(Dieser Artikel ist auch in deutscher Sprache verfügbar.)
After a 6-month consultation period, an EU study initiated after Cebit trade show in March 2006 shows concerns related to the use of RFID (radio frequency ID) tags and reveals the necessity to assure the public that these tags will not lead to a large-scale surveillance system.
The RFID tags are more and more used by businesses to monitor goods and governments are presently considering the introduction of these tags in ID documents. The RFID market will probably grow spectacularly in the next years. The EU prediction is that more than 270 billion radio-frequency ID tags could be sold by 2016 in the world.
During the EU conference ‘Heading for the Future’ that took place at the end of the study consultation period, Ms Viviane Reding, EU Information Society Commissioner, made some comments on the study : "The large majority are willing to be convinced that RFID can bring benefits but they want to be reassured that it will not compromise their privacy… This is the deal that we have to strike if we want RFID to be accepted and widely taken up."
According to the Commissioner the study showed that people needed to have control on the information and decide on when and how the information is used or updated.
The study has shown the general fear that RFID tags might affect privacy. More than 55% of the individuals and organisations having participated in the study consider that laws must be changed in order to protect the privacy of the data provided by means of these tags. They also asked for technical safeguards for tags to be turned off by default.
Reding considered that some of the measures that could be taken to meet the concerns would include the use of technologies such as clear labelling of tags and more transparency on the risks and opportunities of RFID system.
“Technologists tell me that many of the privacy concerns are unfounded. Fine. If this is the case then I am sure we can win over public opinion by explaining where there are risks and where there are not,” said Reding. She also added that more than half of the respondents wanted government legal regulation over RFID industry rather than self-regulation.
During the conference technical issues were discussed such as the need to have common European technical standard for RFID systems and the lack of a common radio frequency allocation to all EU Member States. Besides technical matters, the debate covered issues such as the risks related to collecting and using personally-identifiable information (e.g., misuse of data, loss of freedom), the biological effects of radio frequency waves or the impact of the RFID tags on reusing and recycling packaging materials.
The EU intends to use the responses to the study (around 2 200) to decide how to best use RFID technology in Europe and how to solve the security and privacy issues related to it. The Commission Communication on RFID, with the final conclusions from the consultation process, will be announced towards the end of 2006 and will include legislative changes or clarifications to the present legal framework, These could be drafted in 2007 as affirmed by Commissioner Reding.
Radio tags spark privacy worries (16.10.06)
http://news.bbc.co.uk/2/hi/technology/6055416.stm
Radio Frequency Identification Devices: Frequently Asked Questions on the
Commission’s Public Consultation (16.10.2006)
http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/06/378
Q&A: Radio-frequency ID tags (16.10.2006)
http://news.bbc.co.uk/2/hi/technology/6055296.stm
Privacy concerns dog RFID use (19.10.2006)
http://www.itweek.co.uk/itweek/news/2166816/privacy-concerns-dog-rfid
EU mulls RFID privacy laws (17.10.2006)
http://www.theregister.co.uk/2006/10/17/eu_rfid_consultation/
EDRI-gram: EU public consultation on RFID (15.03.2006)
http://www.edri.org/edrigram/number4.5/rfid
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
After the decision against Google obtained on 5 September 2006, the Belgium newspaper group Copiepresse has planned new actions against MSN and Yahoo, alleging that they are infringing its copyright by showing excerpts of articles and images from newspapers on their Belgian portals without paying.
Copiepresse sent a cease & desist letter to the msn.be website, asking them not to post excerpts from the articles under their copyright. Major Belgium newspapers, such as Le Libre and Le Soir, are part of Copiepresse and they are offering articles in French and German. Copiepresse considers that the search engines are unfairly taking advantage of the content created by its members and are gaining financially from selling advertisement attracted by others people’s content.
The Belgium group has also announced that they would start similar actions against Yahoo services very soon.
