EDRi-gram newsletter - Number 8.23, 1 December 2010

Wed Dec 1 09:41:33 PST 2010

============================================================

         EDRi-gram

biweekly newsletter about digital civil rights in Europe

  Number 8.23, 1 December 2010

============================================================
Contents
============================================================

1. Internet blocking - key decisions to be made by 3 February 2011
2. Data protection authorities call for a strict EU-US privacy agreement
3. The Pirate Bay founders lost their appeal in the Swedish Appeals Court
4. ICO started applying fines for Data Protection Act breaches
5. Azeri bloggers released from prison
6. Ireland: reshaping the law for the digital economy
7. Lack of net neutrality and open standards threaten the web
8. ENDItorial: EC Internal Security Strategy - My dog is a cat
9. Recommended Action
10. Recommended Reading
11. Agenda
12. About

============================================================
1. Internet blocking - key decisions to be made by 3 February 2011
============================================================

The legislative process on Internet blocking is about to move from almost
standstill to almost completed between now and the beginning of February. In
the Council of Ministers, an informal agreement is planned for the Justice
Council in December, while the MEP in charge in the Parliament will present
her draft report on 10 January 2011 with an informal orientation vote just
three weeks later.

Every civil society organisation that wants to stop web blocking and the
damage that this will do for child protection must focus all available
resources on the Civil Liberties Committee of the European Parliament
between now and early February. Afterwards, it will be too late. The risk of
damage to child protection is abundantly clear from the Working Document
prepared by the MEP in charge of the dossier, Roberta Angelilli (Italy). She
says: "We have to bear in mind that our priority is to eliminate these
images for public access as quick as possible." The priority is not to
identify the children, not to investigate the criminals, but to avoid public
access via blocking, which does not even serve the purpose of stopping
deliberate access.

Bizarrely, Ms Angelilli also suggests that "the providers would be promptly
informed about their rights to appeal against the decision". This assumes
that there would be no immediate investigation - having been accused of
having a website containing images of gross violations of children, the
suggestion is a polite notice to the alleged criminal that he may wish to
complain.

In the Parliament, MEPs remain divided but the argument that blocking is a
"complementary" measure, to be implemented with other measures (such as
deletion and prosecution), rather than instead of them, is successful with
many parliamentarians. The argument is working, despite the fact that there
is no evidence of this being the case in countries that already have
blocking.

In the Council, Germany and Romania are fighting hard for blocking to remain
optional for Member States. However France and Italy (coincidentally,
countries that also have blocking for gambling and intellectual property)
are campaigning for obligatory blocking with what one negotiator described
as "missionary fervour". Most countries are remaining silent on the issue,
meaning that they are passively having blocking imposed on them by the
larger countries. The only large country to remain silent is Poland, and
this silence will be crucial for the success of mandatory blocking, if it is
maintained.

In the Council, the current negotiating text reads as follows:
"2. Where the removal of webpages containing or disseminating child
pornography is not possible within a reasonable time, Member States shall
take the necessary measures, including through non-legislative measures, to
ensure that the blocking of access to webpages containing or disseminating
child pornography is possible towards the Internet users in their territory.
The blocking of access shall be subject to adequate safeguards, in
particular to ensure that the blocking, taking into account technical
characteristics, is limited to what is necessary, that users are informed of
the reasons for the blocking and that content providers, as far as possible,
are informed of the possibility of challenging it."

This text raises three interesting points. Firstly, blocking through
non-legislative measures has already been described as illegal by the
European Commission in the impact assessment it prepared to accompany the
proposals. In that text, the Commission assessed extra-judicial blocking as
follows: "More problematic may be the compliance with the requirement that
the interference in this fundamental right must be "prescribed by law",
which implies that a valid legal basis in domestic law must exist" (page 30)
before coming to the conclusion that "such measures must indeed be subject
to law, or they are illegal" (page 37). The illegality of this approach is
quite clear from the European Convention on Human Rights, which states that
"the exercise of these freedoms, since it carries with it duties and
responsibilities, may be subject to such formalities, conditions,
restrictions or penalties as are prescribed by law and are necessary."

