EDRI-gram Nieuwsbrief - 12 januari 2011

1. Web blocking discussions in European Parliament reach critical stage

The European Parliament is currently at a crucial stage in the discussions on the European Commission's proposals on web blocking. The MEP in charge, Roberta Angelilli, has presented her draft report, other parliamentarians have until 20 January to propose other amendments and an “orientation vote” which will informally set Parliament policy on issues of general agreement will take place on 3 February.

Despite the fact that the original proposal was made by the Commission in March 2009, the level of debate has not developed to any great extent after almost two years of discussion. The fact that the Commission failed to provide any evidence from countries that already block websites has not had any positive impact whatsoever. The fact that blocking is increasingly irrelevant due to the use of P2P and hacked servers instead of static “blockable” websites or the fact that blocking will give criminals immediate warning that they have been detected are of no particular importance in the debate. Indeed, even the actual purpose of blocking - accidental access, deliberate access or something else - is not an issue which has been discussed in any detail.

Nonetheless, in the debate held in the Civil Liberties Committee on 10 January 2011, eleven of the twelve parliamentarians who spoke were opposed to the introduction of mandatory EU-wide blocking, German conservative MEP Axel Voss being the sole exception. Roberta Angelilli's position is somewhat unclear - in the legally binding articles of her report, she suggests making blocking optional. However, in the explanatory “recitals”, she suggests that mechanisms “be put in place to block access from the Union's territory to internet pages identified as containing or disseminating child pornography” and promotes the concept that Internet access providers should take on the role of extra-judicial censors.

With regard to extra-judicial blocking, the Commission supports this approach, despite having stated in an impact assessment in 2007 that “the adoption of blocking measures necessarily implies a restriction of human rights, in particular the freedom of expression and therefore, it can only be imposed by law”.

The blocking proposal has even led the European Commission to enter the public affairs market. On 12 January, they cooperated with the Child Exploitation and Online Protection Centre (CEOP - affiliated to the UK police Serious Organised Crime Agency) to transport parliamentarians to London for a day of pro-blocking lobbying.

2. EU Commissioner criticises US for the data protection negotiations

Following a meeting she had in December 2010 with US attorney general Eric Holder and Interior Minister Janet Napolitano, the EU Justice Commissioner Viviane Reding expressed her concern on what she believed to be a lack of interest of the US officials regarding the data protection agreement to be negotiated between EU and US.

“The meeting turned out to be somewhat disappointing on data protection. From the outset, we have noted an apparent lack of interest on the US side to talk seriously about data protection,” Ms Reding said in a statement adding that the US have not appointed a negotiator yet. The US administration disagreed with Ms. Reding and William Kennard, the United States ambassador to the European Union, stated that in his opinion things had moved ahead and that, in order to decide on the negotiator, the US administration needed to better understand what EU negotiators wanted to include in the agreement.

The EU-US data-sharing agreement (so-called SWIFT deal) that gives US authorities access to bank transfer information for anti-terrorism purposes was rejected by EU legislature in February 2010 pending better data protection conditions. An agreement became operational in August 2010 when further protections were added to the SWIFT deal, such as the presence of an EU supervisor in Washington to check that no abuse occurs. In the meantime, US authorities continue talks for the existing EU-US PNR (Passenger Name Record) exchange agreement which obliges airlines to send details on passengers flying to USA that are to be cross-checked with the US terrorist watch list.

The scope of the data use is wider than the European Parliament is comfortable with. EP is asking for a high level of protection of the transferred personal data (such as PNR data and financial information) and wants a charter of rights outlining the fundamental principles that should stand at the basis of future data-sharing, covering also bilateral agreements.

According to leaked information, the US authorities have several parallel bilateral data sharing agreements with European governments.“Member states do business with the US and don't tell anyone, not even their own parliaments. So the things the European Parliament can do on PNR for instance, are marginal, because if Washington doesn't get it that way, they do it bilaterally,” stated MEP Sophie in't Veld. The EU wants citizens to get the right to rectify and delete data and to go to court in case of data misuse and asks for a more proportionate use of the data by the authorities.

