EDRi-gram newsletter - Number 9.12, 15 June 2011
EDRI-gram newsletter
edrigram at edri.org
Wed Jun 15 10:44:46 PDT 2011
============================================================
EDRi-gram
biweekly newsletter about digital civil rights in Europe
Number 9.12, 15 June 2011
============================================================
Contents
============================================================
1. European Commission consults with civil society on data retention
2. Irish "three strikes" system investigated by Data Protection Commissioner
3. European Commission consultation on IPR enforcement
4. UK: The Home Office's Prevent Strategy includes Internet filtering
5. Facebook's face recognition raises privacy complaints
6. Germany: Police statistics prove data retention superfluous
7. Big Brother Awards Italy 2011
8. ENDitorial: Hello CIRCAMP web blocking, goodbye democracy
9. Recommended Action. Smart meters: Let's be clever and team up
10. Recommended Reading
11. Agenda
12. About
============================================================
1. European Commission consults with civil society on data retention
============================================================
Last week, the European Commission held the first of its series of
consultation meetings with different groups of stakeholders on the revision
of the infamous Data Retention Directive. The first meeting was with the
"civil society", including representatives of industry and one lobbying
company representing unspecified clients.
The meeting was originally intended to address the details of the Directive.
However, civil society representatives broadly took the view that it was
impossible to have a coherent discussion on the Directive itself, if the
Member States were going to fail to provide credible data to the Commission
for its decision-making process. As evidenced by the Commission's
Implementation Report, there is simply not enough data available from the
Member States to show that the Directive is "necessary" (the minimum
requirement for it to be legal).
Participants at the meeting felt that if the Commission was going to be
forced to defend the Directive using anecdotes about the use of data that
would have been retained even in the absence of the Directive, the whole
process, including the consultations, would be undermined. In particular,
participants requested that the Commission only used information from Member
States related to data stored under the Directive. Also older data should be
considered "necessary" only if the delay in accessing the data could have
been avoided through better police cooperation.
The Commission asked for an expert from the Council of Europe to present a
law enforcement view of the relative merits of data retention and data
preservation. The expert, from the Serbian police, explained that long-term
retention of data is the only solution and compared the proportionality of
retaining vast amounts of data in relation to innocent and unsuspected
citizens to trawling the Danube to find a dead body. The fact that the river
is big is not a reason not to find the body. It was unclear who he was
representing at the meeting.
Despite that, the overall feeling is that the meeting was productive. The
concerns raised appear to have been taken on board by the Commission, which
will take our demands to their meeting with the law enforcement authorities
and the communications industry. Participants also appreciated the
willingness of the Commission to acknowledge the fact that political
decisions have already been taken on the dossier and the Commission's
promise that a serious evaluation of data preservation would be included in
the upcoming impact assessment.
The Commission has the unenviable task of trying to
extract the necessary data from the Member States and the probably
impossible task of producing a revised legislative proposal which is both
legal and which will not end up gathering dust on a shelf in the Council of
Ministers after being vetoed by certain large Member States.
European Commission Data Retention Evaluation Report (18.04.2011)
http://ec.europa.eu/commission_2010-2014/malmstrom/archive/20110418_data_retention_evaluation_en.pdf
EDRi Shadow Report (17.04.2011)
http://www.edri.org/files/shadow_drd_report_110417.pdf
Panoptykon Foundation article on the meeting (only in Polish, 10.06.2011)
http://www.panoptykon.org/wiadomosc/pomieszanie-jezykow-komisja-europejska-rozmawia-z-organizacjami-pozarzadowymi-o-retencji-d
(Contribution by Joe McNamee - EDRi )
============================================================
2. Irish "three strikes" system investigated by Data Protection Commissioner
============================================================
The Irish Data Protection Commissioner is investigating the Eircom / music
industry three strikes system, a report in the Sunday Times has revealed.
According to the story by Mark Tighe, predictions that Eircom would end up
falsely accusing innocent users have now proved correct, with over 300 users
wrongfully being sent a "first strike" letter accusing them of sharing
music.
