EDRi-gram newsletter - Number 8.1, 13 January 2010

EDRI-gram newsletter edrigram at edri.org
Wed Jan 13 12:05:26 PST 2010



biweekly newsletter about digital civil rights in Europe

    Number 8.1, 13 January 2010


1. Last nominations call for European Civil Society Data Protection Award
2. EDRi position on data protection
3. EU considers full body screening in airports
4. Protests in Bulgaria against eavesdropping and data retention law
5. Spanish Government proposes new legislation against file-sharing
6. An Irish law for a DNA database
7. France wants to tax search engines and ISPs for online advertising
8. Spain: NGO fined by the Supreme Court for hosting offensive contents
9. Hungary introduces mandatory open standards for public institutions
10. IP Chapter in the EU-Korea free trade agreement essentially flawed
11. Recommended Action
11. Recommended Reading
13. Agenda
14. About

1. Last nominations call for European Civil Society Data Protection Award

AEDH (European Association for the Defence of Human rights) and EDRi
(European Digital Rights) have launched the first edition of the European
Civil Society Data Protection Award (ECSDPA). The prize aims at rewarding
positive initiatives contributing to the visibility and effectiveness of the
right to privacy and to the protection of personal data in Europe. The
ECSDPA prize will be awarded each year on 28 January, as a European Civil
Society contribution to the Data Protection Day.

The deadline for submitting nominations is 15 January 2010. Nominations
should be sent to: nominations at ecsdpa dot org.

The award is open to all non-governmental organisations, trade unions,
non-profit institutions and any other civil society actors from the 47
member States of the Council of Europe. The ECSDPA winner will benefit from
a one week lobbying training in Brussels, travel expenses and lodging being
fully covered.

The ECSDPA initiative, the first of its kind, has been made possible thanks
to the support of The Law Science Technology & Society Research Group of the
Vrije Universiteit Brussel (LSTS/VUB) and The Flemish-Dutch House deBuren.

Operational details about the prize, including application and selection

2. EDRi position on data protection

EDRi submitted a response to the consultation on the legal framework for
the fundamental right to protection of personal data. The response,
which was sent on 23 December, sets out the challenges to the existing
data protection framework and offers recommendations to address these

Among the challenges identified are the increasing amount of personal
data being collected and processed, advanced profiling technologies
becoming available and the shortcomings in terms of enforcement and
independent oversight of the existing legal framework.

EDRi recommends that the following measures are taken:

- stronger principles ensuring data minimisation should be introduced;
- the interpretation of the term "personal data" should be clarified;
- administrative oversight and enforcement should be strengthened;
- civil enforcement should be strengthened.

EDRi's Response to the consultation of the European Commission on the legal
framework for the fundamental right to protection of personal data

(contribution by Ot van Daalen - EDRi-member Bits of Freedom)

3. EU considers full body screening in airports

On 7 January 2010, a discussion tool place in Brussels on the necessity of
introducing full-body scanners in European airports. Some of the European
countries such as Italy, UK and The Netherlands had already announced their
intention to install such technology in their airports.

The US is pressing Europe on taking such additional security measures
following the reported attempt of a Nigerian man to blow up a U.S. airliner
flying from Amsterdam to Detroit on Christmas Day.

UK Prime Minister Gordon Brown announced on 2 January that full-body
screening would be introduced in British airports along with other
additional security measures. BAA, Britain's main airport operator has
already ordered them for Heathrow airport . Heathrow and Manchester airports
have had trials using such equipment.

The introduction of full-body scanners might be in breach of child
protection laws and privacy campaigners and civil liberties groups also
argued the images created by the scanners were too graphic and called for
safeguards to protect the privacy of passengers and to ensure that the
images obtained would not end up on the Internet.

On 2 January as well, the Italian Interior Minister Roberto Maroni said in
an interview to Corriere della Sera newspaper that he was in favour of a
rapid introduction of the body scanners. "We have the resources ready to
acquire them but we must overcome the opposition of European privacy
agencies," said the minister.

