This article is also available in:
Deutsch: ACTA & die Entscheidungen zu Netlog und Scarlet/Sabam – was wir ...
There has been a great degree of noise around the recent Netlog/Sabam ruling from the European Court of Justice and what this may prove or disprove about ACTA. This article will seek to separate fact from fiction.
In both cases, Sabam had asked for an injunction requiring suspicionless and open-ended filtering of citizens' use of Internet services (web hosting for Netlog and peer-to-peer networks for Scarlet), paid for by the Internet service provider. In the Netlog case, the Belgian courts had wanted to oppose the injunction while they wanted to support the injunction in the Scarlet case.
In both cases, the rulings of the Court were based on the Charter of Fundamental Rights of the EU. Pro-ACTA lobbyists and politicians argue that the Charter can therefore be relied upon to prevent ACTA from being implemented in ways that would breach the rights of citizens. In reality, unfortunately, the Court rulings prove just how dangerous ACTA actually is.
Under Article 27 of ACTA, states party to the agreement are required by law to encourage enforcement cooperation by private companies. If either Scarlet or Netlog had implemented the measures as a "voluntary" act of cooperation with Sabam, neither of the cases would have ever been sent to the Court - or at least not for several years. Under ACTA, therefore, measures which were considered by the European Court of Justice to be in breach of privacy, freedom of communications and freedom to do business would have been arbitrarily and illegally implemented outside the rule of law.
The European Commission frequently seeks to reassure governments and citizens that ACTA only concerns large-scale infringements and ordinary citizens (however that may be defined) would have nothing to worry about. However, the European Commission itself, even before ACTA was finalised, sought to introduce as a "voluntary measure" exactly the kinds of filtering by ISPs that were proposed in ACTA. It remains a complete mystery how the Commission can have proposed illegal measures designed to target ordinary end-users and still argue that exactly the same approach in ACTA will both be legal and will not target the end-users.
Another major problem with ACTA is its effect on countries outside the EU, a point which is also well illustrated by the Scarlet/Sabam case. ACTA requires states to have injunctions in their national law to oblige third parties to prevent goods from entering into the channels of commerce. In the Scarlet/Sabam case, the court wished to impose an injunction on Scarlet (as a third party) to prevent the transfer of files which rightholders claimed were unauthorised. Because this was asked for with a legal context and because the case was referred to the Court of Justice, a ruling was possible that such an injunction would breach three separate fundamental rights.
If the same measure was proposed in a country outside of the European Union, it is reasonable to assume that the national court would come to the same conclusion as the Belgian court. However, in the absence of a comprehensive set of rules on fundamental rights and without a higher court to refer the case to, the injunction would simply be applied - breaching fundamental rights.
In summary, Scarlet/Sabam and Scarlet/Netlog prove that it is necessary to use law to implement any proposed restriction on the right to communication or privacy online. Relying on "cooperation" mechanisms is a recipe for the circumvention of democratically agreed legal protections of fundamental rights. Scarlet/Sabam proves the dangers of the use of injunctions in the digital environment and the fact that ACTA will inevitably lead to breaches of fundamental rights outside the EU, contrary to the Union's obligations to defend democracy and the rule of law in all of its international relations.
Scarlet/Sabam decision
http://curia.europa.eu/juris/liste.jsf?language=en&jur=C,T,F&n...
Netlog/Sabam decision
http://curia.europa.eu/juris/liste.jsf?language=en&jur=C,T,F&n...
European Commission's filtering proposal (only in French, 2.09.2010)
http://www.pcinpact.com/news/59102-hadopi-bruxelles-filtrage-blocage-e...
(contribution by Joe McNamee - EDRi)
This article is also available in:
Deutsch: Neue Netzsperren in immer mehr EU-Ländern
More and more cases were won in court by rightsholders against file-sharing platforms in the past weeks, but the blocking habits of the ISPs are starting to show their limits.
