This article is also available in:
Deutsch: EDRi: Schreiben zu Netzsperren & der EU-Charta der Grundrechte
EDRi sent on 2 November 2012 a letter to Commissioner Malmström on a legal contradiction in relation to website blocking that needs to be resolved in order to bring Member States into line with the Charter of Fundamental Rights of the European Union:
Dear Commissioner Malmström,
As you know, Member States may decide to "block" access to illegal child abuse websites according to the Directive on combating the sexual abuse and sexual exploitation of children and child pornography.
While we obviously support the fight against these crimes, the European Union's legal system is clear that criminal activity must be addressed in a framework that respects the rule of law and fundamental rights. This principle is reflected clearly in Article 52 of the Charter of Fundamental Rights of the European Union, which states in this regard:
"1. Any limitation on the exercise of the rights and freedoms recognised by this Charter must be provided for by law and respect the essence of those rights and freedoms. (...)"
This principle is also clear in the European Convention on Human Rights, to which the Union is currently negotiating accession. Article 10(2), for example, requires restrictions to be "prescribed by law".
During the drafting of the Directive, the Commission evaluated the impact of different policy options and came to the following conclusion:
"(...) encouragement of self regulation by ISPs to block access to Internet pages containing child pornography would involve interference in the right to freedom of expression in Article 10 ECHR (Article 11 of the EU Charter). In accordance with the ECHR, again, as interpreted by the European Court of Human Rights in Strasbourg, to respect fundamental rights such interference needs to be prescribed by law and be necessary in a democratic society for important interests, such as the prevention of crime."
In that analysis, your services clearly and correctly acknowledge that such blocking would interfere with a fundamental right and would therefore require a basis in law. We agree completely with this assessment. However, this understanding was lost during the legislative procedure, leading to the adoption of recital 47 of the Directive, which contains the following comment about such blocking mechanisms:
"In that context, this Directive is without prejudice to voluntary action taken by the Internet industry to prevent the misuse of its services or to any support for such action by Member States."
The adoption of the new Directive clearly places the issue of blocking of such material within the scope of implementation of the Charter while, although not legally binding, the Commission's impact assessment of the same Directive makes it clear that both recital 47 and the related activities of individual Member States (Denmark, Sweden and the UK, for example) are contrary to the Charter.
We would therefore request that the Commission take action to bring current activities (such as "voluntary" blocking in Sweden, Denmark and elsewhere) in Europe into line with the Charter. Our government structure is based on the premise that transparent democratic decision-making leads to the most efficient, effective and proportionate measures to deal with serious crime – child protection is too important to be left to ad hoc, intransparent and unpredictable arrangements for which no evidence of usefulness has ever been produced.
We remain at your disposal to work constructively with you on this and other issues of mutual concern.
EDRi letter in a PDF format (2.11.2012)
http://edri.org/files/blocking_20121102.pdf
This article is also available in:
Deutsch: Zunehmende Überwachung des Internets in Russland
Several normative acts that have entered into force or are being prepared in Russia bring forth an increased state surveillance over the Internet and a blacklist of blocked websites and internet addresses.
In spite of strong criticism, the Russian Duma (the lower chamber of the Parliament) seems determined to apply state and legislative actions that would limit freedom of speech and the dissemination of information on the Internet.
Thus, the final section of the Russian “Law on the Protection of Children from Information Detrimental to Their Health and Development” entered into force on 1 November 2012. The entire system that has become active, declaratively to prevent on-line child pornography, is a system able to monitor the Internet activities of millions of citizens and ready to ban contents considered undesirable by the Russian government.
Complex internet-monitoring technologies will implement the “Single Register” which will include requests of censorship coming from the Agency for the Supervision of Information Technology, Communications and Mass Media (The Roskomnadzor) which carries out orders of three government agencies: the Interior Ministry, the Federal Antidrug Agency and the Federal Service for the Supervision of Consumer Rights and Public Welfare, and has the power to impose to the ISP to block the indicted contents within 24 hours.
The Roskomnadzor system is apparently using DPI (deep packet inspection) capable to analyse every single packet of the traffic, filtering certain services or contents. “No Western democracy has yet implemented a dragnet black-box DPI surveillance system due to the crushing effect it would have on free speech and privacy” said Eric King, head of research at Privacy International who added: “DPI allows the state to peer into everyone’s internet traffic and read, copy or even modify e-mails and webpages...”