Wolfgang Bosbach, the head of the German parliament's Committee on Interior
Affairs, also announced on 2 January that he expected the body-scanners to
be introduced in the current year adding that the tests would probably start
in the next 6 months.

However, Klaus Jansen of professional police association Bundes Deutscher
Kriminalbeamter warned against over-confidence related to the scanners and
Petra Pau of the Left party also called the scanners a "security mirage"
which bring forth health, practical, and ethical issues. "A minimum wage for
security services would be a lot more effective than state-ordained
peep-shows," she said in a statement.

The Dutch government also stated it would immediately begin using full body
scanners on flights to the United States in order to avoid such incidents as
the one on Christmas Day.

During the meeting on 7 January in Brussels, not all European countries were
in favour of introducing the technology. Spain expressed scepticism about
the need for body scanners, and the German and French governments still
preserve some reservations.

Etiennne Schouppe, the Belgium Secretary of State for transport considered
that such measures were excessive and that the present security measures
were strict enough. She also agreed on the necessity of having a united
approach of the European countries in the matter as expressed by Antonio
Tajani, European Commission Vice President: "We have to reach agreement
together with the (European) parliament and member states. It's best to have
a European solution than having individual member states deciding on their

Privacy advocates and experts have shown concern related to the technical
effectiveness of body scanners. "Any security expert knows this is a red
herring, a diversion from the real issue," said Simon Davies, director of
Privacy International who added: "The biggest failure in this case was a
failure of intelligence. That's the Achilles heel of an effective
counterterrorism strategy."

Privacy International (PI), while not against security measures that would
really enhance passengers' protection, is concerned by the introduction of
unproven or intrusive technology and measures. The body scanners tested at
Heathrow airport over four years have resulted in a decision to interrupt
the scanner use.

In PI opinion, there are several concerning issues related to the body
scanners. They produce too graphic images of the passengers' bodies
revealing intimate medical details. The organization is also sceptical
regarding the privacy safeguards applied by the US Transportation Safety
Administration (TSA) in relation to the scanned images.

The main issue is the effectiveness of the technology. "Our impression is
that a very high percentage of the passengers who opt for a scan will still
wind up being physically searched because officials will have trouble
distinguishing threatening objects from ordinary ones such as a wallet" says
PI. The scanners have not yet proven effective in case of liquid explosives
and cannot detect explosives hidden in body cavities.

Full-body scanners being ordered for airports, says Gordon Brown (3.01.2010)

New scanners break child porn laws (4.01.2010)

Italy aims to introduce body scanners: minister (2.01.2010)

Body scanners to come sooner than expected (3.01.2010)

Dutch to use full body scanners for US flights (30.12.2009)

Europe anxious about body scanner privacy (5.01.2010)

Europe Divided on Use of Body Scanners in Airports (7.01.2010)

PI statement on proposed deployments of body scanners in airports

EDRI- gram: The European Parliament says no to airport body scanners

4. Protests in Bulgaria against eavesdropping and data retention law

A protest will take place in Bulgaria on 14 January 2010 in front of the
Parliament against the data retention law that the Bulgarian Interior
Ministry keeps on pushing ahead with obstinacy.

On 10 December 2009, the Parliamentary Committee on internal security and
public order approved, behind closed doors, the amendments proposed by the
Interior Ministry to the Electronic Communications Act (ECA) and on 22
December 2009 the amendments were passed in first reading in an emergency
meeting by the Parliament despite the large public and media opposition.

The proposed amendments contain provisions that allow the Ministry of
Interior and other agencies to permanently monitor, without control, the
behaviour, movement and other information on any Bulgarian citizen, whether
guilty of a crime or not. These provisions breach the innocence presumption
principle stipulated by the Constitution as well as human rights European

Thus, the Ministry of Interior will have access to the data for the calls
and the mobile devices of every citizen through a direct interface. Although
a court order is required in order to obtain access, there is no obligation
to provide a reason for the access. Through the interface, the agencies have
direct and untraceable access to the general national database of all
telecom records.