The UK High Court ruled on 20 February 2012 that the operators of The Pirate Bay (TPB) and its users are both guilty of infringing the copyright of rights holders in a case brought by major recording companies including Sony, EMI and Warner. Mr Justice Arnold said that the operators had the ability to prevent illegal file-sharing but did not do so. "The matters I have considered in relation to authorisation lead to the conclusion that the operators of TPB induce, incite or persuade its users to commit infringements of copyright, and that they and the users act pursuant to a common design to infringe," said the ruling. The UK's six biggest internet service providers (ISPs) will probably now be forced to block their customers' access to TPB all over UK.
The UK High Court created the precedent in 2011 when it ruled that BT provider had to block access to the Newzbin2 website after the Motion Picture Association (MPA) had claimed the site infringed the copyright of six major film studios. Since then, MPA has also obtained a court order forcing other UK ISPs, including Sky and TalkTalk, to block their customers' access to Newzbin2.
Denmark, after having banned TBP, is now ordering an ISP to block access to the US-based streaming music service Grooveshark as well in a case brought to court in 2011 by a group of more than 30 rightsholders collectively known as RettighedsAlliancen. The Danish Bailiff Court ruled that both Grooveshark and its users infringed recording label copyrights and granted an injunction forcing an ISP to initiate the service blocking.
RettighedsAlliancen argued that Grooveshark had no content agreements or licenses with the members of her group and stated that the service had been "completely uncooperative" in negotiations, and therefore it had been impossible to take down content from it.
The "randomly" targeted ISP was '3', accused of contributing to infringements, as its customers were in breach of copyright through Grooveshark.
The ISP argued that part of the content on Grooveshark was actually legal, since artists and labels legally uploaded and distributed their music via the service. Therefore an order of injunction would be disproportionate and would result in the censorship of legal content as well. But the court considered that the extent of the copyright violations overwhelmed the legal distribution.
Based on the Danish implementation of the Infosoc Directive, the court ordered an immediate injunction against '3' prohibiting the ISP to facilitate subscriber access to Grooveshark.
In Finland, in May 2011, local rightsholders groups filed a lawsuit at the District Court of Helsinki asking that local ISP Elisa should start blocking TPB. Although Elisa refused, it was eventually forced to comply by subsequent court order in October 2011.
However, one of the ISPs customers, Antti Laine, has filed a complaint with the court that demanded the blocking of that website. He considers that under the Finnish copyright law, any injunction should avoid collateral damage and that the "enforcement of the decision is based on an erroneous application of law." He also argues that part of his media was being distributed via The Pirate Bay and, now, this distribution of the content is being affected.
Overblocking can also lead to situations when organisations such as La Quadrature du Net find their websites blocked due to certain ISP filtering procedures. It has recently come out that Orange UK was filtering, on pre-paid mobile accounts, the access to the website of La Quadrature du Net, advocacy group defending citizen's fundamental rights on the Internet. The blocking apparently was done by "mistake" and was removed during the week-end 17-19 February.
This mobile blocking technology was built to prevent individuals under the age of 18 from viewing adult-related content on sites. La Quadrature du Net website blocking under such a category shows "over-blocking is being exacerbated by a lack of transparency (so that it's not clear what is blocked and to whom)" as expressed by EDRi-member Open Rights Group which believes that "More efficient measures need to be implemented in order to allow parents to implement tools to try to manage their children's Internet use whilst ensuring that adults are not subject to unnecessary censorship". The group intends to gather "more evidence of the scale of the over-blocking problem through blocked.org.uk site".
Court Orders ISP To Block Grooveshark (21.02.2011)
http://torrentfreak.com/court-orders-isp-to-block-grooveshark-120221/
The Pirate Bay Faces UK ISP Block After High Court Ruling (20.02.2012)
http://torrentfreak.com/the-pirate-bay-faces-uk-isp-block-after-high-c...
High Court rules The Pirate Bay operators and users guilty of copyright
infringement (20.02.2012)
http://www.out-law.com/en/articles/2012/february/high-court-rules-the-...