Also, according to the bill proposed to amend the information law filed on 21 September 2012, Internet users who will continue to use anonymizer and filter- bypass tools (such as proxies or VPN) would face heavy fines and even blocking of their Internet access.
Moreover, there is also an attempt of extending the interpretation of the terms such as” “high treason” or “transmission of a state secret”. In a new version of the Penal Code, the terms are meant to cover not only a foreign organization or government, but also an “international organization or its representatives.” The terms are also extended to include all “financial aid, technical assistance, consultative or other assistance” provided for “activities directed against the security of the Russian Federation.”
“Taken as a whole, the latest legislative initiatives in the Duma give all the appearance of a concerted attack on freedom to disseminate information. In each of these bills, imprecise language and vague definitions are far too open to interpretation. We call on members of parliament to revise their proposals in light of the fundamental right to freedom of information, which the Russian constitution – and international conventions ratified by Russia - guarantee to all citizens,” said Reporters Without Borders.
Another proposal is that of establishing criminality liability both for receiving and transmitting “information constituting a state secret” and people who have obtained secret information not only in the course of their work but also “in the course of schooling or in other capacities cited by law,” are also facing the risk of prosecution and conviction.
And to make the picture complete, a new bill proposed by the Duma meant to “protect the sentiments of religious believers” calls for sentences of up to three years in prison and fines that can be increased by 100 per cent for “public offences against or denigration of religious dignitaries...or offences against citizens’ religious convictions and sentiments.” The bill is entirely unnecessary having in view religious affiliation is already protected by the present Penal Code and blasphemy and the desecration of holy sites are already prohibited as forms of “hooliganism” and “incitement of hate.”
The latest actions show a clear and worrying tendency of an increased control and censorship of the online environment by the Russian authorities.
Internet access barred as wave of new legislation threatens freedom of
information (1.11.2012)
http://en.rsf.org/russia-internet-access-barred-as-wave-of-01-11-2012,...
The entry into force of blacklist of Internet sites, new cascade of
liberty free law drafts (French version, 1.11.2012)
http://fr.rsf.org/russie-entree-en-vigueur-d-une-liste-01-11-2012,4362...
Russia enacts restrictive new cyber-law (1.11.2012)
http://www.aljazeera.com/video/europe/2012/11/2012111193550182880.html
Russia deploys a massive surveillance network system (4.11.2012)
http://www.infosecisland.com/blogview/22638-Russia-deploys-a-massive-s...
This article is also available in:
Deutsch: Fehlgeschlagene Selbstregulierung bei der Polizei: Irische Datenschutz...
Apparently illegal abuses of the Irish police (“An Garda Síochána”) database show no sign of being brought to an end, despite repeated announcements on the issue by the Irish Data Protection Commissioner (DPC).
Problems with the possible abuse of the database were identified over five years ago, leading to a self-regulatory “code of practice” being drawn up by the DPC and the Irish police force in 2007. In the foreword of the Code, the DPC said that the Code was “designed to give operational meaning to the principles of data protection set out in European and National law,” adding that he was confident that the “Code will make a significant contribution to improving knowledge and understanding of data protection within An Garda Síochána.” The Code covered the oddly named PULSE (Police Using Leading Systems Efficiently) database.
Unfortunately, self-regulation was less successful than the Commissioner appears to have expected. In November 2010, the annual report of the judge tasked with overseeing the Irish data retention system described a case where a police sergeant, working in the Garda intelligence division, had abused her position by accessing the phone records of her former boyfriend. Despite this, the police officer in question kept her job and rank and was moved to a position in the Irish special branch – where she continues to have access to sensitive data .
The apparent abuses continued, leading to the Commissioner, in his annual report for 2011, stating that despite repeated engagements from the police on this issue, the monitoring of access to the database “falls short of the standards that we expect”. As a result, in March 2012, the Commissioner announced plans for an audit of the use of the PULSE system.
