EDRi-gram newsletter - Number 7.7, 8 April 2009

EDRI-gram newsletter edrigram at edri.org
Wed Apr 8 12:04:36 PDT 2009


============================================================

           EDRi-gram

biweekly newsletter about digital civil rights in Europe

    Number 7.7, 8 April 2009


============================================================
Contents
============================================================

1. EP needs to protect users' rights in the Telecom Package!
2. French National Assembly votes for the three strikes law
3. European Parliament asks for respect of human rights on the Internet
4. Extended copyright term for sound recordings pushed back
5. Behavioural targeting at the European Consumer Summit
6. Second PrivacyOS Conference
7. Phorm - under scrutiny at the European level
8. ISPs asked to block child porn sites on the Internet
9. Big Brother Awards France 2009
10. Recommended Reading
11. Agenda
12. About

============================================================
1. EP needs to protect users' rights in the Telecom Package!
============================================================

The new developments on the Telecom Package over the last two weeks,
with the approval of a new text in the IMCO (Internal Market Committee) of
the European Parliament (EP) and the initiation of the trialogue between EU
Council, the European Commission and the Parliament in order to reach an
agreement on the final text, shows the worst situation for Internet users.

Although much of the MEPs seem happy with the new text that allows
"simplifying life for telecom users", they seem to forget that other
articles are raising much bigger problems for Internet users, especially
related to the 3 strikes proposal or to privacy on the Internet. And facing
the June 2009 Euro-elections, MEPs need to support the users' rights also
for the second reading of the text, which will probably take place during
the first week of May.

Thus, the much praised Amendment 138 adopted by a large majority of the MEPs
in the first instance has been turned up-side-down by the COREPER (Committee
of Permanent Representatives), which transformed it from a substantive law
provision (an amendment to the directive) into a simple recital and
completly change it in a pro-copyright amendment. Thus the new text says "no
restriction may be imposed on the fundamental rights of end-users, without a
prior decision taken by legally competent authorities".

By changing the initial text: "judicial authorities", the new text opens the
backdoor for the recently adopted 3 strikes law in France and shows the
weaknesses of the European Parliament rapporteur, Catherine Trautmann, that
gave in to pressure from the UK and France.

And this is not the only case where the EP has given in. In relation with
the  scope of the data breach notification obligation for the providers of
telephony and Internet access services, this has been radically limited
comparing with the initial text adopted in the first reading by the EP. It
seems that the new text already negotiated in the trialogue discussions will
apply only for the the data breaches by electronic communication providers,
which is a major hold-back taking into consideration that most of the
"headlines" data breaches belonged to Government services, banks and online
services. The new text just forgets the excellent points made by Article 29
Working Group and the European Data Protection Supervisor, that pushed for a
larger constituency for this obligation.

Even though the European Parliament's Telecoms Package rapporteur, Catherine
Trautmann, and the European Commissioner of Information Society, Viviane
Reding had been publicly supportive of  the net neutrality principle, it
seems that the negotiations might accept an amendment that will not give
users "unrestricted rights" of access to the Internet.

The new situation prompted a response from several Internet communications
companies such as Google, Microsoft and Skype that, gathered as the Voice on
the Net Coalition Europe urged "the European decision-makers to adopt
principles to allow consumers to access the services, applications and
content of their choice on any public network, regardless of the provider
that offers them." This move comes also after the announcement of T-Mobile
in Germany or Telefonica in Spain to block Skype on iPhones.

There is also a glimpse of good news, after it has been decided by the IMCO
that "voluntary data retention" clause should to be deleted. It also seems
that this compromise amendment will survive the trialogue negotiations.

Telecoms package: strengthening users' rights and internet security
(31.03.2009)
http://www.europarl.europa.eu/news/expert/infopress_page/058-52901-089-03-14-909-20090330IPR52900-30-03-2009-2009-false/default_en.htm

Distorted amendment 138 tries to present graduated response as legal
(2.04.2009)
http://www.laquadrature.net/en/distorted-amendment-138-tries-to-present-graduated-reponse-as-legal

European Parliament compromises on Internet rights (31.03.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=302&Itemid=9

Trautmann deal wraps up Internet limitations (1.04.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=304&Itemid=9

Leading Providers of Voice Solutions over the Internet Protest Against
Blocking or Degrading of VoIP applications over mobile networks, after
T-Mobile announcement (3.04.2009)
http://www.iptegrity.com/pdf/VON.europe.telecoms.package.pdf

Internet rights being written out as Spain blocks Skype (7.04.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=309&Itemid=9

EDRi-gram:Data protection authorities support civil society on the Telecom
Package (25.02.2009)
http://www.edri.org/edri-gram/number7.4/data-protection-telecom-package

============================================================
2. French National Assembly votes for the three strikes law
============================================================

An almost empty National Assembly voted on 2 April 2009 in favour of the
extremely controversial law introducing the graduate response system in
France, in spite of the fierce opposition from privacy campaigners,
individuals, associations and even some French deputies.

The poor attendance of the Assembly at the vote is considered by some as one
of the reasons for the success of the draft law so strongly pushed by the
French Minister of Culture, Christine Albanel.