The second interesting point refers to the last lines of the draft text. It
suggests that a legal obligation is necessary for Member States to take the
step of contacting the alleged criminals, accused of publishing pictures of
children being abused on the Internet, and politely informing them that
their page has been blocked and giving them the opportunity to complain, if
they so wish.

The final point is that Member States should do what they consider
necessary, which means that, strictly speaking, this text places no
obligations on anyone. Its only real purpose is to give Member States an
excuse to introduce blocking, even via "self-regulatory" measures that are
in breach of the European Convention on Human Rights and the Commission's
own assessment of the legality of the measure.

The civil society in Poland is pushing hard to demand that the government
have the courage to take a position. EDRi-member the Panoptykon Foundation,
along with representatives of the Kidprotect Foundation, the Modern Poland
Foundation, the Foundation for Free and Open Source Software and the
Interactive Advertising Bureau Poland appealed to the Prime Minister to
ensure that Polish representation to the European Council takes a critical
stance on the Child Exploitation Directive.

In their appeal, the groups demanded proper action against the abuse, rather
than the childish act of placing its hands before its eyes in the hope that
the monsters would disappear. Illegal content must be removed and not hidden
by the creation of a censorship infrastructure.

Working document - Roberta Angelilli, Rapporteur - Proposal for a Directive
of the European Parliament and of the Council on combating the sexual abuse,
sexual exploitation of children and child pornography
http://www.edri.org/files/angelilli_wd.pdf

Proposal for a Directive of the European Parliament and of the Council on
combating the sexual abuse, sexual exploitation of children and child
pornography, repealing Framework Decision 2004/68/JHA
http://www.europarl.europa.eu/meetdocs/2009_2014/documents/com/com_com%282010%290094_/com_com%282010%290094_en.pdf

"Impact assessment": Accompanying document to the Proposal for a Council
Framework Decision on combating the sexual abuse, sexual exploitation of
children and child pornography, repealing Framework Decision 2004/68/JHA
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52009SC0355:EN:NOT

Commission official explains the Commission's research (7.09.2010)
http://www.youtube.com/watch?v=EpFpoXIdRQc

Cybercriminals thank Commissioner Malmstrvm
http://www.cybercriminalsociety.eu/index.php

We are writing to the Prime Minister: Do not to block the Internet! (only in
Polish, 30.11.2010)
http://www.panoptykon.org/content/piszemy-do-premiera-nie-dla-blokowania-internetu

Civil Society Appeal (only in Polish, 29.11.2010)
http://panoptykon.org/sites/default/files/Panoptykon_List%20do%20premiera%20blokowanie_29.11.2010.pdf

Council draft negotiating text (26.11.2010)
http://www.statewatch.org/news/2010/nov/eu-council-sexual-exploitation-16958-10.pdf

(contribution by Joe McNamee - EDRi)

============================================================
2. Data protection authorities call for a strict EU-US privacy agreement
============================================================

As the European Commission prepares to conclude a deal with the US on the
protection of personal data exchanged in police and criminal justice
cooperation matters, the European privacy watchdogs call for a strict and
clear privacy agreement.

Article 29 Data Protection Working Party (WP) sent a letter on 18 November
2010 to the three European main institutions (Council, Commission and
Parliament) expressing its concerns for not having been consulted on the
development of the discussion within the Council and European Parliament
over the draft negotiation mandate presented by the European Commission on
25 May 2010, voicing certain concerns and giving its recommendations.

Referring to the agreement as "an umbrella agreement" that should cover all
existing and future deals between the EU and the US and any other state as
well as between EU member states, the WP emphasizes the fact that it should
comply with the EU data protection framework including the Charter of Human
Rights.