The discovery of cases of apparently illegal use of the database by the police force in 2010 did not lead to any obvious improvements. In August 2011 press reports indicated that the PULSE database was being abused by members of the police force in order to do illegal background searches for reasons as diverse as checking the history of men that their daughters were dating to the accident history of cars that they were thinking of buying. As a result of these revelations, the Data Protection Commissioner rapidly announced... again... that he was going to launch an audit of police use of the database.
Subsequently, in October 2012, the Irish DPC acted quickly in response to an abuse of the Irish tax database – by announcing a plan to undertake an audit of... the (unrelated) PULSE database.
All of which goes to show, if you have nothing to hide, you've nothing to fear, because you're probably dead.
October 2012 announcement: “Tax official used data on woman to
proposition her” (24.10.2012)
http://www.independent.ie/national-news/courts/tax-official-used-data-...
August 2011 announcement: “Gardaí use database to check up on daughters’
boyfriends” (8.08.2011)
http://www.thejournal.ie/gardai-use-database-to-check-up-on-daughters-...
March 2011 announcement: Twenty-second annual report of the Data
Protection Commissioner 2010
http://www.dataprotection.ie/documents/annualreports/2010AR.pdf
2007 Code of Practice
http://www.garda.ie/Controller.aspx?Page=136&Lang=1
(Contribution by Joe McNamee - EDRi)
This article is also available in:
Deutsch: „The Pirate Bay“ bleibt in Finnland weiterhin gesperrt
The Pirate Bay (TPB) remains blocked in Finland as the Finnish Supreme Court has rejected ISP Elisa’s request to hear its appeal in the case filed by the Copyright Information and Anti-Piracy Center (CIAPC) in May 2011.
In the respective case, in October 2011, the Helsinki District Court ordered Elisa to block the domain names and IP-addresses of TPB, thus forcing the ISP to censor the torrent site, under the threat of 100 000 Euro/day fines for non-compliance. Elisa ISP complained, describing the censorship strategy as “flawed”, and appealed the decision. In June 2012, the Court of Appeal rejected the ISP’s application upholding the ruling from October 2011 after which Elisa announced that they would take the case to the Supreme Court. But now, the case is closed with the decision of the Supreme Court of not hearing the case.
Elisa has expressed its disappointment believing that the case was difficult from the juridical standpoint and “legislative measures are required to clarify the situation, where the officials solve the issue of how to reconcile copyright law and users’ right to communication,” as Elisa Business Director Henri Korpi stated who added: “More importantly, however, is that all the players should focus on measures that can truly and effectively reduce piracy. This requires content to be distributed on the web at a reasonable price and at the same time as other distribution channels.”
TPB is currently being blocked in several European countries such as Italy, UK, the Netherlands and Finland. Internet rights groups are worried by the increase in the number of countries banning The Pirate Bay and other torrent sites.
The success of such blocking measures is far from being proven as many ISPs claim that Internet users continue to access banned websites on alternative services or different routes.
Supreme Court Denies ISP Permission To Appeal Pirate Bay Blockade
(29.10.2012)
http://torrentfreak.com/supreme-court-denies-isp-permission-to-appeal-...
Pirate Bay appeal is rejected by Finnish supreme court (30.10.2012)
http://www.bbc.co.uk/news/technology-20137033
EDRi-gram: Finnish ISP started blocking The Pirate Bay (18.01.2012)
http://www.edri.org/edrigram/number10.1/finnish-isp-blocks-piratebay
This article is also available in:
Deutsch: Irland: Ausländische Wettseiten könnten gesperrt werden
The Irish government plans to block foreign betting websites. The Betting (Amendment) Bill 2012 would allow the District Court to make orders as follows:
“in the case of a remote bookmaker or remote bookmaking intermediary, an
order that telecommunications service providers and internet service
providers in the State shall not permit access to:
(i) the internet address of any internet domain that the
remote bookmaker or remote betting intermediary concerned uses for the
purposes of conducting his business,
(ii) a particular facility in such a domain, or
(iii) any other order that that court considers appropriate
for the purpose of ensuring that any such domain, or any remote
bookmaking operation conducted by the remote bookmaker or remote betting
intermediary concerned is not accessible to persons in the State.”