Pirate Bay ISP Block Challenged For Censoring Lawful Content (20.02.2012)
http://torrentfreak.com/pirate-bay-isp-block-challenged-for-censoring-...
Orange UK blocking La Quadrature du Net (15.02.2012)
http://www.openrightsgroup.org/blog/2012/orange-uk-blocking-la-quadrat...
This article is also available in:
Deutsch: Deutsche Geheimdienste überwachen Internetkommunikation
Based on two reports of the German Parliamentary Control Panel (PKG), in 2009 and 2010, the Federal Office for Constitutional Protection, the Federal Intelligence Service and the Military Counterintelligence Service have monitored an impressive number of e-mails and other forms of Internet communications.
Although the German Basic Law protects the privacy of postal and telecommunications, Article 10 of the law leaves an open door for surveillance, with the exception in cases of "imminent danger to the free democratic basic order."
About 7 million (in 2009) and more than 37 million (in 2010) Internet communications were verified, based on a large range of key-words such as "bomb", "missile" or "nuclear". However, in spite of these very large numbers, the action seems to have had little result, only 213 cases having led to important information.
In 16 cases, the secret services have used so-called IMSI catchers that serve as eavesdropping devices and are used for interception and tracking of cellular phones.
The Greens and the Federal Democratic Party (FDP) have asked for a strict limitation of the monitoring data, inspections and reform of the intelligence services. "Such a coarse grid as the use of words like 'bomb' is apparent ineffective and may actually expose anyone to surveillance," said Gisela Piltz, spokesperson for the FDP who stated that not only the issue was constitutionally dubious but also that the efficiency of the intelligence services was in question.
Head of the Greens parliamentary group Renate Künast believes that security must serve freedom and not the other way round and that "the security agencies must respect the proportionality principle."
The Christian Democratic Union (CDU), on the other hand, wants a fast regulation of the Telecommunication Act and welcomes the recent ruling of the Constitutional Court allowing the police to have access to phone and computer data. And it has in view the legal changes that should be brought to deal with the now limited possibilities to get hold of PIN codes and the identification of IP addresses.
Report of the PKG from 2010 (only in German)
http://dipbt.bundestag.de/dip21/btd/17/086/1708639.pdf
The search for "bomb" is to fight spam (only in German, 25.02.2012)
http://www.tagesschau.de/inland/datenueberwachung102.html
Intelligence agencies monitored more than 37 million e-mails (only in
German, 24.02.2012)
http://www.sueddeutsche.de/digital/datenschutz-geheimdienste-ueberwach...
Intelligence services monitored 37 million web link (only in German,
25.02.2012)
http://www.heise.de/newsticker/meldung/Geheimdienste-ueberwachten-37-M...
IMSI Catcher
https://en.wikipedia.org/wiki/IMSI-catcher
This article is also available in:
Deutsch: Überwachungspläne des britischen Innenministeriums
The UK Government plans to store details on all phone calls or online communications for a year in databases that will be available to security services, under the pretext of anti-terrorism fight.
Landline and mobile phone companies and broadband providers will be obliged to store the numbers or email addresses of people communicating not only by phone or email but also through social networks such as Facebook or Twitter.
The Home Office seems to have already begun negotiations with Internet companies over the plan which could be officially announced in May 2012. The news is particularly worrying from several points of view, related to the very large amount of data to be gathered, the disproportionality of the measures, the increased risk of data hacking and the use of sensitive data for various purposes including sending spam.
"This will be ripe for hacking. Every hacker, every malicious threat, every foreign government is going to want access to this. And if communications providers have a government mandate to start collecting this information they will be incredibly tempted to start monitoring this data themselves so they can compete with Google and Facebook," stated Gus Hosein of Privacy International.
Security services will be allowed to request information on people they have under surveillance, being able to trace their movements based on the information provided as mobile phone records are able to show within yards where a call was made from and emails may be tracked using a computer's IP address.