WP recommends that the agreement be widely applicable for a
"coherent and high level of data protection" and a clear purpose limitation
be imposed. "This means the agreement should be applicable to all
transfers of personal data to prevent, detect, investigate and prosecute
serious transnational crime and terrorist acts. This purpose should be
clearly defined by the agreement, preferably including a definition of 'law
enforcement purposes'".

In the WP's opinion, a national security exception for the transfer of data
concerning "essential national security interests and specific intelligence
activities in the field of national security" should not be considered.

Furthermore, the WP urges the Commission to obtain the retroactive
application of the future agreement to cover "all existing multilateral and
bilateral agreements between the EU and/or its Member States and the US,
unless the current level of data protection is higher than the level of
protection offered by the EU-US general agreement." A maximum 3-year
transition period could be acceptable.

Having in view the privacy issues raised by the TFTP II Agreement (so called
SWIFT) allowing the US to obtain access to information on international bank
transfers, the WP stresses the need for data protection safeguards in
the future agreement, including "full, effective and enforceable rights for
all individuals, including both administrative and judicial redress, and
limitations to bulk transfers."

On 24 November, LIBE (Civil Liberties, Justice and Home Affairs) Committee
of the European Parliament Chairman also sent a letter to the EU Council on
the future EU-US agreement regarding the protection of personal data that
are transferred and processed in the framework of police and judicial
cooperation in criminal matters.

The letter reiterates the support of the European Parliament for the data
protection agreement draft mandate and reminds the urgent need of such an
agreement between the EU and US that should cover personal data exchanges as
well as an "early start to negotiations on enforceable data protection
rights" in compliance with the EU Charter of Fundamental Rights and EU Data
Protection Directive.

LIBE held on 25 October 2010 a public hearing on Data Protection in a
Transatlantic Perspective - Future EU-US data protection agreement in the
framework of police and judicial cooperation in criminal matters - with MEP
Sophia In't Veld as chairperson.

While the US Ambassador to the EU assured that the US believed both parties
had to "safeguard their citizens' security to the same degree to which they
protect their liberties" and there was "no need to sacrifice privacy for
security", he showed concern that the proposed mandate might "jeopardize the
several hundred treaties, agreements, conventions, and arrangements
underpinning every facet of Europe's and the United States' robust
cooperation in justice and law enforcement" and believed that a
retrospective application of the mandate would create "confusion among the
law enforcement and legal authorities."

One of the most important interventions was that of Mr Rotenberg's from EPIC
(Electronic Privacy Information Center) who pointed out that in the US,
personal data is often "used for inappropriate purposes, there is no
transparency and rights are violated". In his opinion, the US data
protection laws should be amended. The Privacy Act of 1974, which refers
to the collection of personal data by the US federal agencies, does not
include non-US citizens or non lawful permanent residents. Also the Patriot
Act "has reduced the privacy standards for US and non-US citizens limiting
at the same time the power of the courts' authority in the matter."

Rotenberg considers that the data protection agreement could bring global
benefits influencing other countries in adopting stronger privacy acts to
protect the transfer of personal data.

Dr. Patrick Breyer from the German Working Group on Data Retention was very
firm in stating that the transfer of personal data to the US created the
risk of a violation of human rights and that no agreement could eliminate
that risk. However, an international agreement with the US could improve the
present situation if applied "exclusively to the information sharing that is
taking place under existing agreements, thus reducing the amount of
information shared and providing for more safeguards".

The negotiating mandate for the beginning of the talks between the European
Commission and the US is expected to be adopted at the Justice and Home
Affairs Council on 3 December 2010.

