17 Sep 2014

Public Oversight and The Rule of Law

By Joe McNamee

Between 15th-19th of September, in the week leading up the first year anniversary of the 13 Necessary and Proportionate Principles, EDRi, the EFF and the coalition behind the Principles will be conducting a Week of Action explaining some of the key guiding principles for surveillance law reform. Every day, we’ll take on a different part of the principles, exploring what’s at stake and what we need to do to bring intelligence agencies and the police back under the rule of law. You can read the complete set of posts at: https://necessaryandproportionate.org/anniversary. The Principles were first launched at the 24th Session of the United Nations Human Rights Council in Geneva on 20 September 2013.

Let’s send a message to Member States at the United Nations and wherever else folks are tackling surveillance law reform: surveillance law can no longer ignore our human rights. Follow our discussion on twitter with the hashtag: #privacyisaright

One of the most striking elements of the surveillance practices is the extent to which laws and judicial procedures have been breached, ignored and undermined by agencies whose tasks it is to uphold the rule of law.

Before the Snowden revelations, the world had drifted into an unconscious acceptance that existing and unquestioned principles of law were somehow no longer valid. The most striking example of this was the report on the “use of the Internet for terrorism purposes“ (PDF) that was published by the United Nations Office on Drugs and Crime in 2012. That report actively encourages United Nations member states to establish “informal relationships or understandings with ISPs (both domestic and foreign) that might hold data relevant for law enforcement purposes about procedures for making such data available for law enforcement investigations.” These “informal relationships” seem to be exactly what the International Covenant on Civil and Political Rights (ICCPR) prohibits in Article 17, which states that “no one shall be subjected to arbitrary or unlawful interference with his privacy”.

The same UNODC report called for long-term storage of communications data of innocent individuals. It did this despite the fact that there is no evidence that such an extensive intrusion into the privacy of innocent individuals is necessary or proportionate. Indeed, since the report was published by the UNODC, the European Court of Justice has ruled (PDF) that such measures are contrary to the primary law of the European Union. As a result, the EU’s Data Retention Directive was declared invalid. This Directive was adopted in 2006, even though no evidence of necessity or proportionality was provided when the legislation was proposed. More shockingly, EU Member States that did not consider the measures to be necessary in a democratic society were taken to court by the European Commission to force them to transpose the legislation in their jurisdictions.

The impunity that led to the EU Directive to be adopted and enforced was also evident in an “evaluation report“ (PDF) adopted by the European Commission in 2012. That report was forced to recognise that one of the three main reasons for proposing the legislation in the first place – ensuring cross-border access to historical records – was statistically insignificant in practice. The European Commission felt that it was politically safe to take the position that this could be explained by cross-border access being facilitated by “domestic operators” “rather than launching mutual legal assistance procedure [sic] which may be time consuming without any guarantee that access to data will be granted”. No Member State – and no press publication – publicly raised any concern that data was being extracted about citizens, across borders, without authorisation, in situations where national judiciaries would not necessarily grant access to the data.

We cannot uphold the law by breaking the law. We cannot fight lawlessness by undermining the rule of law with impunity.

15 Sep 2014

FNF 2014: Brussels privacy advocates summit to tackle surveillance, censorship, net discrimination

By Kirsten Fiedler

header-fnf14Between 26 and 29 September, the annual Freedom not Fear (FNF) conference and barcamp will take place in Brussels. As every year, the action days are challenging the false dichotomy that better security comes at a price: the abandonment of our privacy rights.

On Friday evening, the event will be kicked off with a keynote speech by Simon Davies, publisher of the Privacy Surgeon and co-founder of Privacy International, who recently released the first global analysis of the impact of the Snowden revelations. He will be joined by Paul Nemitz, Director at DG Justice of the European Commission, for a discussion of the data protection reform and the future of the EU-US umbrella and Safe Harbor agreements.

During the weekend, there will be speakers and workshops on a wide range of topics including Glyn Moody on the Trans-Atlantic Trade Agreement (TTIP/TAFTA) and Jillian York on surveillance. The barcamp style event will allow participants to propose additional ad-hoc presentations or workshops in an open environment. On Sunday evening, there will be a screening of the documentary “The Internet’s Own Boy: The Story of Aaron Swartz”. See the full schedule .

On Monday, participants of the conference will have the possibility to experience EU policy-making first-hand with a visit of the European Parliament. On that day, the Parliament will be very busy with the first hearings of the “Juncker team” and a meeting of the Civil Liberties, Justice and Home Affairs committee.