"The vast quantities of data that would be collected would arguably make it harder for the security services to find threats before a crime is committed, and involve a wholesale invasion of all our privacy online that is hugely disproportionate and wholly unnecessary," stated Nick Pickles, director of privacy and civil liberties campaign group Big Brother Watch who believes that such a plan would be the end of privacy online.
"No state in history has been able to gather the level of information proposed," said Jim Killock, executive director of the EDRi-member Open Rights Group, to The Sunday Times adding that this would add to "a systematic effort to spy on all of our digital communications."
According to the Sunday Times, the government is planning to introduce these plans, called the Communications Capabilities Development Programme, in the Queen's speech in May.
Phone and email records to be stored in new spy plan (18.02.2012)
http://www.telegraph.co.uk/technology/internet/9090617/Phone-and-email...
Government spy programme will monitor every phone call, text and email...
and details will be kept for up to a year (20.02.2012)
http://www.dailymail.co.uk/news/article-2103314/Government-spy-program...
This article is also available in:
Deutsch: Entwicklerrechte schützen!
The European Parliament is preparing to discuss the European Commission's proposal on a draft Directive on Attacks Against Information Systems. EDRi-member Electronic Frontier Foundation (EFF) has submitted its remarks urging the legislators not to create legal woes for researchers who expose security flaws.
EFF is concerned with the Commission's attempt to criminalize what it determines to be attacks on information systems. EFF believes the text is largely duplicative of the Convention on Cybercrime, which itself is riddled with problems. In its remarks, EFF opposed the wholesale criminalization of security tools and the restrictions of security researcher's free expression rights.
The main so-called "novelty" of the draft directive is the criminalization of the use, production, sale, or distribution of tools to commit attacks against information systems. EFF explains that while these tools can be used for malicious purposes, they are also crucial for research and testing, including for "defensive" security efforts to make systems stronger and to prevent and deter attacks. Thus the focus should be on the intent behind using the tool, rather than mere possession, use, production, or distribution of such tools.
EFF asked the EP to protect researchers who access a computer system without explicit permission when the perpetrator does not have a criminal intent, as a safeguard to security researchers' rights to free expression and innovation. Examining computers without the explicit permission of the owner is necessary for a vast amount of useful research, which might never be done if obtaining prior permission was a legal requirement.
Another demand was to protect security researchers' right to free expression. Their ability to freely report security flaws is crucial and highly beneficial for the global online community. Public disclosure of security information enables informed consumer choice and encourages vendors to be truthful about flaws, repair vulnerabilities, and improve upon products.
For example, in early February 2012, two German security researchers reported a vulnerability in two encryption systems that could allow eavesdropping on hundreds of thousands of satellite phone calls. Public disclosure of this kind of research allows consumers to be better informed and aware that their communications are not actually protected, which in turn lets them make thoughtful choices about the technology they use.
EFF Submission to the European Parliament on the Draft Directive on Attacks
against Computer Systems (8.02.2012)
https://www.eff.org/Directive-Attacks-against-Computer-Systems
Draft Directive on Attacks Against Information Systems
http://ec.europa.eu/home-affairs/policies/crime/1_EN_ACT_part1_v101.pd...
Satellite phone encryption cracked (3.02.2012)
http://www.telegraph.co.uk/technology/news/9058529/Satellite-phone-enc...
(Thanks to Katitza Rodriguez - EDRi member Electronic Frontier Foundation)
This article is also available in:
Deutsch: WP 29: Google verstößt gegen den Datenschutz
A few days in advance of Google's revision of its privacy policies, European data protection authorities (DPAs) find that Google's new privacy policy would infringe European data protection rules. The lead DPA, the French CNIL, points out that the policy is too vague and raised concerns about the combination of data collected via different services. It requested Google to suspend the roll-out of the new policy until CNIL has completed its analysis. Google dismissed the concerns and noted that it would implement the policy on 1 March 2012.