Article 29 Data protection working party - Data protection
authorities call for strict general privacy agreement with United States
(19.11.2010)
http://ec.europa.eu/justice/policies/privacy/news/docs/pr_19_11_10_en.pdf

Article 29 Data protection working party Letter to Vice-President Viviane
Reding Commissioner for Justice, Fundamental
Rights and Citizenship European Commission on EU-US General Agreement
(19.11.2010)
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/others/2010_11_19_letter_art29wp_commissioner_reding_agreement_eu_us_en.pdf

EP LIBE - Future EU-US data protection agreement in the framework of police
and judicial cooperation in criminal matters (25/10/2010)
http://www.statewatch.org/news/2010/nov/ep-report-on-eu-usa-data-transfer-hearing-25-10-10.pdf

Letter of the Committee of Civil Liberties, Justice and Home Affairs
Chairman on the future EU-US agreement on the protection of personal data to
Stefaan De Clerck of the EU Council (24.11.2010)
http://www.statewatch.org/news/2010/nov/ep-libe-eu-usa-agreement-letter-to-council.pdf

============================================================
3. The Pirate Bay founders lost their appeal in the Swedish Appeals Court
============================================================

Peter Sunde, Carl Lundstrvm and Fredrik Neij, who, in April 2009, were found
guilty of copyright infringement through their file-sharing website, The
Pirate Bay (TPB), have recently lost their appeal in Svea Court of Appeal.

Although the court has decided to reduce their imprisonment sentence of one
year to 8, 4 and 10 months respectively, it has however increased their
individual fines from about 3,45 million Euro to about 5 million Euro each.

A separate hearing will take place later for the forth TPB founder, Gottfrid
Svartholm Warg who was ill and could not take part in the proceedings with
the other three men.

Rick Falkvinge, leader of the Swedish Pirate Party, considers the trial was
politically-motivated and believes that: "The copyright laws have strayed so
far from the public's perception of justice that copyright cannot survive
without drastic reform. In such a reform, there is no place for today's
copyright industry."

La Quadrature du Net called the decision "both absurd and unfair. It
illustrates how an obsolete copyright law and its indiscriminate application
are harmful to society as a whole."

Christian Engstrom, member of the European Parliament for the Pirate Party
has told Deutsche Welle that the ruling only proved that the influence
corporations have on the Swedish coursts is too large.. "The lawyers for the
record companies are friends with the judges, both in the lower court and in
the appeals court. They belong to the same societies for copyright, which is
a lobby organization for copyright lawyers. This corruption unfortunately
leads to the fact that you can't get a fair trial in copyright-related
issues in Sweden today," he said. He also expressed his concern as to the
damage this kind of ruling might do to the Internet. "It's potentially very
damaging to the Internet as a whole that the providers of infrastructure
can't know if they will be held liable for what other people do."

Obviously, the music industry welcomed the ruling. "Today's judgement
confirms the illegality of The Pirate Bay and the seriousness of the crimes
of those involved." was the statement of the International Federation of the
Phonographic Industry's CEO Fances Moore.

The court had found that TPB "has facilitated illegal file sharing in a way
that results in criminal liability for those who run the service." However,
Pirate Bay facilitates the exchange of so-called Bit Torrent data but only
provides the links to content that is already available online. "This
decision amounts to condemning a library catalogue instead of the author of
some infringing content or activity" underlined La Quadrature du Net.

The defendants had claimed they could not be liable for the material
exchanged via their site, because the copyrighted material was not stored on
its servers and there was no actual exchange of files. But the prosecution
argued that, through TPB, the four men encouraged the infringement of
copyrights.

Sunde said on Twitter that the case would now go to the Swedish Supreme
Court.

Pirate Bay verdict: Three operators lose appeal- Prison sentences reduced
but fines jacked up (26.11.2010)
http://www.theregister.co.uk/2010/11/26/pirate_bay_appeal_verdict/

Swedish court turns down Pirate Bay appeal (26.11.2010)
http://www.dw-world.de/dw/article/0,,6271356,00.html

The Pirate Bay Decision, or the Political Persecution of Sharing
(29.11.2010)
http://www.laquadrature.net/en/the-pirate-bay-decision-or-the-political-persecution-of-sharing

Pirate Bay appeal failure spawns more DoS attacks - Revenge of Anonymous
(29.11.2010)
http://www.theregister.co.uk/2010/11/29/pirate_bay_revenge_ddos/

EDRi-gram: The Pirate Bay founders considered guilty by the first Swedish
court (22.04.2009)
http://www.edri.org/edri-gram/number7.8/the-pirate-bay-court-decision

============================================================
4. ICO started applying fines for Data Protection Act breaches
============================================================

After having received increased powers in April 2010, the UK Data protection
authority (Information Commissioner Office - ICO) has recently used these
powers to fine an organisation and a local authority for having breached the
Data Protection Act.