Supporters of this year’s Freedom not Fear are, among many others, European Digital Rights, the Electronic Frontier Foundation, Digitale Gesellschaft, Access, NURPA, digitalcourage…

Download the poster (PDF):


10 Sep 2014

TTIP: where the Good Samaritan meets the Trojan Horse

By Joe McNamee

The EU and US are currently negotiating a Trans-Atlantic Trade and Investment Partnership (TTIP). The US negotiator, the United States Trade Representative, is reported to be soliciting support for inclusion of provisions from Article 230 of the Communications Decency Act (CDA) in TTIP and other trade agreements being negotiated by the US. So far so good – the CDA creates liability protections for internet intermediaries, thereby reducing the risk of restrictive measures being imposed by them.

As EU intermediaries already have liability protections, there is little incentive for the US to try to implement the CDA in Europe. However, what the CDA has that EU legislation does not have is a “good Samaritan” clause. This gives intermediaries the right to police and punish infringements via voluntary actions that they take “in good faith”.

US intermediaries, despite their liability protections, have been rushing to undertake private policing and punishment measures at the request of the US government. Payment providers have a deal with the White House to block payments accused of breaching US copyright law, internet advertisers have a deal with the White House to take punitive action against online services accused of breaching copyright law, Google voluntarily exports US law to the rest of the world and de-indexes and demotes search results. The US realises that it doesn’t need intermediary liability, it simply needs US companies operating globally to have the freedom to impose US law worldwide based on US political considerations.

The similarity between section 104 of the failed Stop Online Piracy Act (SOPA) and the “Good Samaritan” provision of the CDA is also worthy of note:


“(…) and no liability for damages to any person shall be granted against, a service provider, payment network provider, Internet advertising service, advertiser, Internet search engine, domain name registry, or domain name registrar for taking any action — with respect to an Internet site, or otherwise voluntarily blocking access to or ending financial affiliation with an Internet site, in the reasonable belief that (…)”


“No provider or user of an interactive computer service shall be held liable on account of –
(A) any action voluntarily taken in good faith to restrict access to or availability of material that the provider or user considers…”

Of course, anything that would be included in TTIP would have a horizontal effect – covering all issues and not just ill-defined “decent” or “indecent” images.

To be fair to the US negotiators, there is a fairly obvious strategic advantage for the USA to try to create a situation where US law is imposed globally by US companies at the request of the US government. Their vocabulary is also clever: who could oppose decency or good Samaritans? The question is whether the EU would be so short-sighted as to fall for this ploy? Experience from the ACTA negotiations and NETmundial suggests that it just might be.

Anti-Counterfeiting Trade Agreement, ACTA

NETmundial Multistakeholder Statement (24.04.2014)

Section 230 of the Communications Decency Act

2011 US Intellectual Property Enforcement Annual Report on Intellectual Property Enforcement

White House announces ad network “best practices” (15.07.2013)

(Contribution by Joe McNamee, EDRi)



10 Sep 2014

Finnish copyright initiative: Unbalanced expert hearings

By Heini Järvinen

In its meeting on 9 September, the Education and Culture Committee of the Finnish parliament decided to continue the expert hearings for the citizens’ initiative on an update to the copyright legislation, “Common Sense For Copyright”. The decision was somewhat unexpected and a positive surprise, as the original agenda of the meeting stated that the series of experts hearings were to be concluded.

The main goal of the initiative is to correct exaggerated interpretations of the current copyright laws, especially regarding network monitoring and compensation.

After the preliminary hearing of the experts from the Ministry of Education and Culture, the Education and Culture Committee has heard experts in two separate hearings, and requested and received six written opinions. Five out of eight experts that have been heard so far (rightholders, organisations representing rightholders, private enterprises) have possibly strong commercial interests in defending current copyright laws and interpretations. Five out of six written opinions were delivered by organisations representing rightholders. Representatives of teachers, DJs or gaming and software industry have not been consulted during the process.

In a letter, Joonas Pekkanen, representative of the citizens’ initiative, reminded the Education and Culture Committee that independent academic experts such as the Finnish Competition and Consumer Authority (FCCA) and Olli Vilanka, who recently defended his doctoral thesis on how the interpretation of the current copyright legislation leads often to narrowing down other fundamental rights, should be consulted.

“The Committee should guarantee a fair processing of the initiative, and include consulting of recent academic research on the subject. The initiative must not be swept under the carpet after hearing only the point of views of parties that have already been heard, and who have strong self-interest in taking a certain position,” he added.