Eircom have admitted to the mistakes, stating that "this was due to a
software failure caused when the clocks went back last October". However,
far from being a technical sounding "software failure", this appears to show
up failings in relation to a very basic aspect of network management - i.e.
making sure that the server clock reflects daylight savings time. As a
result, it seems that users found themselves being accused on the basis of
what somebody else did from the same IP address either an hour earlier or an
hour later. Consequently, the users who were wrongfully accused should
consider themselves lucky that this incompetence did not lead to their being
accused of a serious crime - for example, being arrested and having their
homes searched due to the wrong time being used (as has previously happened
e.g. to a number of Indian users).
The significance of this case goes well beyond simple technical failings
however, as the complaint to the Data Protection Commissioner has triggered
a wider investigation of the legality of the entire three strikes system.
According to the Sunday Times, "the DPC said it was investigating the
complaint 'including whether the subject matter gives rise to any questions
as to the proportionality of the graduated response system operated by
Eircom and the music industry'."
This is unsurprising. When the Eircom / music industry three strikes
settlement was being agreed, the Data Protection Commissioner identified
significant data protection problems with it. These problems remain,
notwithstanding the deeply flawed High Court judgement which permitted the
parties to operate the system - a judgement which, for example, decided on
the question of whether or not IP addresses are personal data without once
considering the views of the Article 29 Working Party. The Data Protection
Commissioner was not convinced by that judgement (it was
problematic at least in part because the Commissioner was not represented -
the only parties before the court had a vested interest in the system being
implemented). However, until a concrete complaint arose no further action
could be taken.
The complaint in this case has now triggered that action, and it seems
likely that the Commissioner will reach a decision reflecting his previous
views that using IP addresses to cut off customers' internet connections is
disproportionate and does not constitute "fair use" of personal information.
If so, the Commissioner has the power and indeed the duty to issue an
enforcement notice which would prevent Eircom from using personal data for
this purpose - an outcome which would derail the three strikes system unless
Eircom successfully challenges that notice before the courts, or unless the
music industry were to succeed in its campaign to secure legislation
introducing three strikes into Irish law.
Eircom investigated after falsely accusing customers of piracy (5.05.2011)
http://www.thesundaytimes.co.uk/sto/news/ireland/article642095.ece
Data Protection Commissioner investigating Eircom's "three strikes" system
(11.06.2011)
http://www.tjmcintyre.com/2011/06/300-false-accusations-data-protection.html
(Contribution by TJ McIntyre - EDRi-member Digital Rights Ireland)
============================================================
3. European Commission consultation on IPR enforcement
============================================================
Last week, the European Commission organised an open consultation on
"Directive 2004/48/EC on the enforcement of intellectual property rights:
Challenges posed by the digital environment". The meeting opened with
initial presentations from Jonathan Faull, Director General of the Internal
Market Directorate General of the Commission, Margot Frvhlinger, Director of
the Copyright Directorate of the Commission and Bryan Cassidy of the
Economic and Social Committee.
The Commission then made a presentation of the not yet final summary of the
consultation on the IPR Enforcement Directive. The consultation generated
165 replies from individual citizens and 297 replies from organisations were
received within the deadline. The main trends were that:
- Member States were divided between wanting the Directive to be updated and
believing that the legislation has not been in place long enough to be
properly analysed. Eight believe that ISP liability should be increased
while seven believe that it should not change;
- Rightsholders are keen to separate liability from the right to impose
injunctions (as a method of circumventing the safeguards in the E-Commerce
Directive, which are restricted to situations where ISPs are subject to
liability for content).
Oddly, the Commission's view of all of the replies from user
groups was that end users did not like increased ISP liability because of
fears regarding costs (and not the dangers that this creates for privacy,
freedom of expression, net neutrality, innovation and competition)
During the presentations, rightsholder groups variously suggested
comprehensive policing of the Internet by ISPs, extra-judicial blocking and
takedown of content, mass surveillance via deep packet inspection and using
the domain name system to police and "remove" content.