Hertfordshire County Council has been fined with about 120 000 Euro for the
fact that its employees sent highly sensitive information by fax to the
wrong recipients twice, once in June to a member of the public instead of a
barrister and the second time, 13 days later, to the office of an
unconnected barrister instead of the Watford County Court.

"The Commissioner ruled that a monetary penalty of 100,000 pounds was
appropriate, given that the Council's procedures failed to stop two serious
breaches taking place where access to the data could have caused substantial
damage and distress," was the ICO's statement. The Commissioner considered
that the council did not take the necessary measures to reduce the risk of
another incident, after the first one.

Employment services company A4e was also fined with about 72 000 Euro for
having given a laptop with the unencrypted personal information of 24 000
people to an employee to take home. The laptop was stolen from the
employee's home and there was an unsuccessful attempt to access the
information. The information included individuals' names, dates of birth,
postcodes, employment status, income level, information about alleged
criminal activity and whether an individual had been a victim of violence.

ICO is also concerned about Google's collection of personal data with its
Street View vehicles. Initially, ICO considered it was unlikely that Google
had gathered too much information through its service but after it was
revealed that the company had gathered entire emails, user names and
passwords by mistake, ICO decided to make an audit of "Google's internal
privacy structure, privacy training programs and its system of privacy
reviews for new products."

"It is a significant achievement to have an undertaking from a major
multinational corporation like Google Inc. that extends to its global
policies and not just its UK activities. We will be keeping a close watch on
the progress Google makes and will follow up with an extensive audit,"
stated The Information Commissioner Christopher Graham.

Others are sceptic regarding ICO's influence on Google. "The Information
Commissioner is ineffective and is widely held in contempt," said Ross
Anderson, a professor of computer science at Cambridge University who
believes that the Information Commissioner is not feared by the companies he
is supposed to regulate." Mr. Anderson places more hope in the German
authorities which, in his opinion, " will have much more influence, and
indeed Google now does its privacy research in Munich. (...) They know that
if they can sell their privacy policies there, they will work everywhere
else."

ICO issues first ever data protection fines (24.11.2010)
http://www.out-law.com//default.aspx?page=11569

Google allows ICO to check privacy practices (22.11.2010)
http://www.out-law.com//default.aspx?page=11563

Google's agreement to delete British WiFi data does not impress experts
(22.11.2010)
http://www.dw-world.de/dw/article/0,,6256109,00.html

EDRi-gram: Google admits it was gathering passwords and emails via
StreetView (3.11.2010)
http://www.edri.org/edrigram/number8.21/street-view-collects-emails

============================================================
5. Azeri bloggers released from prison
============================================================

After a long and continuous pressure from several civil society groups and
European international organisations such as the European Parliament, the
Presidency of the European Union, the Parliamentary Assembly of the Council
of Europe (PACE), the Organization for Security and Cooperation in Europe
(OSCE), Human Rights Watch and Reporters Without Borders, the US President
Barack Obama and Secretary of State Hilary Clinton, the two Azeri bloggers
arrested in 2009 on false pretences of hooliganism, have been finally
released from prison.

A Baku court released Emin Milli on 18 November 2010, one day after his
friend Adnan Hajizade's release. The court however did not release them on
account of their innocence; it just suspended the rest of their sentence (14
months out of the entire 30 and 24 months sentence respectively).

