EDRi-gram newsletter - Number 9.11, 1 June 2011

Wed Jun 1 13:36:41 PDT 2011

============================================================

       EDRi-gram

biweekly newsletter about digital civil rights in Europe

Number 9.11, 1 June 2011

============================================================
Contents
============================================================

1. Battle over Passenger Data is heating up
2. UN report examines online censorship
3. European IP policy is crippling the European digital economy
4. G8 and e-G8 Summit on Internet freedom
5. EDPS: Data Retention Directive fails to meet data protection requirements
6. Finland: Blocking of domestic websites ruled illegal
7. Internet FoE: How should Europe battle online censorship?
8. MEPs approve body scanners on airports on a voluntarily basis
9. OSCE findings on Estonian e-voting
10. Internet governance dialogue in Belgrade 2011
11. Recommended Action
12. Recommended Reading
13. Agenda
14. About

============================================================
1. Battle over Passenger Data is heating up
============================================================

In late May 2011, the new draft agreements on the transfer and retention of
air passenger data between the EU and the United States and Australia
respectively have leaked to the public. The re-negotiation of the
agreements from 2007, which have since then been provisionally applied,
had become necessary after the European Parliament refused to vote on
them in May 2010.

The new agreements do not substantially improve the situation with
regards to the old ones. They both require that data of air passengers
is transferred to public authorities (DHS in the US, Customs and Border
Protection in Australia) ahead of a flight; they allow for profiling,
i.e. the use of data for sorting assengers into risk categories based on
pre-defined and secret criteria without an initial suspicion or criminal
lead; and they allow for retention of the data up to 5.5 (Australia) and
15 (US) years. There are also provisions for onward transfer of the data
to third agencies and countries.

The agreement with the US met heavy criticism both among EU member
states as well as among Members of the European Parliament, and provoked
an emergency reaction from the UK Justice secretary as well as the US
ambassador to the EU. At the moment, there are talks with the negotiator
(DG Home Affairs of the European Commission) to re-open the text, though
improvements have been made very unlikely by a recent resolution of the
US Senate that rejects European privacy demands.

The agreement with Australia is less prominent, but still highly
relevant. There is a small blocking minority in the Council, consisting
of Germany, France, Belgium, Czech Republic, Ireland, Austria and
Portugal, that is mainly concerned about the provisions on transfer to
third countries, and sometimes about the retention periods (Germany,
France). The Commission is not willing to re-negotiate, though. The
Council of Justice and Home Affairs Ministers on 9th/10th June might
overcome the blocking minority and the parliamentary reservations from
some countries, and adopt the agreement. At the moment, a veto in the
European Parliament is unlikely. In the worst case, the Australia
agreement may be concluded before the summer break and open the
floodgates for other such agreements, and for the first time accepting
profiling and preventive policing.

Privacy activists from EDRi members Mensenrechten.be, Digitale
Gesellschaft and FoeBuD, as well as from EDRi observer AK Vorrat and
other groups, met in Brussels from 27th to 30th May to do a legal,
technical and political analysis, coordinate their short-term work and
plan for long-term collaboration with others. A mailing list will be set
up shortly.

Comprehensive PNR Wiki by AK Vorrat
http://wiki.vorratsdatenspeicherung.de/Passenger_Name_Record

EDRi: Commission plans to present flawed, illegal PNR proposal as
"fait accompli" (23.05.2011)
http://www.edri.org/_illegal_PNR

EC COM(2011) 280 final - Proposal for a Council Decision on the
signature of the Agreement between the European Union and Australia on
the processing and transfer of Passenger Name Record (PNR) data by air
carriers to the Australian Customs and Border Protection Service
(19.05.2011)
http://www.statewatch.org/news/2011/may/eu-com-pnr-australia.pdf

EU Council Document 10453/11 - Draft Agreement between the United States
of America and the European Union on the use and transfer of Passenger
Name Record data to the United States Department of Homeland Security
(20.05.2011)
http://www.statewatch.org/news/2011/may/eu-usa-pnr-agreement-20-5-11-fin.pdf

The Guardian: US to store passenger data for 15 years (25.05.2011)
http://www.guardian.co.uk/world/2011/may/25/us-to-store-passenger-data

============================================================
2. UN report examines online censorship
============================================================

The right to seek, receive and impart information, and the right to express
oneself freely - rights which enable the exercise of a range of other human
rights - are increasingly being limited by impediments in online
communications, according to a report by the United Nations Special
Rapporteur on the promotion and protection of the right to freedom of
opinion and expression, Frank La Rue.

EDRi took part in an expert group that supported the Special Rapportur's
preparation of the report, which looks at prevailing tendencies in global
online freedoms. It will be submitted to the UN Human Rights Council this
week.