Various consumer and citizens' organisations, including EDRi, raised a
variety of questions about the approach of the rightholder groups, in
particular:
- the appropriateness of permitting, encouraging or coercing
Internet intermediaries to police online communications;
- the extent to which the legitimacy of current copyright law is
definitively broken, as indicated by the apocalyptic levels of infringements
described by the rightholders;
- the wider costs (also for rightholders) for openness and
innovation on the Internet as a result of ISPs being forced into a
"gatekeeper" role;
- the fact that rightholders groups are simultaneously fighting
against measures that would lead to more legal offers, such as a "one stop
shop" for rights clearance and then complaining about the infringements that
are caused by a lack of legal offers;
- the over-reliance on dubious studies on the impact of
infringements, which often use questionable methodology and overlook
numerous credible studies that present a very different picture including
the report from the HADOPI authority itself, which shows that "pirates"
spend the most money on cultural goods;
- the need to address the issue of exceptions and limitations to
copyright to ensure a more balanced and innovative environment.
None of these points were addressed to any significant extent by the
rightholder groups. This, together with the very clear message to the
Commission that work on a revision of the Directive must take account all
the available research, left a very positive impression that the outcome of
the meeting had been a forceful communication of the views of civil society
and a better awareness of the lack of balance of the approach to date.
EDRi response to the IPRED consultation
http://www.edri.org/files/edri_ipred_110331.pdf
European Commission web page on IPR enforcement
http://ec.europa.eu/internal_market/iprenforcement/directives_en.htm
EDRi study on the side from self-regulation to corporate censorship
http://www.edri.org/files/EDRI_selfreg_final_20110124.pdf
(Contribution by Joe McNamee - EDRi)
============================================================
4. UK: The Home Office's Prevent Strategy includes Internet filtering
============================================================
The UK Home Office has recently published its new version of the Prevent
Strategy aimed at countering terrorism, which includes worrying suggestions
about the necessity of Internet filtering.
Besides the fact that one can read in the Prevent Strategy that "Internet
filtering across the public estate is essential", the document also suggests
the Home Office's intention to consider "the potential for violent and
unlawful URL lists to be voluntarily incorporated into independent national
blocking lists, including the list operated by the Internet Watch
Foundation".
The document seems to ignore issues related to transparency, censorship or
accountability as well as the technical and financial consequences, in one
more attempt to solve a series of social problems by blocking access to
the Internet as the source of all evils.
The strategy takes no consideration of the fact that, as UN Special
Rapporteur Frank La Rue pointed out in his Report on the promotion and
protection of the right to freedom of opinion and expression, website
blocking would be a violation of rights to freedom of expression.
Furthermore, what is even more worrying is the tendency towards ignoring
legal means in establishing the unlawfulness of a site and blocking it. The
strategy says nothing about the legal process leading to blocking the access
to a site - quite the contrary, there seems to suggest the need for
collaboration between law enforcement authorities and the Internet industry
that would result in voluntary removal on Internet content.
"This work will require effective dialogue with the private sector and in
particular the internet industry. It will also require collaboration with
international partners: the great majority of the websites and chat rooms
which concern us in the context of radicalisation are hosted overseas," says
the strategy report.
Moreover, according to the strategy report, TACT (the Terrorism Act) allows
the Government to charge website owners with encouraging terrorism and
publishing terrorist information if they do not remove unlawful content.
"TACT provides that those served with notices who fail to remove, without
reasonable excuse, the material that is unlawful and terrorism-related
within a specified period are treated as endorsing it."
As many freedom advocates have several times emphasised, blocking access to
Internet sites is no real solution in preventing harms, while affecting, at
the same time, the users' rights to freedom of expression and access to
information.
Censorship of the Internet is also suggested by Reg Bailey, Chief Executive
of the UK Mothers Union, who has recently published a series of worrying
recommendations for privacy and confidentiality of communications.
In his "Letting Children be Children - Report of an Independent Review of
the Commercialisation and Sexualisation of Childhood", Bailey suggests
making it easier for parents to block adult and age-restricted material from
the Internet by providing "a consistent level of protection across all
media" and that, "as a matter of urgency, the internet industry should
ensure that customers must make an active choice over what sort of content
they want to allow their children to access".
The implication of Bailey's report, which seems to entirely disregard the
censorship issues and the technical implications of the measures proposed,
is that the entire UK telecom industry should impose communications
surveillance, with Internet users forced to "opt out" of the censorship.
"Specifically, we would like to see industry agreeing ... that when a new
device or service is purchased or contract entered into, customers would be
asked to make an active choice about whether filters should be switched off
or on: they would be given the opportunity to choose to activate the
solution immediately, whether it be network-level filtering by an ISP or
pre-installed software on a new laptop."