One of the main provisions is that traffic data should be retained for
crimes sanctioned with more than 2 years of imprisonment. These traffic
data can be used also in relation to computer crimes, which might, in the
near future, include the still vague notion of computer piracy.

Even the Ministry of Interior Tsvetan Tsvetanov accepted that: "There is no
other European Union member state that provides such access to its police
force, it violates article 8 of the European Convention for Human Rights, as
well as the Bulgarian constitution" andalso admitted: " under the current
proposal, citizens have no right to request information about whether or not
their communication data has been subject to investigation."

EDRi-member Bulgarian Internet Society head Veni Markovski criticized the
amendments, warning about the lack of control over the bodies that will have
access to the retained data. "Interior Minister Tsvetan Tsvetanov said they
are looking to use court approval before using retained data, but the
problem is the police will have constant access, without the knowledge of
the service provider, to the data that goes through their system. In other
words, if they want to use this in court they will get permission from the
court. But if they want to use it for something else, be it control,
blackmailing, economic interests, they don't need the court's permission,"
said Veni.

An official protest letter was publicly drafted and discussed online and
posted to the Facebook group "We do not want the Interior Ministry to
eavesdrop on us online without control."

The eyes have it (18.12.2009)

Bulgaria is not Big Brother, 2010 is not 1984 (7.01.2010)

Electronic Communication Act amendments for first reading in Parliament

I would not mind others reading my email - Speaker of Parliament (6.01.2010)

5. Spanish Government proposes new legislation against file-sharing

The Spanish Government passed on 8 January 2010 the Law for Sustainable
Economy which includes the creation of an Intellectual Property Commission
(IPC) that will be in charge with filing complaints with a judge in cases of
alleged illegal downloading.

The legislation will give the authorities the possibility to shut down
file-sharing sites within a few days from the complained filed by IPC. The
court is to decide within four days from the complaint whether a certain
site is infringing the law or not. Until now the procedure to shut down
sites considered in breach of copyright law lasted for more than a year.

The legislation has met serious criticism and opposition lately from the
public and freedom activists. In a Manifesto on the rights of Internet users
at the beginning of December 2009, a group of journalists, bloggers,
professionals and creators stated that: "Copyright should not be placed
above citizens' fundamental rights to privacy, security, presumption of
innocence, effective judicial protection and freedom of expression."

Many of the opponents believe the legislation was forced by a strong lobby
from the entertainment industry and the pressure from the US, without real
consideration of the implications and impact on the Internet users.

The only good change in the new legislation is that the sites cannot be shut
down without a judicial decision as it was initially proposed.

On 9 January a group of activists, experts and bloggers met in Madrid to
discuss the action to be taken in order to defend civil rights on the
Internet. It has been decided that organisation of a larger campaign under a
new alliance to defenet Internet liberties called Red Sostenible that was
launched on 13 January 2010.

The new plan of the Government against P2P "doesn't wash" (only in Spanish,

Spain Fast Tracks P2P Site Shutdowns (8.01.2010)

Spain passes anti-piracy law (8.01.2010)

Campaign Red Sostenible (13.01.2010)

Government rectification does not please the Red activists (only in Spanish,

6. An Irish law for a DNA database

The Irish Government has announced that it will publish legislation this
week to set up a national DNA database. The Bill follows a 2005 Report of
the Law Reform Commission on Establishment of a DNA Database but was delayed
by the European Court of Human Rights action in S and Marper vs. the United
Kingdom and has since been revised in light of that case.