As TJ McIntyre from EDRi member Digital Rights Ireland comments, “the reference to internet "service" providers rather than internet "access" providers appears to be wide enough to cover any service provider which could be used to access a site - which would appear to include providers of VPNs, search engines, DNS providers and others. This wide power is then further supplemented by a power to make "any other order" that (the) court considers "appropriate" to ensure that the domain etc. "is not accessible". This seems to be drafted with a view to ordering that sites should be delisted from search engines but could, potentially, be used against any internet intermediary and could be used to, for example, block access to proxy sites and other tools which might be used to circumvent the blocking.”
The Irish government plans come as a surprise as there are no other previous governmental documents recommending this action. Quite the contrary; the 2008 report Regulating Gaming in Ireland contains a warning against site blocking: “The Committee is of the view that censorship of the Internet in an effort to achieve such ends is frequently self-defeating, is unlikely to achieve the intended results, leads to the diversion of scarce law enforcement resources and frequently has unintended and undesirable consequences.” The same conclusions are restated in the 2010 report “Options for Regulating Gambling” which contains no recommendation of blocking systems.
According to the recent European Commission Staff Working Paper on Online Gambling, blocking access to websites is useless as it and can be easily circumvented. And also dangerous as, “depending on the technology used, website blocking can impact on legitimate businesses. The efficiency of the blocking method furthermore depends on the validity of the list of blocked websites. Keeping the list up-to-date requires significant resources while internet addresses can be changed instantly. Lastly, ISPs are faced with the implementation of the provisions for blocking access to websites, not only implying costs and tying-up of resources but also creating potential liability issues.”
Besides the futility of the action, forcing ISPs to block a type of websites will only create a precedent which may lead to the extension of this purpose to other types of websites.
Internet betting: Irish government seeks to introduce blocking on no
evidence and against EU findings (25.10.2012)
http://www.tjmcintyre.com/2012/10/irish-government-block-internet-gamb...
This article is also available in:
Deutsch: Datenschutz als globale Herausforderung
With more than 100 on-site participants and almost 4000 remote attendees through the live webcast, the 2012 Public Voice Conference was, this year again, a full success. The 2012 edition was held on 22 October 2012 in Punta del Este, Uruguay, in conjunction with the 34th International Conference of Data Protection and Privacy Commissioners.
Civil society groups, privacy advocates, data protection and privacy
officials, technology experts and other professionals from different
countries and regions gathered to discuss “Privacy Rights as a Global
Challenge”, including current hot topics such as:
- international approaches to consumer privacy rights enforcement;
- preserving civic participation in public affairs through open
government and citizen engagement;
- cross cultural views on privacy, freedom of expression
and human rights on data collection, retention and use, where EDRi
observer Gus Hosein and EDRi member Meryem Marzouki took part.
Specific panels were also dedicated to identifying the next challenges
for digital privacy protection, taking the global temperature on
consumer and privacy protection and examining the relative merits and
flaws of legislations versus self regulations.
As usual, The Public Voice Conference Program Committee took care of highlighting the regional situation taking into account the venue’s country, while assessing at the same time global developments. A specific panel, moderated by EDRi observer Cedric Laurant, on “Adoption and Implementation of Latin America's Consumer and Privacy Protection Laws” was dedicated to the former issue. The latter took the form of a panel, moderated by EDRi member Meryem Marzouki, which assessed the 2009 Madrid Civil Society Privacy Declaration on “Global Privacy Standards for a Global World” with regards to recent developments worldwide, namely the mechanisms currently under consideration by the European Union (with the new data protection framework proposal), the Asian Pacific Economic Cooperation (with the implementation of the APEC Privacy Framework), the Council of Europe (modernization of the CoE Convention 108), the Organization for Economic Cooperation and Development (revision of the OECD Privacy Guidelines), and the United States as well (with the US White House plan for a Consumer privacy Bill of Rights).
The Public Voice Conference is a main project of The Public Voice Coalition, an international coalition of NGOs and civil society groups established by the Electronic Privacy and Information Center (EPIC) since 1996 to promote public participation in decisions concerning the future of the Internet. Numerous EDRi members and observers are part of this global coalition, of which EDRi itself is an active member.
Other EDRi members and observers also took part in the following event: the 34th International Conference of Data Protection and Privacy Commissioner.