Again, the most unrealistic measures are being considered because they are,
apparently, the simplest, in an attempt to eliminate the symptoms and not
the causes. Real measures such as the education and supervision of children
by their parents don't really seem to be encouraged.
Home Office - Prevent Strategy
http://www.homeoffice.gov.uk/counter-terrorism/review-of-prevent-strategy/
Home Office Prevent strategy claims: 'Internet filtering is essential'
(10.06.2011)
http://www.openrightsgroup.org/blog/2011/prevent-strategy-claims:-internet-filtering-is-essential
UK 'blacklist' of terrorist-supporting websites should be developed,
Government says (8.06.2011)
http://www.out-law.com/page-11988
Media industry relaxed over Bailey report on sexualisation of children
(7.06.2011)
http://www.guardian.co.uk/media/2011/jun/07/media-industry-bailey-report-sexualisation-of-children
Mothers Crawl Into Bed with Big Brother (7.06.2011)
https://nodpi.org/2011/06/07/mothers-crawl-into-bed-with-big-brother/
UN - Human Rights Council - Report of the Special Rapporteur on thepromotion
and protection of the right to freedom of opinion and expression, Frank La
Rue (16.05.2011)
http://www2.ohchr.org/english/bodies/hrcouncil/docs/17session/A.HRC.17.27_en.pdf
============================================================
5. Facebook's face recognition raises privacy complaints
============================================================
Facebook has again been criticised by privacy advocates for its facial
recognition feature that has recently been added to the social networking
service, world-wide, without any previous announcement to its users.
Facebook users have the possibility to 'tag' themselves and their friends in
the photos they upload to the site with pop-up captions that identify the
people in the respective pictures. The new face recognition feature, which
was launched in 2010 in US, now suggests automatically the names of people
featured in photos uploaded by users.
"Once again, Facebook seems to be sharing personal information by default,"
said Graham Cluley of IT security firm Sophos who added: "Many people feel
distinctly uncomfortable about a site like Facebook learning what they look
like, and using that information without their permission. (...) Most
Facebook users still don't know how to set their privacy options safely,
finding the whole system confusing. It's even harder though to keep control
when Facebook changes the settings without your knowledge. (...) The onus
should not be on Facebook users having to 'opt-out' of the facial
recognition feature, but instead on users having to 'opt-in'. Yet again, it
feels like Facebook is eroding the online privacy of its users by stealth."
Facebook replied that the users could alter their settings so that their
name would not be suggested for tagging. Beth Givens, director of the
Privacy Rights Clearinghouse, considered that Facebook should have rather
included an "opt-in" system for its users rather than applying an automatic
tagging, letting them decide if they wanted the feature in the first place.
The Electronic Privacy International Center (EPIC) has organised a complaint
to the Federal Trade Commission in the US and asked several other privacy
groups to sign it. Marc Rotenberg, president of EPIC, said the system raised
questions related to personally identifiable information, such as email
addresses, that would be associated with the photos in Facebook's database.
The UK Data Protection Authority (Information Commissioner's Office - ICO)
also made an official statement on the matter asking Facebook to tell users
how they use personal information stored about them. "The privacy issues
that this new software might raise are obvious and users should be given as
much information as possible to give them the opportunity to make an
informed choice about whether they wish to use it. We are speaking to
Facebook about the privacy implications of this technology," the ICO said.
Facebook's new feature will be studied by ICO, but also by the Article 29
Working Party.
"Tags of people on pictures should only happen based on people's prior
consent and it can't be activated by default," said Girard Lommel, a
Luxembourg member of the Working Party who added that automatic tagging
suggestions "can bear a lot of risks for users" and the European data
protection officials would "clarify to Facebook that this can't happen like
this."
Having in view the reactions, Facebook admitted it had not handled the
situation properly. "We should have been more clear with people during the
roll-out process when this became available to them," was the company
statement of 8 June. The company has added an option letting users opt out
of the new feature, though it did not alert them when the new feature took
effect or when the option was added.