He also suggested that the Committee should ask the Constitutional Law Committee of the Parliament to provide their statement regarding the initiative.

“The initiative includes issues that might profit from the point of view of the Constitutional Law Committee. But it’s the responsibility of the Education and Culture Committee to decide if that’s necessary, and I don’t know whether they are planning to request a statement,” told Johannes Koskinen, the chairman of the Constitutional Law Committee, to EDRi-gram prior to the Committee meeting. “It would be good to handle these issues with care and consideration, not in one big lump, but giving every point the attention it requires,” he added.

Even if the Education and Culture Committee decided to continue the experts hearings by asking for the written opinions from the FCCA and Olli Vilanka, as suggested by Pekkanen, as well as from Rainer Oesch, professor at the University of Helsinki, it didn’t, however, see it necessary to proceed with Pekkanen’s suggestion to request a statement from the Constitutional Law Committee.

Finnish Citizens Initiative – Common Sense For Copyright

Copyright narrows down the citizens’ right to science and culture (only in Finnish, 04.09.2014)

Copyright 2014 seminar in Citizen Info (only in Finnish)

Joonas Pekkanen’s letter to the Education and Culture Committee of the Finnish Parliament (07.09.2014)

Minutes of the 9 September meeting of the Education and Culture Committee (only in Finnish, 09.09.2014)

EDRi: Finnish Parliament argued over the copyright initiative (21.05.2014)



10 Sep 2014

Germany exports surveillance technologies to human rights violators

By Guest author

From Mexico to Mozambique to Pakistan and beyond, there is now ample evidence that governments across the globe are using mass surveillance technologies to spy on their citizens. Who makes these technologies? And who benefits from their sales?

Germany is a major exporter of these technologies and , at the same time as digital communications privacy has become a red-hot topic for the German public, the country has become an ever-more central actor in this field.

By cross-referencing information from a massive data leak in mid-August with the results of a recent parliamentary inquiry in Germany, we have come to suspect that the majority of surveillance technologies produced by German companies have been bought and sold under the table – in other words, without a license. The German government requires licenses for the sale of technologies that are considered to be “dual use” – products that can be used for both good and ill.

At the centre of the inquiry lies the British-German company Gamma International, maker of the now infamous FinFisher surveillance toolset. Unsuspecting targets of surveillance typically end up downloading FinFisher unknowingly, just by clicking on a seemingly innocent link or email attachment. Once installed, the tool allows the user to access all stored information and monitor even encrypted communication. Keystrokes can be logged, Skype conversations recorded and cameras and microphones can be activated remotely.

Members of Germany’s parliament recently conducted an inquiry into the sale of surveillance technologies to foreign governments. In response, the German government stated that over the past decade, it has provided German companies with licenses to export surveillance technologies to at least 25 countries, many of which have long histories of human rights abuse.

The answers provided by the German government are difficult to interpret, as their documentation covers any IT system that includes surveillance technology “components”. For example, a complete national telephone system that is sold for 10 million USD in total might include a surveillance component that costs 2 million USD – but the product is listed in public documentation as 10 million USD worth of exported goods which include licensed surveillance technologies.

Importantly, the German government explicitly denied having received any request from Gamma for a license to export their FinFisher product to Bahrain or Ethiopia. Official German government documentation also does not mention exports to countries like Bangladesh, Netherlands, Estonia, Australia, Mongolia, Bahrain and Nigeria, yet there is ample evidence that FinFisher has been sold to these countries. Documents in the leaked FinFisher dump and analysis by Privacy International, suggest to us that Gamma has sold these technologies without any export licence at all.

What does this mean for the German trade in surveillance technologies? Sales of licensed surveillance technologies are tiny in comparison to the sales of unlicensed exports of FinFisher, let alone other surveillance products. Gamma is currently selling more surveillance tech than all of its other licensed exports combined. And this is just one single company – there are likely others in Germany following this business strategy. The significant gap between licensed and unlicensed elements of the surveillance technology industry shows the need for urgent and clear international regulation.

The German government also stated that it will further lobby to regulate surveillance technologies that harm human rights, a positive development that reflects an understanding of the seriousness of the issue. In light of these latest revelations, and the desire of certain parties to make this a key political issue, it is to be hoped that further changes can be made to prevent even more dangerous technologies from being exported to repressive regimes. Findings like these suggest to us that greater regulation is needed in this sector.