The Microsoft Division in Belgium has started talks with Copiepresse in order to reach a compromise. It is not clear yet whether the Belgians are looking for an advertisement revenue-share agreement or a fixed amount to be paid for allegedly using their content, but their main focus now is to remove all their content from the search engines. Microsoft just started the negotiations with Copiepresse on this issue, but no agreement has been reached yet.
Meanwhile, in order to avoid any kind of court action against them, Microsoft announced on 20 October 2006 that it had "provisionally" agreed to comply with the Copiepresse request. The company will remove all the cached articles and links from the msn.be website, its Live search engine and their news aggregator.
This situation means that right now all the Belgium newspaper stories are excluded from the 2 main search engines, since Google announced that it has deleted that info from its Google News site worldwide and that the search engine will not provide links to the cached pages.
The Copiepresse lawyers are still asking for the 34 millions fines to be paid by Google, since it has not complied with the court decision right away.
Copiepresse continues copyright crusade(20.10.2006)
http://www.theregister.com/2006/10/20/copiepresse_targets_yahoo/
MSN is latest target of Belgian copyright complaint (13.10.2006)
http://www.infoworld.com/article/06/10/13/HNpursuemsn_1.html
Google, Microsoft Surrender To Belgians (20.10.2006)
http://www.webpronews.com/topnews/topnews/wpn-60-20061020GoogleMicroso...
EDRI-gram: Belgium says no to Google News (27.09.2006)
http://www.edri.org/edrigram/number4.18/google_be
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
On 16 October, the EU Council formally adopted a decision to sign an interim agreement with the United States on continuing the transfer of passenger name record (PNR) data by air carriers to the US Administration.
The interim agreement will replace the Agreement signed in May 2004, annulled in May 2006 by a judgment of the Court of Justice of the European Communities.
Following the process of negotiations, the USA succeeded in obtaining meaningful changes in the new agreement that meet the Department of Homeland Security (DHS) requirements and that are also based on changes that may occur in the US legislation.
This implies that any change in the US laws will be reflected in the PNR data transfer process, meaning that the US will be able to decide on how the respective data will be processed and by whom.
Therefore, based on these conditions set out in a letter from DHS, a law such as the US Presidential Executive Order issued on 25 October, establishing that DHS and other agencies have to promptly provide "terrorism information” "to the head of each other agency that has counterterrorist functions" will give the US the right to process PNR data as they see fit.
The new agreement was heavily criticized by the MEPs during the plenary session on 11 October 2006. Mr. in 't Veld (ALDE, NL) deplored the fact that the President-in-Office and the Commissioner ignored the letter signed by the Department of Homeland Security, which had given an interpretation of the agreement going in a different direction from what had been said. She asked for an explanation for the part of the letter, in accordance with which, in addition to the purpose of fighting terrorism and related crimes, data would also be collected to fight infectious disease and other risks, which meant a considerable widening of the scope. She also considered that the scope of the data sharing had been widened to include agencies which had not all been specified.
Mrs. Kaufmann (GUE/NGL, DE) also announced that the agreement was not acceptable to her political group. She considered it to be scandalous that data could be transmitted to all US agencies combating terrorism, including the CIA.
Mr Lambrinidis (PSE, EL) pointed out that the new agreement seemed more flexible on US obligations than even the agreement that a private company, SWIFT, had been able to negotiate with the US authorities for the unacceptable transfer of banking data.
Commissioner Frattini tried to answer all the critics by considering it as a situation of absolute urgency. If its ratification by all the national parliaments had been necessary for its entry into force, it would not have been possible to avoid chaos.
The agreement is to be renegotiated next year and the US administration intends to extend the period for keeping PNR data to 3 years and a half and to add more items to the 34 presently agreed on.
“What is particularly outrageous is that if the law changes in the USA the way the agreement is implemented changes too without any renegotiation - which is very worrying given the nature of new laws which remove the rights of suspects including habeaus corpus" says Statewatch editor Tony Bunyan.