The approved text has undergone some modifications during the discussion in
the assembly. One of the voted amendments is apparently amnestying all the
Internet users sued for downloading. Actually the text refers only to users
accused of counterfeiting in relation to related rights.

One of the few victories of the opposition in the National Assembly was the
amendment allowing an Internet subscriber whose connection has been cut by
Hadopi to stop paying for the respective subscription related to the
Internet.

A so called Hallyday clause was voted, stipulating that illegal downloading
will not be subject to sanction when the author of the downloaded work
resides in a tax haven, such as is the case of French artist Johnny Hallyday
(hence the name of the clause) who lives now in Switzerland and pays a
minimum amount of taxes for the fortune he has earned in France from his
works.

Differently from the initial text where the sanctioned Internet user had
only 7 days to make an appeal to the court, the modified version allows now
a period of 30 days for the formulation of an appeal, after the notification
date.

Rapporteur Franck Riester introduced the proposal that Hadopi applies a
label to the legal downloading sites thus favouring the legal offers. The
amendment says that the search engines should thus emphasize the authorised
sites. Faced with opposition arguments and questions related to whether this
would force sites like Google to point out such sites, the rapporteur
answered that Google should not be affected and that the proposal was only
to create lists of legal sites.

The law gives entire freedom to Hadopi authority regarding the sanctions to
be taken against infringers. The authority may either cut the connection of
the user after three infringements or choose to ask the user to protect the
connection against downloading. The measure is to allow an institution, such
as a hospital, to keep its Internet connection. Therefore, a physical person
may have his connection cut but not an institution. Still, the decision will
belong to Hadopi authority which is free to choose the sanction according to
the user.

On 2 April, the Culture Minister has also confirmed that the Internet users
that want to be sure that they will not be considered liable under the
Hadopi law, should install filtering software on their computers. This
software, approved by Hadopi, will need to communicate with a remote server
showing that the software is active at the moment the alleged infringement
takes place.

Nicolas Maubert, attorney with Gide Loyrette Nouel, has argued that the
Hadopi law could be in breach of the protections provided by the French
Constitution and therefore might be challenged by the French judicial body.

"When a law seems so risky in its application, so unpredictable and random
from the technical point of view, it is not a good law and it takes
something from Courteline, a little from Kafka and a lot from Alfred
Jarry", stated opposition deputy Christian Paul.

Also, in view of the recent position of the European Parliament which has
voted for guaranteeing the Internet access to all citizens as a fundamental
human right, the French law may be is a critical position. However, during
the debates in the National Assembly, on 30 March, Christine Albanel, stated
that the European Parliament's votes against the graduate response had no
legal or political incidence.

And even if the point related to the cutting off of the Internet user is
solved, Hadopi authority will still have the power to apply fines and other
penalties and pass injunctions. French users who frequently download content
illegally might soon find themselves severely fined.

As last minute news, on 7 April, the Joint Mixed Commission (Commission Mixe
Paritaire - CMP), a commission including 7 deputies and 7 senators, supposed
to agree upon a compromise text on the draft law before the law is sent for
the final vote in the Parliament on 9 April, took its decision.

The graduated response mechanism proposed now is that Hadopy authority sends
two electronic warnings, followed by a registered letter to the alleged
illegal Internet downloaders. In case of non-compliance during a period of a
year, the infringers' access will be cut off for 2 months to one year or up
to three months in case the user commits to stop the infringement. CMP
rejected the amendment which proposed that Internet users sanctioned for
alleged illegal downloading should stop paying their subscription. So,
besides having their access cut off, they would also continue to pay for a
service they will not be able to use. Furthermore, the commission rejected
the amendment proposing an amnesty for Internet users prosecuted for illegal
downloading before the entering into force of the law.

The Commssion has also reduced the present period of 6 months to 4 months
from the issuing of a movie in cinema halls to the occurrence on DVDs.

In case the text is finally voted by the French Parliament on 9 April, the
socialists, who consider the law as "inefficient, useless, technically
inapplicable and which will not bring any euro to the creation", will appeal
to the Constitutional Council.

French pass 'three strikes' file-sharing law (3.04.2009)
http://www.theregister.co.uk/2009/04/03/french_three_strikes/

How the Assembly modified the Hadopi (only in French, 3.04.2009)
http://www.20minutes.fr/article/317785/High-Tech-Comment-l-Assemblee-a-modifie-l-Hadopi.php

The Criation et Internet law adopted in a quasi empty Assembly (only in
French, 2.04.2009)
http://www.20minutes.fr/article/317513/High-Tech-La-loi-Creation-et-Internet-adoptee-dans-une-Assemblee-quasi-vide.php

Draft law favouring the distribution and protection of the creation on the
internet, modified by the National Assembly in first reading (only in
French, 2.04.2009)
http://www.assembleenationale.org/13/ta/ta0249.asp

Hadopi adopted (only in French, 3.04.2009)
http://www.ecrans.fr/Hadopi-adoptee,6848.html

Hadopi debates: catching up session for the week-end (only in French,
3.04.2009)
http://www.numerama.com/magazine/12532-Debats-Hadopi-seance-de-rattrapage-pour-le-week-end.html

