Google is offering more detailed information about how it collects and uses personal data of internet users. Since 14 October Google has expanded its privacy policy outlining more details but little change in substance. Some key issues, such as how long personal data are kept, are not answered by the new privacy policy.

The new privacy policy is 'layered' and consists of a easy readable short version and a more comprehensive full version. Google has joined the US safe harbour program in order to bring its data collection practices more in line with EU data protection principles. According to the safe harbour principles personal data can be accessed, corrected or removed by the subject. But Google does put some serious limitations on those rights saying that "extremely impractical" requests for removing will not be

According to the Swedish e-zine The Local, the Swedish Data Inspection Board now allows the Swedish anti-piracy group Antipiratbyrån and the record industry group IFPI to collect the IP addresses of file-sharers.

In an earlier ruling EDRI-gram reported about, the Swedish Data Protection Authority said APB and IFPI broke privacy laws, because they were collecting personal information without permission. Only government authorities were allowed to create registers of criminal offences. The DPA now grants the organisations an exception from the law. APB and IFPI maintain they do not keep extensive personal files, but just pass on the IP addresses to providers or to the police.

From the rulings it seems the anti-piracy group collected the IP addresses itself, with a computer program. In the Netherlands and in Ireland,

The US based digital rights organisation EFF has started extensive research into the hidden codes some laser colour printers and photo copiers add to every page they print or copy. In 2004 printer-manufacturer Canon was awarded a Big Brother Award in Germany for secretly adding a unique code to every print-out. Soon after, it turned out the practice is very wide-spread.

The unique number on every print-out is invisible to the bare eye, measuring only 0,1 millimetre. After the Big Brother Award for Canon, the Dutch police immediately admitted they use the codes to detect the sources of print-outs, tracing individual printers through the vendor chain. Questioned by the Lower House, the Dutch minister of Economical Affairs said he agreed manufacturers should inform their customers, but did not

Today the International Commission of Jurists (ICJ) has launched a new 18 month panel on terrorism, counter-terrorism and human rights. "The legal community worldwide must now take a leadership role in articulating how the rule of law can be respected in addressing terrorism in its many complex global and local forms." The ICJ has formulated 10 legal and policy issues the panel should address. One of them addresses the issue of blanket electronic surveillance: "Do we need to have intrusive surveillance of public places and transports, data on travel, phone calls and Internet use in order to protect people from terrorism?" Other issues are freedom of speech (How can we criminalise incitement to violence without eroding freedom of speech, the press and religion?), discrimination (how to increase security without discriminating,

Since the introduction of compulsory identification in the Netherlands on January 1st 2005, the police have fined 50.000 people that could or would not present a valid ID. Almost 4.000 of those who were fined were children aged 14 and 15. The statistics are provided by the Central Judicial Collection office.

About 25% of the people fined do not pay the 50 euro fee (or 25 euro fee for children between 14 and 16 years old). These cases are presented to the local courts. On 28 September the court of Utrecht chose to create a marathon session for the first 250 cases. Only a quarter of the people appeared. Most of them were men that were involved in minor offences, such as driving without belt or peeing in public. One of them was really upset about the case. To the national RTL News he said: "Everybody can see I am Dutch and not a terrorist!" During the session there was a small demonstration in front of the court. The participants demanded withdrawal of the law, because it does not increase security and only causes double fines.

In the series Information Technology & Law, the Dutch University of Tilburg has published a volume on camera surveillance and workplace privacy, which includes 11 country reports. The European countries covered by the report are: the Netherlands, Belgium, the UK, Germany, Hungary and Italy.

The editors argue that Europeans, similar to the US, have a 'reasonable expectation of privacy'. But is this right codified in national law or perhaps granted by case law? When it comes to workfloor privacy, there is no specific national legislation in any of the examined EU countries. Though data protection authorities have drafted useful codes of conduct, employers seem to have an advantage when a case comes to court. "The overall picture is that the lack of legislation has a negative effect on

On 12 and 13 September the Council of Europe convened a Pan-European Forum on "Human Rights in the Information Society: Responsible Behaviour by Key Actors" with representatives from state, industry and civil society.

The Forum was a follow-up to the recent Declaration of the Committee of Ministers on Human Rights and the Rule of Law in the Information Society, plus general Council of Europe priorities regarding the protection of children and internet content. The Forum aimed at identifying and discussing "responsible" and "irresponsible" behaviour by key actors and how states, industry and civil society can work together (inter alia through partnerships, policy making, greater awareness and education) to ensure the promotion and protection of human rights in the Information Society. On behalf of EDRI, Meryem Marzouki (IRIS, France) and Rikke Frank

The 27th international conference of data protection commissioners took place in Montreux/Switzerland from 13 to 15 September 2005. The meeting with the title "The protection of personal data and privacy in a globalised world: A universal right respecting diversities" saw several hundred data protection authorities (DPA) officials, industry, cyberrights groups and other stake-holders for three intense days of discussion. One big issue was the tenth anniversary of the EU's data protection directive from 1995. The assessment was mixed, though. There are still many differences in national laws and enforcement is weak. While the EU directive had a big impact on the globalisation of data protection legislation, this approach is hard to enforce on the border-less Internet. There is also a strategic rival emerging with the APEC privacy guidelines