Javier Ruiz Diaz from EDRi member Open Rights Group (UK) participated in the Open Data & Privacy panel, where he highlighted some of the problematic issues ORG has learned from UK experience on open data, criticising the widespread belief that anonymisation is the easy solution for open data and privacy. He also highlighted that anonymisation needs open peer review and responsible disclosure.
Bogdan Manolea from EDRi member ApTI (Romania) represented EDRi at the "Privacy and Piracy" panel where he focused on the challenges to privacy of Intellectual Property Enforcement measures and reminded that ACTA will not be the last attempt to privatise online enforcement in Europe. He also took the opportunity to highlight EDRi's work on the guide to the EU Date Protection Regulation available at Protectmydata.eu.
EDRi Observer Gus Hosein, took part in the panel focused on the privacy implications of biometric data. He underlined that these days the biometric technology is being used extensively in the developing world by governments and relief agencies, including in refugee camps and for voter registration purposes.
Next year, The Public Voice Conference will come to Europe, in conjunction with the 35th International Data Protection and Privacy Commissioners conference, to be held on 24-27 September 2013 in Warsaw, Poland.
2012 Public Voice Conference (with webcast of the meeting) (22.10.2012)
http://thepublicvoice.org/events/uruguay12/
The 2012 Public Voice Conference “Storifyed”
http://storify.com/meryemmarzouki/tpv12-storifyed-the-public-voice-con...
"The Public Voice" - data protection is a civil right (Peter Schaar’s Blog)
http://www.bfdi.bund.de/EN/PublicRelations/SpeechesAndInterviews/blog/...
Privacy Officials, Advocates Attend Uruguay Public Voice Conference
(EPIC Alert, 26.10.2012)
http://epic.org/alert/epic_alert_1920.html
2012 Public Voice Conference Resources and Documents
http://thepublicvoice.org/events/uruguay12/#resources
The 2009 Madrid Civil Society Privacy Declaration: “Global Privacy
Standards for a Global World” (03.11.2009)
http://thepublicvoice.org/madrid-declaration/
34th International Conference of Data Protection and Privacy
Commissioners (23-24.10.2012)
http://www.privacyconference2012.org/
ORG: Response to the ICO consultation on the draft anonymisation code of
practice (28.09.2012)
http://www.openrightsgroup.org/ourwork/reports/response-to-the-ico-con...
Data Privacy Commissioners Discuss Ubiquitous Tracking (31.10.2012)
http://www.forbes.com/sites/larrymagid/2012/10/31/data-privacy-commiss...
(Contribution by Meryem Marzouki, EDRi member IRIS - France)
This article is also available in:
Deutsch: Skype gab personenbezogene Daten an privates Unternehmen weiter
A police file has recently revealed that, during a police investigation into the Anonymous-sanctioned cyberattacks on PayPal, the Dutch police has received personal data on a young Dutchman through an IT firm which, in its turn, received the data from Skype apparently in an illegal way.
In the file called “Operation Talang”, the Dutch police had information on two people that allegedly played a part in the attacks on websites belonging to Mastercard, VISA and Paypal by hacker collective Anonymous, following the blocking of donations to Wikileaks in 2011.
Joep Gommers, senior director of global research at the Dutch IT security firm iSIGHT Partners, who was hired by PayPal to investigate the attacks, found out the pseudonym of a 16-year-old boy who apparently was involved in the attacks and contacted Skype to ask for the suspect's account data. According to the police file, Skype handed over, voluntarily and without any court order, the suspect's personal information, such as his user name, real name, e-mail addresses and home address.
"You would imagine that subscriber data aren't simply handed over. They have to be provided when the police has a valid demand or court order, but not in any other case. (...) You can also wonder whether police can use that information if it was acquired this way," said Gerrit-Jan Zwenne, a professor of Law and Information Society in Leiden and a lawyer at Bird & Bird in The Hague.
Skype spokesman reaffirmed that the company was taking privacy very seriously and there would be an investigation in the matter. "It is our policy not to provide customer data unless we are served with valid request from legal authorities, or when legally required to do so, or in the event of a threat to physical safety."
Skype hands 16-year-old's personal information to IT company (4.11.2012)
http://www.nu.nl/internet/2950158/skype-hands-16-year-olds-personal-in...