Hadopi: The Mixed Joint Commission (CMP) advanced for Tuesday (only in
French, 6.04.2009)
http://www.numerama.com/magazine/12550-Hadopi-la-Commission-Mixte-Paritaire-CMP-avancee-a-mardi.html

Hadopi law: the "double pain" re-established before the final vote (only in
French, 8.04.2009)
http://www.challenges.fr/actualites/high_tech/20090408.CHA2775/piratage__la_cmp_retablit_la_double_peine.html

EDRI-gram: France: Three strikes law debated by the General Assembly
(25.03.2009)
http://www.edri.org/edri-gram/number7.6/3-strikes-france-assembly

============================================================
3. European Parliament asks for respect of human rights on the Internet
============================================================

On 26 March 2009, the European Parliament voted with a large majority to
support Lambrinidis report concerning the protection of individual liberties
on the Internet, rejecting the amendments proposed by the French Government
and the copyright industry.

The position of the EP is that "guaranteeing Internet access to all citizens
is the same as guaranteeing all citizens access to education" and that "such
access must not be refused in punishment by governments or private
organizations". The MEPs ask the Member States to "recognise that the
Internet can be an extraordinary opportunity to enhance active citizenship
and that, in this respect, access to networks and contents is one of the key
elements; recommend that this issue be further developed on the basis of the
assumption that everyone has a right to participate in the information
society and that institutions and stakeholders at all levels have a general
responsibility to assist in this development, thus attacking the twin new
challenges of e-illiteracy and democratic exclusion in the electronic age."

The report adopted by the MEPs acknowledges the necessity of providing
safety measures for the protection of Internet users, especially children,
due to the risks users may be exposed on the Internet which can be used as a
tool for criminals or terrorists. The report proposes actions against
cybercriminals but at the same time, asks for a balance between security on
the Internet and the guarantee of the fundamental rights of Internet users'
privacy. The MEPs call to Member States to protect the "respect for private
life, data protection, freedom of speech and association, freedom of press,
political expression and participation, non-discrimination and
education.(...) Having in view the global character of the Internet, the
MEPs recommend that Member States and the European Commission should draw
regulations for data protection, security and freedom of speech in order to
protect the privacy of Internet users," says the EP recommendation.

The EP also urges Member States to take due account of the "importance of
anonymity, pseudonymity and control of information flows for privacy and the
fact that users should be provided with, and educated about, the means to
protect it efficiently, for instance through various available
Privacy-Enhancing Technologies (PETs)." The recommandation asks the Member
States to identify all entities which use Net Surveillance and to draw up
publicly accessible annual reports on Net Surveillance ensuring legality,
proportionality and transparency.

In the EP's opinion, attention must be paid to "network neutrality,
interoperability, the global accessibility of all Internet nodes, and the
use of open formats and standards". EP also raises the issue of the Internet
users' consent for giving personal information to governments or private
companies, drawing the attention on the imbalance of the negotiating power
between users and institutions. The MEPs' position is that users should be
able to have the right to permanently delete any of their personal details
saved on "internet websites or on any third party data storage medium."

By rejecting France's amendments to the report, the EP has rejected again
the graduate response scheme pushed so hard by France. The EP considers that
the IPR enforcement does not need to use "the systematic monitoring and
surveillance of all users activities on the Internet" and that the penalties
need to be proportionate to the infringements committed.

The European Parliament also publicly supports the "Internet Bill of Rights"
and the promotion of the "privacy by design" principle.

Recomamndation on Security and fundamental freedoms on the Internet
(26.03.2009)
http://www.europarl.europa.eu/news/expert/infopress_page/017-52613-082-03-13-902-20090325IPR52612-23-03-2009-2009-false/default_en.htm

EP recommendation on Strengthening security and fundamental freedoms on the
Internet (26.03.2009)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P6-TA-2009-0194+0+DOC+XML+V0//EN&language=EN

Lambrinidis report: pro-copyright changes rejected (26.03.2009)
http://www.iptegrity.com/index.php?option=com_content&task=view&id=292&Itemid=9

The European Parliament rejects "graduated response"... for the third time
(26.03.2009)
http://www.laquadrature.net/en/the-european-parliament-rejects-graduated-response-for-the-third-time

Privacy and Fundamental Freedoms Put to Vote (27.03.2009)
http://lavasoft.com/mylavasoft/securitycenter/blog/privacy-and-fundamental-freedoms-put-to-vote?myattic

EDRI-gram: EP wants a better balance between Internet security and privacy
rights (11.03.2009)
http://www.edri.org/edri-gram/number7.5/ep-balance-security-privacy

============================================================
4. Extended copyright term for sound recordings pushed back
============================================================

The proposal for the extension of the copyright terms for sound recordings
was rejected on 27 March 2009 by COREPER, which has the task to negotiate a
consensus before the EU Council of Ministers takes votes.

To the great disappointment of the recording industry, COREPER rejected the
extension of the copyright term as there was no consensus of the Member
States on the matter. A sufficient number of states opposed the legislative
proposal to constitute a "blocking minority".