The legislation proposes to allow Gardam (Police) to forcibly take samples
(such as hair, saliva, nail clippings or blood) from those suspected of
committing a criminal offence carrying a possible sentence of five years
imprisonment or more. Samples will be stored indefinitely where suspects are
convicted; where persons are acquitted or released without charge they will
still be retained for a three year period. 4.1 million euros has been
allocated for the start-up costs associated with the database in 2010.

In 2007, the Irish Human Rights Commission was critical of a previous draft
of the legislation. Until the full Bill is published it is unclear to what
extent it will address these concerns.

In a separate development, it has emerged that a Dublin children's hospital
has been holding DNA records of almost every person born in Ireland since
1984 without consent. The Temple Street Children's Hospital has acted as a
national centre for "heel prick tests" which involve the taking of a blood
sample from each newborn child and using that sample to screen for disease.
However, the hospital does not destroy those samples when screening is
complete but instead retains those samples indefinitely, linked to the
individual. There are approximately 1.54 million samples held on this
database, which would include the overwhelming majority of Irish people aged
25 or younger. The hospital is currently under investigation by the Data
Protection Commissioner who may order the destruction of these samples.

Law Reform Commission, Report on the Establishment of a DNA Database

Irish Human Rights Commission, Safeguards in DNA Database Scheme of Bill
'Inadequate' (8.08.2007)

Connolly, Suspects forced to give DNA samples under new legislation

Connolly, New DNA Bill faces opposition (20.12.2009)

Dail debates (10.12.2009)

Tighe, Hospital keeps secret DNA file (27.12.2009)

Tighe, Records stolen from hospital that held secret DNA database

(Contribution by TJ McIntyre - EDRi-member Digital Rights Ireland)

7. France wants to tax search engines and ISPs for online advertising

A report commissioned by the French culture ministry issued on 6 January
2010 proposes a tax on online advertising in order to support the production
of music, films and journalism in the digital age.

France is not at the first attempt to tax online advertising. In 2009, after
banning advertising on public TV channels, the government proposed a tax on
ISPs, mobile operators and commercial TV broadcasters to help fund public

The new document, called the Zelnik report (after the its author's name),
includes 22 measures intended to improve the sale of online content. Among
these measures, the report proposes the introduction of a so-called "Google
tax" of 1% to 2% applied on the revenues obtained by search engines and
portals from online advertising. The search engines would be taxed every
time an ad or sponsored link is clicked in France, irrespective of the
origin of that advertisement, and the ISPs would be taxed based on their

Another proposal of the report is the introduction of a music voucher system
for young people between 15 and 24 with cards allowing them to buy tracks
and albums at a 50% discount, covered 20% by the government and 30% by the
record companies. Similar systems could be developed for films by means of
subsidised subscriptions for videos and digital books as well.

According to another recommendation of the Zelnik report, a licence should
be bought by music and video streaming sites such as YouTube and Daily
Motion in order to allow unlimited access to their content.

While the entertainment industry welcomed the document, Google France has
tried to underline that the cultural producers should make efforts to
develop new business models that might be more efficient than depending on
taxation for support.

"There is an opportunity here to promote innovative solutions, rather than
extending the attitude of opposition between the internet world and the
cultural world, for example through the approach of taxation," said Google
France spokesman Olivier Esper.

The report is now under consideration by the Culture Ministry.

Google and "music card", Sarkozy validates most of the propositions of
mission (only in French, 7.01.2010)

France considers tax on search engines (8.01.2010)

Sacre Bleu! France Mulls Tax On Web Ads To Bail Out Old Media (7.01.2010)

8. Spain: NGO fined by the Supreme Court for hosting offensive contents

At the end of December 2009, the Spanish Supreme Court confirmed its ruling
in making Asociacisn de Internautas (Internet Users Association - AI) pay a
18 000 Euro fine to SGAE (the General Society of Authors and Editors) for
having hosted sites such as putasgae.org and antisgae.internaturas.org which
included offences to SGAE.