Facebook hit by privacy complaints (9.06.2011)
http://www.ft.com/cms/s/2/00b50d52-9253-11e0-9e00-00144feab49a,dwp_uuid=9a36c1aa-3016-11da-ba9f-00000e2511c8.html
Data protection watchdogs to probe Facebook about its use of facial
recognition technology (9.06.2011)
http://www.out-law.com/page-11992
Facebook 'Face Recognition' Feature Draws Privacy Scrutiny (8.06.2011)
http://www.nytimes.com/2011/06/09/technology/09facebook.html?_r=2&partner=rss&emc=rss
Facebook criticised for not telling users about new facial recognition
feature (8.06.2011)
http://www.out-law.com/page-11987
Facebook in new privacy row over facial recognition feature (8.06.2011)
http://www.guardian.co.uk/technology/2011/jun/08/facebook-privacy-facial-recognition
============================================================
6. Germany: Police statistics prove data retention superfluous
============================================================
The national crime statistics recently published by Germany's Federal Crime
Agency reveal that after the policy of blanket telecommunications data
retention was discontinued in Germany due to a Constitutional Court ruling
on 3 March 2010, registered crime continued to decline and the crime
clearance rate was the highest ever recorded (56,0%). Indiscriminate and
blanket telecommunications data retention had no statistically relevant
effect on crime or crime clearance trends. These findings confirm the
position of more than 100 organisations in Europe that are opposing the EU
policy of mass retention of telecommunications data, calling it unnecessary
and disproportionate.
The statistics refute the myth spread by certain politicians and police
representatives that the Internet is "a lawless space" in the absence of
mass retention of telecommunications data of non-suspects. Even without such
a policy of blanket data retention, the German police achieved a clearance
rate of nearly three out of four Internet offences (71%) in 2010, exceeding
by far the average clearance rate for crimes committed without any use of
the Internet (55%).
Regarding other European countries, the Scientific Services of the German
Parliament have recently analysed "the practical effects of data retention
on crime clearance rates in EU Member States" and have come to the following
conclusion: "In most States crime clearance rates have not changed
significantly between 2005 and 2010. Only in Latvia did the crime clearance
rate rise significantly in 2007. However, this is related to a new Criminal
Procedure Law and is not reported to be connected to the transposition of
the EU Data Retention Directive."
"Since crime clearance trends are completely unaffected by the retention of
communications data of non-suspects, there is no justification for the EU's
"big brother" policy of collecting telecommunications data on all 500
million EU citizens", explains Florian Altherr, member of the German Working
Group on Data Retention. "Ninety-eight percent of citizens are never
suspected of any wrongdoing. The right of protection of their personal data
from unjustified suspicion, data abuse and data loss due to data retention
policies must prevail. The EU must respect its Charter of Fundamental Rights
and give up its failed experiment of total data retention immediately."
"In light of these new crime statistics, the irresponsible campaign of fear
and continued scaremongering by some politicians after the annulment of the
German data retention law finds no justification in reality", says Michael
Ebeling of the German Working Group on Data Retention. "The truth is that
with targeted investigations of suspects we live just as safely as we would
with a policy of indiscriminate retention of all communications data. The
endless exaggeration and emotionally charged descriptions of isolated cases
combined with a massive media campaign is both misleading and unethical. In
my view this is nothing less than a populist defence of the most privacy
invasive and unpopular surveillance measure ever adopted by the EU."
German police statistics prove telecommunications data retention superfluous
(6.06.2011)
http://www.vorratsdatenspeicherung.de/content/view/455/79/lang,en/
EDRi-gram: German study finds the data retention ineffective (9.02.2011)
http://www.edri.org/edrigram/number9.3/telecom-data-retention-ineffective-german-study
(Thanks to AK Vorrat - Germany)
============================================================
7. Big Brother Awards Italy 2011
============================================================
The winners of the Big Brother Awards Italy 2011 were designated on 3 June
2011, in Florence, on the occasion of the e-privacy conference 2011.
Facebook was the "star" of the awards being nominated for several categories
and won the price for the "Most Invasive Technology".
The "Lament of the People" award was not given this year, as the votes were
equally split between Telecom Italia, Facebook and the Ministry of Internal
Affairs. "Worst Public Agency" was again a tie between Facebook and Sony
Entertainment Systems which received an equal number of votes.
