Archive | November, 2015

Pirate sites: To block out or not to block out?

Today the Swedish district court of Stockholm ruled that internet service providers (ISP:s) can not be forced to block out pirate sites like the Pirate Bay. (TorrentFreak» | Also in Swedish»)

But it’s still early days. Copyright holders are to appeal the verdict. However, it’s very unusual that Swedish lower courts take bold stands. This might indicate that the judicial system has found that there is a strong case against blocking.

Interestingly, yesterday the German federal court ruled in the opposite direction. (TorrentFreak» | Also in German»)

The key issue seems to be if an ISP can be considered a co-culprit of copyright infringement in relation to the EU Infosoc directive. Conflicting judgements in different member states indicate that the European Court of Justice (ECJ) will have to address the issue. And this can happen soon as a Dutch court already has asked the ECJ for guidance in a similar case.

However, it is possible for a member state to have a stronger copyright protection than required in the EU directive. But this issue might also concern freedom of enterprise and freedom of speech. So there is a high level of uncertainty and confusion.

From a practical point of view, it is interesting to see that blocking out pirate sites has little or no effect on illegal filesharing. (Link 1» | Link 2»)

The bigger question is the principle that ISP:s are not responsible for what their customers are up to in their network (mere conduit). This is a well-established principle in the EU.

In comparison, telephone companies are not liable for what people might say on their phone lines; postal services are not liable for what people send in the mail; owners of roads are not liable for criminals driving around.

If ISP:s were to be responsible for their customers activities — they would have to police everything we do online. Everything. That would be practically extremely difficult and a fierce violation of privacy. (But proponents of mass surveillance often seem to see this as an opportunity to establish new points where to tap into public communications.)



We are all under surveillance: Re-group. Re-think.

After the Paris attacks politicians, police and the intelligence community are tumbling over each other eager to introduce even more mass surveillance.

This will direct resources away from regular police and intelligence work. It will not protect us, but could rather make us all less safe. But then again, mass surveillance isn’t really about terrorism. Obviously, it’s about control.

Terrorism (plus serious crime, drug trade, trafficking, child protection and the copyright legal framework) is being used as a pretext for doing what politicians cannot openly admit.

But facts are straight forward: We are all under surveillance.

The fight for people’s right to privacy must and will go on. But we also must recognize the fact that we are already living in a Big Brother society. It might be about time to re-group and re-think. Where do we take the fight for a free and open society from here?

There is the political road. Defending human and civil rights, you can punch over your weight. It all boils down to principles about democracy, rule of law and the relation between citizens and the government. In that context, most politicians cannot afford to appear as if they don’t care. Not in public.

And there is the technical road. Let’s start with something reasonable: Could anybody please make strong e-mail encryption really, really user-friendly? It shouldn’t be impossible. Or let’s take a wider approach: Can the entire internet protocol be replaced with something new and more privacy friendly?

The fight will go on. And you can be certain of one thing: Regardless of how much surveillance we have, the ruling political and bureaucratic classes will always find reasons to introduce more.



Post Paris: EU to clamp down on Bitcoin, gold and pre-paid credit cards

Tomorrow, Friday, EU interior and justice ministers will meet in Brussels — for an emergency meeting after the Paris terror attacks.

According to Reuters, EU member states “plan a crackdown on virtual currencies and anonymous payments made online and via pre-paid cards in a bid to tackle terrorism financing”.

“They will urge the European Commission, the EU executive arm, to propose measures to “strengthen controls of non-banking payment methods such as electronic / anonymous payments and virtual currencies and transfers of gold, precious metals, by pre-paid cards,” draft conclusions of the meeting said.”

In other words, governments would like to take control of all forms of payments except cash. And with EU rules against money laundering access to cash also can be quite restricted.

It would be very interesting to know how the EU is supposed to “strengthen control” of Bitcoin — as the system is totally decentralized. I doubt that they can.

But they can make life more difficult for ordinary people if clamping down on e.g. pre-paid credit cards and online payment systems.

This EU meeting is being held in panic, with politicians desperate to look as if they are doing something of substance to combat terrorism. So, I guess, they really haven’t thought things trough. And they leave all the details to the European Commission to figure out.

This might result not in an EU directive, but an EU regulation. If that will be the case, measures can quickly be implemented without having to involve the people’s elected representatives in the European Parliament.



EU centre-right group using Paris tragedy to try to kill data protection directive

Since the Paris attacks politicians, police and intelligence agencies have pushed for more mass surveillance. And now, it seems they are also trying to undermine the new EU framework for data protection.

The EU data protection directive has been under massive fire from special interests and member states in the council. But the European Parliament has been firm in insisting on a clear and meaningful framework to protect citizens private data.

Now the centre-right group in the parliament, the EPP, is trying to suspend these negotiations.