The case was introduced by SGAE in March 2004 which stated that the website
of AI was hosting webpages with the addresses mentioned above, which
contained expressions like "hired gun", "mob gang", "fucking pickpockets".

On 6 February 2006, the National High Court in Madrid sentenced AI to pay
18 000 euros to the authors society and ordered the removal of the websites
and the offensive contents. The association was also to publish the content
of the ruling on its website.

AI appealed to the Supreme Court and denied any responsibility related to
the offensive contents of the respective websites and used the freedom of
expression as argument. The association stated that it had nothing to do
with the creation of the respective contents and that it was unaware of the
offences brought to SAGE through them.

The court considered that AI was guilty as owners of the sub-domain
antisgae.internautas.org. However, the usage was ceded to third parties
which were managing autonomously and technically controlling the sub-domain.
Therefore AI was only acting as a hosting service provider fact which was
accepted by the court. According to the Spanish law the AI as a hosting
provider should have not been considered responsible for the hosted content
as long as they were unaware of any offensive content. The High Court
however rejected the appeal considering the argument was irrelevant as the
names of the pages were considered relevant enough by themselves and ruled
that AI had breached the right of honour of SGAE.

The Association must actually pay another 18 000 euro to the president of
SAGE Teddy Bautista.

We have lost PUTASGAE case (in Spanish, 22.12.2009)

"PUTASGAE": One more door towards the legal insecurity and the culpability
presumption on the Internet (only in Spanish, 27.12.2009)

The Supreme Court ratifies the fine of 36,000 euros to AI for hosting
putasgae.org (only in Spanish, 22.12.2009)

9. Hungary introduces mandatory open standards for public institutions

The Hungarian Parliament decided at the end of 2009 to make open standards
mandatory for communications between public institutions, utility companies
and citizens through the central governmental system.

The Parliament amended Act LX of 2009 on electronic public services. The
amendment was initiated by Hungarian NGO The Open Standards Alliance with
the purpose to promote monopoly-free markets and the development of
interchangeable and interoperable products generated by open standards.

The standards used need to be publicly accessible, free of charge, royalty
free without restrictions, and neutral from the competition point of view
thus allowing for real interoperability.

The Open Standards Alliance intends to further cooperate with the government
and, in this sense, it will initiate the collaboration between governmental
representatives, public utility companies and consumer protection

The alliance also intends to promote interoperability based on publicly
defined open standards to become a EU norm during the Hungarian EU
presidency in 2011 and, to this purpose, it will initiate public
collaboration between all civil and public interested parties within the EU.

Mandatory Use of Open Standards In Hungary (18.12.2009)

10 points on the mandatory use of open standards in Hungary (17.12.2009)

10. IP Chapter in the EU-Korea free trade agreement essentially flawed

The Foundation for a Free Information Infrastructure (FFII) calls upon the
EU Parliament and member states to remove the intellectual property rights
chapter from the EU - Korea Free Trade Agreement. According to the FFII
analysis, the free trade agreement is a threat to software companies,
companies that use software, and free software projects; this undermines
innovation, competitiveness and legal certainty.

In October 2009, after more than two years of secret negotiations, the EU
and the Republic of Korea initialled their free trade agreement. The
agreement awaits ratification by the EU Parliament and member states.

The free trade agreement contains strong measures against patent
infringements. It provides injunctions, high damages, seizures, destruction
of production materials and removal of online software repositories. A
suspicion may be enough for seizures and injunctions. An allegation may be
enough to freeze assets.

FFII analyst Ante Wessels comments: "These strong measures may be justified
against hard core counterfeiters. They are not justified against software
developers. Software patents are so broad in scope, doubtful in validity,
and so numerous that unintentional infringement is unavoidable in the normal
course of business. Therefore, competitors and patent trolls can always find
a stick to hit software companies, companies that use software and free
software projects. The whole sector is at risk."