PEC and CEC-PAC (certified electronic mail), as normative and legal
obligation, received the award for the "Worst Public Agency" as the most
damaging for people's privacy.
The positive "Winston Smith - Privacy Hero" price was received by Stefano
Rodota for his work to the legislative proposal for the modification of
Constitution Article 21.
Big Brother Awards Italy 2011 (only in Italian)
http://bba.winstonsmith.org/
Big Brother Awards Italy: all the winners (only in Italian, 6.06.2011)
http://punto-informatico.it/3182022/PI/News/big-brother-awards-italia-tutti-vincitori.aspx
============================================================
8. ENDitorial: Hello CIRCAMP web blocking, goodbye democracy
============================================================
Late in 2010, with the issue of web blocking still being discussed in the
European Parliament, the European Commission decided, with complete
disregard for the outcome of the democratic process on this issue, to invest
a further 324 059 Euro in the COSPOL Internet Related Child Abuse Project
(CIRCAMP). The purpose of the CIRCAMP project is to lobby for internet
blocking in the European Union, both at an EU and a national level and to
support its implementation.
CIRCAMP promotes the use of blocking at a domain level (blocking a full
domain such as yahoo.com rather than, for example
yahoo.com/personalpage).The danger to innocent websites from this approach
is growing, as a result of a trend identified by the Internet Watch
Foundation of "individual offenders increasingly exploiting legitimate
hosting services to publish images.".
The inevitable blocking of innocent and entirely unrelated material as a
result of such a primitive approach is sold as a positive advantage on the
CIRCAMP website, which explains that "if a domain owner places, accidental
or willingly, child abuse material on his/her domain, and it is blocked by
the police, the blocking will not be lifted until the material is removed.
We believe that this will motivate content providers on the Internet to
actively make an effort to avoid files with child sexual abuse on their
systems/services." Despite this overt support for domain-level blocking, in
response to a parliamentary question, the Commission was mysteriously
unaware of the activities of the project it has been funding for years and
stated "the CIRCAMP project did not promote a specific level of blocking."
CIRCAMP appears either unaware or indifferent to the fact that its analysis
of its activities confuses basic concepts. Content providers (such
asbloggers) and domain name owners (such as blogger.com) are entirely
different. In a commercial environment, therefore, it is generally not the
domain owner that is putting content on his/her domain, it is the company's
customers. This leaves hosting companies with the threat of being blocked
unless they seek to achieve an impossible level of permanent surveillance of
their customers and delete anything that would risk the blocking system from
being implemented - innocent or not. Therefore, in addition to entirely
innocent material being deliberately blocked by the CIRCAMP system, it is
highly likely that completely innocent material will be deleted to avoid an
entire service from being blocked.
As the Commission and pro-blocking lobbyists have explained, most people
would hit the "blocking page" set up in such circumstances by accident.
Thereforeo there's no need to worry if you happen to find yourself on such a
page - the police, as usual, have no intention of undertaking
investigations, the activity is kept at a purely superficial level. That
said, despite the fact that the stop page is there to fight the unquantified
problem of accidental access, the CIRCAMP website explains that, in most
countries involved in CIRCAMP, ISPs hand over log files related to the
end-users that "hit" the blocking page (once directly personally
identifiable data has been removed).
In particular, the CIRCAMP website explains that "the statistics from these
logs will also provide an overview of the Internet usage related to child
sexual abusive material in addition to information about search words, type
of operating system, browser, time of day that most Internet users are
redirected to the "stop page" etc. This will provide the police with the
opportunity to have a qualified opinion about what their population look and
search for, where on the Internet they originate, what time of day is most
active and what kind of equipment they use." This volume of data means that,
in the absence of directly identifiable data, there are still numerous ways
that this data could be exploited to identify the individuals that are
assumed innocent - such as via the search provider.
It is difficult to imagine how it is possible for the European Commission to
put such an amount of money into a process described this month by the UN,
IACR, OSCE and ACHPR as an "extreme action that should only be taken in
accordance with international standards" (which is clearly not the case in
relation to CIRCAMP.
It is difficult to imagine how the Commission can give a response to a
parliamentary question on this issue which suggest that it either does not
know or does not care about the collateral damage caused by CIRCAMP's
support of domain level blocking.