Reding wants to obtain limitations of retained data , a strict ban on the transfer of data to other countries and asks for an independent data protection supervisor to be appointed by the US for the supervision of the authorities' use of citizen data, as there is in Europe.

3. IPR Enforcement Plan: Blocking, filtering and monitoring via injunction

Just before Christmas, the European Commission published its report on the application of the IPR Enforcement Directive. The text, while written in fairly neutral terms, does subtly show the Commission's plans for the enforcement of intellectual property rights and the dangers that these hold for citizens' rights. Two points in particular stand out - the circumvention of the E-Commerce Directive, in particular to overturn the ban on imposing a “general obligation to monitor” on Internet providers, and the intended weakening of the EU's data protection regime for the benefit of copyright holders.

A.General obligation to monitor
The text explains that in order to have injunctions work “efficiently, it could be useful to clarify that injunctions should not depend on the liability of the intermediary”. As the “no obligation to monitor” obligation in the E-Commerce Directive is part of the intermediary liability section of the Directive, this “clarification” in any revision of the Directive would aim to give Member States the green light to impose monitoring and blocking obligations on Internet intermediaries.

One example of how this would work in practice can be found in the Belgian Scarlet/Sabam case, which is currently before the European Court of Justice. In that case, the lower Belgian court decided that the Internet Provider Scarlet was obliged to implement software on its network which would block all “infringing” communications (identified automatically via software) of sound files transferred via peer to peer over its network.

Commissioner Malmström, who said in May 2010 that the “Commission has absolutely no plans to propose blocking of other types of content” (apart from child abuse images) and who promised to “personally very strongly oppose any such idea” has so far been silent on this issue.

Furthermore, the findings reported in the Staff Working Paper that accompanies this Report indicate that the currently available laws are not strong enough to combat infringements of intellectual property rights effectively, so it proposes deputizing internet intermediaries in an extra-judicial policing role. “Given intermediaries' favourable position to contribute to the prevention and termination of online infringements, the Commission could explore how to involve them more closely.”

B. Data protection
The Communication also seeks to undermine the fundamental right to privacy by implying that a “rebalancing” is necessary between the right to privacy and the right to property, as defined in the EU Charter on Fundamental Rights. This has been one of the key demands of the content industry, which argues that industry (that should be involved more closely in the enforcement of IPR according to the Commission) should have greater rights to use consumer data in order to police and prosecute their own clients.

The following text is from page 7 of the report: “National laws implementing the various directives must therefore be construed in a way that allows a balance to be struck between these rights in each case in order to guarantee that the provision on the right of information can protect the rightholders effectively without compromising rights relating to the protection of personal data.”

The Communication is part of a consultation and replies should be received by 31 March 2011. All citizens who care about fundamental rights should respond to the Communication.

4. New media law in Hungary allows Internet censorship

On 1 January 2011, a new Hungarian media law entered into force, giving the government the power to control the Internet, endangering the freedom of speech and journalism in general.

As Hungary took over the EU Presidency on 6 January 2011, in a context where there are strong attempts from various EU governments to censor the Internet, the Hungarian authorities started the year with a new law giving excessive powers and control to the government over the public media including Internet content.

According to the newly introduced law, all media must be registered and the licences may be suspended or withdrawn for breaches. The text does not distinguish between different types of media - traditional broadcasters as well as online platforms have to obey the same standards - and extends the protection against content, ranging from hate speech to unintentional insult and incitement to hatred.

The law introduces the creation of a strong censorship authority which has the power to unilaterally judge content material on the basis of broad and unclearly defined criteria such as the protection of public order or the appropriate information in relation to public affairs.

Perceived breaching of the law may bring forth fines of thousands of Euro which will likely lead to media self-censorship, so much than the text limits the journalists' capacity of protecting their sources, the authority having the power to seize documents and files if it deems necessary (even legally protected data).

