Navigation

Archive | EU

The EU-US Privacy Shield: EU presents a pointless proposal

By on March 3, 2016 in Big Brother, Big Data, Data Protection, EU, Privacy, US

Finally, the European Commission has presented a proposal for the EU-US Privacy Shield conserning data protection, to replace the fallen “Safe Harbour” agreement. Sorry to say, it’s rather pointless.

The background is that the European Court of Justice invalidated the “Safe Harbour” agreement that was supposed to provide adequate data protection when Europeans personal data is being transfered to the US. The reason was that US companies didn’t really care about the agreement — and that US authorities (e.g. the NSA) in many cases had access to the data.

Then followed some confusion as the EU and the US tried to negotiate a new agreement, the EU-US Privacy Shield. Here are some previous blog posts:

• An EU-US Privacy Shield? »
• The EU-US Privacy Shield Illusion »

Now we have a proposal. Some EU links:

• European Commission presents EU-U.S. Privacy Shield »
• Restoring trust in transatlantic data flows through strong safeguards: European Commission presents EU-U.S. Privacy Shield »
• EU-U.S. Privacy Shield: Frequently Asked Questions »

This new proposal is rather similar to the old, fallen agreement. So much so, that it might very well be invalidated by the ECJ once again.

The main news seems to be “adequacy decisions”. In simple terms this means that things will be deemed OK if the European Commission says so. And that is hardly a solid judicial principle.

The Austrian student Max Schrems — who took the old agreement to the ECJ in the first place — says that he is considering taking the new agreement back to court, if adopted.

In a comment the NGO EDRi:s Executive Director Joe McNamee says..

The European Commission has given Europe a lesson on how not to negotiate. This isn’t a good deal, it hardly deserves to be called a ‘deal’ of any kind.

The EDRi press release also states that the documents published “confirm that no meaningful reforms have been made and that none are planned”.

EDRi Press Release: Privacy Shield is the same unsafe harbour »

The European Commission simply does not seems to be very concerned about protecting European personal data being transfered to the US.

/ HAX

0

IPRED 2 in the works — have your say

By on February 25, 2016 in Big Entertainment, Copyright, EU, File Sharing, Hacktivism, Intellectual Property, Internet, IPRED, Uncategorized

IPRED — the EU Intellectual Property Rights Enforcement Directive — was highly criticised when introduced. It gave IPR holders wider rights to go after e.g. illegal filesharers than the police, skewing the legal system in favour of the industry. (But even then, IPRED has never been really effective.)

In 2014, the Italian EU presidency announced its’ plans to beef up IPRED. On this blog, I quoted the reaction from Brussels-based NGO EDRi on the matter…

“However, having established that the current legislative framework is not fit for purpose, the best thing that the Presidency can think of proposing is to expand and deepen the failed, not fit for purpose enforcement measures that are currently in force. The Italians apparently hope that, if they do the same thing over and over again, different results will be produced.”

But such objections do not discourage Brussels. The political process continues.

Preparing IPRED 2 the European Commission now has launched a consultation (normally being the first step for new or revised legislation). Once again EDRi explains it best…

“Injunctions, internet blocking, blackmailing of individuals accused of unauthorized peer-to-peer filesharing – the so-called IPRED Directive has been very controversial. Now, the European Commission has launched a consultation on the Directive (whose full name is Directive 2004/48/EC on the enforcement of intellectual property rights (IPRED) in the online environment).”

“The consultation is of great importance not only to those working on copyright or “intellectual property rights” in general, but in fact crucial to anyone using the Internet. This consultation covers to how private companies should or should not be involved in law enforcement online – for example by removing your online content in case it might include copyrighted material. It also covers the range of internet intermediaries that could or should be subject to legal obligations to undertake law enforcement activities.”

This consultation is open for everyone to respond to. And as political processes are easier to influence the earlier you get into them, this is an opportunity that should not be missed.

In order to make it easier for individuals to answer the consultation, EDRi has created an “answering guide” – an online tool with the European Commission’s questions and our analysis to guide your responses. The answering guide can be found here: http://youcan.fixcopyright.eu/limesurvey/index.php/829127?lang=en

Please get involved. Your reactions can shape the future of the Internet.

And a big thank you to EDRi for hacking the political system — analyzing, explaining and opening up the process for everyone to participate.

/ HAX

0

The EU-US Privacy Shield Illusion

By on February 11, 2016 in Big Data, Data Protection, EU, Privacy, US

A little more than a week ago, I wrote a blog post on the EU-US Privacy Shield. This is supposed to replace the fallen “Safe Harbour” agreement, protecting European personal data when transferred to the US. (The latter didn’t, that’s why the European Court of Justice invalidated it.)

But, as I wrote, the EU-US Privacy Shield is just a framework agreement, not a deal. No substance. Nothing. Everyone is just stalling for time.