The report draws attention to mounting evidence that international
Internet-related policy and domestic regulations are failing to recognise
and respond appropriately to the changing makeup of public space in which
free speech is exercised. It reminds governments of their positive
obligation to protect these rights in a digital environment, denouncing the
surge in measures criminalising legitimate online expression. Some of the
findings include inadequate data protection and a "worrying trend of States
obliging or pressuring private actors to hand over information of their
users".

It also reminds members of the international community that the States'
responsibility to protect the rights of users also entails a duty to
investigate and prosecute the perpetrators of cyber-attacks directed at the
websites of organizations and individuals documenting government abuses.

Expressing "deep concern" about the growing number of laws that are enabling
monitoring, filtering and control of online content, the Special Rapporteur
concludes that these are often largely out of synch with their purported
aims. Increasingly sophisticated means of blocking content deemed to be
illegal are being introduced and implemented without the involvement of an
impartial regulatory body or a court order. Appropriate safeguards against
abuse and the means to challenge unwarranted interference were also often
found to be absent. This situation may result in the censorship of a
considerable amount of legal online material.

The report also raises a number of important issues concerning intermediary
liability, identifying some of the serious implications of offering the
private sector "unprecedented influence over individuals' right to freedom
of expression and access to information."

"Holding intermediaries liable for the content disseminated or created by
their users severely undermines the enjoyment of the right to freedom of
opinion and expression, because it leads to self-protective and over-broad
private censorship, often without transparency and the due process of law."

While praising legislative measures such as those introduced in Chile and
soon to be adopted in Brazil which clarify the legal position of
intermediaries, and welcoming provisions which limit their liability (as in
the case of "safe harbour" provisions in the US and E-Commerce Directive
guarantees in the EU), the Rapporteur admonishes attempts to pressure third
parties into complying with special interests, expressing "alarm" at
proposals to disconnect users based on accusations of violations of
intellectual property or other rights. These include efforts to penalize
alleged offenders by suspending their Internet services through laws based
on the idea of "three strikes" or "gradual response" - laws which are
currently in force in France.

The report concludes with recommendations, the majority of which are
directed at governments, calling for intensified efforts to ensure that
international human rights obligations are being met. It also addresses
commercial actors with a warning to be consistent with their
responsibilities, urging them to "continuously review the impact of their
services and technologies on the right to freedom of expression of their
users".

It is not at all clear how the struggle to maintain Net neutrality will
unfold, but the potential for creeping restrictions which protect business
and State interests rather than those of citizens, and the weighty
implications of this trend are becoming increasingly obvious. The
preservation of open and free "virtual public spaces" will ultimately depend
on the extent to which its beneficiaries are prepared to involve themselves
in a much more vigorous debate about the way that Internet governance will
be shaped.

UN Report
http://www2.ohchr.org/english/bodies/hrcouncil/docs/14session/A.HRC.14.23.pdf

============================================================
3. European IP policy is crippling the European digital economy
============================================================

European policy makers are strangling the digital economy, hurting consumers
and putting Europeans' fundamental rights at risk, according to a report
into the failures of IP policy making in Europe, published by EDRi on
24.05.2011. The report sets out how the EU has been making policy "blind",
building its strategies on faith not fact and ignoring objective, robust
evidence.

The report sets out a series of proposals that would add up to a radical
change of direction for EU IP policy. Following them would see Europe
maximise the value that society can get from works covered by intellectual
property at the same time as sustaining flourishing creative industries. The
result would be a boost to the EU economy, an improved environment for
creators, innovators and consumers, and a safeguarding of fundamental rights
of European citizens.

The report recommends that the EU:
- Harmonise exceptions to copyright to create legal certainty across the
EU about the permitted uses of works covered by IP;
- Establishes pan-European licensing arrangements as a matter of priority,
and tie future enforcement policy to the successful development of such
proposals;
- Abandons repressive enforcement measures that would materially damage
people's fundamental rights;
- Establishes a moratorium on the exporting of repressive IP enforcement
to third countries;
- Makes a firm commitment to robust, objective evidence and
re-evaluation of policy on the basis of it.

IPRs play an important role incentivising and rewarding creativity and
innovation. But the report argues that these benefits are now being
outweighed by IPRs' damaging effects on the creation and dissemination of
culture and technological innovation, and on fundamental rights such as
privacy and freedom of expression.

EDRi advocacy coordinator Joe McNamee said: "Policy makers face a choice.
They can enable a radical expansion of society's ability to access the
world's trove of information, culture and knowledge. Or they can
unnecessarily prevent a wide range of valuable activities from taking place
and, for no sound reason, pursue repressive enforcement measures that
cripple the democratising potential of new technology. Currently the EU is
choosing the latter. This report argues forcefully for a change of track to
embrace new technology and the best of what it offers."