So, the European Commission's intention to extend the term from the current
50 years to 95 years, although backed by the legal affairs committee in the
European Parliament is at least postponed. UK is one of the states having
changed its position in this matter, having reservations to the attempts of
industry lobbyists to oppose to a related retirement fund for future
musicians. The British government stated having voted against the proposal
because the "current text did not yet give sufficient benefit for
performers." UK would be in favour of a shorter extension of up to 70 years.

"It is clear that today's outcome will not kill off the proposals to extend
copyright term, but rather that member states need more time to consider
that details of the proposal and reach an agreement," said John Denham,
British MP, UK secretary of state for innovation.

The Featured Artists' Coalition (FAC) considers any extension of the
existing rights would only benefit record companies and that at the end of
the 50-year period, copyright should automatically transfer from record
labels to artists. "Record companies would simply gain another 45 years of
ownership, entrenching the terms of record contracts signed in an analogue
age," was FAC's statement.

The FAC has set up a different set of policies on copyright and intellectual
property than that of the music industry lobbying groups and has launched
a "Charter for fair play". The Charter states that artists should have the
"ultimate ownership of thei music" and that "rights holders should have a
fiduciary duty of care to ther originator of those rights and must always
explain how any agreement may affect how their work is exploited."

The coallition's opinion this will not be achieved by the extension of the
copyright term but by a change in the approach of the agreements between
artists and the music industry and in the up-dating of the legislation. "So
we will campaign for laws, regulations, business practices and policies that
protect artists' rights. We will stand up for all artists by engaging with
government, music and technology companies, and collection societies. We
will argue for fair play and will expose unfair practices," says the
Charter.

The EU Czech presidency will continue working on the proposal in order to
prepare a second reading for a possible agreement in the future.

EU governments vote against copyright extension in Brussels (1.04.2009)
http://www.openrightsgroup.org/2009/04/01/eu-governments-vote-against-copyright-extension-in-brussels/

Europe split on music copyright extension (28.03.2009)
http://www.ft.com/cms/s/0/b1f9dd4e-1b0a-11de-8aa3-0000779fd2ac,dwp_uuid=bd2f85d2-8e90-11db-a7b2-0000779e2340.html

Every Vote Counts: the EU Copyright Term Extension Battle Heats Up
(30.03.2009)
http://www.eff.org/deeplinks/2009/03/every-vote-counts-eu-copyright-term-extension-batt

U.K. Biz 'Disappointed' At EU Term Extension Rejection (27.03.2009)
http://www.billboard.biz/bbbiz/content_display/industry/e3ie96e4a3e8c042db2656e93200128bb91

Pop star union demands new kind of copyright extension (2.04.2009)
http://www.out-law.com//default.aspx?page=9922

FAC - A charter for fair play in the digital age
http://www.featuredartistscoalition.com/our_charter.html

EDRi-gram: Extension of copyright term postponed in the European Parliament
(25.03.2008)
http://www.edri.org/edri-gram/number7.6/copyright-extension-delayed

============================================================
5. Behavioural targeting at the European Consumer Summit
============================================================

The European Commission Directorate - General for Health & Consumers
organized the European Consumer Summit on "Consumer Trust in the Digital
Market Place" held in Brussels on 1 and 2 April, 2009. The agenda featured
policy workshops on 'Consumer challenges and opportunities in the digital
world' and 'Consumer advocacy'. Within the first topic, the whole range of
consumer concerns in the digital market place considered to be major
obstacles to the full take-off of business to consumer e-commerce and
possible solutions to create consumer trust were discussed. Thematically,
the topic of consumer data collection, profiling and targeting was arching
out pointing the heavy reliance on personal information in the digital
environment; something which captured policy makers' attention in Europe
fairly recently.

In a preceding 'Roundtable on Online Data Collection, Targeting and
Profiling' hosted by the Directorate-General for Health & Consumers on 31
March experts and stakeholders' input had been generated in order to feed
back into the main event. In her key note speech Commissioner Meglena Kuvena
observed that "personal data is the new oil of the Internet and the currency
of the digital world" - a reality to be accepted in exchange for free
content online. However, well established consumer protection principles,
including the applicable data protection regulations, are not fully complied
with in the "World Wide Web (...) turning out to be the world 'wild west'."

In order to reassert the confidence of the users and consumers, Mrs. Kuneva
sees privacy policies as the key to implement fairness and transparency
standards as well as meaningful consumer control. Her message to the
participants of the roundtable showed determination to enforce existing
regulation on the Internet and to regulate where adequate response to
consumer concerns on the issue of data collection and profiling is missing.

The roundtable proceeded with contributions from industry, lobbies and
consumer organizations as well as academics discussing the data collection
practices and business models as well as risks and opportunities for
consumers. The business model to (co)finance content and free services with
online advertisement that incorporates to a varying degree targeted
information and personal data is certainly pervasive also beyond gratis
offers. It is important however to tell apart the numerous online
advertising practices and assess whether and to what extent personal
information of users is involved. Companies and industry associations favour
good practice principles and self-regulation, and, inevitably, see consumer
control implemented with the opt-out mechanism. According to this spectrum,
users are empowered individually to control the use of their personal
information and collectively through the lever of brand value that would
caution companies. Critical interventions raised the need for special
protection of sensitive segments such as children and sensitive personal
data, a state of fairness in privacy policies and consent generation, and
the problem of multi-layered and networked data collection, leaving the user
largely unaware of who controls which personal information. Consumer
education about online advertising and the meaning of privacy policies and
consent emerged as a consensus from the discussion.

