On Wednesday 13 April the Dutch news agency ANP broke the news that the European Council of Justice and Home Affairs had definitely withdrawn the data retention proposal from their schedule and would wait for a proper 1st pillar proposal from the European Commission, following devastating legal advice from both the Commission as well as the internal legal service. Thanks to the civil rights organisation Statewatch the two documents (in French only) had been leaked to the public on 10 April 2005. Both texts suggest that the Council is wrong in assuming it can create mandatory data retention in the third pillar (criminal law and policing). The proposal will have such a major impact on the internal market and the existing e-privacy directive of 2002 that only the Commission, with full

Rapporteur Marielle De Sarnez (French, Liberal) of the European Parliament Committee on Culture and Education has released her opinion on the proposal of the European Commission to create a new Recommendation on the Protection of Minors and Human Dignity. The report deals with two issues; more liability for ISPs and the introduction of a legal right to reply.

According to De Sarnez "(...)businesses cannot escape their responsibilities under the pretext that parental control is needed to be exercised and governments have a duty to introduce rules that will protect the weakest members of society." That's why 'the liability of access providers needs to be established.' All access providers must create an effective and easy-to-use filter system for children. "Efficient filter technologies exist for the Internet and mobile phones. They are expensive

The United States will not allow for any further delay in the introduction of biometric identifiers in passports of EU citizens travelling to the US. EU Justice Commissioner Frattini sent an urgent letter to the US Congress asking for a delay of 10 months in introducing biometrics in the passports of all EU citizens. In his letter, Frattini states only six EU countries - Belgium, Germany, Austria, Finland, Sweden and Luxembourg - are able to meet the original deadline of 26 October this year. But on 31 March 2005 the chairman of the U.S. House Judiciary Committee, James Sensenbrenner, replied that an extension was unlikely.

On 3 December 2004 the Council of ministers of Justice and Home Affairs (JHA Council) adopted a new regulation on biometrics, forcing member states to include two biometric identifiers in passports and travel

EDRI-gram has obtained 2 secret documents about the draft framework decision on data retention that unveil the positions of individual Member States when it comes to the scope, cost, scale and length of retention. The first document, published on the EDRI website, is the uncensored version of the latest draft framework decision from 24 February 2005, from the Working Party on cooperation in criminal matters to the Article 36 Committee. Both groups are made up of senior officials in the Justice and Home Affairs area, with the Committee in a general coordinating role for the Council.

In this document the Working Party reminds the Committee that the European Commission "had entered a scrutiny reservation on the legal basis for the proposal." Three explanatory paragraphs about the position of the

The European Commission has rejected Microsoft's proposal to comply with the EU anti-trust ruling. Microsoft needs to enable other software providers to interoperate with computers that run the Windows operating system. But the proposed Microsoft server interoperability licence contains a number of serious flaws including unjustifiably high royalty fees and the exclusion of open source vendors, according to the Commission.

In March 2004 Microsoft got a record fine of 497 million euro after a five-year investigation by the Competition Commissioner into Microsoft's business practice. According to the Commission's ruling Microsoft's illegal business practice has enabled it to acquire a dominant position in the market for work group server operating systems and has significantly weakened competition on the media player market. As a remedy the

The European Group on Ethics in Science and New Technologies (EGE) has presented its opinion to the European Commission on ITC implants in the human body. The EGE is an independent, multidisciplinary and pluralist advisory group, composed of twelve members. Though some implants, such as cardial pacemakers, are ethically unproblematic, non-medical implants pose a potential threat to the human dignity and democratic society, finds EGE. The principles of data protection must be applied as soon as any data can be collected through the implants about human bodies. Furthermore, ICT implants (in wearable computing such as RFID tags but also directly implanted under the skin with for example the VeriChip) should only be allowed if there are no other less invasive means of achieving the same

The Council of European Ministers of Justice and Home Affairs (JHA council) seems set for a frontal collision with the European Commission with the proposal for a framework decision on mandatory data retention. On 14 April 2005 the Council will discuss the proposal, possibly including a functional list, in spite of the urgent request from EU Justice Commissioner Frattini to drop the proposal completely and wait for a proper democratic initiative from the Commission. For national members of parliament all over Europe the national preparatory debate about the agenda for this JHA Council will probably be the last chance to stop their ministers from agreeing and first demand a thorough investigation into the necessity and proportionality of data retention.

The last publicly available Council document dates from 24 February 2005. The proposal now

On 24 February 2005 the JHA Council finally adopted the framework decision on attacks against information systems. The decision harmonises legislation in the EU for any offence committed against a computer infrastructure with the intention of destroying, modifying or altering the information stored on computers or networks of computers. The two key definitions in the decision are illegal access to information systems and illegal interference with the system. In both cases, intent has to be proven, to rule out gross negligence or recklessness. The decision covers not only offences affecting the Member States but also offences committed in their territory against systems located in the territory of third countries.

The decision was debated for the first time in 1999, initiated by the European Commission in 2001 and sent to the European Parliament for advice in the spring of 2002. In October 2002 the EP gave its recommendations and on 28 February 2003 the ministers of Justice had reached an agreement. It is unclear why it took the Council 2 years to actually adopt the proposal. At the time, parliamentary scrutiny reservations were made by the Irish, French, Swedish, Danish and Netherlands delegations. Civil society raised many objections to the proposal, most notably the broad scope of illegal access and the fact there is no exemption for security experts to test the security of systems.