EDRi Report
http://www.edri.org/files/IPR_shadowreport_110523.pdf

============================================================
4. G8 and e-G8 Summit on Internet freedom
============================================================

The results of the 37th edition of the G8 Forum that took place in
Deauville, France on 26-27 May 2011 and of the e-G8 meeting on Internet
issues organised by the French Presidency immediately before, are sending a
mixed message, on the one hand recognizing the "openness, transparency and
freedom of the Internet" and on the other hand announcing the "commitment to
ensuring effective action against violations of intellectual property rights
in the digital arena, including action that addresses present and future
infringements."

The civil society, represented by a large number of groups and associations,
including EDRi, sent a statement, before the e-G8 and G8 meetings, urging
the G8 Member States to "publicly commit to expanding internet
access for all, combating digital censorship and surveillance, limiting
online intermediary liability, and upholding principles of net  neutrality.

Additionally, a petition was launched by digital rights group Access - G8:
Protect the Net! - calling on the leaders of the Group of 8 to commit to
citizen-centred internet policies, which was signed by internet users from
over 100 countries.

The concerns were mostly related to the continuous tendencies of the
governments to limit the freedom of the Internet for political or
economical reasons. "Many G8 countries are actively pursuing policies that
would similarly seek to restrict and control access; (...) the increase of
restrictive policies in both the developed and developing world is a
regressive and deeply worrying trend," reads the statement which also showed
concern related to the lack of representation of the civil society at the
e-G8 and G8 meetings as the invite list was mostly limited to
representatives of governments and corporate leaders.

During the e-G8 forum, which was meant to prepare the issues related to
the Internet for the G8 summit, the civil society representatives such as
Jirimie Zimmermann, co-founder of  La Quadrature du Net, and John Perry
Barlow, co-fonder of the Electronic Frontier Foundation and author of the
Declaration of the Independence of Cyberspace, also tried to voice these
concerns.

Access, together with Zimmerman, staged an ad-hoc counter-forum civil
society press conference at the e-G8. Zimmerman led a panel of experts
including Harvard scholars Lawrence Lessig and Jochai Benkler, US journalist
Jeff Jarvis, former board member of ICANN Susan Crawford and
Secretary-general of Reporters without Borders Jean-Francois Julliard, who
collectively expressed their disappointment over the lack of adequate civil
society representation as well as the direction of the discussions. "The
free Internet must be defended before thought is given to regulating
content," said Julliard, "The priority for G8 governments should be
defending the Internet."

The Declaration on "Renewed Commitment for Freedom and Democracy" released
at the end of the G8 summit, includes 19 paragraphs on the Internet and
related issues and confirms to some extent the concerns expressed by the
civil society. The Declaration commits to defending intellectual property
rights rather than human rights such as the freedom of expression:
"Regarding the protection of the intellectual property, especially
copyrights, trade marks, commercial secrets and patents, we recognise we
must establish legislation and national frameworks to improve this aspect.
That is why we reaffirm our commitment to take firm measures against the
violations of the intellectual property rights within the digital space,
especially by procedures enabling the prevention of present and future
infringements."

The human rights organisation, Article 19, believes the Declaration has
failed to recognise the protection of human rights "as a core principle
above all others", having included it within a framework "to be balanced
with rule of law and protection of intellectual property."

In the groups' opinion, the Declaration ignores several international human
rights treaties, while endorsing restrictions on Internet speech "by
increasing enforcement of intellectual property such as through the
controversial Anti Counterfeiting Trade Agreement (ACTA) and domestic
"three-strikes laws" which fail to fully recognise - and often violate - the
right to freedom of expression."

Civil Society Statement to the e-G8 and G8
http://letter.accesslabs.org/Civil%20Society%20Statement%20to%20the%20eG8-finalg.pdf

G8 Declaration - Summit of Deauville - May 26-27, 2011
http://www.g20-g8.com/g8-g20/g8/english/live/news/renewed-commitment-for-freedom-and-democracy.1314.html

G8-The Deauville Declaration on Internet Fails to Recognise Importance of
Human Rights Including Freedom of Expression (28.05.2011)
http://www.i-policy.org/2011/05/g8-the-deauville-declaration-on-internet-fails-to-recognise-importance-of-human-rights-including-freedom-of-expression.html

eG8 Forum: Speeches by Jirimie Zimmermann & John Perry Barlow (partially
only in French, 24-25.05.2011)
http://www.waebo.com/eg8-discours-de-jeremie-zimmermann-john-perry-barlow.html

The Counter-forum Civil Society Press Conference, May 25 @ e-G8
http://vimeo.com/24218524

Civil Society Petition - G8: Protect the net!
https://www.accessnow.org/page/s/g8-protect-the-net

Access Blog: World Rallies to Save the Internet from G8
https://www.accessnow.org/policy-activism/press-blog/world-rallies-to-save-the-internet-from-g8

============================================================
5. EDPS: Data Retention Directive fails to meet data protection requirements
============================================================

Peter Hustinx, the European Data Protection Supervisor (EDPS) adopted, on 31
May 2011, an opinion on the European Commission's Evaluation Report on the
Data Retention Directive submitted on 18 April 2011 to the Council and the
European Parliament.