Member of European Parliament Stavros Lambrinidis, rapporteur of the
recent report on strengthening security and fundamental freedoms on the
Internet, stressed the necessity to prescribe limits to the 'consent' that
can be obtained from users regarding the processing of their personal data
in the digital marketplace. As reflected in his report, the imbalance of
negotiating power and knowledge between individual users and data
processing industry and authorities bears the risk that "Big Brother" will
come stealthily and with our "consent".

In the progress of the European Consumer Summit behavioral advertisement and
its consumer policy implications were prominently raised and wrapped up,
asking for:

a. the evaluation of different online advertising practices,
b. ways to improve consumer control and information,
c. the role and robustness of standards and best practices, and
d. how the fairness concept can be best transposed from offline to online.

In order to keep a channel for discussion open, the Directorate-General for
Health & Consumers proposed to set up a privacy blog on its webpage and
invited comments. The way forward was not specified and is further
complicated by the fact that online consumer data protection is situated at
the intersection of the tasks of  theree Directorates - General: Health and
Consumers, Freedom Security and Justice, and Information Society and Media.

In the U.S., the Federal Trade Commission (FTC) examined online behavioral
advertisement to some length and published in February 2009 a Staff Report
on Self-Regulatory Principles for Online Behavioral Advertising.

Meglena Kuneva, European Consumer Commissioner, Keynote Speech (31.03.2009)
http://europa.eu/rapid/pressReleasesAction.do?reference=SPEECH/09/156&format=HTML&aged=0&language=EN&guiLanguage=en

Report with a proposal for a European Parliament recommendation to the
Council on strengthening security and fundamental freedoms on the Internet
(25.02.2009)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+REPORT+A6-2009-0103+0+DOC+XML+V0//EN

FTC Staff Report on Self-Regulatory Principles for Online Behavioral
Advertising (12.02.2009),
http://www.ftc.gov/opa/2009/02/behavad.shtm

Center for Democracy & Technology, A Guide to Behavioral Advertising,
http://www.cdt.org/privacy/targeting/

Center for Democracy & Technology, Threshold Analysis for Online Advertising
Practices (28.01.2009)
http://cdt.org/press/20090128press.php

Internet Governance Forum (IGF), Workshop 83: The Future of Online Privacy:
"Online advertising and behavioral targeting" (5.12.2008),
http://www.intgovforum.org/cms/Contributions2009/Workshop-Report-IGF-vf.pdf

(contribution by Kristina Irion - Central European University)

============================================================
6. Second PrivacyOS Conference
============================================================

Meetings between researchers from universities with representatives from
industry, data protection authorities, standardizers from W3C and ISO and
NGOs to discuss privacy challenges and develop privacy infrastructures
represent the idea behind the European Privacy Open Space. The second
PrivacyOS event was held in Berlin, 1-3 April at the same time as
Re:publica.

As a PrivacyOS project partner, EDRI participated in conference with a
delegation of 4 persons representing its members: Andreas Krisch (Vibe!AT,
Austria), Leena Romppainen (Electronic Frontier Finland), Ralf Bendrath
(Netzwerk Neue Medien, Germany) and Filip Pospisil (Iuridicum Remedium,
Czech Republic). Other EDRI members, such as Metamorphosis (Macedonia) are
also partners in this project on their own. A huge number of presentations
were packed into the three day period, varying from eGovernment development
in Austria and Lithuania to UK database state and from Deep packet
inspection to eHealth. The presentations will be available from the
PrivacyOS web site in the near future.

On the Re:publica side, Stanford Law School professor, founder of
Creative Commons and author Lawrence Lessig gave a presentation about
copyright issues, illustrating his ideas and urging people to resist the
copyright extension being processed in the European Parliament.

Due to the events and presentations being on top of each other, it was
impossible to attend everything that was interesting, but PrivacyOS was
definitely worth going to for the wide variety of topics, forming contacts
and remixing ideas.

PrivacyOS
http://www.privacyos.eu/

Re:publica (1-2.04.2009)
http://www.re-publica.de/09/

Reject the Term Extension Directive
http://www.edri.org/reject-term-extention-directive

Every Vote Counts: the EU Copyright Term Extension Battle Heats Up (03.2009)
http://www.eff.org/deeplinks/2009/03/every-vote-counts-eu-copyright-term-extension-batt

Data Retention Austria - Second Attempt - Presentation by Andreas Krisch
(1.04.2009)
http://www.edri.org/files/Krisch_PrivacyOS_DR_Austria_20090401_03.pdf

(contribution by Leena Romppainen- EDRi-member EFFi)

============================================================
7. Phorm - under scrutiny at the European level
============================================================

On the event on 31 March 2009, the European Commissioner for consumers,
Meglena Kuneva, warned on the transparency in the online environment: "We
must establish the principles of transparency, clear language, opt-in or
opt-out options that are meaningful and easy to use. (...) I am talking
about the right to have a stable contract and the right to withdraw."