And I’m not the only one to be suspicious. Today the weekly EDRi-gram from Brussels-based NGO European Digital Rights turned up in my mailbox. And they do take a swing against the Privacy Shield illusion:

What’s behind the shield? Unspinning the “privacy shield” spin »

Some quotes…

• If there is a deal, why was nothing published?

It is standard practice from the European Commission. When an agreement is reached, the Commission launches a press release, but not the actual agreement. In this way, the Commission can control the amount of information available to journalists and the general public. It then launches the actual document once the press cycle is over and the details are no longer newsworthy.

I couldn’t agree more. Things like this happen all the time. And the EU Commission seems to get away with it all the time. In this case, let’s keep an eye on the ball for a change.

• Was there a deal?

Actually, there was no deal. The Commission had to announce something on 2 February in order to prevent regulators from starting enforcement action against companies that were (and, today, still are) transferring data illegally to the United States.

Bulls eye, again. What we see is the EU political system trying to dodge the EU judicial system. I won’t quote the entire text, but I must direct your attention to this showstopper…

• Is it strategically wise to announce a deal before discussions have been completed?

For the US, definitely, for the EU, it was strategically disastrous. As the EU has announced a deal, European negotiators have absolutely no leverage in the discussions around the detail of the agreement. Politically, it is impossible for the EU to reject anything that the US now proposes, because it is politically impossible for the Commission to abandon negotiations after it announced the completion of an agreement.

Is this just mind-bending incompetence? Or outright political sabotage?

And so it goes on. You really should read the whole piece.

The European Parliament (that has demanded a suspension of the Safe Harbour agreement for years) ought to be very upset. And the European Court of Justice should treat this as contempt of court, if there is such a thing in its’ regulatory framework.

We really shouldn’t let the European Commission get away with this. European citizens deserve decent data protection.

/ HAX

0

The War on Cash

By on February 6, 2016 in Big Brother, Big Government, Economics, EU, Privacy, War on Cash

Holger Steltzner in Frankfurter Allgemeine...

Beim Feldzug gegen das Bargeld geht es um mehr als das Bezahlen. Ginge es nur darum, könnte man die Leute einfach selbst entscheiden lassen, wie sie künftig zahlen wollen. Es geht um das Ende von Privatheit und selbstbestimmter Entscheidung, um Lenkung von Verhalten und um den Zugriff auf das Vermögen. Der Bevormundung des Bürgers wäre in einer solchen Welt keine Grenze gesetzt, Geld wäre kein privates Eigentum mehr. Der Übergewichtige könnte mit seiner Karte auf einmal die Kalorienbombe nicht mehr zahlen, der Alkoholiker sich die Weinflasche nicht mehr besorgen, und am „Veggie Day“ dürfte man mit seinem Smartphone kein Fleisch mehr kaufen. Der Zugriff des Fiskus auf das Konto des Bürgers wäre selbstverständlich. Und in totalitären Staaten gäbe es kein Entrinnen vor Überwachung und Unterdrückung. (…)

Andere Motive sind für den Krieg gegen Cash wichtiger, aber über sie wird weniger geredet. Hier kommen die Notenbanken ins Spiel, auch die Europäische Zentralbank, deren Präsident Draghi schon laut darüber nachdenkt, wie er am besten die Abschaffung der 500-Euro-Note kommuniziert, die der EZB-Rat noch gar nicht beschlossen hat. Ohne Bargeld wären die Bürger den Negativzinsen der Zentralbanken ausgeliefert. Davon träumen auch viele Finanzminister und keynesianische Ökonomen.

Bargeld ist Freiheit » | Google Translate »

Update: Translation to Swedish in the comments, thanks to Christian Engström.

2

A Bitcoin moment? Or not?

By on February 4, 2016 in Bitcoin, EU

The European Union is trying to decide what to make of Bitcoin and other digital currencies.

In general, the EU Commission has decided not to regulate. At least for the moment.

But at the same time, the EU is expanding its’ regulations against money laundering and terrorism funding.

And from that perspective, the recommendation seems to be that it should be required to register when exchanging digital currencies for traditional ones — or the other way around.

Naturally, this is inconvenient. And it might be yet another obstacle on the road to general acceptance of digital currencies.

But it might also be an opportunity to expand the Bitcoin ecosystem and to make it more or less autonomous — so that you will never have to change Bitcoins for fiat money.

But for that to happen, the Bitcoin society needs to get its’ act together. The present uncertainty about technical matters is a killer — that may thwart a coming Bitcoin Moment or kill it off altogether.

/ HAX

EU: Commission presents Action Plan to strengthen the fight against terrorist financing »

0

EU: The War on Cash

By on February 3, 2016 in Big Brother, Democracy, EU, Hacktivism

Right now, the 4:th EU directive against money laundering is being implemented in the member states.

Among the stricter rules for handling cash, the directive outlaws payments in shops for more than 10,000 €. Some member states chose to go even further limiting the highest amount to 5,000 €.

Thus, making anonymous purchases of e.g. expensive IT-equipment impossible…

0

An EU-US Privacy Shield?

By on February 2, 2016 in Big Brother, Big Business, Data Protection, EU, Facebook, NSA, Privacy, surveillance, US

Last October the EU-US “Safe Harbour” agreement was canceled by the European Court of Justice. This agreement was created to ensure that European personal data was to be treated with care when handled by US companies. But the ECJ found that the agreement did not meet the requirements of the Data Protection Directive, because of NSA access.

ArsTechnica then reported…

“The most significant repercussion of this ruling is that American companies, such as Facebook, Google, and Twitter, may not be allowed to send user data from Europe back to the US.”

Link: Europe’s highest court strikes down Safe Harbour data sharing between EU and US »

Today the media has reported that a new agreement has been reached: The EU-US Privacy Shield.

Such an agreement has been a top political priority for the EU as well as the US — as the respective administrations have not wanted data protection to get in the way of business as usual.

But is there a real agreement? Not really. All there is, is a “framework agreement”, basically saying that the EU and the US agree to agree at some point.

Today ArsTechnica writes…

“What that means in practice is that the Commission has negotiated some breathing space to strike a deal with the US.”

“The US has clarified that they do not carry out indiscriminate mass surveillance of European citizens,” EU Commissioner Andrus Ansip has declared. No further details on this, though…

Link: Last gasp Safe Harbour “political deal” struck between Europe and US »

Apparently the EU and the US have no such thing as an actual deal to show. But there is a lot of hot air coming out of Brussels and Washington.

Earlier today, before the news about an “framework agreement” from Brussels, ArsTechnica had an interview with Max Schrems, the Austrian law student who took this case to court to begin with.

“On the subject of any potential new agreement, he argues it would be no better, and that a sector-specific approach to EU-US data transfers would be preferable. “If this case goes back to the ECJ [European Court of Justice]—which it very likely will do, if there is a new safe harbour that does not meet the test of the court—then it will fail again, and nobody wants that,” he says.”

Link: Why Safe Harbor 2.0 will lose again »

Apart from the EU and the US having agreed to agree — everyone seems to be just as much in the dark as before. (There is also the hidden agenda of mass surveillance and intelligence cooperation that led to the end of “safe harbour” in the first place, to be taken into consideration.)

I suppose the new agreement, when it is finalized, will end up in the European Parliament for final approval. Then, if not before, we should know. And it is encouraging that the Parliament has been very vigilant concerning EU-US data protection issues in the past.

/ HAX

0

The normalisation of mass surveillance

By on December 28, 2015 in Big Brother, Big Government, BND, Civil liberties, Data Retention, Democracy, EU, Germany, Human rights, Intelligence, NSA, NSA & Snowden, Privacy, surveillance, Sweden, Uncategorized, US

Once upon a time, there were rumors about a global surveillance network — Echelon. When the European Parliament decided to look into the matter, it turned out it did indeed exist. For years to follow there were rumors about US intelligence organisation NSA and its new capabilities to “collect it all”. And a few years ago, the Snowden documents exposed exactly that.

Then followed a state of resignation.

In 2013/14, it was brought to light that the NSA might have compromised the international clearing system for bank transfers, European run SWIFT. It’s a bit odd, as the US can have as much information about European bank transfers as they want, in accordance with the EU-US TFTP agreement. Newer the less, there were strong indications of something going on. This time the European police agency, Europol, didn’t even bother to look into the matter. In a European Parliament hearing Europol director Bob Wainwright explicitly said so. (The hearing is quite surreal. It’s all on video here. »)

In Germany, politicians softened their tone against the US/NSA when threatened with limited access to US intelligence. It also turned out that under the level of political polemic, the BND had been working very closely with the NSA all the time. And in Sweden, according to the Snowden files, SIGINT organisation FRA has access to NSA superdatabase XKeyscore. Swedish politicians (including the Greens, who are now in government) will not even comment on the legality of this.

The European Court of Justice has invalidated the EU data retention directive, finding it in breach of fundamental human rights. Never the less most EU member states are upholding (and in some cases implementing) data retention, leading national constitutional courts to object. But data retention fits well with US surveillance systems, so it seems to be less important if it is legal or not.

I could go on, but I better get to my point.

Politicians and intelligence bureaucrats are sending some pretty clear signals these days. They do not care about what is legal or not legal. They do not care if being exposed. They do not even comment on issues that ought to be fundamental in a democracy. The message is: This is the way it is. Live with it.

If there was ever need for a broad political movement against mass surveillance, it is now.

/ HAX

1

EU to coordinate member state intelligence?

By on December 28, 2015 in Big Brother, EU, Intelligence, surveillance, War on Terror

(EU Counter-Terrorism Coordinator) De Kerchove, who stressed in front of the European Parliament Committee on Civil Liberties, Justice and Home Affairs (LIBE) earlier this year to “never let a serious crisis go to waste”, now told the European Observer that “[y]ou don’t want people to know (…) that you have Big Brother interception by satellite or that you have people infiltrating computers”.

EDRi: EU encourages cooperation between intelligence agencies »

0