The EDPS has several times expressed his concerns related to the necessity
for retaining data on such a large scale in view of the rights to privacy
and data protection and has called for a clear demonstration that such a
measure is necessary and proportionate.

On the basis of the Commissions' Evaluation Report, the EDPS has drawn the
conclusion that the Data Retention Directive does not meet the requirements
set out by the rights to privacy and data protection, primarily because
the necessity for data retention has not been sufficiently demonstrated.
Hustinx also believes that data retention could be regulated in a less
privacy-intrusive way and that the Directive lacks foreseeability.

"Although the Commission has clearly put much effort into collecting
information from the Member States, the quantitative and qualitative
information provided by the Member States is not sufficient to draw a
positive conclusion on the need for data retention as it has been developed
in the Directive. Further investigation of necessity and proportionality is
therefore required, and in particular the examination of alternative, less
privacy-intrusive means" says the EDPS.

Also, in Hustinx's opinion, the present Directive leaves too much room for
Member States to decide on the purposes for which the data may be used,
on who can access the data and under which conditions.

Therefore, the EDPS calls on the Commission to seriously consider "all
options in the impact assessment including the possibility of repealing the
Directive". An eventual future data retention directive should be considered
only if the necessity of data retention, "supported and regulated by the EU,
could be sufficiently demonstrated, which includes a careful consideration
of alternative measures."

The respective directive should be exhaustive (with a clear and precise
purpose), proportionate (without going beyond what is necessary),
comprehensive and should "genuinely harmonise rules on the obligation to
retain data, as well as on the access and further use of the data by
competent authorities."

EDPS - Press Release (31.05.2011)
http://europa.eu/rapid/pressReleasesAction.do?reference=EDPS/11/6&format=HTML&aged=0&language=EN&guiLanguage=en

Opinion of the European Data Protection Supervisor on the Evaluation report
from the Commission to the Council and the European Parliament on the Data
Retention Directive (31.05.2011)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2011/11-05-30_Evaluation_Report_DRD_EN.pdf,

EDRi-gram: Top 10 misleading statements of the European Commission on data
retention (20.04.2011)
http://www.edri.org/edrigram/number9.8/data-retention-evaluation

EDRi-gram: Data retention in EU Council Meeting (18.05.2011)
http://www.edri.org/edrigram/number9.10/data-retention-eu-council

============================================================
6. Finland: Blocking of domestic websites ruled illegal
============================================================

The Helsinki Administrative Court has ruled that domestic websites may not
be placed on the secret blocking blacklist maintained by the police.

This is the latest turn in a long legal fight by Finnish activist Matti
Nikki, whose website lapsiporno.info (translates as "childporn.info") was
put on the secret blacklist in February 2008 and has remained on the list
ever since.

The Finnish blocking blacklist is based on a law passed in 2006 that allows
the police to create and maintain a secret list of websites in order to
prevent access to child pornography on foreign websites. The blacklist is
distributed to Internet service providers (ISPs), who may direct attempts to
access blacklisted sites to a page which says access is blocked due to the
child pornography blocking list. Using the secret blacklist is optional for
ISPs, but the Communications Minister at the time, Suvi Linden, made public
statements in 2008 that if the ISPs did not start using the list
voluntarily, it would be made mandatory. After an initial wave of adoption,
the list has been silently falling into disuse.

Nikki criticized the secret blacklist vocally, and discovered a large part
of the secret list by trying to load websites that he found links to. When
he published the list of websites he had discovered to be blocked, police
accused him of distributing child pornography and eventually put his website
on the secret blacklist.

One of Nikki's findings was that the top five Google search results for "gay
porn" were all blacklisted, even though there was nothing related to
children on the sites. Other brilliant highlights from the secret blacklist
include www.w3.org (yes, the World Wide Web Consortium!) and the memorial
page of a deceased Thai princess. An officer of the Central Criminal Police
famously quipped "Google is a browser" when asked why Google is not
blacklisted even though its search results contained the same links for
which Nikki's pages were placed on the blacklist.