Leaked documents from FinFisher show that the company now believes they are or may soon be subject to export restrictions in Germany, a fact that appears to have prompted them to begin asking their clients for additional information about what the exports will be used for – this is the type of information they would need in order to comply with German export control regulations. This suggests that export regulations for surveillance technologies may be having an impact before becoming law

German companies are selling unlicensed surveillance technologies to human rights violators – and making millions (05.09.2014)

Tag Archives: FinFisher

Privacy International calls on HMRC to investigate Gamma International’s potential breach of UK export laws (26.12.2012)

EDRi: Turkish government to acquire a tool to censor social media? (18.06.2014)

(Contribution by Ben Wagner and Claudio Guarnieri, Centre for Internet & Human Rights, European University Viadrina)



10 Sep 2014

The Principles Week of Action: A world without mass surveillance

By Guest author

Between 15 and 19 September, several digital rights organisations, including EDRi and many of its members, will be celebrating the first anniversary of the 13 International Principles on the Application of Human Rights to Communications Surveillance. The Principles were first launched in the Palais des Nations in Geneva on 20 September 2013.

Drawing on international law and jurisprudence, the Principles articulate the obligations of governments under international human rights law in the digital age. The Principles are a product of a collaborative effort of privacy experts, human rights lawyers and civil society groups. They provide a tool to evaluate and help reform governments’ surveillance practices.

On the occasion of their first anniversary, a series of blog posts will be published in order to raise awareness on global mass surveillance issues such as metadata, data retention, transparency and the integrity of communications. EDRi member Access is also hoping to publish an implementation guide providing more details on how to apply the Principles into law.

Finally, as part of this week of action, Access will be coordinating the presentation of awards to those who have championed the Principles and a negative prize for those who have worked against the Principles. The public can participate in nominating the candidates – individuals, government officials, agencies, or companies – for these awards before 12 September. Awards’ winners will be announced during the Week of Action.

The 13 Necessary and Proportionate Principles

Principles Questionnaire Form: Help us celebrate the one-year anniversary of the Principles!

(Contribution by Estelle Massé, EDRi member Access, International)



10 Sep 2014

Internet Governance Forum and Internet Ungovernance Forum

By Guest author

The ninth Internet Governance Forum (IGF) was held in Istanbul, Turkey, on 2-5 September. EDRi member Alternative Informatics Association (AIA) submitted four proposals to the IGF, but all of them were rejected. As a result, AIA decided to organise a parallel event, the Internet Ungovernance Forum (IUF). The IUF attracted considerable interest among Internet researchers and activists who wished to address urgent issues, such as censorship and surveillance, in a more inclusive manner.

AIA also participated in the IGF with a booth, and spoke at some workshops. Delegates at the IGF were able to enjoy something that Turkish citizens outside can only dream of – an open and uncensored access to the internet. Turkey blocks approximately 51,000 domains .

Janis Karklins, the head of the Multistakeholder Advisory Group in the IGF contacted the AIA and requested a meeting in the IUF where he was prepared to answer “hard questions.” Despite criticism, he insisted during the meeting that the IGF is an inclusive platform where all stakeholders can participate and the selection criteria is transparent.

Edward Snowden was to deliver the closing speech by video conference in the IUF which he had to cancel last minute due to technical problems. However, he submitted a written statement.

“In an ideal world, governments would respect the free speech rights of their citizens enough to not filter their Internet communications,” he said in his message. “Sadly, we do not yet live in that world. Perhaps in time, governments will realize that the serious cybersecurity and foreign-surveillance threats posed by censorship equipment outweigh whatever supposed benefits of national stability and control that they bring,” he concluded.

Julian Assange agreed to deliver the closing speech in Snowden’s stead. He answered questions from the audience and drew attention to the strategic relationship and data transfers between the NSA and Google.

Next year the IGF will be held in Brazil. AIA plans to contact fellow NGOs in Brazil to discuss the opportunities for jointly organising or supporting a side event during the IGF – as Internet Governance remains to be an extremely important but a neglected area among those who strive for a free Internet.