Report on debate in the European Parliament (16.10.2006)
http://www.statewatch.org/news/2006/oct/eu-usa-pnr-debate.pdf
EU-USA PNR agreement renegotiated to meet US demands (06.10.2006)
http://www.statewatch.org/news/2006/oct/05eu-us-pnr-oct-06.htm
EU-USA PNR agreement (11.10.2006)
http://www.statewatch.org/news/2006/oct/eu-usa-pnr-coun-new-decision.p...
Council adopts decision of Agreement with the United States on the continued
use of PNR data (16.10.06)
http://www.consilium.europa.eu/ueDocs/cms_Data/docs/pressData/en/er/91...
EDRI-gram : New EU-US interim deal on Passenger Name Record (11.10.2006)
http://www.edri.org/edrigram/number4.19/pnr
Observatory on the exchange of data on passengers (PNR) with USA
http://www.statewatch.org/pnrobservatory.htm
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
The 2006 German Big Brother awards ceremony took place last week in Bielefeld and it was preceded by the demonstration "Freedom instead of Fear" (Freiheit statt Angst) against Security and Surveillance Delusion, where about 300 people protested against the growth of pervasive surveillance in Germany.
For the first time at the German Big Brother Awards, the audience was asked to decide which of the winners should receive the audience award. After the count of the votes, with thirty-two percent of the polls, the prize went to the winner in the Consumer Protection category, the Association of German Insurers, for its “warnings and indications” database, which insurance companies use to exchange substantial amounts of data about millions of citizens - with undisclosed criteria, without sufficient legal foundation, and unknown to the people affected.
In the Politic section the jury decided to award two prizes. The first prize went to the members of the Fourth Parliament of the State of Mecklenburg-Western Pomerania for legislation that allows eavesdropping and sound recording in public spaces, even when no crime has happened yet. The Interior Ministers Conference received the second award for its resolution of 4 September 2006 to establish a joint anti-terror database, which is to be supplied to and used by all German police forces and all 19 intelligence services at the national and federal state level.
The obvious winner in the Economy section was SWIFT (Society for Worldwide Interbank Financial Telecommunication) for sharing bank transfer data with US authorities. The price was given to the German members of the SWIFT supervisory board, Roland Böff (Senior Vice President, Bayerische Hypo- und Vereinsbank) and Wolfgang Gaertner (CIO, Deutsche Bank AG).
Philips company received the “Technology” Big Brother Award 2006 for the specification that CD burners write their unique serial number on the CD and thus facilitate tracking of the storage medium to the burner. With this serial number the entertainment industry hopes to trace “bootlegged” copies of music and other copyrighted CDs, i.e. unlicensed duplications of storage media, in order to be able to prosecute the bootleggers. In fact, the burnt-in code leaves a data trace that might give all CD creators a difficult time of explaining themselves. The user of a burner is not warned of this and burner producers are not forthcoming in declaring which devices write such a code on the media.
The Federal Conference of Ministers for Education was the performer in the Authorities & Administration section for plans to introduce life-long student IDs, and a central education database, without binding the individual educational data to a defined purpose, nor guarding them against misuse and unauthorized access.
Big Brother Awards Germany 2006
http://www.bigbrotherawards.de/2006/
Demonstration “Freedom instead of Fear” (20.10.2006)
http://wiki.vorratsdatenspeicherung.de/?title=Demoplanung#Berichte_und...
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
On 16-19 October 2006 UNESCO conducted the first multi-stakeholder consultations on the implementation of the World Summit on the Information Society (WSIS) Action Lines C3 (access to information), C7 (e-learning), C9 (media) and C10 (ethics) at UNESCO Headquarters in Paris, France.