Nikki appealed to the Administrative Court about his website being on the
secret blacklist. The Administrative Court ruled in May 2009 that it was not
possible to complain about being on the blacklist. Nikki appealed to the
Supreme Administrative Court, which ruled in September 2010 that indeed it
was possible to complain about being on the list and thus cleared the way
for complaints by Nikki and others who thought their sites had been put on
the list without a valid basis.

The case was returned to the Administrative Court, which has now ruled that
domestic sites may not be placed on the list. However, the court did not
rule on whether Nikki's site could be blocked if it were abroad. Thus, legal
uncertainty continues as to precisely what kinds of websites may be blocked.

One of the three judges filed a dissenting opinion to the ruling. In his
view, lapsiporno.info is circumventing the law by "distributing foreign
child porn via a website in Finland". Nikki's site does not in fact
distribute child pornography in any way. It only contains domain names from
the secret blocking list, all of which appear to host legal content. Out of
nearly a thousand domain names that Nikki found to be on the blocking list,
only a dozen seemed to contain illegal content and Nikki withheld them from
the list on his website. Nikki has instead reported actual child porn
websites to the police himself - only to find them still online a year
later as they turned up on the police's blacklist. Nikki has also analysed
child porn distribution mechanisms and suggested methods for attacking the
phenomenon, but these have fallen on deaf ears. Chasing criminals in
"inaccessible" countries such as USA, UK and continental Europe might entail
real work - it seems easier to just sweep the criminal activity
under a carpet.

The Administrative Court held that Nikki had to pay his own legal fees,
because "since the law is unclear, inclusion of his website on the blacklist
cannot be seen to have resulted from an error by the authorities". This
sends a message that complaining about actions of authorities, even if they
acted against the law, will be expensive for a citizen.

Nikki is again considering an appeal to the Supreme Administrative Court. At
the same time, IFPI Finland has started a court process to block The Pirate
Bay at ISP level, which would - if successful - create a new category of
blocked sites.

The court ruling (only in Finnish)
http://effi.org/e/lapsiporno.info-hao-2011.pdf

HS.fi: IFPI Finland orders Elisa internet service provider to prevent its
clients from accessing Pirate Bay website:
http://www.hs.fi/english/article/IFPI+Finland+orders+Elisa+internet+service+provider+to+prevent+its+clients+from+accessing+Pirate+Bay+website/1135266471582

IFPI Press Release (only in Finnish)
http://antipiracy.fi/ajankohtaista/217/suomalaiset-musiikkituottajat-haastavat-pirate/

EDRi-gram: Finland: Complaints not allowed for the Police child-porn
censorship list
http://www.edri.org/edri-gram/number7.12/lapsiporno-trial-finland

EDRi-gram: ENDitorial: Finnish web censorship
http://www.edri.org/edrigram/number6.4/finland-web-censorship

(Contribution by Timo Karjalainen- EDRi-member Electronic Frontier Finland
(Effi))

============================================================
7. Internet FoE: How should Europe battle online censorship?
============================================================

On 23 May 2011, there was an event in the International Press Centre in
Brussels, hosted by ECIPE. Participants in the event were Erika Mann
(Executive Vice President, CCIA; Board Member, ICANN), William Echikson
(Head of Free Expression, EMEA, Google), Marietje Schaake (Member of the
European Parliament, the Netherlands), Hosuk Lee-Makiyama (Director, ECIPE),
Uri Rosenthal (Dutch Minister for Foreign Affairs) and Carl Bildt (Swedish
Minister for Foreign Affairs).

Erika Mann said that the politics and governments were dividing the
Internet. With regard to the EU, she said that preaching of freedom across
the world would not have the desired effect if the EU did not implement this
freedom in its own legal system.

William Echikson noted that Google's business depended on the free flow of
information. As regards current challenges, he referred to the Italian
YouTube case, in which three Google employees were convicted of privacy
violations because students at a school in Turin uploaded a video to YouTube
that showed the bullying of an autistic child. He said that, in this
particular case, convicting Google employees was the same as making a
postman for carrying the contents of the post.

Marietje Schaake MEP (ALDE Group, the Netherlands) said that we needed a
global internet strategy. She also said that there were some remarks from
China that the EU could not ask other countries to respect the freedom of
the Internet if the EU did not guarantee such freedom to its own citizens.

Ms Schaake described some of the challenges related to the Internet. They
were: (1) Net neutrality, (2) Enforcement of Intellectual Property Rights,
(3) ACTA, (4) Cybersecurity. The Dutch MEP also said that the potential
solutions to the last three of these challenges should be investigated as to
whether they are a "medicine" to the problem or a "disease" in their own
right. Finally, Ms Schaake concluded that EU e-policy should mainstream the
Internet freedom and ensure that there was a democratic oversight and
transparency.