Statement to Internet Ungovernance Forum by Edward Snowden (05.09.2014)

Protecting the open internet: the Internet Governance Forum in Turkey (05.09.2014)

UN Internet Governance Forum sees new challengers, from top down and bottom up (08.09.2014)

The Not-Mundial Initiative: Governance and Ungovernance in Istanbul (29.08.2014)

Internet nation? (05.09.2014)

Internet Governance Forum and Internet Ungovernance Forum (only in Turkish, 05.09.2014)

EDRi: Internet Ungovernance Forum – civil society counterbalance to IGF (27.08.2014)

(Contribution by Melih Kirlidog, EDRi member Alternatif Bilisim, Turkey)



10 Sep 2014

Open letter to Google’s Advisory Council on the “right to be forgotten”

By Kirsten Fiedler

On 9 September, European and international civil rights organisations submitted an open letter (pdf) to Google’s Advisory Council on their assessment of the so-called “right to be forgotten”.

The groups urge the Council’s members to avoid inadvertently delaying the adoption of the data protection reform package. They remind the members of the urgent need for legal safeguards in cases where courts place unclear obligations on internet intermediaries to interfere with online communications (which cannot be replaced by the Council’s findings) and call on them to shed more light on the mission and objectives of this European tour.

As the ruling has been largely misrepresented by parts of the press, the letter first clarifies some of the misunderstandings that have circulated about the context and scope of the ruling:

When the CJEU ruled on the case, the press reported the decision as an example of a new “right to be forgotten,” even though such a right is not articulated in the legislation on which the ruling is based. The media coverage created the mistaken impression that Google would have to start deleting information from the internet (or its own index) whenever an EU citizens asked the search engine to do so, if information was irrelevant, inaccurate, outdated or excessive. The court specified that search results based on a person’s name are to be removed if the request meets the criteria laid out in the ruling. However, not only will the information remain on the internet, but it will remain in Google’s index.

The civil rights organisations then emphasise the need for a quick conclusion of the current data protection reform, not least because the Snowden revelations have shown that strong and reliable rules are crucial for citizens’ rights to privacy and data protection:

This need has been acknowledged by several companies, including Google, through their participation in the movement for global government surveillance reform. This movement recognises the need for governments to take action in order to protect their citizens’ safety and security and advises for the review of current laws and practices.

The full letter can be accessed here: https://edri.org/wp-content/uploads/2013/09/Open-Letter-to-Google-Advisory-Council.pdf

Bits of Freedom
Chaos Computer Club (CCC)
Digitale Gesellschaft
European Digital Rights (EDRi)
Initiative für Netzfreiheit
Panoptykon Foundation

EDRi: Google’s right to be forgotten – industrial scale misinformation? (09.06.2014)

EDRi: Google and the right to be forgotten – the truth is out there (02.07.2014)

EDRi: Good Lord! Lords forget their own right to be forgotten analysis (31.07.2014)

EDRi: Google now supports AND opposes the “right to be forgotten” (27.08.2014)



27 Aug 2014

Online freedoms in Serbia still under threat, analysis shows

By Guest author

SHARE Foundation, an organisation dedicated to protecting digital rights in Serbia, analysed the state of online media freedoms in the country. Examples of technical attacks on media websites, threats and insults to online journalists show a worrying trend of pressure in the digital environment.

During the devastating floods that hit Serbia and the region in May 2014, many cases were witnessed where freedom of expression and information online were endangered. Websites that published information criticising the actions of the Serbian government during the floods were attacked and the entire blog section on a popular daily newspaper website was taken down after a satirical post. Also, citizens were questioned by the police because they expressed their opinion on social media. In the following two months, the situation did not improve to an appreciable extent.

These issues caused reactions from the international community. OSCE Representative on Freedom of the Media, Dunja Mijatovic, expressed her concerns because of the incidents, while the Head of the European Union Delegation in Serbia, Michael Davenport, and the United States Ambassador to Serbia, Michael Kirby, called for the respect of the right to free speech on the Internet. Member of the European Parliament Marietje Schaake sent a letter to European Commissioner Stefan Füle regarding the media situation in Serbia.

Several Serbian media websites, as well as a blog written by two journalists, could not be accessed on multiple occasions due to offensive technical measures, such as distributed denial-of-service (DdoS) attacks. For example, pescanik.net, a web portal of an independent radio station promoting civil society values, was attacked during June 2014 after it published articles about the allegedly plagiarised PhD thesis of the Serbian Minister of Internal Affairs and the allegedly non-existent London PhD of the former rector of a well-known private university in Serbia. One of the authors of the articles about the PhD scandals claimed that her private email correspondence has been illegally accessed. Another example is the website of the daily newspaper Kurir, which was also attacked and made inaccessible several times, the most recent attack occurring on 10 August 2014. It should be noted that these are not the first cases of media websites being under attack. Last December, the website of the Center for Investigative Journalism of Serbia (CINS) was hacked after it published a story about self-censorship in the Serbian online media. They suffered technical attacks again this February.

