One of the results of the European elections is the loss of some excellent Members of Parliament. EDRI wishes to thank a number of MEPs that have struggled hard to defend privacy and digital civil rights, but have not been re-elected.

As rapporteur of the Directive on privacy and electronic communications, the Italian MEP Marco Cappato worked very hard to insert important privacy-guarantees and fiercely opposed mandatory retention of telecommunications traffic data. Author of the report on the right to privacy and data protection (approved by Parliament on 9 March 2004 by 439 votes in favour, 39 against and 28 abstentions), organiser of an important civil society meeting in Parliament, staunch protester against the transfer of PNR-data to the US without strong privacy-protection, and tabler of many key amendments on the IPR Enforcement Directive at the first reading, Cappato deserves a lot of credit as a champion for digital rights. Mister Cappato's Lista Bonino lost almost three quarters of its voters, compared to the 1999 EU Parliament elections, and will send only two MEPs to Brussels. Mr. Cappato held place three on this list and may come back to Brussels as a substitute MEP if one of the two others should be replaced.

The EU Network of Independent Experts on Fundamental Rights published their 2003 report. The network has been set up by the European Commission, upon request of the European Parliament. Since 2002, it monitors the situation of fundamental rights in the Member States and in the Union, on the basis of the Charter of Fundamental Rights. The report covers a wide range of fundamental rights and raises for example concern about the use of biometric identifiers and the transmission of Passenger Names Records. It also criticises control over state media in Italy and Poland. The section on freedom of expression however, lacks reference to the internet and notice-and-takedown procedures.

Report on the situation of fundamental rights in the European Union in 2003 (01.2004)
http://www.europa.eu.int/comm/justice_home/cfr_cdf/doc/report_eu_2003_...

The rapporteur of the EU Directive on the Enforcement of Intellectual Property Rights, Janelly Fourtou (UDF, Conservative, France), has earned millions from business related to Intellectual Property Rights, even while she was shepherding the report through the European Parliament. As several newspapers have investigated, Mrs. Fourtou runs a private fund together with her husband, Jean-René Fourtou, who is the CEO of Vivendi Universal, the media giant that is worldwide the biggest holder of intellectual property rights. In November 2002, this fund acquired transferable bonds worth 14,5 million Euro, which shall be transferred into Vivendi Universal shares at preference conditions in 2005. The Fourtou children have, according to the Financial Times, acquired bonds for an additional 5 million Euro. The Fourtou couple has until now made a computational surplus of 10 million Euro; their children 3,4 million Euro.

The Amsterdam institute for information law published a study (commissioned by Sybari software) about the impact of the new anti-spam regulations in the EU. Their conclusion is not encouraging. "An important limitation on the effectiveness of the E-Privacy Directive is the simple fact that most spam originates from outside the EU. (...) Beyond that, the effectiveness of the E-Privacy Directive depends on its implementation in national legislation. So far, implementation has been rather slow in a number of countries." The study warns about large differences in the EU in the legal protection of corporate users and users which are not subscribers. The most important recommendation is for the EU to take additional actions to promote effective enforcement mechanisms.

Regulating spam: Directive 2002/58 and beyond (April 2004)

Romania has implemented the Cybercrime Convention with law nr. 64 from 24 March 2004. The law was published in the Official Monitor nr. 343, on 20 April 2004.

The main provisions of the Cybercrime Convention were already incorporated in Title III of the Anti-corruption law nr. 161/2003, published in the Official Monitor nr. 279 from 21 April 2003.

The Cybercrime Convention defines nine offences: illegal access, illegal interception, data interference, system interference, misuse of devices, computer-related forgery, computer-related fraud, offences related to child pornography and, notably, offences related to copyright and neighbouring rights. Signatory states have to establish a common minimum standard of relevant offences under their domestic law.

Under Romanian law, the first 2 offences are very broadly defined and will be punished severely: "The illegal access to a computer system is a crime and is punished with imprisonment from 6 months to 3 years. If access is gained by infringing security measures, the punishment is imprisonment from 3 to 12 years..

On 30 April 2004, the European Commission finally released the public policy for the new .EU top-level domain. The policy seems to have been written with 2 thoughts in mind: prevent endless disputes with governments about geographical and institutional names and make sure all trademark-related rights are served first.

Registration will take place in two phases, first giving governments and holders of registered national and Community trademarks the chance to claim their desired names. In the second phase, all 'holders of prior rights' get to register their names of choice. These 'prior rights' are defined as 'inter alia, registered national and community trademarks, geographical indications or designations of origin, and, in as far as they are protected under national law in the Member-State where they are held: unregistered trademarks, trade names, business identifiers, company names, family names, and distinctive titles of protected literary and artistic works..

On 1 March 2004 the EU launched a new 4-year project on privacy and identity management. Its objective is the research and development of solutions to empower individuals in managing their privacy in cyberspace. The Commission contributes a budget of 10 million euro.

Following a longtime focus on privacy enhancing technologies, the Commission feels that privacy management should be built into information systems by design rather than as an afterthought. Under the new program, technical solutions should be developed to minimise disclosure of personal data and enforce end-users' privacy preferences. The scope of digital identities is very broad, from border controls to future electronic services that might deal with sensitive data such as patient health data, employee data, and credit card data.

On 26 and 27 March 2004 a conference was held on safe internet in Warsaw, Poland. The conference was organised by the Council of Europe in collaboration with Safeborders, a consortium funded by the European Commission. Focussed on children, the event was meant to 'step up efforts to create a pan-European safer Internet network.' Some 150 participants met in workshops, with many delegates from East Europe and republics of the former Soviet Union.

In his keynote speech, Hanno Hartig from the Council of Europe stressed the need to make a difference between illegal and harmful content and respect the cultural and legal differences between countries. He underlined the difficulty of anonymity online, both as a danger and an essential tool to protect the privacy of children. He also warned that encouraging self-regulation should not force ISPs to curb the freedom of expression. Unfortunately, these nuances were sometimes lost during the workshops and plenary sessions, with speakers denying any difference between for example child pornography and websites about drug use.