The law is largely criticised and opposed by civil liberties organisations, civil groups, media lawyers and even by other EU governments. Werner Hoyer, the German deputy foreign minister stated that in his opinion the media law “does not represent the idea of a union that is built on unity in diversity,” and added that Hungary should not be allowed to speak on violations of free speech in Belarus as “the right to speak in the name of Europe naturally implies a duty to respect internal European norms to be able to represent them to the outside world in credible fashion.” A spokesperson for the French Presidency also stated France wanted the Hungarian media law text to be altered, deeming it “incompatible” with the idea of freedom of the press.

All the Hungarian parliamentary opposition parties said that they would submit an appeal to the country's Constitutional Court. A joint analysis of the Hungarian Civil Liberties Union, the Eötvös Károly Institute and the Hungarian Helsinki Committee, assessing the method and pace of the legislative work of the newly elected Hungarian Parliament, concluded the law violated the principle of the rule of law. A group of Internet citizens, blackout4hungary, initiated a movement calling on all Hungarians to turn their websites black starting with 5 January 2010, as a protest against Internet censorship.

Following a meeting with the EU college of Commissioners on the EU priorities for the next 6 years, the Hungarian Government seems to have a softer attitude and Viktor Orban, the Hungarian Prime Minister admitted that his government needed to ensure that “adverse debate” did not overshadow the Hungarian EU presidency.

Commission President Jose Manuel Barroso stated for the press that he had “received reassurances from the (Hungarian) prime minister that the law is drawn up and will be implemented in full respect of European Union values on media freedom and relevant EU legislation,” and that the Prime Minister “equally made clear that adjustments would be made, should the commission, after a legal assessment, find that this is not the case for all aspects of the law.” The Commission is now to issue a legal opinion on the matter but no official date has yet been established.

5. Polish Supreme Court: All electronic press must be registered

On 15 December 2010, in a cassation proceeding, the Polish Supreme Court decided that all electronic press in Poland must be registered. This decision goes along the line traced by its 2007 decision of the same substance, followed by a corresponding press law amendment proposal by the Ministry of Culture and National Heritage, including obligatory registration of all “electronic press”, both of which were strongly criticized by the Polish legal doctrine and internet community.

Recently, it seemed that things were improving - the 2010 Ministry of Culture's proposition of press law amendment oozed hope, as it included a voluntary registration of “electronic media” (giving those registering the privileges foreseen by the press law such as journalistic secrecy), excluding from its scope the webpages of personal character, in particular blogs. This recent Supreme Court decision however reverses the positive course of the debate and takes Poland three years back in the discussion on free speech on-line. It must be emphasized that such a Supreme Court decision is literally contrary to Polish press law regulation, as it is based on extensive interpretation of criminal press law liability.

The Polish Press Law Act from 26 January 1984 defines “press” as “any periodic publications which do not constitute a closed, uniform entity, appearing no less than once a year, having a regular title or name, current number and date, and in particular: journals, periodicals, news services, regular fax transmissions, bulletins, radio and television programs and film chronicles;” but also “any means of mass media, existing or appearing as a result of technical progress, including broadcasting stations, public television and radio address systems, that broadcast publications periodically as print, picture, sound or using any other broadcasting technique”(Article 7 par. 2 pt. 1). Although arguable, one might consider some examples of electronic publications as constituting press (rather as a particular “mean of mass media”, then a “periodic publication” of a “closed form” with a “current number”). Art. 20 of the Press Law Act requires the registration not of press as such, but only for journals and periodicals. Such registration should be done with a district court at the place of the domicile of the publisher.

The Act defines “journals” (“dzienniki”) as well as “periodicals” (“czasopisma”) in art. 7 par. 2 items 2 and 3. There, a journal is defined as “a periodic print or a transmission of sound or sound and vision of general information, appearing no less than once a week”, (item 2), while “a periodical is a periodic print appearing no more than once a week and no less than once a year; the regulation may also apply appropriately to transmissions of sound or sound and vision other than described in par. 2.” (item 3). According to Press Law Article 45, publishing a journal or a periodical without registration may result in a fine or a criminal sentence of up to 12 months of public service. It ought to be emphasized that the sentence of the 15 December 2010 decision sets the administrator of the subject web-page ( free. The Supreme Court upholds the decision of the Slupsk district court that did find the plaintiff guilty of infringing Press Law Article 45, that is publishing (on-line) a journal or a periodical without registration, however acquitted him due to the minimal public menace of the offence. The Supreme Court decision upholds this sentence, which means that it finds that failure to register an electronic publication constitutes a crime. In an oral statement, the reporting judge commented that the Court did not aim at registering the entire content of the Internet but wished for the obligation of registering press foreseen in Article 7 to be properly obeyed.