Pressure on journalists has also become frequent in Serbia, especially on the local level. Natalija Miletic, a Serbian journalist working in Germany, asked Prime Minister of Serbia Aleksandar Vucic questions about alleged media censorship and plagiarism during a joint press conference in Berlin with German Chancellor Angela Merkel. She did not receive answers. After the conference the Serbian Embassy in Berlin told her not to request press passes in the future. RTV journalist Mladenovac Dragan Nikolic was arrested because of a post on his Facebook profile about the recent floods – because he allegedly “damaged the reputation” of a high-ranking official of the ruling Serbian Progressive Party (SPP).

These examples taken from the analysis by the SHARE Foundation show that the state of freedom of expression and media in the Serbian online sphere is of considerable concern. The great number of different cases that happened during the past two months highlights that state bodies need to be more active in solving problems and reacting to violations of digital rights and freedoms. Tendencies of different actors to discourage citizens and media to express themselves freely on the Internet create a “chilling effect” and we must continue our struggle for the Internet as a place of open access, as well as free and decentralised exchange of information. It is very important to openly speak about all problems that endanger freedom of speech and information on the Internet so they do not become “business as usual”.

To create awareness for freedom of speech and other digital civil rights issues in the region, EDRi, the SHARE Foundation and Wikimedia are organising an event “Energise! Network! Mobilise!” on 4-5 September in Belgrade, Serbia. The two-day event consisting of panels and workshops will gather activists, civil society organisations and citizens interested in learning more about these issues to exchange their experiences, share knowledge and network.

Analysis of Internet freedoms in Serbia

Energise! Network! Mobilise! in Belgrade, 4-5 September

Internet remembers everything

Government online censorship in Serbia worrying trend, says OSCE media freedom representative (27.05.2014)

Letter to Štefan Füle concerning censorship in Serbia (11.06.2014)

The big Serbian information shutdown (07.07.2014)

Online and citizen media on a turning point: if they wish, web platforms can be equalled with media (06.08.2014)

(Contribution by Bojan Perkov, SHARE Foundation, Serbia)



27 Aug 2014

Europe vs. Facebook class action attracts over 60 000 plaintiffs

By Guest author

Privacy activist Max Schrems, founder of the “Europe-v-Facebook” initiative, is known for his battles involving Internet social network giant Facebook. However, all the lawsuits he filed in Ireland haven’t led to meaningful outcomes, so far.

Therefore, Mr. Schrems now takes a different approach, by suing Facebook Ireland Ltd. This time he has filed suit in front of a court in his home country, Austria, and he asked the public to join him: it was possible for any Facebook user of age who is not located in the USA or Canada to join the legal battle against Facebook’s numerous alleged violations of European privacy laws. This is due to the fact that every Facebook user worldwide, living outside of the US or Canada, has a contract with Facebook Ireland Ltd. Mr. Schrems is claiming 500 Euro in symbolic damages per contributing joint plaintiff for alleged privacy violations such as Facebook contributing to NSA´s PRISM program, Graph Search, the Facebook app or third party tracking via “Like Buttons”.

Within just a few days, more than 25 000 people signed up at www.fbclaim.com in order to participate in the class action suit. This turned the initiative, almost overnight, into the largest privacy class action throughout Europe. It also forced Europe-v-Facebook to close the registration early, as every joint plaintiff has to be reviewed separately. However, one can still register as an interested person. Max Schrems and his team may later decide to add more registered users to the class action. Also, an increasing number of people who indicate they want to take part in the class action may strengthen the public position of Mr. Schrems and his team.

On 21 August, the group took their first successful step in the legal proceedings: the Vienna Regional Court ordered Facebook Ireland to respond to the class action within four weeks, with a possibility that thedeadline could get extended by four further weeks.

At the time as the court order was announced, already more than 35 000 additional individuals had registered at www.fbclaim.com.

Facebook class action: Registration for interested parties

Class action against Facebook attracts 60,000 users (21.08.2014)

Facebook needs to defend Austrian privacy violation case (22.08.2014)

Press Announcment: Class Action: Facebook ordered to submit counterstatement (21.08.2014)

Vienna Regional Court: Request for Facebook to respond (19.08.2014)

Facebook class action – FAQ

(Contribution by Josef Irnberger, EDRi-member Initiative für Netzfreiheit, Austria)