“In the aftermath of the cruel attacks in Paris on Friday, Axel Voss MEP, in his capacity as EPP Group Shadow Rapporteur for the Data Protection Directive, has called for the immediate suspension of the Data Protection Directive trialogues and a review of the mandate to identify the impact of the draft text on law enforcement capacity to exchange information.” (…)

“According to Axel Voss, the text stipulates major bureaucratic burdens to law enforcement and security entities and would basically transform them into data protection officers when processing personal data for the purpose of prevention, investigation, detection or prosecution of criminal offences and terrorist activities.”

What this is all about, is the EPP trying to use the tragedy in Paris to undermine the demands for authorities to use citizens personal data in a responsible way. But there should and must be rules for authorities as well.

Data protection is more important today than ever before. Especially when authorities are riding on a wave of fear, trying to advance their positions when it comes to surveillance and data mining.

Link: Data Protection Directive trialogue should be suspended »



Mass surveillance makes us less safe


Our thoughts are with the victims of the terror attacks in Paris.

But we should not allow ourselves to react in a thoughtless way. Terrorists want to impose fear –leading us away from a free, open and democratic society.

France already has one of the most intrusive regimes of mass surveillance in the western world. Apparently, this did not stop the terrorists.

Actually, it might very well be that mass surveillance makes us all less safe. The number of “false positives” makes serious police work more difficult. Dependence on electronic surveillance systems also directs resources away from old fashion police activites, intelligence operations, informed analysis and “HUMINT” (Human Intelligence).

Naturally, there is a place for advanced forms of electronic surveillance. But it should be focused on individuals and groups who are suspected to prepare for criminal activities. And to identify such targets, HUMINT is essential.

Time and time again it has been revealed that terrorists have been on the security services radar before striking. But the what, where and when is normally never communicated in ways that can be intercepted by mass surveillance. Here you need targeted surveillance, old-fashioned spies and qualified intelligence analysis. This is hard work, it takes time, it is costly and it can be dangerous. But it is what is effective to keep us reasonably safe from terrorism. (If at all possible.)

And given that the whole point of fighting terrorism is to defend our free, open and democratic society — it would be counter-productive to treat all citizens as potential terrorists and criminals. The people is not the problem.



EU to make linking illegal?

The EU Commission is working on a new and updated legal framework for copyright. A draft has been leaked — and it raises some serious questions about what the EC is up to.

Most notably it covers “ancillary copyright”, a term used when it comes to Internet linking in relation to copyright.

From the beginning, this was about German and Spanish newspapers wanting Google to pay for linking to their material. This idea went down in flames, as Google stopped linking — and the publishers had to beg them to start linking again.

Now it seems that the EC is taking a new and broader approach to this issue.

The fear is that unless you have explicit permission to do so in every single case, linking to copyright-protected material (articles, pictures, video, sound) will become illegal.

This would be a fatal blow to the entire concept of a world wide web. Linking is the very neuronic system of the Internet. Having to ask for permission or seek among different sorts of licenses before you link could be extremely time-consuming and bureaucratic. People would rather refrain from linking all together.

One (of many) unintended consequences would be hampering the open, democratic debate online.

And old style media wouldn’t gain anything from it. Opposite, they would lose readers and clicks. (Like experience from Germany and Spain clearly demonstrate.)

The reasonable standpoint is that if you put something on the Internet, others should be allowed to link to it.

But that might not be the way the EC sees it.


• Ancillary Copyright 2.0: The European Commission is preparing a frontal attack on the hyperlink »
• Pirate Party MEP Julia Reda: EU Preparing ‘Frontal Attack On The Hyperlink’ »
• Leaked Draft Reveals EU Anti-Piracy Enforcement Plan »


Putin vs. Charlie Hebdo

Russian president Vladimir Putin lashing out against free speech is no news. But this time, he attacks freedom of the press in another country — France.

The background is that the French magazine Charlie Hebdo has published two cartoons relating to the Russian air disaster in the Sinai. One of the two cartoons is focusing on the quality of Russian low fair airlines – and the other making a connection between the disaster and the fact that Russia has now become involved in fighting ISIS, in Syria.

Especially the last one touches on a highly sensitive issue in Russia: The connection between “Putin’s war” in Syria and terrorist attacks against Russian civilians.

Every suggestion of such a connection is seen as undermining Vladimir Putin.

At Chalie Hebdo, they choose not to give in but to speak back. The magazine’s editor-in-chief, Gerard Biard:

Their argument about sacrilege is absurd. Are we supposed to no longer comment on the news in a different way, or to say nothing more than it’s sad? If so that becomes a problem for freedom of expression.”

The Guardian: Russia condemns Charlie Hebdo for Sinai plane crash cartoons »