UNESCO is one of the lead facilitating agencies for the implementation of the WSIS Action Lines. In accordance with the Tunis Agenda for the Information Society and the consultation of possible Action Line Moderators/Facilitators of 24 February 2006 in Geneva, UNESCO has for the last months served as an interim focal point for several Action Lines. At the Paris consultations UNESCO was approved as the formal facilitator for action line C3, C7, C9 and C10. At the same time, it was stressed that additional facilitators might step in at a later stage. The following report does not include the consultations regarding media, since no one from EDRI were able to participate on the 19th.
The meetings had approximately 60-70 participants, with the majority from civil society and the private sector, and relatively little representation from governments. The meetings were all structured around two main agenda items. Firstly to discuss the clustering of substantive issues contained in the Action Line, and secondly to discuss the terms of reference (TOR) of the multi-stakeholder team (MST). The TOR was similar across the action lines, and the proposal from UNESCO was widely approved with some minor modifications to ensure that the process would remain open to additional facilitators, e.g. from civil society. It was stressed that the Association of Progressive Communications (APC) is proposed as co-facilitator of Action line C2 (information and communication infrastructure) together with the International Telecommunication Union (ITU), and that this is seen as a good model. Also, it should be noted that the MST is an open ended platform which is open for everyone.
Regarding the action line on Access to Information and Knowledge (C3), UNESCO proposed to structure the action line around the issues of: Enabling environment for access to public information, Community access, Libraries and archives, Software models, Research and Development, Open Access, and E-Government. Several civil society interventions argued that the development of the public domain should be emphasized more clearly, and that access to public information had to represent one specific area within a broader “public domain” cluster. The industry representatives stressed that one important aim of the action line was to create a space for outreach, sharing and networking amongst the many initiatives at local level.
The Action Line on The Ethical Dimensions of the Information Society (C10) was proposed by UNESCO to be structured around the following issues: Promote respect for fundamental values and principles, Increase awareness of information ethics, and Contribute to formulation of strategies and policies promoting a) the protection of privacy, personal data etc. and b) preventive measures against illegal use of ICTs. Many interventions argued that this action line was rather different from the others (more vague and cross-cutting), and as a result it was decided to skip the proposed clustering. Instead there will initially be a mapping of existing initiatives related to ethics in the information society, e.g. within the realm of Council of Europe, and on this background further discussion on how to promote the action line, including a possible “clearinghouse” for initiatives related to C10.
For the action line on E-learning (C7) UNESCO proposed the following issue clustering: Enhancing capacities for e-learning in education, Communication and learning infrastructure, E-learning policies and strategies, Digital Educational Content, Quality assurance, assessment, evaluation and accreditation, Private-Public Partnerships, Research and Development in e-learning. In addition, it was stressed that C7 had a close link to Action line C4 on capacity building, as this had a special merit in relation to e-learning and education. A number of interventions argued that the cluster of Private-Public partnership should be titled multistakeholder partnerships, as both funds and human resources were vital in relation to e-learning and not only related to state-donor-private company partnerships. Moreover the issue of financing was suggested as an overarching issue that would possibly include discussion of both specific ICT education funding and mainstreaming of ICT in national development strategies (in this case the educational strategies), and the possible inclusion in the World Bank Poverty Reduction Strategy Papers.
Meeting documents are available at:
http://portal.unesco.org/ci/en/ev.php-URL_ID=1543&URL_DO=DO_TOPIC&...
Survey on the use of an online collaboration platform for the WSIS Action
Line facilitation
http://www.unesco.org/webworld/survey/advanced/fillsurvey.php?sid=12
(Contribution by Rikke Frank Jørgensen, EDRI-member Digital Rights - Denmark)
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
During Infolaw legal forum on 17 October, Margot Artner, a Viennese lawyer, expressed concerns regarding the existence of about 100 000 illegal monitoring systems with recording functions in Austria. The estimation was based on information obtained from vendors of monitoring software and installing technicians.
Artner has waited for seven months in order to obtain from the data protection commission the first permit for the operation of the video monitoring system. The conditions required by the commission include the deletion of records after 48h and the limitation of the access to the recordings to only qualified staff that would have to work in pairs.