The decision was welcomed by Reporters Without Borders which, however,
expressed its disappointment for the fact that the bloggers had not been
cleared. "We nonetheless regret that his conviction has not been quashed as
we have always insisted that he was arrested for exercising the right to
free expression and was jailed on grotesque charges after a sham trial. The
vigilance must not let up and the campaigning must continue in order to
protect him from any kind of harassment or intimidation by the authorities
and to obtain the release of Milli and Fatullayev," stated the organisation.

After his release, Hajizade reaffirmed his innocence and said he would
remain in Azerbaijan and continue his blogging. "I am not guilty and will
demand full rehabilitation. Freedom is my right," he said. Adnan Hajizade
and Emin Milli's lawyers have submitted their case to the European Court of
Human Rights hoping to overturn their conviction and be declared innocent.

On this occasion, pressure for all sides continues for the release of
newspaper editor Eynulla Fatullayev who has been imprisoned since April
2007 for his political convictions, on false pretences as well. On 22 April
2010, the European Court of Human Rights ruled that the journalist had been
illegally detained and asked for his immediate release. The Azeri
supreme court partially complied with the European Court ruling by rejecting
his conviction on charges of terrorism and inciting hatred. Yet, the court
still retained the earlier conviction on charges of tax fraud and possession
of heroin.

Blogger Emin Milli freed in his turn (only in French, 19.11.2010)
http://fr.rsf.org/azerbaidjan-le-blogueur-adnan-hadjizade-18-11-2010,38840.html

Azerbaijan: 'Donkey bloggers' released (19.11.2010)
http://advocacy.globalvoicesonline.org/2010/11/19/azerbaijan-donkey-bloggers-released/

Second blogger freed, one day after his colleague (19.11.2010)
http://en.rsf.org/azerbaijan-blogger-released-on-parole-after-18-11-2010,38841.html

Supreme court partially accepts European court ruling but refuses to free
journalist (12.11.2010)
http://en.rsf.org/azerbaidjan-in-latest-humiliation-newspaper-05-11-2010,38761.html

EDRi-gram: Azeri bloggers appeal rejected by the Supreme Court (25.08.2010)
http://www.edri.org/edrigram/number8.16/azeri-bloggers-appeal-rejected

============================================================
6. Ireland: reshaping the law for the digital economy
============================================================

EDRi-member Digital Rights Ireland, Google and the Institute of
International and European Affairs co-sponsored an event in Dublin on 19
November 2010 which presented suggestions for the reform of Irish law to
promote digital innovation.

Speakers were Niall O'Riordan (Google) who called for developing
fair use at the Irish and European level, Kate O'Sullivan (UPC) who spoke on
the topic of the difficulties faced by ISPs due to the music industry
demands that they act as copyright police, Johnny Ryan (IIEA) who placed the
growth of interactive media in a historical context, Nick Kelly (musician
and author) who spoke about the challenges he has faced in selling music
online since moving from a major label, and Darragh Doyle (Boards.ie) who
discussed the problems online forums face under Irish law.

Chairing the event was TJ McIntyre from Digital Rights Ireland who concluded
with a presentation which called for reform of defamation law and for
greater immunities to be given to intermediaries under the Irish law.

Copyright and defamation law is repelling investors (26.11.2010)
http://www.irishtimes.com/newspaper/finance/2010/1126/1224284166846.html

Reshaping the Law for the Digital Economy - I (23.11.2010)
http://www.cearta.ie/2010/11/reshaping-the-law-for-the-digital-economy-i/

Reshaping the Law for the Digital Economy - II - the liability of
intermediaries (24.11.2010)
http://www.cearta.ie/2010/11/reshaping-the-law-for-the-digital-economy-ii-the-liability-of-intermediaries/

(contribution by TJ McIntyre - EDRi-member Digital Rights Ireland)

============================================================
7. Lack of net neutrality and open standards threaten the web
============================================================

"The Web is critical not merely to the digital revolution but to our
continued prosperity-and even our liberty. Like democracy itself, it needs
defending."