Uri Rosenthal pointed out that the freedom of expression is the core of
every free nation. Moreover, freedom of expression opened the door to many
other human rights. On the Internet, freedom of expression had to be
defended. In order to do that, the public and private sector should act
together. This is because the Internet freedom was a multi-stakeholder
issue. Mr Rosenthal said that the Netherlands proposed EU-level restrictions
on exporting equipment used for limiting the freedom of the Internet and
supports for circumvention technologies. The Dutch Minister for Foreign
Affairs also expressed his support to cyber dissidents around the world.

Carl Bildt said that the present progress in information technology was only
the beginning of the Internet. He added that, since the Internet is so
valuable for development that the EU should support its fast development.

He stated that freedom and security were also important. In order to ensure
these goals, there was a need of a global strategy. This is because a global
impact could be achieved only by a global action. The Swedish Minister for
Foreign Affairs also noted that Sweden provided financial support to NGOs
located all around the world to fight against filtering and blocking. He
argued that setting people free allowed development. With regard to the
recent US Strategy for cyberspace, he said that he supported it. However,
the EU should also support it. In an amusing swipe at President Sarcozy, in
response to a reference to the "civilised Internet", he replied "Civilised
Internet? Perhaps we should first launch a civilised telephone system where
people only say nice things."

Carl Bildt remarks on Digital Authoritarianism at The European Centre for
International Political Economy (ECIPE) Brussels (23.05.2011)
http://www.regeringen.se/sb/d/7417/a/169243

ECIPE Study
http://www.ecipe.org/digital-authoritarianism-human-rights-geopolitics-and-commerce/PDF

(Contribution by Daniel Dimov - EDRi intern)

============================================================
8. MEPs approve body scanners on airports on a voluntarily basis
============================================================

As the European Commission plans new rules to add body scanners to the list
of EU-authorised methods for passenger screening, the European Parliament,
which has the right to veto, made its position known on 24 May 2011, by
approving a report that backs the use of body scanners provided they don't
interfere with passenger privacy or pose health risks.

MEPs on the Transport Committee agreed that the use of body scanners in EU
airports would enhance security but considered the method should be used
voluntarily.

The report, that is to be voted in the plenary on 23 June, asks for several
conditions to be met on body scanners, including a ban on scanners using
ionising radiations, like x-rays, and the necessity of using the least
harmful technology, so as to ensure the passengers' health.

"We need to be sure that the new equipment will not impact people's health.
Therefore, x-ray scans should be rejected," said Luis de Grandes Pascual,
the MEP who drafted the report.

The US Transportation Security Administration has insisted, in its turn,
that the radiation from airport body scanners poses no threat to health and
that every x-ray backscatter unit was operating "well within applicable
national safety standards".

MEPs believe the use of body scanners should be made by also ensuring the
protection of the personal data, dignity and privacy, the report asking for
the use of only "stick figures" without body images being produced, and
without storage of the obtained figures. To be sure of that, "the technology
used must not have the capabilities to store or save data". Moreover, the
passengers must be able to opt for a manual search instead of a body scan
and the scans should be random and non-discriminatory.

According to the report, the Member States should provide extra control
points and security staff to ensure that passengers are not slowed down by
the need to pass through body scanners. MEPs also call for international
aviation security coordination with mutual recognition of measures and
one-stop security systems in order to ensure that passengers, luggage and
cargo at EU airports are screened only once.

Presently, body scanners are in use in UK and Dutch airports and have been
tested in Germany, Italy, France and Finland.

MEPs back body scanners but want strict safeguards (26.05.2011)
http://www.europarl.europa.eu/en/headlines/content/20110520STO19907/html/MEPs-back-body-scanners-but-want-strict-safeguards

Information on body scanners and safety from TSA
http://www.tsa.gov/approach/tech/ait/safety.shtm

Information on body scanners from the European Commission
http://ec.europa.eu/transport/air/index_en.htm

Controversial body scanners continue to cause transatlatic divide
(26.05.2011)
http://www.independent.co.uk/life-style/health-and-families/controversial-body-scanners-continue-to-cause-transatlatic-divide-2289193.html

Strict safeguards needed for airport body scanners, say MEPs (24.05.2011)
http://www.europarl.europa.eu/fi/pressroom/content/20110523IPR19946/html/Strict-safeguards-needed-for-airport-body-scanners-say-MEPs

Draft Report on aviation security, with a special focus on security
scanners - Committee on Transport and Tourism (23.02.2011)
http://www.europarl.europa.eu/meetdocs/2009_2014/documents/tran/pr/834/834389/834389en.pdf

EDRi-gram: EESC condemns body scanners as a breach of fundamental rights
(23.02.2011)
http://www.edri.org/edrigram/number9.4/body-scanners-breach-privacy

============================================================
9. OSCE findings on Estonian e-voting
============================================================

In its report of 16 May 2011, the Office for Democratic Institutions and
Human Rights (ODIHR) of the Office of Security and Cooperation in Europe
(OSCE) found Estonia's March 6 parliamentary elections, including the
Internet voting, as trustworthy, although several elections monitors have
pointed out a series of procedural and technical issues.