The only previous permit had been given to Wiener Linien (Vienna's public transport system) just for a two-year test period and extended afterwards to another two years. The commission had given the permit in order to check whether such a system may help in preventing vandalism acts. The permit allows the company to record passengers and personnel and keep the recordings for 48 hours.
The company has been criticised as the investment for the system was about 3.7 million euros while the return might be only in the range of about 200000 euros/year by reducing vandalism.
Although such systems presently operate legally in police stations, banks, traffic monitoring, military facilities and in some individual companies that have alarm-based activated cameras, most of the systems with recording functions are operating illegally. A permit for all these systems is necessary from the data protection commission and they have to be input into the data processing registers irrespective of the number of cameras included in the system.
The operation without permit is penalised with 9 445 euros besides other additional costs related to re-apply for the permit and obtain the cease and desist orders. A permit is necessary even if cameras are installed only to identify robbers and the labour laws provisions must be observed in the working areas.
Legal experts say that Austria may have 100,000 illegal video monitors
(20.10.2006)
http://www.heise.de/english/newsticker/news/79786
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
We know that for over two decades, the global patent industry has been trying - discretely, and sometimes less discretely - to get software patents legalised. When Brian Kahin wrote about the US software patent issue in 1990, the US had already allowed software patents for almost a decade.
Today, in Europe, we still have the uncertain status where the EPO grants software patents and national high courts mostly reject them. The Commission has been promoting a new scheme, called EPLA, which is driven by the hunger of the global patent industry and its frustration with Europe's failure to follow the American lead.
A key to understanding EPLA is to see that the global patent industry
is a lucrative set of businesses that makes money from researching,
writing, granting, licensing, and litigating patents. The patent
industry in Europe consists of:
- The national patent offices.
- The European Patent Office. (EPO)
- Independent patent experts and attorneys.
- Patent lawyers who manage intellectual property issues for major corporations.
- Patent-holding specialist firms (also called 'patent trolls').
It's a global industry because most of the investment in purchasing and litigating patents is from overseas. EPO patents are not rewarding European investors as much as they are giving foreign interests control over European industries.
The patent industry already has a near-monopoly over the patent system. The same people govern the EPO, help define the EU Council's and Commission's patent policies, work as experts in business and private practice, sit as MEPs, and lobby for laws that favour the patent industry.
The only real regulation on the patent industry today is the system of national high courts that strike down EPO patents when they are considered invalid. EPLA proposes to remove that layer of regulation and create a self-regulating monopoly. The justification for EPLA is that a single court is cheaper and more predictable than the current diversity of national courts. (This justification is false - the EPO has itself said EPLA would be more costly for most SMEs.)
In my blog entry "The EPLA Shuffle", I describe the way the Commission has acted as the mouthpiece and patron of the patent industry. I describe the pro-EPLA propaganda, so you can recognise and counter it when you see it. I explain how the Commission is conducting a huge astroturf campaign to push for EPLA. And I say that the Foundation for a Free Information Infrastructure (FFII) is taking steps on designing a new patent system.
Let me describe the FFII vision. We believe that change in the patent system is needed. The patent industry is already a dangerous monopoly, and it cannot remain loosely regulated. We want to see a proper EU patent system that sits under our courts and is governed by our European Parliament.
The initiative is called the "European Patent Conference". We are launching it with two conferences. One will be on 25 November, in Munich. The second will be in mid-January in Brussels. We plan to include not just the software industry but telecoms, pharma, and other sectors. During 2007 we'll continue to organise events, build up a base of ideas and papers, and aim to bring a solid proposal to the table.
The European Patent Conference is not just an event, it's a work in progress that will, if we succeed, turn the software patent debate on its head. The core question is not whether software should be patentable. As Kahin said: "never before has an industry in which copyright was widely established suddenly been subjected to patenting". The core question is whether an unregulated global patent industry can be allowed to take over the European patent system.