It ought to be emphasized that as cited above, Article 7 does not include an obligation to register press as such - this obligation is foreseen in Article 20 and concerns only journals and periodicals, meaning “periodic print or a transmission of sound or sound and vision”, so a rare characteristic for electronic media which are available mainly in written, electronic form.

This decision goes along the line of the 2007 “Szyciepoprzemysku” decision, concerning another electronic publication available solely on-line. The Supreme Court, in its decision from 26 July 2007 (IV KK 174/07) found that the “ deliberations on the fact that, in the light of law, publishing press in electronic form does not require registration are wrong and contrary to entrenched doctrine opinions. (…) It is clear, that the Internet may not be registered (…), just like paper. Paper as such does not have to be registered, however the printed paper must be registered, what is more - not the very paper itself, but rather the activity of printing on it and publishing it in the form of a journal or periodical - meaning press.” It went on to say, that “the person distributing without registration in the suitable district court, a journal or a periodical on the Internet, regardless whether such a distribution is accompanied by a transmission in print, next to its electronic form, or whether it exists solely in the electronic form on the Internet, suffices to recognize the crime described in art 45 of Press Law as having been committed.”

The core problem with the interpretation presented by the Supreme Court lies in the wide responsibility of the web-publisher that in this case is the page-administrator, who, according to the Supreme Court Decision, should be saddled with all the responsibilities of an Editor in Chief of a traditional newspaper. The Polish Press Law foresees this responsibility as encompassing the responsibility for the press material published in the periodical or journal under his authority. Furthermore, there is no legal rule allowing for a clear distinction between the web-pages that require registration and those that do not. Leaving this difficult analysis solely to web-page administrators seems a task far too heavy for them to shoulder. What is more, such an obligation, and - following the suggestion of the Supreme Court - the punishment of the ones who do not fulfil it should be considered a breach of one of the basic rules of criminal law: nullum crimen sine lege certa et stricta (this argument was also raised by the defendant accused in the “Gazeta Bytowska” case and by the Helsinki Federation). There is no “clear” and “certain” rule of law that tells the web-administrators of a certain category of web-pages that it is their duty to register their webpage (a webpage of a certain sort, as it is clear that not all web-pages may be considered journals or periodicals). Interpreting that rule out of the existing regulations is an expanding interpretation of a criminal norm that is inadmissible.

One must not forget that in the Polish legal system, the Supreme Court Decision is binding solely in the particular case. Nonetheless the role that the legal interpretations made by the highest legal instance plays in the further application of legal norms must not be under appreciated. The decision will not be published, as according to Polish procedural regulations this kind of decision (a provisional ruling “postanowienie”) need not be done in writing, when the Court finds the claim “clearly unjustified” and refers to it in an oral statement during a session (such as this case).

6. French law Loppsi 2 adopted by the General Assembly

The so-called Loppsi 2 law (loi d'orientation et de programmation pour la performance de la sécurité intérieure - law on guidelines and programming for the performance of internal security) was approved by the French General Assembly in its second reading on 21 December 2010 with a large majority and is now to go under debate in the Senate in the second reading, in a toughened version.

The law which, among several measures covers a mix of security domains, asks ISPs to block Internet sites deemed to have child pornographic content, now includes a version that will no longer require a previous judicial approval, which is actually against the French Constitution, and which may lead to abuses.

The law also gives the police the power to install remote spyware on PCs, although in this case, under judicial control. Yet, these types of operations seems to have already been undertaken by DRCI (The Direction Centrale du Renseignement Intérieur - Central Directorate of Interior Intelligence) even before the implementation of the law. The approved text also allows for generalised video surveillance in public places. A very worrying and contested measure is that of giving authorities the power to limit the use of public data only to people whose “morality” has been previously verified.