It is difficult to imagine why the Commission invests so much money in
promoting and lobbying for blocking rather than investing in international
efforts to investigate and prosecute the crimes directly. This does,
however, explain why it is strongly opposing the European Parliament's
proposal of a reporting obligation for the Commission to explain what it is
doing internationally to deal with these crimes.
International Human Rights organisations statement on blocking (1.06.2011)
http://www.cidh.oas.org/relatoria/showarticle.asp?artID=848&lID=1
Internet Watch Foundation 2010 report
http://www.iwf.org.uk/assets/media/annual-reports/Internet%20Watch%20Foundation%20Annual%20Report%202010%20web.pdf
Parliamentary question: Internet blocking and child pornography (26.10.2010)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+WQ+E-2010-8802+0+DOC+XML+V0//EN
EDRi blocking booklet
http://www.edri.org/files/blocking_booklet.pdf
(Contribution by Joe McNamee - EDRi)
============================================================
9. Recommended Action. Smart meters: Let's be clever and team up
============================================================
The European Union decided that 80% of all users are to have a smart meter
in 2020. These instruments will then measure the consumption of gas and
electricity. They can be integrated in a smart grid, a network of users and
producers that ensures better tuning of supply and demand. When solar
generators produce electricity, the washing machine can best do its work.
This part sounds good? What about civil and digital rights? The issue is
related since there are also potentially some undesirable effects attached
to this new technology:
Privacy: The government, electricity producers and/or others may gain access
to detailed information about our energy use. The government may use this
information for investigations about when you were home, if you have a new
partner, if you lead a healthy life. You name it. Energy companies may
decide to target you with specific advertisements or sell the information.
In California, the energy company PG&E, smart meter producer GE and Google
work together. Also, criminals can use the information to build a profile
and ultimately use it for identity-theft, a once science fiction nightmare
that for many became a reality. Look it up if identity-theft is an abstract
word for you.
Security: This is closely linked to privacy. A leaky system will reveal
privacy data. In addition, the smart meter might give access to equipment
inside the house like the connected PC. Hacking the smart grid can also give
access to the light switch for the grid. By the way: smart meters can cut
off your energy remotely.
Electrosmog: With the authorities (WHO, Council of Europe) warning against
electromagnetic radiation, the dangers of wireless technology might finally
be taken seriously. Might. A smart meter can be equipped with wireless
technology, like GPRS, "RF-meshed" or a separate, more secure
protocol/frequency. Depending on the type of network and the information
exchange rate, the radiation can be more or less serious for the health of
humans, animals and plants. There is an alternative using wired technology.
It's called PLC or Power Line Carrier. Italy has already implemented this
system.
These are a few of the issues that surround smart meters. We're in the early
stages still. In Brussels, the representatives from all EU countries meet to
decide on the technology and the demands for smart meters, including the
rules and regulations.
The zeal to implement the smart grid is staggering. For the Netherlands the
whole issue started with a law proposal that would force every user to
accept the smart meter. This came out when Vrijbit, a Dutch privacy
organisation, and the Dutch Consumer NGO (Consumentenbond) read the small
print. Those who would refuse the smart meter could face up to 6 months
imprisonment. This brutal force was reason for the Senate to reject the law
proposal. The revised law passed early this year.
Now the Dutch pilot-implementation is planned by the start of 2012,
comprising 400 000 smart meters in 2 years. After the evaluation in the
parliament (end 2013), the final roll-out would comprise 7 million smart
meters. If it all satisfies the needs, i.e. a lot can still change.
In a recent meeting with people from the Ministry of Economic Affairs we
discussed privacy aspects of the smart meter. They made it clear that if
issues like privacy are to be taken seriously, European privacy
organisations need to team up. If pressure is applied now, if
representatives are compelled to take this issue seriously, then this
increases the chance for a better smart meter. From a manufacturing
viewpoint, special wishes will only be turned into actual product features
if there is sufficient market for these.
I am already member of Vrijbit, a Dutch privacy organisation. Other EDRi
members are also interested in smart meters as well. Are you a member of a
privacy organisation and interested in smart meters? Do you know people who
are? Let us establish a network to ensure our demands on privacy are known
in Brussels. Let's team up!