The letter is part of an investigation by the Article 29 Working Party into Google's new privacy policy. The Working Party raises two concerns in its preliminary analysis. Firstly, it is impossible for average users who read the new policy to discern how parts of the policy apply to the use of a particular Google service. Secondly, the Working Party has strong doubts about the lawfulness and fairness of the combination of personal data across services. The Working Party will fully address this question in the following weeks.
Letter of CNIL to Google (27.02.2012)
http://www.cnil.fr/fileadmin/documents/en/Courrier_Google_CE121115_27-...
Letter of Google to CNIL (28.02.2012)
https://docs.google.com/file/d/0Bw8Krj_Q8UaEczVuWGEwWFhTSkdZZ0MyU0NQRG...
(contribution by Ot van Daalen - EDRi-member Bits of Freedom Netherlands)
This article is also available in:
Deutsch: Portugal: Abgaben auf Privatkopien geplant
A draft law proposed by the Portuguese Socialist Party (PS) in December 2011 is intended to set broad, exponentially increasing levies on digital storage devices with the support of collective rights entities like the portugese authors guild (SPA) and a collective society for the management of private copy (AGECOP).
Taxes are introduced on all digital storage equipment, from hard and solid storage disks at 2 eurocents/GB and 2,5 eurocents/GB for every GB over 1TB, memory cards at 6 eurocents/GB, to telephones and other devices not specifically listed (like tablets or other devices yet to enter the market) at 50 eurocents/GB.
The draft law also introduces a brand new inalienable and non-revocable patrimonial right for a compensation for private copies made by citizens. This would apply also on works licensed under Create Commons and similar free culture licenses. Until now, private copy levies couldn't be leveraged for such works.
As a justification for the new private copy levies, AGECOP submitted to the Portuguese MPs a study they had ordered allegedly about private copying. But it turns out it was merely a study on what is copied by people who have as an habit to copy from media. This study was made public by an anonymous account on Twitter named TbCrioContaNova (aka IAlsoCreateANewAccount), evidently inspired by the flurry of troll accounts that have been recently created to disrupt the protest (known by the hash tag #pl118) against the draft law text.
The Portuguese Parliament created a workgroup for this draft law under the Culture Commission, which has held hearings with the participantion of several stakeholders.
The opposition is an ad-hoc group of people discussing the project in public forums rather than an organized entity behind an "obscure right wing coordinating entity with an agenda against the socialist party and authors and artists" (which is a frequent accusation from #pl118 proponents SPA and AGECOP and the socialist party itself). Many blogging authors, citizens, several associations like Creative Commons Portugal, EDRi-member ANSOL (free software association), AEL (association for free software in education), LEDMOV (a movement for freedom in the digital age), and several others belong to this opposition group.
A petition was created against the draft law which met, in under a week, the minimal requirements for the submition to the Parliament and which now counts over 8200 subscribers.
The discussion of the draft law was extended by another 30 days, so that more stakeholders may participate in the hearings. Now the draft law has the explicit opposition of three political parties. But in case the party in power (PSD) abstains from the vote, the draft law could pass only with the votes of the PS.
As a final and worrying note, PSD has in its governing program the revision of private copy levies and copyright law, the introduction of an anti piracy law and has signed ACTA.
PS draft law on copyright levies (only in Portuguese)
http://www.parlamento.pt/ActividadeParlamentar/Paginas/DetalheIniciati...
Study on private copy by AGECOP (only in Portuguese)
http://www.edri.org/files/Relatório_Estudo_Intercampus.pdf
Public Petition against the draft law (only in Portuguese)
http://tinyurl.com/pl118nao
(Contribution by Rui Miguel Silva Seabra - EDRi-member ANSOL - Portugal)
This article is also available in:
Deutsch: Reform europäischer Normen: Blankovollmacht bremst offene Formate aus
The European standardisation system is being revamped. In the European Parliament, the Consumer Committee (IMCO) under its rapporteur Lara Comi (EPP, Italy) is deliberating a proposal from the European Commission. Parliament members face tricky regulatory decisions on the standardisation of services and participation of small enterprises.