While the draft law waits to enter into its second reading in the Senate, a group of several French liberty groups, union federations, civil associations as well as several political parties have called for a general mobilisation in a protest movement all over the country on 15 January 2011. “This law prepares a control society based on tension and stigmatisations. It materialises the phantasm of the interior enemy and assimilates any contesting act to an attack to the State. It will weaken the prevention and judicial guarantees,” says the call to the manifestation.

RapidShare, the Swiss based file-hosting service, won the appeal against the computer game distributor Atari Europe. In March 2010, Düsseldorf Regional Court ruled that the company had not taken sufficient measures to hinder the distribution of the computer game “Alone in the Dark” via its platform.

The Higher Regional Court of Düsseldorf has now dismissed Atari's claim through an amendment of the original ruling, acknowledging RapidShare's efforts to take measures against the illegal distribution of copyrighted material. The Court also ruled against Atari's demands for a keyword filter and an automatic retrieval and deletion of all files containing certain keywords considering such a measure as unreasonable and creating the risk of also deleting legal files that match the same keywords. Other proposed measures such as a manual verification of suspect files and the removal of links on third party search engines were considered impossible, unreasonable and pointless.

“The ruling demonstrates once again that RapidShare is operating a fully legal range and has taken measures against the misuse of its service which go beyond the level that is legally required. We are confident that copyright holders will gradually come to accept this conclusion,” stated Daniel Raimer, RapidShare's lawyer and spokesman.

This is the second decision of the kind taken by the German court in favour of RapidShare. In July 2010 The Higher Regional Court of Düsseldorf ruled against Capelight Pictures giving a similar decision. Also, in May 2009, a US court ruled that RapidShare was not guilty of copyright infringement.

8. ENDitorial: EDRi's data retention workshop at CCC

Two EDRi members, Bits of Freedom and Panoptykon Foundation, together with one observer Patrick Breyer from AK Vorrat, gave a talk on data retention and hosted a workshop for activists during the Chaos Communication Congress (CCC) which is Europe's biggest meeting of the hacking communities and which takes place every year in Berlin. The 27th congress was held under the revealing title “We come in peace”. During four days of meetings, hackers, journalists, activists and a few MEPs discussed the conflicts that threaten freedom in the digital world, the challenges we will face in 2011, technological discoveries made in 2010 and strategies for activism.

What we prepared for this occasion was an hour-long lecture presented along with a dynamic slide show. The presentation was composed of five parts:

  • (i) explanation of how data retention came about and what problems we have with it;
  • (ii) overview of key jurisprudence undermining the principle of blanket data retention;
  • (iii) outcomes of the evaluation process and the state of affairs in the European Commission;
  • (iv) cases of abuse from various Member States; and
  • (v) strategies for further action against data retention.

Our primary goal was to show that the year 2011 will be crucial in the fight against blanket data retention and therefore we need to create a broad activist movement and gain more social support to make our voice heard. We explained how civil society could exert an influence on the decision makers in Brussels and MEPs and what time frames we faced. We stressed the need for an EU-wide shadow report to be drafted by March and published right before the official report by DG Home. Another point was that we needed to gather data on the use of retention data from various EU countries, translate it into clear and convincing messages for the media and prepare a consistent campaigning strategy.

These needs and initial concepts were elaborated during an informal discussion at our workshop, which was announced in the plenary. CCC gave us this opportunity to organise our own event on the second day meant as a discussion space and informal gathering for activists interested in the data retention campaign. We welcomed about 50 persons who discussed with us practical aspects of the campaign for nearly two hours. The energy was high and we felt that another AK Vorrat-type of mobilisation is possible. As a result of this meeting we decided to set up provisional discussion tools - a wiki and a mailing list - where the conversation may continues. Everybody is welcome to join. You can also do it by e-mailing.

10. Agenda

archief/edri_gram_nieuwsbrief/12_01_11.txt · Laatst gewijzigd: 2017/09/11 21:36 door KapiteinG