This article is also available in:
Deutsch: ENDitorial: Die Microsoft IE10 Do-Not-Track-"Kontroverse"
With online tracking of consumers becoming more and more sophisticated, uneasiness about this technology is growing.
In Europe, there are rules on tracking users for behavioural advertising, where users generally need to consent to being tracked. Elsewhere in the world, there is less regulation. Currently, work on developing a technical (and technologically neutral) “Do Not Track”-standard (“DNT”) at the World Wide Web Consortium (W3C) is ongoing. Once adopted, this would result in a standard by which users could tell their browsers to signal to advertisers that they do not want to be tracked. This would have particular significance in the USA, where the Federal Trade Commission would be able to treat honouring this standard as a contractual obligation. Advertising companies that ignore the standard could then be fined.
In May of this year, Microsoft announced that it would switch DNT on by default, indicating an objection to being tracked in the express settings for Internet Explorer 10 (IE10). On a technical level, this means that the browser would send DNT:1 headers. While this was a choice that reflects the views of the majority of users and is good from a privacy perspective, it also provided some of the participants of the W3C process with a pretext to push for rules that would allow them to ignore DNT:1 headers sent by IE10.
For example, Yahoo! announced on its policy blog that it would ignore DNT:1 when sent by IE10. Earlier, a patch with the same effect had been submitted for Apache, the web server with the biggest market share. The reason given in both cases was that, according to the standard, by default, no DNT header should be sent; users who do not want to be tracked should switch it on specifically. In the end, this argument says: “We’re not sure if everyone who uses IE10 and has DNT:1 set really wanted that, so we’ll treat everyone who uses IE10 as if they did not set it and track them if we want to.” Arguing this way ignores all IE10 users who did indeed think about it and set DNT:1 deliberately, as well as those who might have chosen IE10 precisely because of its DNT default setting.
EDRi finds this position deeply worrisome, especially in light of the evidence that an overwhelming number of users do not expect their browsing habits to be tracked, especially not across different websites. Furthermore, Microsoft clarified that users would see a message saying that these express setting include “turning on do not track in Internet Explorer”. Users can either agree to this or customise their settings. Clicking “agree” when presented with this choice seems – at face value – to meet the criterion that “a tracking preference expression is only transmitted when it reflects a deliberate choice by the user”. For this reason, the argument that Microsoft is violating the standard seems misleading.
However, this discussion can also serve to highlight some deeper problems with the W3C’s draft DNT standard:
(1) First of all, the standard should say that DNT:1 is the default. This would be in line with the intention behind current legislation on direct marketing and the principle of data protection by default in the proposed General Data Protection Regulation, which is currently under discussion in the European Parliament and the Council. It would also reflect the view of internet users, a clear majority of which, according to studies by the Pew Research Center and the Berkeley Center for Law and Technology, do not feel OK with online tracking, and render this whole “controversy” void. Alternatively, browsers should ask users upon first start-up whether they want their browser to have better privacy settings.
(2) Another reason for having DNT:1 as default is that, according to the current draft standard, DNT:unset would in practice mean that users may be tracked. This means that the W3C standard would in fact condone practices that are not in line with EU laws and regulations. It must be said, however, that W3C has also started a process in the DNT workgroup on the regional implications of the standard. We hope the outcome of this ‘global considerations’ process will do more to meet European standards than the DNT standard in its current form does.
(3) The advertising industry’s lobby groups want to reduce the meaning of DNT:1 to “do not show targeted ads”, while still collecting the data (to monetise it in other ways). Here, the standard should clearly say that DNT:1 means that the data must not be collected in the first place.
(4) The advertising industry is heavily involved in drafting the standard and is pushing vehemently for “legitimate uses” that would in fact allow data collection for wide ranges of purpose even when DNT:1 is set. This would render the standard useless.
To sum up: yes, the move by Microsoft was good in principle. But sadly, it can be understood in a way that provides the advertising industry with a pretext to further stall and dilute the draft standard. Whether this was avoidable or not is the subject of disagreement. Having the draft standard diluted and delayed is especially deplorable since a clear majority of internet users do not feel at ease with being tracked. From the users’ point of view, a standard should both do what the name implies and reflect what they want.