The free trade agreement also contains border measures against patent
infringements. Ante Wessels: "With the numerous software patents out there,
all software products and all products containing software may infringe
patents. An allegation is enough to have them seized at the border. Then
they stay seized until a civil court case made clear whether a patent was
infringed or not. This gives competitors and patent trolls enormous power -
how many small and medium enterprises, and free software projects, have the
money to defend against this? It is the contrary of stimulating free trade."

The free trade agreement is based on existing EU legislation. "Exporting EU-
style enforcement legislation to foreign trading partners is an (un)official
goal of EU policy", professor Annette Kur, Max Planck Institute Munich,
remarked in a presentation in December. She added: "If and where legislation
is (partly) flawed, export is no recommendable option."

The severe consequences of flawed enforcement legislation were on display in
the recent EU seizures of life saving medicine meant for developing
countries. After these seizures have became known, the Dutch Minister for
Developmental Aid, Bert Koenders, said that he wanted to change the EU rules
on the enforcement of intellectual property rights, and that he would even
like to violate these rules.

Ante Wessels commented: "The seizures of life saving medicine and the
treatment of software developers as hard core counterfeiters are two
consequences of flawed EU legislation. Europe should be well aware that if
we export this flawed legislation, the agreement will be binding. We will
not be able to repair our own legislation anymore."

EU - Korea Free Trade Agreement (15.10.2009)

FFII analysis (7.01.2010)

Presentation professor Annette Kur, Max Planck Institute Munich (18.12.2009)

EU seizures of life saving medicine meant for developing countries

Dutch Minister for Developmental Aid, Bert Koenders (25.06.2009)

EDRi-gram: Secret IPR measures in EU - South Korea trade agreement

(Thanks to Ante Wessels - FFII)

11. Recommended Action

Stop Digital Strip Search in airports

JOIN - Facebook Group: Stop Airport Strip Searches

ENDORSE - Privacy Coalition: Sign the Petition to the US Congress

ENDORSE: Madrid Privacy Declaration

SIGN - International Boycott of Body Scanners (IBBS)

SIGN - UK Petition to abandon the proposed rollout of airport body

12. Recommended Reading

Public Domain Day - 1 January

Creative Commons and Related Rights in Sound Recordings: Are the Two Systems

Europe's dysfunctional private copying levy to remain

13. Agenda

20-22 January 2010, Namur, Belgium
The Conference for the 30th Anniversary of the CRID - An Information Society
for All : A Legal Challenge

29-30 January 2009, Turin, Italy
"Cultural Commons" - First International Workshop

29-30 January 2009, Brussels, Belgium
Third edition of the Computers, Privacy and Data Protection -
CPDP 2010 - An Element of Choice

5 February 2009, Amsterdam, Netherlands
Big Brother Awards Netherlands 2010

6-7 February 2010, Brussels, Belgium

14-16 April 2010, Berlin, Germany
re:publica'10 - Conference about blogs, social media and the digital society
Call for Proposals deadline: 31 January 2010.

24 April 2010, London, United Kingdom
Open Knowledge Conference (OKCon) 2010
Call for Proposals deadline: 31 January 2010.

29-30 April 2010
EuroDIG 2010

26-28 May 2010, Amsterdam, Netherlands
World Congress on Information Technology

9-11 July 2010, Gdansk, Poland
Wikimedia 2010 - the 6th annual Wikimedia Conference

25-27 June 2010, Cluj, Romania
Networking Democracy?
New Media Innovations in Participatory Politics

13-17 September 2010, Crete, Greece
Privacy and Security in the Future Internet
3rd Network and Information Security (NIS'10) Summer School

14. About

EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 27 members based or with offices in 17 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRI-grams.

All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and visibly on the
EDRI website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at

Newsletter editor: Bogdan Manolea <edrigram at edri.org>

Information about EDRI and its members:

European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.
unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users

- Newsletter archive

Back issues are available at:

- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or

----- End forwarded message -----
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list