The concern of the Commission is related to Deep Packet Inspection (DPI)
technology experiments such as the profiling and ad-serving system Phorm
secret tests performed in UK by BT in 2006 and 2007.

In a report issued in March 2009, Free Press advocacy group considers the
use of DPI technologies is a threat to the open nature of the Internet.
"Improper use of DPI (deep packet inspection) can change the Internet as we
know it--turning an open and innovative platform into just another form of
pay-for-play media. (...) When a network provider chooses to install DPI
equipment, that provider knowingly arms itself with the capacity to monitor
and monetize the Internet in ways that threaten to destroy Net Neutrality
and the essential open nature of the Internet" says the report.

The report concludes that although DPI can help in solving network
congestion problems the "technology--the same electronics equipment, in
fact--also allows providers to monitor and monetize every use of the
Internet, and DPI vendors succeed by developing and marketing this
capability."

EDRi-member Open Rights Group (ORG) has recently sent a letter to the major
websites such as Microsoft, Google, YouTube, Facebook, AOL, Bebo, Yahoo,
Amazon and eBay, urging them to opt out the controversial Phorm technology.
A petition initiated by the group, signed by about 21 000 people, is asking
for the investigation of Phorm and its banning if the system breaches
privacy laws.

A spokeswoman for Phorm said most of the companies having received the ORG
letter were already using the targeted advertising offered by the system and
that many of them have proven "their commitment to user privacy as
signatories to the IAB UK's interest-based advertising good practice
principles".

While the UK peers consider that in relation to behavioural targeting, the
Information Commissioner's Office, responsible for enforcing EU privacy
regulations, had failed in its duty to consumers (as in 2008, ICO accepted
Phorm provided it got permission from users if the data collected was used
for "value added services."), the UK Government plans however to employ
similar technologies to track UK Internet users' behaviour. Viviane Reding,
the European Commission's telecoms commissioner who is currently
investigating Phorm believes an agreement with the UK government might be
possible on this matter.

In preparation of eventual regulatory measures, Kuneva's department is
initiating an informal investigation of online privacy and data collection.

In the meantime, Phorm continues its tests. On 30 March 2009, Phorm
officially announced a trial of its technology by Korea Telecom.

EU issues ultimatum on internet privacy (31.03.2009)
http://www.out-law.com//default.aspx?page=9915

Major Websites Are Urged To Reject Phorm Profiling (24.03.2009)
http://news.digitaltrends.com/news-article/19554/major-websites-are-urged-to-reject-phorm-profiling

Report Warns Against DPI Technology (20.03.2009)
http://www.mediapost.com/publications/?fa=Articles.showArticle&art_aid=102487

EU Extends Deep Packet Inspection Technology Investigation (30.03.2009)
http://www.ispreview.co.uk/story/2009/03/30/eu-extends-deep-packet-inspection-technology-investigation.html

Deep Packet Inspection - The end of the Internet as we know it? (03.2009)
http://www.freepress.net/files/Deep_Packet_Inspection_The_End_of_the_Internet_As_We_Know_It.pdf

EDRI-gram: UK Government ignores the European Commission regarding Phorm
(25.02.2009)
http://www.edri.org/edri-gram/number7.4/phorm-uk-ec

============================================================
8. ISPs asked to block child porn sites on the Internet
============================================================

In Germany, based on the initiative of the Federal Ministry of Family
Affairs, Senior Citizens, Women and Youth (BMFSFJ), the government has had
discussions for several months now on how to block child pornography sites
hosted on servers outside of the country. The German Government announced on
25 March 2009 a draft law that would cover rights and obligations of
telecommunication media content providers and would include the obligation
to block access to child pornography sites listed by a government agency.

According to BMFSFJ Minister Ursula von der Leyen who has been pushing for
some time for an agreement with big ISPs, "The rights of children carry more
weight than unhindered mass communication."

However, some members of the German Parliament and Justice Minister Brigitte
Zypries have shown reservations to a contractual solution considering a
regular law should cover the filtering regime as such measures could impact
on fundamental rights of citizens. Policies should be put in place in order
to deal with the liabilities in cases of errors.

The movement is criticised by the industry and non-governmental
organisations, which consider that blocking only makes access more difficult
but is not able to entirely prevent it. The EDRi-member FITUG (Fvrderverein
Informationstechnik und Gesellschaft) Germany has also warned on the fact
that, until now, blocking has been useless in fighting child pornography and
such measures might lead to blocking sites that have no relation to child
pornography as it has happened in other countries.

Blocking systems exist now in several European countries. The CIRCAMP
system, developed in Norway in 2004, which blocks entry to known child
pornography sites by a red stop sign graphic and a message, is used in nine
European countries among which the Netherlands, Denmark, Belgium,
Switzerland, and the United Kingdom.

In UK, 95% of the main UK ISPs have already adopted a similar service via
the Internet Watch Foundation (IWF). A system developed by BT, called
Cleanfeed, checks IP addresses against the child pornography blocklist
created by IWF and blocks users from accessing their content.