"The Riigikogu elections were conducted in an environment characterized by
respect for fundamental rights and freedoms and a high degree of trust in
the impartiality of the election administration. Election stakeholders
expressed confidence in the overall process, including the Internet voting.
Voters had an opportunity to make an informed choice among a field of
candidates representing a variety of political alternatives," is ODIHR's
conclusion.

However, the report expresses the belief that there is room for "improvement
of the legal framework, oversight and accountability, and some technical
aspects of the internet voting system." The weakest point, according to the
report, is that the Estonian legislation doesn't deal with significant
issues such as the situations that would allow the National Electoral
Committee (NEC) to declare Internet voting invalid or the way in which the
voters should become aware of the fact that they had to recast their ballots
on election day.

Another point of emphasis was that none of NEC staff or members had the
necessary know-how to carry out oversight procedures without strongly
relying on the IT department of the Parliament and therefore, the report
recommended the development of technical expertise within the committee.

Also, the results of the test made by NEC on the e-election system were not
made public and therefore more transparency would be necessary. A disaster
recovery plan was also recommended in the report, as the system maintenance,
as performed during the elections, might create security issues.

After the elections, student Paavo Pihelgas asked in court for the
invalidation of the electronic voting results claiming the software used in
the electronic voting was flawed and a virus could theoretically change a
vote without the voter's knowledge.

The student conducted a series of experiments with volunteers in order to
prove his point. According to the law, the Supreme Court can nullify
election results in case of violation of voter rights that had or may have
had a significant effect on the election outcome.

As Pihelgas participated in the test wilfully, the Supreme Court's
Constitutional Review Chamber decided on 21 March that his voter's rights
had not been infringed as long as he had knowingly put himself into the
situation where his vote hadn't reached the electoral committee web server.

Therefore, since only an established violation can lay at the basis of the
nullification of the election result, a hypothetical possibility that
someone's computer may have been infected with a similar type of virus
without that voter's knowledge, could not constitute enough cause for
nullification.

In this matter, the OSCE recommended the creation of a mechanism that would
allow a voter to check whether his or her vote had been changed.

OSCE Calls for Enhancements to Internet Voting (17.05.2011)
http://news.err.ee/Sci-Tech/2cf34a80-6dfd-4764-aa67-1d2cf4ca879e

Supreme Court Rejects Last Voter Complaint (23.05.2011)
http://news.err.ee/Politics/bbb598aa-586b-4981-9f7e-88273b5a25c0

Parliamentary Elections - 6 March 2011 - OSCE/ODIHR Election Assessment
Mission Report (16.05.2011)
http://www.osce.org/odihr/77557

============================================================
10. Internet governance dialogue in Belgrade 2011
============================================================

The 4th European Dialogue on Internet Governance (EuroDIG) took place in
Belgrade on 30-31 May 2011 covering a lot of debates on a large area of
issues on concepts of Internet Governance, from freedom of expression to
privacy and cybersecurity.

The opening session was marked by Internet freedom concepts with the opening
video speech by Carl Bildt, the foreign minister of Sweden who noted that
"the blocking and filtering of content, popular in certain quarters, should
be avoided. I think it is a disturbing fact that more governments have
become more sophisticated in trying to monitor the behaviour and also, to a
certain extent to censor, the content of the net. We must send a strong
message that according to the values that we represent, this is simply not
acceptable."

He also claimed that Europe should have a unitary voice asking for freedom
on the Internet: "I would say that from the European point of view, our
emphasis should be on the freedom issues of the net, the other voices in the
world that are pressing in another direction and we should be on our guard
against those particular tendencies. And I think we need to develop as
unified and as strong European voice on these issues as we can."

His speech follows a similar stand for Internet freedom taken a few days
before, in an event held on 23 May 2011 in Brussels (reported in a
previous EDRi-gram article).

In a data protection workshop on the first day, the panel, including
Katarzyna Szymielewicz from EDRi-member Panoptykon Foundation Poland,
participants debated the review of the privacy standards, with an
emphasis on the right to oblivion, as a new principle to be included in the
review of the data protection legislative tools. The workshop also
underlined the tension between the right to privacy and some new business
models, a tension which should not lead to diminishing the protection of
privacy.