This is the subtitle of a recent article of Tim Berners-Lee published in
the Scientific American Magazine on 22 November 2010 where he focuses on the
new threats of the current developments of the world wide web: lack of
Internet neutrality, social networking, closed standards and attempts from
governments to snoop on web communications.

The articles titled "Long Live the Web: A Call for Continued Open Standards
and Neutrality" gives the opportunity to the inventor of the WWW in 1990 to
focus on the core design principles of the web and how they are endangered
today by new policies from private and public actors on the Internet.

Sir Tim Berners-Lee points to Internet neutrality as one of the core
issues that needs to be preserved in order to allow the unhindered
development of the WWW, based on its principles of universality and
de-centralization.

The author is clear in emphasizing why legislation is needed to protect
these principles: "A neutral communications medium is the basis of a fair,
competitive market economy, of democracy, and of science. Debate has risen
again in the past year about whether government legislation is needed to
protect net neutrality. It is. Although the Internet and Web generally
thrive on lack of regulation, some basic values have to be legally
preserved. "

The father of the WWW also explains what the open standards are key to keep
innovation at maximum in the Internet:
"By 'open standards' I mean standards that can have any committed expert
involved in the design, that have been widely reviewed as acceptable, that
are available for free on the Web, and that are royalty-free (no need to
pay) for developers and users. Open, royalty-free standards that are easy to
use create the diverse richness of Web sites, from the big names such as
Amazon, Craigslist and Wikipedia to obscure blogs written by adult hobbyists
and to homegrown videos posted by teenagers."

Sir Tim Berners-Lee also points to stupid EU legislation, such as the Hadopi
law in France or the Digital Economy Bill in the UK to prove that the
normative processalso needs to be under scrutiny to ensure the respect of
human rights in the online environment as well:

"In these cases, no due process of law protects people before they are
disconnected or their sites are blocked. Given the many ways the Web is
crucial to our lives and our work, disconnection is a form of deprivation of
liberty. "

Long Live the Web: A Call for Continued Open Standards and Neutrality
(22.11.2010)
http://www.scientificamerican.com/article.cfm?id=long-live-the-web

Social networking is undermining the web, says web inventor (22.11.2010)
http://www.out-law.com/default.aspx?page=11567

============================================================
8. ENDItorial: EC Internal Security Strategy - My dog is a cat
============================================================

The European Commission (EC) recently published its "Internal Security
Strategy" - a wide-ranging security programme covering international crime
networks, radicalisation, cybersecurity, border management and
crisis/disaster management.

One almost amusing element is how it included "piracy" (meaning unauthorised
downloads) as a security issue. The logic is very reminiscent of the 1980s
British comedy "Yes Prime Minister" where a senior civil servant explains to
a colleague how to argue to stop power being put in the hands of citizens.
"All cats have four legs, so does my dog. So my dog is a cat".
Counterfeiting is sometimes carried out by criminal gangs, who are a
security threat. Counterfeiting is an intellectual property infringement.
"Piracy" is an intellectual property infringement, so "piracy" is a security
threat.

Meanwhile, some elements that are missing are also interesting. For example,
the Strategy argues that "security should be integrated in relevant
strategic partnerships" but, having accused major trading partners like the
USA of failing to take action against online child abuse and international
trade in abuse images, the strategy prioritises "trafficking in human
beings, drugs trafficking and terrorism" for this action. Indeed, while the
strategy covers, in the Commission's own words "seemingly petty crimes", the
child abuse that was such a priority when tackling the symptoms via
blocking, fails to get a single mention in the document.

With regard to cybercrime, the Strategy suggests the creation of a
"cybercrime centre" to build operational and technical capacity, working
with national Computer Emergency Response Teams (CERTs) and the European
Network and Information Security Agency (ENISA). The proposal to have a
centralized hub for reporting of all forms of illegal material (useful for
creating multiple blocking lists for Internet access providers), which was
first made under the French Presidency of the EU, is made again. However,
this still does not have adequate political support, so the Strategy says
that this will be introduced "if appropriate".