Malcolm Hutty, president of EuroISPA, representing ISPs from across Europe
at the EU, considers the EU plans to block sites will "increase risks to the
security, resilience and interoperability of the internet" and also stated:
"For technical reasons, blocking simply cannot provide the level of
protection that is necessary, and simple morality demands that we take
strong collective action to get child pornography removed from the Internet,
rather than simply hiding behind national firewalls," he added.

All the national plans seem to be in line with the new EU proposal to
legally bind all broadband ISPs in Europe to block "access by Internet users
to Internet pages containing or disseminating child pornography."

With the view to "combating the sexual abuse, sexual exploitation of
children and child pornography", the proposal for an EU framework decision
on prevention and settlement of conflicts of jurisdiction in criminal
procedures of 20 January 2009 asks that: "Each Member State shall take the
necessary measures to enable the competent judicial or police authorities to
order or similarly obtain the blocking of access by internet users to
internet pages containing or disseminating child pornography, subject to
adequate safeguards."

Germany Opts For ISP Filtering Of Child Pornography; NGOs Warn Of Unintended
Impact (30.03.2009)
http://www.ip-watch.org/weblog/2009/03/30/germany-opts-for-isp-filtering-of-child-pornography-ngos-warn-of-unintended-impact/

Germany Cracks Down on Child Porn Sites But Critics Want More Action
(25.03.2009)
http://www.dw-world.de/dw/article/0,,4126813,00.html

German Minister Announces Plans for Mandatory Web Filtering (16.01.2009)
http://www.zeropaid.com/news/9960/german_minister_announces_plans_for_mandatory_web_filtering/

Germany to implement obligatory block on child porn sites (16.01.2009)
http://www.thelocal.de/sci-tech/20090116-16825.html

UK.gov to get power to force ISPs to block child porn (2.04.2009)
http://www.theregister.co.uk/2009/04/02/eu_filtering_framework/

EU proposal for a Council Framework Decision on prevention and settlement of
conflicts of jurisdiction in criminal procedures (20.01.2009)
http://register.consilium.europa.eu/pdf/en/09/st05/st05208.en09.pdf

EU Proposal Could Force UK ISPs to Block Child Abuse Sites (2.04.2009)
http://www.ispreview.co.uk/story/2009/04/02/eu-proposal-could-force-uk-isps-to-block-child-abuse-sites.html

============================================================
9. Big Brother Awards France 2009
============================================================

The French Big Brother Awards ceremony, or 'Orwell Party', was held this
year on Saturday 4 April. The 2009 edition awarded 12 of the 35 nominees, in
6 categories, one of them being the positive 'Voltaire Award'. Armand
Mattelart, a renowned professor of Information and Communication Studies,
chaired the 2009 jury composed by 10 other members, among them academics,
artists, and representatives from French NGOs, including EDRI-member IRIS.

Awarding almost one third of the nominees is a sign that the Jury task was
hard this year, with the increase of surveillance and social control in
France.

The French ministry of Interior, Michhle Alliot-Marie, received the lifetime
menace award, for her 'immoderate taste for police files', which quantity
has increased by 70% in 3 years, as well as for her other 'qualities': her
'novlang' (video-surveillance is now called video-protection by French
officials), her 'incitements to denouncement', and her talent to construct
the 'internal enemy'.

The French ministry of Budget, Eric Woerth, received the State award. The
Jury wanted to particularly alert against the centralised database RNCPS to
be created, massively interconnecting data from the social sector in view of
fraud fighting, using the social security number as identifier. This, of
course, reminds the SAFARI project scandal that led to the adoption of the
French Data Protection Act in 1978.

The award for companies was given to the French mutual insurance system, a
not-for-profit organization, for 'its joint activism with private insurance
companies in order to access some medical data from the social security
administration'.

Paris Mayor, Bertrand Delanok, earned the local authorities award for 'his
conversion to video-surveillance', after he agreed to contribute to the
government efforts in this field, increasing by 4 times the number of
cameras in Paris, reaching 1200 of them in public areas.

The Novlang award has two ex aequo recipients. The first one is Humabio, an
EC funded research project on multimodal biometrics, most notably relying on
behavioural biometrics to 'increase freedom of movement'. The second
recipient is the family benefits sector of the social security system, for
having trained its employee using a method, called IGGACE, which goes even
further than a simple lie detector, since it is supposed to detect 'lying
intent'. The method was originally developed for the police sector.

Not only the jury gave an additional award as a 'special mention', but it
also awarded two ex aequo recipients. Fridiric Lefebvre, French MEP and
spokesperson of Nicolas Sarkozy's party, certainly deserved his award for
his 'incompetence and insistence to control the Internet', including by
supporting the French 'three strikes law'. The other recipients is the
'anonymous zealot': having seen the number of individual civil servants who
denounced irregular migrants, sometimes in breach of the professional
secret, decided to highlight this phenomenon through a generic category.

Finally, the Voltaire award or positive prize was given to three ex aequo
recipients, actually three coalitions that have been particularly active and
gain some success: the coalition against the EDVIGE police file, the
coalition of elementary and primary school directors against the central
database of children (Base ilhves), and the coalition against the use of
biometrics in schools. In addition, another Voltaire prize was awarded, as a
'special mention', to Mireille and Monique, two volunteers who help
irregular migrants based in Calais with the hope to reach the UK. This
simple humanitarian help is a highly risky activity in France, a country
where such help is now criminalized.