These issues overshadow a ground-breaking novelty: an official "recognition" for specifications from private sector consortia in the field of information and communication technologies (ICT). Those "recognised ICT specifications" are not "standards" (developed by standards organisations) but still could be legally referenced by tenders for public procurement.
For an "recognition", ICT specifications have to meet quite unambitious requirements laid down in an Annex. Their development has to adhere to minimum trade rules from the World Trade Organisation Technical Barriers to Trade agreement, and essential patents for a specification would be made available under "fair, reasonable and non-discriminatory" (FRAND) terms by their holders. FRAND is not legally defined but usually these licensing terms require payment of a royalty to a patent holder, and exclude Free and Open Source software implementations.
In Europe a carte blanche recognition of ICT specifications may compromise the negotiating position of public procurement agencies for better, open formats. It would weaken the more ambitious openness spirit of the European Interoperability Strategy (EIS) and various existing laws, schemes and initiatives at the national level.
How to separate the wheat from the chaff? The Foundation for a Free Information Infrastructure (FFII) advocates for the setting a "gold standard": Limiting the new privileged recognition to royalty-free open formats, without any discrimination of the development model. In the digital world this openness dominates. Open formats such as HTML are at the heart of the Internet.
European Standardisation 2011/0150(COD)
http://www.europarl.europa.eu/oeil/popups/ficheprocedure.do?id=591938
IMCO draft report of Lara Comi (EPP)
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XM...
IMCO amendments (66-276)
http://www.europarl.europa.eu/sides/getDoc.do?type=COMPARL&mode=XM...
European Commission proposal COM(2011) 315 final
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2011:0315:FI...
FFII: European Standardisation Reform lowers the bar (10.02.2012)
https://press.ffii.org/Press%20releases/European%20Standardisation%20R...
(contribution by André Rebentisch)
This article is also available in:
Deutsch: Twitter zensuriert Sarkozy-kritische Accounts
Between 16 and 18 February 2012, in a surprising and first dangerous precedent in France, the social network Twitter suspended four accounts of users who were posting parody and caricature statements related to President Nicolas Sarkozy.
Only two months from the French presidency election, and after the creation on 15 February of an official account of the current French president on this space, the obvious censorship applied by Twitter at the express request of Sarkozy's team (at least for one of the accounts on alleged impersonation), and Sarkozy's party (Union for Popular Movement) is extremely worrying. The answers provided by the company regarding the suspension reasons are unclear and in breach of the specific terms and conditions of the platform, its practices regarding parody accounts as well as the laws in force in France to protect the plurality of online expression.
A day after the creation of the Sarkozy's official account prepared for the upcoming presidential elections, Twitter censored the account @_nicolassarkozy, a parody that existed since September 2010. According to the network, the account violated the policy of twitter on the prevention of impersonation: "We have received a valid report that your account, @_NicolasSarkozy, is engaged in nonparody impersonation. Although Twitter firmly believes in the freedom of expression, impersonation that misleads, confuses, or deceives others is against the Twitter Rules."
However, according to the archives, the account fully respected the terms of its contract with the platform and the requirement that a parodic or caricature account had to include the nature of the parody in its title. It also included a statement on the account that explained that it was being operated in parody. Twitter may also realize a certain account has a parodic or caricature character based on its biography and content.
Internet Without Borders said that the other three suspended accounts had criticised or mocked Sarkozy's campaign, but did not do so against Twitter's rules. "These accounts did not include the name of Nicolas Sarkozy but criticized or mocked his campaign. For Internet Without Borders, this is an unacceptable censorship, in violation of the same general conditions of use of Twitter that grant the user a right on his content," the group said.
Besides, the case of these French accounts is singular as Twitter has not taken any such measures with parodic or caricatural accounts addressed to other French politicians.
Another issue of concern is that Twitter does not include in its procedures the possibility for an account user to defend him(her)self against the suspension decision.