A plenary on "new media" of the second day involved a lot of participants
trying to debate the notion of new media, editorial control, trust in mass
medium sources and freedom of expression. The discussion drew on the
current work undertaken by the Council of Europe to develop a "new notion of
media", already covered in the EDRi-gram. An interesting debate on the paid
vs. free media focused on the fact that for the free media there is a price
to be paid as well, but it is just not visible. You can pay by giving your
personal information or you can pay via advertisement. Another part of the
debate was if the media law needed to be changed and in what direction. In
this respect, Meryem Marzouki from EDRi underlined that such a regulation on
a new media should be possible only if the purpose was "to ensure plurality
of views and to ensure the public interest."

The conclusions of the meeting underlined the openness of conversations, the
challenge of incorporating different perspectives and the importance of
maintaining a bottom up approach to internet policy issues. An active
participation of the youth is also worth noting, some of them also
participants in the New Media Summer School, with strong public positions in
favour of preventing censorship and promoting freedom of expression and net
neutrality during the debates.

The next EuroDIG conference will take place in Sweden in 2012.

Eurodig 2011 (30-31.05.2011)
http://www.eurodig.org

Carl Bildt at EuroDIG 2011 (30.05.2011)
http://www.youtube.com/watch?v=GLLpW4s7WTo

New Media Summer School (27.05.- 1.06.2011)
http://newmediasummerschool.eu/

EDRi-gram: ENDitorial:CoE: A New Notion of Media. For Better or For Worse?
(20.04.2011)
http://www.edri.org/edrigram/number9.8/coe-new-notion-of-media

============================================================
11. Recommended Action
============================================================

Open letter against ACTA - expression of concern initiated by some European
medialabs collaborate in LABtoLAB, a two year programme of collective
reflection on informal learning. (05.2011)
http://www.labtolab.org/~labtolab/wiki/index.php/Acta_expression_of_concern#SUPPORT_THE_TEXT

============================================================
12. Recommended Reading
============================================================

Internet matters: The Net's sweeping impact on growth, jobs, and prosperity.
(05.2011)
http://www.mckinsey.com/mgi/publications/internet_matters/pdfs/MGI_internet_matters_full_report.pdf

State of the Internet in Europe (25.05.2011)
http://owni.fr/2011/05/25/carte-internet-europe-regulation-filtrage-copyright-droit-liberte-utilisateurs/

Google boss: anti-piracy laws would be disaster for free speech (18.05.2011)
http://www.guardian.co.uk/technology/2011/may/18/google-eric-schmidt-piracy

Author Attitudes Towards Open Access Publishing (27.04.2011)
http://www.intechweb.org/public_files/Intech_OA_Apr11.pdf

Freedom of Connection, Freedom of Expression: UNESCO launches new
publication (25.05.2011)
http://portal.unesco.org/ci/en/ev.php-URL_ID=31398&URL_DO=DO_TOPIC&URL_SECTION=201.html

============================================================
13. Agenda
============================================================

2-3 June 2011, Krakow, Poland
4th International Conference on Multimedia, Communication, Services and
Security organized by AGH in the scope of and under the auspices of INDECT
project
http://mcss2011.indect-project.eu/

3 June 2011, Florence, Italy
E-privacy 2011 and Big Brother Awards 2011
http://e-privacy.winstonsmith.org/

4-5 June 2011, Bonn, Germany
PolitCamp 2011
http://11.politcamp.org

12-15 June 2011, Bled, Slovenia
24th Bled eConference, eFuture: Creating Solutions for the Individual,
Organisations and Society
http://www.bledconference.org/index.php/eConference/2011

14-16 June 2011, Washington DC, USA
CFP 2011 - Computers, Freedom & Privacy
"The Future is Now"
http://www.cfp.org/2011/wiki/index.php/Main_Page

11-12 July 2011, Barcelona, Spain
7th International Conference on Internet, Law & Politics (IDP 2011): Net
Neutrality and other challenges for the future of the Internet
http://edcp.uoc.edu/symposia/lang/en/idp2011/?lang=en

24-30 July 2011, Meissen, Germany
European Summer School on Internet Governance 2011
http://www.euro-ssig.eu/

27 - 30 October 2011, Barcelona, Spain
Free Culture Forum 2011
http://fcforum.net/

============================================================
14. About
============================================================

EDRi-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRi has 28 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRi-grams.

All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and are visible on
the EDRi website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/

Newsletter editor: Bogdan Manolea <edrigram at edri.org>

Information about EDRI and its members:
http://www.edri.org/

European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.
Unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edri/2.html

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or
unsubscribing. 

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE