Archive | EU

ISPs to be dragged into the War on Terror?

Sunday, interior ministers from EU member states, EU Commissioner for Migration and Home Affairs Dimitris Avramopoulos, U.S. Attorney General Eric H. Holder Jr., U.S. Deputy Secretary of Homeland Security Alejandro Mayorkas, the minister of Public Safety of Canada Steven Blaney and European Counter-Terrorism Coordinator Gilles de Kerchove all met in Paris.

Their mission was to come up with a response to the Paris terror attacks.

“We reaffirm our unfailing attachment to the freedom of expression, to human rights, to pluralism, to democracy, to tolerance and to the rule of law: They are the foundation of our democracies and are at the heart of the European Union.”

OK. Thanks…

“We are concerned at the increasingly frequent use of the Internet to fuel hatred and violence and signal our determination to ensure that the Internet is not abused to this end, while safeguarding that it remains, in scrupulous observance of fundamental freedoms, a forum for free expression, in full respect of the law. With this in mind, the partnership of the major Internet providers is essential to create the conditions of a swift reporting of material that aims to incite hatred and terror and the condition of its removing, where appropriate/possible.”

Somehow, all the reassurances about fundamental rights–in this context–makes me a bit uneasy. From working in the European Parliament, I have learned that when something is wrapped up in this kind of language you should be on your guard.

What it all boils down to is to involve Internet service providers more in removing jihadist sites. It seems.

It’s unclear in what way this changes anything from today. If a site is illegal, normally it will be removed. Is the idea to cut out the judicial process from the operation? Or what?

Some of the wordings shows similarities to what has been discussed when it comes to copyright infringements. And in that setting, the purpose has been to make ISPs responsible for policing the net.

So, are they trying to make ISPs responsible for tracking down and censoring jihadist sites?

We don’t know. Yet.

The EU officials will continue their talks at the “informal” Justice and Home Affairs Council (JHA) in Riga on January 29. And it will be on the agenda at the next EU summit. Then, in February all the people from the Paris meeting will come together again, in the U.S..

Be vigilant. Before you know it ISPs might find themselves between a rock and a hard place. In the front line of the War on Terror.

/ HAX

DW: Data sharing, tighter EU outer border, urged at Paris talks »
Joint statement from the Paris meeting (PDF) »

2

What Snowden exposed was already known. But nobody cared.

In the blog post below, you can see a video from the 31c3 conference with Caspar Bowden. In the second part of his speech, he describes how he warned about specific mass surveillance issues long before Edward Snowden came along.

The Snowden files do, in essence, confirm everything Bowden warned us about.

The thing is–at the time, nobody cared.

The European Commission and the European Parliament was informed. But people didn’t take in the information. The information lay open for the media. But no journalists bothered. Bowden explained his findings for various net activist and civil rights groups–but nothing happened.

And I must admit that prior to the Snowden revelations, I my self had no idea that this information existed–even though I used to work in the European Parliament. I’m very interested in these issues, but I didn’t know what I didn’t know.

This points to an information and communication problem. Most of what’s going on is out there. You just have to know what to look for. And whom to listen to.

An important component in internet and civil rights activism is to simply take what’s already out there and make it understandable, to serve it up in digestible pieces. And to listen to the real experts, to find the golden nuggets in their extensive research material.

To hack politics to win, you must know. And you must be right. That is within reach–because politicians and bureaucrats often doesn’t care enough to do their homework.

/ HAX

0

EU to sell out data protection in new trade agreement?

Free Trade is a good thing. But–as I have written earlier–international trade agreements seems to be about everything but free trade.

The latest example is the Trade in Services Agreement (TISA). This agreement is to be signed by the EU, the US and many others. Among other things, it covers E-commerce. So far, so good.

The problem is that TISA (as most other international trade agreements) surpass some pretty important local rules. In this case, it might throw out European data protection rules.

The EU is in the process of setting up a new data protection framework. This rises questions like: Who owns your personal data? Is it you? Or do you have nothing to say about the matter?

In this context it is alarming that the EU is about to enter an international agreement stating that “No Party may prevent a service supplier of another Party from transferring, accessing, processing or storing information, including personal information, within or outside the Party’s territory, where such activity is carried out in connection with the conduct of the service supplier’s business.”

The EU and the US have had an agreement (the Safe Harbour agreement) stating that American companies must handle data about european customers in accordance with European data protection rules. As it has turned out, this agreement has been almost totally ignored by the US.

And now, the TISA agreement seems to sidestep European data protection all together.

While some members of the European Parliament (like German Pirate Party MEP Julia Reda) is trying to ensure a strong European data protection package–the usual suspects (most MEP:s from traditional parties) are prepared to sell out.

/ HAX

0

A never ending struggle

For some days I have been a complete political news junkie–as the latest Swedish government just went down in flames. Looking forward, naturally I have some general preferences about who should rule my country. (Even if a lame duck administration as the present one isn’t all that bad. Hopefully it will not be able to do a lot of stupid stuff.)

But when it comes to some of my favourite issues, I’m frustrated.

We have the centre-right parties (in power until September 2014)–being really bad on surveillance, ignorant at best when it comes to data protection and in the grip of the copyright industry.

Then we have the socdem-greens (that, in practice, fell from power yesterday). The Social Democrats are just as bad as the centre-right people in these matters. And the Greens are selling out on the same issues, just for the grandeur of being in government. (Come on, give the Ring back to the nice Mr. Frodo.)

The third group (causing most of the stir) are some nationalist, xenophobic and semi-populists. Again, they are just as bad. (I guess that they haven’t realised that they are a given target for government surveillance.) And in general they are occupied with nostalgia rather than issues concerning the future.

Finally we have the Pirate Party, not even in the Swedish parliament with only 0.43 per cent of the votes in the latest elections. (So I guess the general population doesn’t bother about these issues either…)

Still, the surveillance issues are important–and rather pressing. What the government does in the EU is important as we are in the process of hammering-out new European data protection rules. And an European copyright reform.

In the bigger picture a free and open Internet is essential for democracy, culture, business, science and education. Yet, in Sweden 99,57 per cent of the votes are casted on political parties more or less uninterested, ignorant or plain evil when it comes to Internet and surveillance matters.

And it seems that Sweden isn’t unique. The picture is the same in most countries.

In dark moments I think this might be just as well. There are no guarantees that politicians will do the right thing, even if they are interested. So it might be better to trust spontaneous order, peoples creativity, the market and net freedom activists to be one step ahead and to raise objections if politicians go wrong.

The problem is, politicians go wrong about the Internet, surveillance, data protection, copyright and civil liberties all the time. The fact that they are uninterested or ignorant doesn’t stop them. In most cases they just rubber stamp papers that government officials hand them, anyway. Politics is in the equation, like it or not.

So we need to apply a constant external pressure on politics. To show the way, to campaign and to hit politicians and government officials hard when they do something stupid or dangerous.

It’s a never ending struggle.

/ HAX

0

How to fight the dark forces of Government

There is this article in The Boston Globe that has been nagging my mind for a few days now: Vote all you want. The secret government won’t change. »

Despite the dramatic headline, this is not about conspiracy theories. It’s about Tufts University political scientist (and former legal counsel to the Senate Foreign Relations Committee and a consultant to various congressional committees, as well as to the State Department) Michael J. Glennon and his book National Security and Double Government.

The core issue is the Obama u-turn on national security.

“But six years into his administration, the Obama version of national security looks almost indistinguishable from the one he inherited. Guantanamo Bay remains open. The NSA has, if anything, become more aggressive in monitoring Americans. Drone strikes have escalated. Most recently it was reported that the same president who won a Nobel Prize in part for promoting nuclear disarmament is spending up to $1 trillion modernizing and revitalizing America’s nuclear weapons.”

The thing, according to Glennon, is that politicians are generalists–in the hands of their own administration and its experts. And these experts have many reasons to exaggerate threats.

That sounds like a plausible and reasonable analysis. Even though the word “generalists” might be overly polite.

Now, looking at Europe and the EU we have the same set of experts as in the US–in the Commission, in the Council and to some extent in the European Parliament.