Do we control our future patent system, or does it control us? That's the question, and we - you and me - are the answer. If you want to help, you can become a member of the FFII, you can donate, or you can work with us on the European Patent Conference.
Brian Kahin - The Software Patent Crisis (1990)
http://deoxy.org/swpc.htm
The EPLA Shuffle (22.10.2006)
http://heironymouscoward.blogspot.com/2006/10/epla-shuffle.html
EDRI-gram: The European Parliament ready to vote on EPLA (11.10.2006)
http://www.edri.org/edrigram/number4.19/epla
(Contribution by Pieter Hintjens - President FFII e.V.)
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
Review of the Regulatory Framework for electronic communication networks and
services (open until 27.10.2006)
http://europa.eu.int/information_society/activities/consultations/inde...
EU Evaluation Impact Assessment System Questionnaire (open until 30.11.2006)
http://ec.europa.eu/yourvoice/ipm/forms/dispatch?form=eias&lang=en
DG Competition Open Consultations
http://ec.europa.eu/comm/competition/general_info/consultation.html
Bloggers privacy expectations and attitudes
Online survey done by Karen McCullagh - PhD researcher at CCSR, University
of Manchester. The survey will be open until the end of November.
http://www.ccsr.ac.uk/privacysurvey/
(Dieser Artikel ist auch in deutscher Sprache verfügbar)
27-28 October 2006, Sofia, Bulgaria
Cyber Terrorism as a new security threat
http://www.crime-research.org/cyberterrorism07
29 October 2006, Athens, Greece
First annual conference - Global Internet Governance Academic Network
(GigaNet)
http://www.internetgovernance.org/pdf/GigaNet.Athens.CFP.8.Sept.2006__...
30 October - 2 November 2006, Athens, Greece
Internet Governance Forum
http://www.intgovforum.org/
30 October 2006, Prague, Czech Republic
Czech Big Brother Awards
http://www.bigbrotherawards.cz
31 October 2006 - deadline for nominations
Stupid Security Awards - Privacy International The awards aim to highlight
the absurdities of the security industry. The competition is open to anyone
from any country.
http://www.privacyinternational.org/stupidsecurity
31 October - 1 November 2006, Erevan, Armenia
Open Source Policy Conference
Role of open source software in development of information society.
http://gipi.am/?i=254
1 November 2006, London, United Kingdom
The database state?
This workshop will feature expert speakers on two major UK databases: the
Children's Information Sharing Index and the NHS Care Records Service.
http://dooooooom.blogspot.com/2006/10/database-state.html
2-3 November 2006, London, United Kingdom
28th International Data Protection and Privacy Commissioners'
Conference
http://www.privacyconference2006.co.uk/
13 November 2006, London, United Kingdom
Blocking Denial of Service Attacks
A conference to discuss technical, legal, regulatory and contractual
measures that would have a real effect in reducing Denial of Service
attacks on-line.
http://www.communicationsresearch.net/events/article/default.aspx?obji...
15-16 November 2006, Skopje, Macedonia
International Conference "e-Society.Mk"
http://www.e-society.org.mk/
16 November 2006, Basel, Switzerland
Big Brother Awards Switzerland
http://www.bigbrotherawards.ch/2006/
30 November - 1 December 2006, Berlin, Germany
The New Surveillance - A critical analysis of research and methods in
Surveillance Studies. A two day international Conference hosted at the
Centre for Technology and Society of the Technical University Berlin.
http://www.ztg.tu-berlin.de/surveillance
2 December 2006, London, United Kingdom
Reclaiming Our Rights
http://www.londonmet.ac.uk/reclaimingourrights
14 December 2006, Madrid, Spain
Conference on the Admissibility of Electronic Evidence in Court in Europe.
The final event of the project Admissibility of the Electronic Evidence in
Court in Europe (A.E.E.C.) funded by the European Commission and led by the
Spanish company Cybex.
http://www.cybex.es/AGIS2005/