Twitter Censors Accounts Unfavorable To Nicolas Sarkozy (19.02.2012) http://www.internetsansfrontieres.com/Twitter-Censors-Accounts-Unfavor...
"#sarkocensure": The archives of the censured accounts and the reaction of Nicolas Sarkozy's campaign team (only in French, 21.02.2012) http://www.internetsansfrontieres.com/sarkocensure-Les-archives-des-co...
French Presidential Election: Twitter Justifies A Liberticidal Procedure
(20.02.2012)
http://www.internetsansfrontieres.com/French-Presidential-Election-Twi...
Was @_NicolasSarkozy account a parody? (only in French, 20.02.2012)
http://kaboul.fr/politique/articles-politique/le-compte-nicolassarkozy...
Several anti-Sarkozy Twitter accounts closed down during the last days (only
in French, 20.02.2012)
http://www.numerama.com/magazine/21740-plusieurs-comptes-twitter-anti-...
This article is also available in:
Deutsch: ENDitorial: Mitgliedsstaaten stürzen Kommissarin Malmström in Sachen...
Soon after the current college of Commissioners took office in 2009, all 27 Members travelled to Luxemburg to take a solemn oath to respect the Charter of Fundamental Rights in all of their duties. One key element of the Charter is that any restriction on fundamental rights must be "necessary and genuinely" achieve objectives of general interest or the defence of rights and freedoms of others. Commissioner Malmström thereby undertook a personal legal obligation to ensure that any measures promoted or defended by her services were both necessary and effective.
One of the most controversial issues under the Commissioner's control is the Data Retention Directive. The Commissioner's services were legally obliged to issue an implementation report by September 2010. As a result, the Commissioner went personally to a Council of Ministers meeting and asked the Member States on 15 July 2010 for the "necessary" information for completion of the evaluation report. Subsequently, having not received adequate information from the Member States, she sent another letter to them on 27 July 2010 to ask again for the data.
Due to the failures of the Member States to respect their obligations under Article 10 of the Directive to provide detailed statistics to the Commission, it could not, in turn, respect its obligation to provide an evaluation report by 15 September 2010. In the end, the Commission was forced to adopt its report over half a year late and with inadequate data. However, even to a neutral observer, it was obvious from the European Commission's report that the Directive suffers from severe shortcomings and needs to be at least reformed, and most probably repealed. The report was so full or shortcomings that EDRi felt obliged to produce a "shadow report" in order to highlight its failures.
The lack of data from the Member States has driven the Commission into the worst possible position, with no hope of support from Member States to repeal the Directive, no hope of data from the Member States to prove that data retention is necessary (because no such data appear to exist) and no legally defensible possibility to maintain the Directive as it is. As a result Commissioner Malmström has been forced to send yet another letter to national Justice and Home Affairs Ministers to plead for useable data - charitably and possibly desperately suggesting that "many Member States appear to be unsure as to what specific quantitative and qualitative evidence to be provide so as best to assist the Commission's work."
The letter sent by the Commissioner on 3 February 2012 reflects many of the points raised by EDRi in its discussions with the Commission, in its letter and shadow evaluation report. In particular, the letter requests feedback from Member States that have not implemented the Directive as to whether the absence of data retention affects the effectiveness and efficiency of criminal investigations and prosecutions. Unfortunately, the letter vacillates between talking about "data retained under the Directive" and "retained data". For example, in the section of the letter on "quantitative evidence" the explanatory text talks about "data retained under the Directive" (i.e. data that would not otherwise have been stored) and the specific questions asked to the Member States asks about "retained data" (i.e. data that would have been stored by the communications provider in any event as well as data retained under the Directive).
The time has come for the Member States to either provide the data to prove their claim that the Data Retention Directive or for the Commissioner to take the only legal option available to her, to stand up to the Member States and the repeal of the Directive.
Commissioners' letters
http://www.edri.org/files/drd_letter.PDF
EDRi-gram: EDRi and 37 NGOs send letter to European Commission on data
retention (5.10.2011)
http://edri.org/edrigram/number9.19/edri-letter-on+data-retention
Commission evaluation report (18.04.2011)
http://ec.europa.eu/commission_2010-2014/malmstrom/archive/20110418_da...