And we have the issue of lobbyism. (Even though public attention is directed towards lobbyists in the Parliament, the real issue ought to be lobbyism directed towards the Commission and its staff.)

Then we have something that few people know about: The European Commission has some 250 different committees with around 7,000 “contributors”. And at least 1,000 (maybe up to 3,000) specialist groups with more than 40,000 “experts”. All of these with an agenda. And this is where EU policy is crafted out.

This is why it is almost impossible to get something done when it comes to e.g. data protection, mass surveillance or copyright reform in the Parliament. The power doesn’t lie with the elected politicians.

So, are we screwed? Is democracy just an illusion? In many cases, the answer seems to be yes. But Glennon gives us a glimmer of hope…

“The ultimate problem is the pervasive political ignorance on the part of the American people. And indifference to the threat that is emerging from these concealed institutions. That is where the energy for reform has to come from: the American people. Not from government. Government is very much the problem here. The people have to take the bull by the horns. And that’s a very difficult thing to do, because the ignorance is in many ways rational. There is very little profit to be had in learning about, and being active about, problems that you can’t affect, policies that you can’t change.”

From an European perspective we know that public opinion did put an end to the ACTA agreement (restricting the openness and freedom of the Internet). We also know that such occurrences are very rare. And that they depend on huge efforts from activists, civil society and the media. But–it can be done.

This is the first lesson in fighting the political apparatus: Know thy enemy.

/ HAX

2

TTIP might kill EU copyright reform

There is an obvious need for copyright reform. It is necessary in order to keep culture alive, dynamic and vigorous. And it is necessary if we want to keep the Internet free and open. (Read more about these specific issues here. »)

The EU is trying to get to grips with copyright in order to have a single, up to date set of rules for the entire European market. At the same time copyright holders, like the music- and film industry, would like to hold on to present rules–created to protect an old, pre-digital business model.

At the moment, the copyright industry puts its hope to the EU-US trade agreement (TTIP), being negotiated right now. The negotiations are secret. But we know that TTIP will contain a chapter on “intellectual property”. This might be yet another attempt to curb the freedom of the internet, in order to clamp down on illegal file sharing and other digital IP infringements. But if it is, chances are that TTIP will meet the same fate as the fallen ACTA agreement.

But it doesn’t have to be that obvious.

TTIP can also build on present copyright legislation in such a way that it will be more or less impossible to change these laws in the future, without breaking this binding trade agreement.

In fact, there is a highly controversial instrument in TTIP that might be used to kill all attempts to reform copyright legislation in the future. This is the article on investor-state dispute settlement (ISDS).

The idea behind ISDS is that a company in the US can take the EU or e.g. Denmark to court–if there are to be any new laws that might reduce that companys present (or future) profits. Well not take to court, actually. It’s more like a semi-private settlement institute, that can fine countries for billions of dollars in damages.

Now, imagine if the EU would like to reform copyright. European politicians might want to shorten the absurdly long protection time to, let’s say, 50 years. (If they could extend it, they should also be able to shorten it. Especially as copyright is an “asset” not found in nature, but a brainchild of politicians.) They might want to make exceptions for non-commercial sampling. They might want to make out of print classical literature or orphan works available to the public in digital form. They might want to step down the hunt for non-commercial file sharing. Or they might require that to receive copyright protection, the works in question must be registered.

This is the kind of things that ISDS is designed to stop. Either the EU would have to drop the reforms–or pay billions in damage.

(To add to the absurdity of this: In the example above only American companies would receive damage, not domestic European ones.)

So, yes: The TTIP might be used to kill an EU copyright reform. And Europe urgently need such a reform.

I might repeat myself, but I suggest that if the EU and the US would like to have this trade agreement approved–they should drop the IP chapter and ISDS. It might also be a good idea to open up the negotiations to democratic oversight, as these agreements have more or less the same effect as law.

/ HAX

Also read: EFF–EU-US Trade Negotiations Continue Shutting out the Public—When Will They Learn? »

1

Intellectual property and trade agreements vs. a free and open internet

Enforcement of Intellectual Property Rights is often included in various international trade agreements.

Sometimes this is done in general terms, not making any distinction between e.g. patents, copyright, trademarks and geographical indications. Politicians just look at the supposed value of IP–and decide that they want to protect it. (A rather blunt approach.)

In other cases IP issues are very specific, like in the (rejected) ACTA agreement. In ACTA the text suggested “voluntary cooperation” between copyright holders and internet service providers (ISP:s) to curb online piracy. This would, had the agreement been approved, have led to ISP:s having to police the net. And to police the net, you need to inspect and analyze all internet traffic.

Both approaches are problematic. Especially as international trade agreements normally are negotiated by bureaucrats behind closed doors–in effect impossible to influence for the general public and our elected representatives. This is a serious problem, as these agreements often will have the same impact as laws.

Naturally, you must be able to distinguish between different sorts of IP.

And you must make sure that international trade agreements are in line with important legal principles–as mere conduit in the EU E-Commerce Directive, ensuring that internet service providers are not liable for the information transmitted.

The next international trade agreement that might try to enforce IP rights is the EU-US free trade agreement, TTIP.

Naturally, free trade as in free trade is commendable. And if the interested parties are serious about setting up a transatlantic area of free trade–they ought to go easy on the IP chapter (or leave it out all together).

Any new attempts to enforce certain IP rights by trade agreements will backfire the same way ACTA did.

Links:
Cato Institute on Intellectual Property in Trade Agreements »
The ACTA demon rises. Again. And again. And again… »
Electronic Commerce Directive (EU) »
Transatlantic Trade and Investment Partnership (TTIP) »

/ HAX

0

Swedish ISP forcing EU Commission to act on data retention

As you can see from the blog post below, the EU Commission is avoiding the data retention dispute. The European Court of Justice has declared it illegal and in breach with human rights. This is being ignored by some EU member states–such as the UK and Sweden–who have no intention of ending blanket data retention.

But now the Commission will have to get on top of this controversy. Today Swedish ISP Bahnhof and the 5 July-foundation have filed a formal complaint, urging the Commission to take measures to end Swedish data retention.

This will take matters to a new level. The European Commission is obliged to uphold the EU treaties. And as the Charter of Fundamental Rights prohibits data retention (according to the ECJ)–there should be no alternative for the Commission, other than to act against member states not complying with this ban.

From the press release…

“We will fight in Swedish courts to the end but this is not about Bahnhof and our rights. It is about every citizen’s human rights. Bahnhof has always stood up for privacy of communications. We do not intend to retain traffic data about our customers and we are confident that we have the backing of the EU Charter and Court of Justice.”

Read the press release from Bahnhof and the 5 July-foundation here »

/ HAX

1

EU: Commission dodging data retention dispute

EU member states closely associated with US/NSA mass surveillance (such as the UK and Sweden) have made it clear that they have no plans to end mass retention of data about all citizens all tele- and data communications. (The scheme was introduced with the EU data retention directive*.)

This will put the EU Commission between a rock and a hard place.

The Commission is the guardian of the treaties. One integrated part of the EU treaties is the Charter of Fundamental Rights of the European Union. And the European Court of Justice has invalidated the EU directive on data retention–as it is in breach of human rights, according to the Charter.

So, what will the guardians of the treaties do?

For now, there has been nothing but silence from the Commission. Will it continue to dodge the issue, leaving the data retention issue to the member states?

The people in Berlaymont might want to. But I don’t think they can.

It ought to be irrelevant if the breach of the Charter is in an EU directive or in member states national legislation. The Charter trumps both.

This is the opinion of the lawyers at the European Council, the German secretary of justice, the Austrian supreme court and many others. The group of European data protection authorities–the Article 29 Data Protection Working Party–has given a statement along the same lines…

“…national data retention laws and practices should ensure that there is no bulk retention of all kinds of data and that, instead, data are subject to appropriate differentiation, limitation or exception.”

There you have it.

Blanket data retention is a big no-no.

Sooner or later, the European Commission will have to confront EU member states who persist in carrying out this form of mass surveillance.

/ HAX

* Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC.

1