2009 Big Brother Awards France (only in French, 05.04.2009)
http://bigbrotherawards.eu.org/Les-decorations-promotion-2009.html

(Contribution by Meryem Merzouki - EDRi-member IRIS France)

============================================================
10. Recommended Reading
============================================================

Annual report for 2008 on access to EU documents
The most popular area for requests in Justice and Home Affairs. Just over
73% of the documents listed on the Council register are accessible
full-text. But, of course, the remaining 27% include many documents
concerning measures under discussion. There has been an increase in the
number of documents classified as "Restricted", where disclosure would be
"disadvantageous" to the interests of the EU or its member states - in 2008
there were 505 "Restricted" documents some 40% of which concerned justice
and home affairs (around 200+).
http://www.statewatch.org/news/2009/apr/eu-council-access-report-for-2008.pdf

"The Economics of Intellectual Property. Suggestions for Further Research in
Developing Countries and Countries with Economies in Transition"
The series of papers in this publication were commissioned from renowned
international economists from all regions. They review the existing
empirical literature on six selected themes relating to the economics of
intellectual property, identify the key research questions, point out
research gaps and explore possible avenues for future research.
http://www.wipo.int/ip-development/en/economics/index.html

============================================================
11. Agenda
============================================================

21-23 April 2009, Winchester, UK
BILETA 2009 Annual Conference
http://www.winchester.ac.uk/?page=9871

23-24 April 2009, Brussels, Belgium
The future of intellectual property - Creativity and innovation in the
digital era
http://www.intellectualproperty-conference.eu

23-24 April 2009, Amsterdam, Netherlands
Second European Licensing and Legal Workshop organized by Free Software
Foundation Europe
http://www.fsfeurope.org/news/2009/news-20090323-01.en.html

22-23 May 2009, Florence, Italy
E-privacy: Towards total control
Call for papers deadline: 15 April 2009
http://e-privacy.winstonsmith.info/

23 May 2009, Florence, Italy
Big Brother Award Italia 2009
Nominations by 17 April 2009
http://bba.winstonsmith.info/

11 May 2009, Brussels, Belgium
GigaNet is organizing the 2nd international academic workshop on Global
Internet Governance: An Interdisciplinary Research Field in Construction.
http://giganet.igloogroups.org/publiclibr/giganetcos/2009brusse

13-14 May 2009 Uppsala, Sweden
Mashing-up Culture: The Rise of User-generated Content
http://www.counter2010.org/workshop_call

19-20 May 2009, Brussels, Belgium
European Commission organizes a personal data protection conference to look
at new challenges for privacy
http://ec.europa.eu/justice_home/fsj/privacy/news/docs/pr_03_03_09_en.pdf

24-28 May 2009, Venice, Italy
ICIMP 2009, The Fourth International Conference on Internet Monitoring
and Protection
http://www.iaria.org/conferences2009/ICIMP09.html

1-4 June 2009, Washington, DC, USA
Computers Freedom and Privacy 2009
http://www.cfp2009.org/

5 June 2009, London, UK
The Second Multidisciplinary Workshop on Identity in the Information
Society (IDIS 09): "Identity and the Impact of Technology"
http://is2.lse.ac.uk/idis/2009/

28-30 June 2009, Torino, Italy
COMMUNIA Conference 2009: Global Science & Economics of Knowledge-Sharing
Institutions
http://www.communia-project.eu/conf2009

2-3 July 2009, Padova, Italy
3rd FLOSS International Workshop on Free/Libre Open Source Software
http://www.decon.unipd.it/personale/curri/manenti/floss/floss09.html

13-16 August 2009, Vierhouten, The Netherlands
Hacking at Random
http://www.har2009.org/

23-27 August 2009, Milan, Italy
World Library and Information Congress: 75th IFLA General Conference and
Council: "Libraries create futures: Building on cultural heritage"
http://www.ifla.org/IV/ifla75/index.htm

10-12 September 2009, Potsdam, Germany
5th ECPR General Conference, Potsdam
Section: Protest Politics
Panel: The Contentious Politics of Intellectual Property
http://www.ecpr.org.uk/potsdam/default.asp

16-18 September 2009, Crete, Greece
World Summit on the Knowledge Society WSKS 2009
http://www.open-knowledge-society.org/

21-23 October 2009, Istanbul, Turkey
eChallenges 2009
http://www.echallenges.org/e2009/default.asp

16 October 2009, Bielefeld, Germany
10th German Big Brother Awards
Deadline for nominations: 15 July 2009
http://www.bigbrotherawards.de/

15-18 November 2009, Sharm El Sheikh, Egypt
UN Internet Governance Forum
http://www.intgovforum.org/

============================================================
12. About
============================================================

EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 29 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRI-grams.

All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and visibly on the
EDRI website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/

Newsletter editor: Bogdan Manolea <edrigram at edri.org>

Information about EDRI and its members:
http://www.edri.org/

European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.
unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edrigram-mk.php

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or
unsubscribing.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE





More information about the cypherpunks-legacy mailing list