EDRi shadow evaluation report (17.04.2011)
http://www.edri.org/files/shadow_drd_report_110417.pdf
(contribution by Joe McNamee - EDRi)
This article is also available in:
Deutsch: Mitmachen!
Soon, the European Parliament is going to vote on the PNR Agreement with the US. The rapporteur, MEP Sophie in't Veld (ALDE), recommended to reject the Agreement in her draft report for the civil liberties committee (LIBE).
Therefore, we need to contact our MEPs now, especially from the S&D group, and urge them to support MEP in't Velds recommendation. You can use our briefing paper (see link below) or other useful analysis such as from the Article 29 Working Group, NoPNR, Papers Please etc. Below you will also find a link to the list of MEPs in the LIBE Committee that should be contacted before the vote in the Committee which is planned for the 20 March.
Is the EU-US PNR Agreement acceptable?
http://edri.org/files/2012EDRi_US_PNRcomments.pdf
List of MEPs in the LIBE committee
https://memopol.lqdn.fr/europe/parliament/committee/LIBE/
No PNR mail campaign
http://www.nopnr.org/contact-your-mep/
This article is also available in:
Deutsch: Lesestoff
European Data Protection Supervisor (EDPS): Merging professional drivers'
driving licence with their driver card is not fully in line with data
protection principles (17.02.2012)
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/...
http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/...
This article is also available in:
Deutsch: Agenda
7 March 2012, Amsterdam, Netherlands
Big Brother Awards Netherlands 2012
https://www.bigbrotherawards.nl/
16 March 2012, Rotterdam, Netherlands
EPSIplatform Conference: Taking government data re-use to the next level!
http://epsiplatform.eventbrite.com/
29 March 2012, Reykjavík, Iceland
Reykjavík Digital Freedoms Conference
http://rdfc.is/
30 March - 1 April 2012, Berlin, Germany
Wikimedia Chapters Meeting 2012
http://meta.wikimedia.org/wiki/Wikimedia_Conference_2012
13 April 2012, Biefeld, Germany
Big Brother Awards Germany
http://www.bigbrotherawards.de/
16-18 April 2012, Cambridge, UK
Cambridge 2012: Innovation and Impact - Openly Collaborating to Enhance
Education
OER12 and the OCW Consortium's Global Conference
http://conference.ocwconsortium.org/index.php/2012/uk
26-28 April 2012, Belgrade, Serbia
SHARE 2 Conference
http://www.shareconference.net/en
2-4 May 2012, Berlin, Germany
Re:Publica 2012: ACTION!
http://re-publica.de/12/en
14-15 June 2012, Stockholm, Sweden
EuroDIG 2012
http://www.eurodig.org/
20-22 June 2012, Paris, France
2012 World Open Educational Resources Congress
http://www.unesco.org/webworld/en/oer
2-6 July 2012, Budapest, Hungary
Policies and Practices in Access to Digital Archives: Towards a New
Research and Policy Agenda
http://www.summer.ceu.hu/sites/default/files/course_files/Policies-and...
9-10 July 2012, Barcelona, Spain
8th International Conference on Internet Law & Politics: Challenges and
Opportunities of Online Entertainment
http://edcp.uoc.edu/symposia/idp2012/cfp/?lang=en
11-13 July 2012, Vigo, Spain
The 12th Privacy Enhancing Technologies Symposium
(PETS 2012)
http://petsymposium.org/2012/
12-14 September 2012, Louvain-la-Neuve, Belgium
Building Institutions for Sustainable Scientific, Cultural and genetic
Resources Commons.
http://biogov.uclouvain.be/iasc/index.php
7-10 October 2012, Amsterdam, Netherlands
2012 Amsterdam Privacy Confernece
http://www.ivir.nl/news/CallforPapersAPC2012.pdf