Contact me by Twitter: Mr_Communicator or eMail:
smitentertainment[ed]hotmail_com (Subject: Let's team up!)
Dutch government public message 'What is a smart meter?' (only in Dutch)
http://www.rijksoverheid.nl/onderwerpen/energie-en-kleinverbruikers/slimme-meter
Vrijbit: File on Smart Meters (only in Dutch)
https://www.vrijbit.nl/dossier/financien/dossier-slimme-meters.html
The dark side of 'smart' meters (1.11.2010)
http://www.youtube.com/watch?v=FLeCTaSG2-U
The dark side of the smart electrical grid (24.10.2010)
http://www.plusultratech.com/2010/10/dark-side-of-smart-electrical-grid.html
Article 29 Working Party Opinion 12/2011 on smart metering (4.04.2011)
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp183_en.pdf
(Contribution by Hendrick Smit, Utrecht, The Netherlands)
============================================================
10. Recommended Reading
============================================================
EDPS Annual report 2010 (15.06.2011)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/Publications/Annualreport/2010/AR2010_EN.pdf
New Brussels Lobbying Group Communia Works For A Stronger Public Domain
(13.06.2011)
http://www.ip-watch.org/weblog/2011/06/13/new-brussels-lobbying-group-communia-works-for-a-stronger-public-domain/
Michael Geist: Europe Considers Using CETA To Create "Anti-Counterfeiting
Trade Agreement Plus" (13.06.2011)
http://www.michaelgeist.ca/content/view/5853/125/
Statewatch Analysis: Rethinking the EU Security Research Programme (pdf) by
Ben Hayes (06.2011)
http://www.statewatch.org/analyses/no-133-esrp-consultation-response.pdf
Policy brief: Protection of Personal Data in Republic of Moldova (9.06.2011)
http://www.soros.md/files/publications/documents/policy-brief-eng_final%20version.pdf
============================================================
11. Agenda
============================================================
12-15 June 2011, Bled, Slovenia
24th Bled eConference, eFuture: Creating Solutions for the Individual,
Organisations and Society
http://www.bledconference.org/index.php/eConference/2011
14-16 June 2011, Washington DC, USA
CFP 2011 - Computers, Freedom & Privacy
"The Future is Now"
http://www.cfp.org/2011/wiki/index.php/Main_Page
25 June 2011, London, UK
Statewatching Europe: Civil liberties, the state and the EU
European Conference marking Statewatch's 20th anniversary
http://www.statewatch.org/conference/conference.pdf
30 June - 1 July 2011, Berlin, Germany
OKCon 2011 - annual open knowledge conference of the Open Knowledge
Foundation
http://okcon.org/2011
5-6 July 2011, Gvttingen, Germany
International Social Networking Summit
Organized by CONSENT consortium
http://consent.law.muni.cz/view.php?cisloclanku=2011050001
11-12 July 2011, Barcelona, Spain
7th International Conference on Internet, Law & Politics (IDP 2011): Net
Neutrality and other challenges for the future of the Internet
http://edcp.uoc.edu/symposia/lang/en/idp2011/?lang=en
24-30 July 2011, Meissen, Germany
European Summer School on Internet Governance 2011
http://www.euro-ssig.eu/
11 October 2011, Brussels, Belgium
ePractice Workshop: Addressing evolving needs for cross-border eGovernment
services
http://www.epractice.eu/en/events/epractice-workshop-cross-border-services
27 - 30 October 2011, Barcelona, Spain
Free Culture Forum 2011
http://fcforum.net/
============================================================
12. About
============================================================
EDRi-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRi has 28 members based or with offices in 18 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRi-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and are visible on
the EDRi website.
Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/
Newsletter editor: Bogdan Manolea <edrigram at edri.org>
Information about EDRI and its members:
http://www.edri.org/
European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring
- EDRI-gram subscription information
subscribe by e-mail
To: edri-news-request at edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
Unsubscribe by e-mail
To: edri-news-request at edri.org
Subject: unsubscribe
- EDRI-gram in Macedonian
EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edri/2.html
- EDRI-gram in German
EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/
- Newsletter archive
Back issues are available at:
http://www.edri.org/edrigram
- Help
Please ask <edrigram at edri.org> if you have any problems with subscribing or
unsubscribing.
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list