DNT draft standard October 2012
www.w3.org/TR/2012/WD-tracking-dnt-20121002/#determining
DNT draft standard March 2012
http://www.w3.org/TR/2012/WD-tracking-dnt-20120313/#determining
Why Yahoo! wants to protect the predators at your office party (31.10.2012)
http://www.privacysurgeon.org/blog/incision/why-yahoo-wants-to-protect...
Yahoo! Policy Blog: In Support of a Personalized User Experience
(26.10.2012)
http://www.ypolicyblog.com/policyblog/2012/10/26/dnt/
Computerworld: Windows 8 setup shows ‘Do Not Track’ options (17.08.2012)
http://www.computerworld.com/s/article/9230362/Windows_8_setup_shows_D...
Apache patch to ignore DNT:1 headers from IE10
https://github.com/apache/httpd/commit/a381ff35fa4d50a5f7b9f64300dfd98...
The Atlantic: the advertising industry’s definition of ‘do not track’
doesn’t make sense (30.03.2012)
http://www.theatlantic.com/technology/archive/2012/03/the-advertising-...
Pew Research Center: Search Engine Use (9.03.2012)
http://www.pewinternet.org/Reports/2012/Search-Engine-Use-2012.aspx
Privacy and Modern Advertising: Most US Internet Users Want “Do Not
Track” to Stop Collection of Data About their Online Activities (8.10.2012)
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2152135
Microsoft on the issues: Privacy and Technology in balance? (25.10.2012)
http://blogs.echnet.com/b/microsoft_on_the_issues/archive/2012/10/25/p...
(Thanks to Owe Langfeldt - EDRi Intern & other EDRi members)
This article is also available in:
Deutsch: Lesestoff
The internet is not free in Azerbaijan: A letter to president Ilham
Aliyev
Today Baku will host the Internet Governance Forum. Today the president
ignores the truth about the lack of freedom in Azerbaijan. (6.11.2012)
http://www.independent.co.uk/voices/comment/the-internet-is-not-free-i...
French Data Protection Authority forbids the use of any biometric
feature to control the working hours of employees (only in French,
23.10.2012)
http://www.cnil.fr/la-cnil/actualite/article/article/lautorisation-uni...
http://www.net-iris.fr/veille-juridique/actualite/30870/pas-de-biometr...
This article is also available in:
Deutsch: Agenda
6-9 November 2012, Baku, Azerbaijan
Seventh Annual IGF Meeting: "Internet Governance for Sustainable Human,
Economic and Social Development"
http://www.intgovforum.org/cms/
9-11 November 2012, Fulda, Germany
Digitalisierte Gesellschaft - Wege und Irrwege
FIfF Annual Conference in cooperation with Fuldaer Informatik Kollquium
http://www.fiff.de/2012
29-30 November 2012, Brussels, Belgium
For Your Eyes Only: Privacy, Empowerment and Technology in the context
of Social Networks
http://www.foryoureyesonly.be
4 December 2012, Brussels, Belgium
3rd Annual European Data Protection and Privacy Conference
http://www.eu-ems.com/summary.asp?event_id=123&page_id=983
27-30 December 2012, Hamburg, Germany
29C3 - Chaos Communication Congress
http://events.ccc.de/category/29c3/
23-25 January 2013, Brussels, Belgium
CPDP 2013 Conference - Reloading data protection
http://www.cpdpconferences.org/callforpapers.html
2-3 February 2013, Brussels, Belgium
FOSDEM
https://fosdem.org/2013/
21-22 March 2013, Malta
Online Privacy: Consenting to your Future
CfP by 3 December 2012
http://www.onlineprivacyconference.eu/
6-8 May 2013, Berlin, Germany
re:publica 2013
http://re-publica.de/12/2012/08/28/der-termin-steht-vom-06-08-mai-2013...
25-26 June 2013, Barcelona, Spain
9th International Conference on Internet Law & Politics: Big Data:
Challenges and Opportunities.
Abstracts deadline: 3 December 2012
http://edcp.uoc.edu/symposia/idp2013/?lang=en
31 July – 4 August 2013, Geestmerambacht, Netherlands
Observe. Hack. Make. - OHM2013
https://ohm2013.org/
24-27 September 2013, Warsaw, Poland
Public Voice Conference 2013
35th International Data Protection and Privacy Commissioners conference
http://www.giodo.gov.pl/