Even though no progress has been made on the Commission's proposals for an
industry agreement for extra-judicial deletion of websites accused of child
abuse, xenophobia or terrorism since the summer, the Strategy suggests that
this will be achieved by 2011. The Commission has organised a meeting on 15
December 2010 with the industry to push its draft agreement, with a separate
informal meeting the week before to discuss "outstanding issues".

Communication: The EU Internal Security Strategy in Action: Five steps
towards a more secure Europe (22.11.2010)
http://www.statewatch.org/news/2010/nov/eu-com-internal-security-strategy-nov-10.pdf

Draft Agreement on Notice and Takedown
http://www.edri.org/files/Draft_Recommendations.pdf

Joint EDRI/EuroISPA response to Commission proposal (9.07.2010)
http://www.edri.org/files/090710_dialogue_NTD_illegal_content_EuroISPA-EDRI.pdf

Yes Minister
http://www.youtube.com/watch?v=kpwSaiY_Ehk

EDRI-gram: EDRi and EuroISPA attack EC's demands for notice and takedown
(28.07.2010)
http://www.edri.org/edrigram/number8.15/edri-euroispa-notice-takedown-comission

(contribution by Joe McNamee - EDRi)

============================================================
9. Recommended Action
============================================================

Consultation on a future EU Culture programme
Deadline: 15 December 2010
http://ec.europa.eu/culture/our-programmes-and-actions/doc2805_en.htm

============================================================
10. Recommended Reading
============================================================

IViR: Moving Towards Balance - A study into duties of care on the Internet
(2010)
http://www.ivir.nl/publications/vaneijk/Moving_Towards_Balance.pdf

OSCE FOM Preliminary report: Study of legal provisions and practices related
to freedom of expression, the free flow of information and media pluralism
on the Internet in the OSCE participating States. (26.11.2010)
http://www.osce.org/documents/rfm/2010/11/47857_en.pdf

EU Counter-Terrorism policy: EDPS calls for a systematic and consistent
approach to avoid unnecessary restrictions to privacy (24.11.2010)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/PressNews/Press/2010/EDPS-2010-16_EU%20counter-terrorism%20policy_EN.pdf
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2010/10-11-24_EU_counter-terrorism_EN.pdf

Antitrust: Commission probes allegations of antitrust violations by Google
(30.11.2010)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/10/1624&format=HTML&aged=0&language=EN&guiLanguage=en

The Kids Are Alright* - A survey of the privacy habits and preferences of
teens and their parents on social networks
http://safekids.com/documents/truste_survey.pdf

============================================================
11. Agenda
============================================================

3 December 2010, Brussels, Belgium
Taking on the data retention directive
http://www.dataretention2010.net/init.xhtml?event=31

15-16 December 2010, Brussels, Belgium.
"Lift-off Towards Open Government"
http://www.opengov2010.be/

27-30 December 2010, Berlin, Germany
27th Chaos Communication Congress (27C3)
http://events.ccc.de/congress/2010

25-28 January 2011, Brussels, Belgium
The annual Conference Computers, Privacy & Data Protection CPDP 2011
European Data Protection: In Good Health?
http://www.cpdpconferences.org/

23-28 February 2011, Gosier, Guadeloupe, France
ICDS 2011- 5th International Conference on Digital Society
http://www.iaria.org/conferences2011/ICDS11.html

11-12 March 2011, Ankara, Turkey
ICEGEG-2011- 3rd International Conference on E-Government and E-Governance
http://www.icegeg.com/index.html

1 April 2011, Bielefeld, Germany
Big Brother Awards Germany
Nominations open until 31 Dec 2010
http://www.bigbrotherawards.de/index_html-en

============================================================
12. About
============================================================

EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 27 members based or with offices in 17 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRI-grams.

All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and are visible on
the
EDRI website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/

Newsletter editor: Bogdan Manolea <edrigram at edri.org>

Information about EDRI and its members:
http://www.edri.org/

European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.
Unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edri/2.html

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or
unsubscribing.

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE