BT, Talk Talk and Virgin.

Phorm has been criticised being considered to break laws on unwarranted
interception of data. Privacy advocates are also concerned by the
information that the technology gathers about a user's web browsing habits.

"The matter will not be investigated by the City of London Police as it has
been decided that no Criminal Offence has been committed. One of the main
reasons for this decision is the lack of Criminal Intent on behalf of BT and
Phorm Inc in relation to the tests. It is also believed that there would
have been a level of implied consent from BT's customers in relation to the
tests, as the aim was to enhance their products" wrote detective sergeant
Barry Murray in an email to Alex Hanff, the anti-Phorm campaigner having
compiled the dossier against the two companies.

In the police's opinion, the matter is considered a civil dispute and "there
is no suggestion that Criminal Intent exists." Nicholas Bohm, lead counsel
of the Foundation for Information Policy Research, considers the police's
explanation "pathetic" and argues that Phorm breaks several criminal laws,
especially if there is no consent. "City of London Police's response
expresses massive disinterest in what occurred. Saying that BT customers
gave implied consent is absurd. There was never any behaviour by BT
customers that could be interpreted as implied consent because they were
deliberately kept in the dark. As for the issue of whether there was
criminal intent, well, they intended to intercept communications. That was
the purpose of what they were doing. To say that there was no criminal
intent is to misunderstand the legal requirements for criminal intent" he
said.

In February, after the first two trials of the technology used to intercept
and profile subscribers' Internet usage, BT and Phorm were advised by the
Home Office that the technology was covered by the Regulation of
Investigatory Powers Act (RIPA), governing wiretapping. The system could be
legal if consent was obtained but it appears that no consent had been asked
during those trials.

The Information Commissioner Office (ICO) asked in April 2008 that Phorm
ad-targeting system should be "opt in" and stated it would monitor Phorm
trials and commercial rollout to ensure the observation of the data
protection laws. ICO said that after its discussions with Phorm, there
appeared to be no infringement of the laws regarding personal data.

Information Society Commissioner Viviane Reding had asked the UK Government
to give, by the end of August, an explanation of how Phorm's technology
conformed with EU data protection and privacy laws. The Department for
Business, Enterprise and Regulatory Reform (BERR) responded in
September, basically considering that Phorm's products are capable of being
operated with the users' knowledge and consent, and if the users are
"presented with an unavoidable statement about the product and asked to
exercise a choice about whether to be involved."

But, as Nicholas Bohm has shown, unless the ISPs have the explicit consent
of both the customers whose profile is used as well as the advertising
websites using it, they are likely to commit an offence under the Regulation
of Investigatory Powers Act (RIPA). "The inevitable conclusion is that an
ISP who operates the Phorm system will commit offences under RIPA s1 on a
large scale. Phorm is inciting the commission of those offences, which is
itself an offence at common law (and will be an offence under section 44 of
the Serious Crime Act 2007 when it is brought into force to replace the
common law offence)" said Bohm.

The question is whether UK authorities are aware that communications between
Internet users and website owners during web browsing are legally private
just like the communications between any two private people. They think
future Phorm deployments can be legal. On the other hand, they refused to
make public their answer to the European Commission about the first two
secret trials.

Without having a clear answer on these issues, BT started on 30 September a
new trial of the Phorm technology, this time by asking consent to its users
for the participation in the trial. The company has even envisaged
incentives such as offering to donate to charities if its users opt to let
their Internet use profile for advertisers, an upgrade to a faster broadband
package at no extra cost, a reduction in the bill, free music or anti-virus
software download vouchers or others.

Digital rights campaigners have fought against Phorm for some time now and
have shown that there is no protection for UK citizens from corporations
wanting to illegally intercept private communications.

The European Commission lawyers are analysing the UK government's
explanation of why no action has been taken.

Phorm warned about web data rules (9.04.2008)
http://news.bbc.co.uk/2/hi/technology/7339263.stm

Police drop BT-Phorm probe (22.09.2008)
http://www.theregister.co.uk/2008/09/22/bt_phorm_police_drop/

Phorm mulls incentives for ad targeting wiretaps (26.09.2008)
http://www.theregister.co.uk/2008/09/26/phorm_webwise_incentives_survey/

4 good reasons not to take part in the BT Webwise trial (30.09.2008)
http://www.openrightsgroup.org/2008/09/30/4-good-reasons-not-to-take-part-in-the-bt-webwise-trial/

What BERR want from Phorm - and what we think they're missing (19.09.2008)
http://www.openrightsgroup.org/2008/09/19/what-berr-want-from-phorm-and-what-we-think-theyre-missing/

The Phorm "Webwise" System (18.05.2008)
http://www.cl.cam.ac.uk/~rnc1/080518-phorm.pdf

EDRi-gram: UK: Phorm targeted advertising practices - under pressure
(28.03.2008)
http://www.edri.org/edrigram/number6.6/phorm-uk-ifpr

============================================================
7. RapidShare needs to check every file for copyright infringement
============================================================

A Hamburg court in Germany has ruled that the free file-hosting service
RapidShare.de is not doing enough to combat piracy, so they should check
content for copyright infringement before it is made available on the
Internet .

The decision was given in the legal conflict between RapidShare and GEMA, a
German copyright collective organisation, that has been going fro some
years. RapidShare already has a system in place to check against the
uploading of already deleted material. The system is based on a MD5 Hash
filter, but it was not considered enough by the court because any file can
be changed with just a few bytes in order to bypass the filter.

Not even the fact that the company has six employees working full time to
remove infringing content was enough for the court that claimed that
RapidShare has to "pro actively check content before publishing it" if there
had been similar infringements in the past. They also have the obligation
to log the IP addresses of alleged infringers.

The judge also ruled that Rapidshare cannot argue that it is impossible to
stay in business if it would have to check every single file: "A business
model that doesn't use common methods of prevention cannot claim the
protection of the law."

The decision will be impossible to implement in the case of the password
protected archives that can't be checked for copyright infringement. Also,
the case could have limited effects to the Internet free file-hosting, since
RapidShare has its main office in Switzerland and there are other
free-hosting services available in almost every corner of the world.

Hamburg decision on RapidShare.de (only in German, 2.07.2008)
http://webhosting-und-recht.de/urteile/Oberlandesgericht-Hamburg-20080702.html

Court: Rapidshare has to check all uploads for copyright infringement
(30.09.3008)
http://www.p2p-blog.com/item-859.html

Rapidshare Loses in Court - Must Proactively Remove Copyrighted Content
(1.10.2008)
http://www.zeropaid.com/news/9781/Rapidshare%20Loses%20in%20Court%20-%20Must%20Proactively%20Remove%20Copyrighted%20Content

EDRi-gram: RapidShare sues German rights holder association (9.05.2007)
http://www.edri.org/edrigram/number5.9/rapidshare-gema

============================================================
8. Serbia: Conference on Regulation of online Freedom of Expression
============================================================

On 8 and 9 September 2008, the Faculty of Political Sciences of the
University of Belgrade hosted the international conference on regulation of
freedom of expression on the Internet, organized by the Programme in
Comparative Media Law and Policy (PCMLP) of the University of Oxford.
EDRi-member Metamorphosis Foundation participated with a presentation of the
Macedonian experiences in this area.

The dean of the Faculty of political sciences Milan Podunavac reported that
as part of the efforts to overcome the negative legacy from the Serbian
past-as a postwar, post-dictatorial and post-communist society-the faculty
intends to introduce a subject for media law and new media law. The
Ambassador of the Council of Europe (CoE), Constantin Jerokostopulos,
indicated that the freedom of expression and communication must be
respected, with an exception of the contents defined as illegal by the law.

Jelena Surculija, Assistant Minister of Telecommunications and Information
Society and PCMLP representative for Serbia pointed out that regulatory
challenges include authenticity of the information and availability of
content published abroad in countries where such content is illegal. She
differentiated between blogging as form of expression dealing mainly with
personal information and perceptions, including publishing on
Facebook.com-like systems, and citizen journalism as a new form of
journalism which for the time being remains unacknowledged due to issues of
ethics and media registration.

Prof. David Goldberg from the University of Oxford started with the basic
assumption that "blogging is simply a form of expression, of writing, and as
such it is entitled to maximum protection." He pointed out that it is a
"misleading metaphor to speak about 'balance.' The default position is
promotion of freedom of expression with some very limited exceptions."
Speaking about the challenges, prof. Goldberg suggested the possible need to
define a new term for political blogs - plogs, and also noted that current
estimates on the number of blogs probably underestimate their quantity,
considering also the fact that "22 of the 100 most popular websites are
blogs."

Referring to a recent UK case when a convicted criminal posted a threat to
his arresting officer ("PC Lloyd, God help your newborn baby") and was
charged under Telecommunications Act, prof. Goldberg stated that there's "no
need for new laws, there's plenty of legislation lying around" which can be
used to tackle the blogging-related problems. On the other hand, the need
for anti-SLAP legislation-preventing centers of power such as corporations
to use strategic lawsuits against the public-grows, to insure freedom of
expression for the individual authors or content providers.

Council of Europe Expert Ad Van Loon also pointed out that human rights
protection, and especially freedom of expression, lies at the core of the
CoE regulatory framework for content on the internet. These rights remain
under threat in countries which do no meet their international obligations,
but can also be influenced by other factors, such as copyright.

Legal experts Slobodan Kremenjak, Attorney-at-Law, and Snezana
Smolovic-Green from the Association of the Independent Electronic Media
presented the legal framework for protection of personal data and privacy
protection in online and offline media. Serbian institutions responsible for
these areas include the Ombudsman and the Representative for information of
public importance. In this context, prof. Dirk Voorhoof from the University
of Gent Belgium pointed out that the related right to anonymity can be
jeopardized by various threats, both legal and technical.

Media law expert Inger Hoedt-Rasmussen provided insight in the Danish
experiences in the area of protection of rights of children on the
internet, based on the premise that bad things are just a small part of the
possibilities offered by the new technologies. The threats can be minimized
through awareness raising and increasing of knowledge much better than
through state mechanisms of control and censorship. She noted that kids as
digital natives have far more knowledge and skills about the new
technologies than their parents who attempt to help them. The dangers, such
as paedophile predators, did not appear because of the internet, they were
part of life in the past too. Caregivers had modes of preventing such
threats in the past, such as instructing choir boys when going on tour to
immediately report if some "uncle" follows them around claiming he's very
interested in music.

During the panel devoted to regulation and/or self-regulation on the
internet, Andrei Richter, the director of the Moscow Media Law and Policy
Institute pointed out the serious issues present in Russia and the
Commonwealth of Independent States. The most drastic example is the arrest
and murder of the owner of the website Ingushetia.ru. He referred to the
little known fact that Belarus is among the most productive post-Soviet
republics in terms of internet content production, second only to EU-member
Baltic States, while the states of Central Asia, which have very liberal
legislative framework, lag behind. Prof. Richter pointed out that repressive
legal frameworks often take the back seat to education levels and cultural
factors in preventing content creation, which in turn incites freedom of
expression. Due to its size, Russia has the largest content production in
absolute terms, and "it is clear that (the Government) cannot control the
internet any more." Influencing factor is whether the states treat the
internet as mass media or not, which implies varied status in legislative
terms. For instance in Georgia where mass media have nominal protection this
leads to increased freedom of expression on the internet. In Russia, sadly
"the whole system of self-regulation consists of a telephone call from the
security services." Participants in the discussion concurred that the
situation in Serbia used to be similar.

Metamorphosis Foundation representative Filip Stojanovski spoke about the
situation in Macedonia as an example of a Western Balkans country. In
general, there is no formal regulation of the internet. ISPs claim that they
do not filter the content published on their servers, and remove content
only by court order. In some cases the generally accepted value of freedom
of expression leads to tolerance to forms of hate speech. Lack of official
standards for the governmental websites combined with the silence of the
administration makes it harder for the citizens to get the information from
the state structures. Spam is a form of regulated content - forbidden by the
Law on Electronic Communications (2005) but to the best of the public
knowledge, the regulatory body in charge of enforcing this law (aek.mk)
has not implemented these provisions so far. Positive examples of
self/regulation include the house rules of blogging service Blogeraj, the
efforts to increase privacy protection by the Directorate for Personal Data
Protection and the NGO sector, chiefly the project Children's Rights on the
Internet - Safe and Protected.

Slobodan Markovic, president of the Center for Internet Development from
Belgrade addressed freedom of expression issues related to the internet
domain names. On global level ICANN implements the Domain Name Dispute
Resolution Policies. Through an inclusive consensus building process, the
relevant stakeholders in Serbia established a new domain registrar. The
mechanism for resolution of disputes relies on court arbitration, which is
part of the original contract for purchase of domains. In a similar painless
fashion the process of migration from the old .yu to the new .rs top domain
is taking place. The owners of the old domains have an advantage in the
process of (re)registration, and the old addresses will remain valid for
about a year more.

Participants in the conference included representatives of the state
institutions, regulatory bodies, the nongovernmental and the business sector
of Serbia. Both the panels and the subsequent discussions served to pass on
the knowledge helpful to inciting reform processes toward the harmonization
of the legal and institutional frameworks with the European standards.

Conference Agenda (08.09.2008)
http://pcmlp.socleg.ox.ac.uk/html/Sept08agenda.pdf

Serbia: Conference on Regulation of Freedom of Expression on the Internet
(22.09.2008)
http://www.metamorphosis.org.mk/content/view/1241/lang,en/

(contribution by Filip Stojanovski - EDRi-member Metamorphosis Foundation -
Macedonia)

============================================================
9. An update on the Italian PirateBay case
============================================================

The Bergamo Criminal Court overrules the seizure, but establishes a case law
that is a violation of civil rights.

On 16 August 2008 ALCEI reported to the Italian Data Protection Authority
the violations of law contained in the pre-emptive seizure order issued by
the Justice for preliminary investigation of the Bergamo Tribunal. In that
report, ALCEI pointed out that:

- the wrong and manipulative extension of the provision that disciplines
a pre-emptive seizure to include the hijacking of online traffic;

- the enforcement of a court order outside Italian jurisdiction and,
what's even worse, not based on any actual criminal offense, but on
"statistical" hypotheses based on data that have no scientific reliability;

- the misconduct by the Bergamo Guardia di Finanza that, without any court
order, ordered internet access providers to redirect all requests of
connection from Italy to the thepiratebay.org website to another site,
placed in the UK and managed by an organization backed by music industry.

While we are waiting for the decision of the Data Protection Authority (that
we hope will come soon) the Bergamo Court has overruled the pre-emptive
seizure order with a decision that, instead of solving the problems arising
from the first decision, creates worst issues. The Bergamo Court, in fact,
has overuled the seizure, but only on the legal basis. As it has been
pointed
out by ALCEI, that "seizure" cannot be interpreted as "traffic hijacking".

But the court did not, as it should have done, evaluate first of all the
lack of Italian jurisdiction. By not doing so, the Bergamo tribunal has
created a dangerous case law that, by reciprocity, allows any foreign
magistrate to investigate and take to court an Italian citizen, with the
additional absurdity that even in the absence of any evidence that a crime
has been committed, a legal prosecution can be based on hypothetical
"statistic calculation".

Furthermore, by asserting the validity of the public prosecutor
investigation, the Court has de facto established the automatic liability
not only of internet providers, but also of search engines, and the
possibility of using, as an investigative tool, data and information with no
solid ground.

And also, by saying that even if pre-emptive seizure has been wrongly
enforced , it is "in theory compatible with" sect.14D.L.VO 70/03 (EU
E-commerce directive implementation, dealing with ISP liability), the Court
of Bergamo on the one hand allows "owners of ideas" to push for an
additional and barbaric copyright law amendment while, on the other hand, it
reaffirms an obvious error of interpretation of law by affirming the role of
ISPs as "sheriffs of the net".

ALCEI expresses serious concern about this court decision that fails to
offer clear references for citizens and enterprises, increases confusion and
the perception that, when copyright is involved, law is not "equal for all".

ALCEI - An update on the Piratebay case (8.10.2008)
http://www.alcei.org/?p=38

ALCEI Press release - The Piratebay case.  The Bergamo Criminal Court
overrules the seizure, but establishes a case law that is a violation of
civil rights. (only in Italian, 7.10.2008)
http://www.alcei.it/index.php/archives/132

ALCEI : Dangerous Ordinance on PirateBay (only in Italian, 8.10.2008)
http://punto-informatico.it/2430933/PI/News/alcei-pericolosa-ordinanza-sulla-baia.aspx

EDRi-gram: Italian justice wants to "seize" a foreign website (27.08.2008)
http://www.edri.org/edrigram/number6.16/italy-blocks-piratebay

(contribution by EDRi-member ALCEI - Italy)

============================================================
10. Recommended Action
============================================================

Consultation on the early challenges regarding the "Internet of Things"
http://ec.europa.eu/information_society/tl/activities/consultations/index_en.htm

Commission consults on how to put Europe into the lead of the transition to
Web 3.0 (29.09.2008)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/08/1422&format=HTML&aged=0&language=EN&guiLanguage=en

============================================================
11. Recommended Reading
============================================================

FOI in the EU: When is a "document" not a "document"? by Tony Bunyan

The European Commission has put forward a number of changes to the
Regulation on access to EU documents adopted in 2001. Controversially it
proposes to change the definition of a "document" which in turn affects
which would or would not be listed on its public register of documents. Does
this have anything to do with the fact that the European Ombudsman has just
ruled that the Commission must abide by the existing definition of a
"document" in the Regulation and that it must list all the documents it
holds on its
public register?
http://www.statewatch.org/news/2008/sep/foi-in-the-eu-what-is-a-document.pdf

============================================================
12. Agenda
============================================================

10-11 October 2008, Paris, France
The Exchange and Storage of Data - Issues of Sovereignty, European and
International Technical Cooperation, and Fundamental Human Rights
http://www.libertysecurity.org/article2224.html

11 October 2008, Worldwide
Action day "Freedom not fear"
Protests, demonstrations and activities against the surveillance mania
http://wiki.vorratsdatenspeicherung.de/Freedom_Not_Fear_2008

13-15 October 2008, Strasbourg, France
First PrivacyOS "Open Space" Conference
EDRi is a partner of the PrivacyOS project - a thematic network for privacy
protection infrastructure within the current European Commission4s ICT
Policy Support Programme.
http://www.privacyos.de/index.php?option=com_content&view=section&layout=blog&id=3&Itemid=37

15-17 October 2008, Strasbourg, France
30th International Data Protection and Privacy Conference
http://www.privacyconference2008.org/

18 October 2008, Berne, Switzerland
Big Brother Awards Switzerland 2008
http://www.BigBrotherAwards.ch/

20-21 October 2008, Strasbourg, France
European Dialogue on Internet Governance (EuroDIG)
http://www.eurodig.org/

20-21 October 2008, Amsterdam, Netherlands
Marking the public domain: relinquishment & certification
Third Communia Workshop
http://communia-project.eu/node/109

21 October 2008, Brussels, Belgium
Workshop "International Transfers of Personal Data"
Organized by the European Commission with the Article 29 Data Protection
Working Party and the United States Department of Commerce's International
Trade Administration.
http://ec.europa.eu/justice_home/news/events/news_events_en.htm#personal_data_workshop

22 October 2008, Brussels, Belgium
New Legal Requirements for the Electronic Communications Sector:
Security Breach Notification, Content Filtering and Data Retention
http://www.fitce.be/node/151

24 October 2008, Bielefeld, Germany
Big Brother Awards Germany 2008
http://www.BigBrotherAwards.de/

25 October 2008, Vienna, Austria
Big Brother Awards Austria 2008
http://www.BigBrotherAwards.at/

13-14 November 2008, Chisinau, Moldova
IFLA/EBLIDA/eIFL Conference on copyright and libraries
Copyright: Enabling Access or Creating Roadblocks for Libraries?
Registration by 1 November 2008
http://www.eblida.org/index.php?page=draft-programme-2

25-26 November 2008, Brussels, Belgium
World e-Parliament Conference 2008
http://www.ictparliament.org/worldeparliamentconference2008/

3-6 December 2008, Hyderabad, India
Third Internet Governance Forum
http://www.intgovforum.org

9-10 December 2008, Madrid, Spain
Future Internet Assembly
http://www.future-internet.eu/home/future-internet-assembly/madrid-dec-2008.html
http://www.fi-madrid.eu/

10-11 December 2008: Tilburg, Netherlands
Tilting perspectives on regulating technologies, Tilburg Institute for Law
and Technology, and Society, Tilburg University
http://www.tilburguniversity.nl/tilt/conference

27-30 December 2008 Berlin, Germany
25C3: Nothing to hide
The 25th Chaos Communication Congress
http://events.ccc.de/congress/2008/

18-20 March 2009, Athens, Greece
WebSci'09: Society On-Line
http://www.websci09.org/

============================================================
13. About
============================================================

EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 28 members based or with offices in 17 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRI-grams.

All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and visibly on the
EDRI website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 2.0 License. See the full text at
http://creativecommons.org/licenses/by/2.0/

Newsletter editor: Bogdan Manolea <edrigram at edri.org>

Information about EDRI and its members:
http://www.edri.org/

European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.
unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edrigram-mk.php

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or
unsubscribing

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE