23 Apr 2014

Microsoft terms of service – a half-step forward

By Heini Järvinen

A few weeks ago, there was a media storm when it became known that Microsoft was availing of the right that it gives itself, in its terms of service, to search through users’ Hotmail messages. In the aftermath of the media storm, Microsoft took the welcome decision to change its terms of service. In future, if the company receives information that its services are being used to “traffic in stolen intellectual or physical property from Microsoft,” they “will not inspect a customer’s private content”. Definitely a move in the right direction. In addition, Microsoft undertakes to cooperate with the Center for Democracy and Technology (CDT) and the Electronic Frontier Foundation to “strike the balance in other circumstances that involve, on the one hand, consumer privacy interests, and on the other hand, protecting people and the security of Internet services they use.”

On the other side, however, existing terms of service remain in place, to be updated at an undefined moment “in the coming months”. So, the old rules apply as do the new ones. Furthermore, the overarching problem of the entirely unpredictable and wide-ranging “rights” that Microsoft assigns to itself also remain in force. For example: “In the event we take action against you for a violation of this agreement, we may permanently delete, and you may permanently lose, some or all of your content stored on the services and/or we may cancel your services in their entirety. Data that is deleted may be irretrievable.” Microsoft taking action against one of its users does not mean that the user is guilty, just that Microsoft chooses to take action against them. In other words, they can can do what they want, when they want. Microsoft stresses, however, that having that right and using it is not the same thing and argues that it has taken effective action to protect its users by availing of these powers.

So, what could lead Microsoft to take action against a user? Expressing a profanity is a breach of Microsoft’s code of conduct. Vulgarity is a breach of the code of conduct. Including or linking to content that is protected by intellectual property is a breach of the code of conduct (linking to Bing’s image search service, for example, would, in principle, be a literal breach of Microsoft’s terms of service. Microsoft avails of a “fair use” exception to copyright for this service, but does not offer such flexibility to its users). And, of course, any image of, or a link to an image of, Donald Duck would fall foul (fowl?) of the prohibition of “nudity of non-human forms such as cartoons, fantasy art or manga”.

Put simply, it is extremely difficult to avoid being in breach of Microsoft’s terms of service, because they are written in a way which permits Microsoft to do pretty much anything it likes. In the event of a breach – or even without one – “Microsoft reserves the right, at its sole discretion, and without any obligation to do so, to review and remove user-created services and content at will and without notice, and delete content and accounts.”

This approach represents a massive double standard. On the one hand, Microsoft’s terms of service clearly allow it to act in whatever arbitrary fashion it wants. On the other, as part of the Global Network Initiative (GNI), it undertakes to “respect and protect the freedom of expression of their users by seeking to avoid or minimize the impact of government restrictions on freedom of expression, including restrictions on the information available to users and the opportunities for users to create and communicate ideas and information, regardless of frontiers or media of communication.” Governments may not impose restrictions… but we can.

Microsoft isn’t particularly exceptional in this context. Yahoo (another member of the GNI) permits itself, in its “Free Local Website” terms of service to “remove and discard any Content within the Service, for any reason, including, without limitation, if Yahoo believes that you have violated or acted inconsistently with the letter or spirit of the TOS”.

In recent years, EDRi has had countless discussions with Microsoft and the GNI about their inconsistent attitude and the damage that this does to their credibility when dealing with governments. Microsoft’s public acknowledgement that its is seeking to improve its terms of service is the first positive move from a major industry player. The fact that it is undertaking to work with the CDT and EFF to improve the situation is a sign that this could be an industry-leading change of approach. Let’s hope so.

We’re listening: Additional steps to protect your privacy (28.04.2014)
http://blogs.technet.com/b/microsoft_on_the_issues/archive/2014/03/28/we-re-listening-additional-steps-to-protect-your-privacy.aspx

Microsoft’s “code of conduct”
http://windows.microsoft.com/en-us/windows-live/code-of-conduct

Latest reason to quit Hotmail: Microsoft admits to spying on it (21.03.2014)
http://www.huffingtonpost.com/2014/03/21/hotmail-spying_n_5003855.html

ENDitorial: Microsoft’s vision for regulation of communication by private companies (04.07.2012)
https://edri.org/edrigramnumber10-13microsoft-self-regulation-example/

Global Network Initiative
https://www.globalnetworkinitiative.org/

Yahoo’s Terms of Service
https://info.yahoo.com/legal/us/yahoo/localfreewebsite/details.html

(Contribution by Joe McNamee – EDRi)

close
23 Apr 2014

ORG and DigiGes launch campaigns for the European elections

By Heini Järvinen

EDRi members Open Rights Group (ORG), UK, and Digitale Gesellschaft (DigiGes), Germany, have launched their campaigns for the WePromise.eu initiative for the European elections that will be held 22-25 May 2014.

During the next term, European Parliament will face many crucial decisions concerning digital policy, ranging from privacy, copyright and net neutrality to mass surveillance. WePromise.eu campaign aims at having as many digital rights friendly candidates as possible voted as Members of European Parliament in the upcoming elections, to ensure that citizens’ rights are taken into consideration when these decisions are taken. One of the goals of the campaign is also to encourage democratic engagement and participation in the elections, particularly among younger EU citizens.

The campaign is based on a two-sided promise: On the one hand, it asks the candidates to endorse a ten point “Charter of Digital Rights” that supports an open digital environment. On the other hand, citizens across Europe can in turn promise to vote for candidates that have endorsed the Charter.

Besides encouraging citizens to sign up and promise to vote, Open Rights Group’s (ORG) campaign also seeks to activate voters to present their concerns about digital rights to candidates they consider voting for. The ORG campaign site offers citizens an opportunity to contact their candidates directly by sending them an email and asking them to sign the Charter. Digitale Gesellschaft presents on their campaign page a selection of actions and tools for citizens to support the campaign and to promote it via social media.

A month to go before the elections, 188 candidates and over 2200 citizens have signed the Charter.

Open Rights Group – European elections – Vote for your digital rights
https://www.openrightsgroup.org/campaigns/sign-the-wepromise-petition

Digitale Gesellschaft – Contribute: Defend your digital fundamental rights in the EU (only in German)
https://digitalegesellschaft.de/mitmachen/verteidigt-eure-digitalen-grundrechte-der-eu/

WePromise.eu campaign website
https://www.wepromise.eu/

close
23 Apr 2014

Madrid Court rules P2P legal in landmark case against record labels

By Heini Järvinen

Record labels Sony BMG Music Etertainment, Universal Music Spain and Warner Music Spain have been involved in a six year case against Pablo Soto, the developer of napster-esque peer-to-peer (P2P) apps Blubster, Piolet, and Manolito. On the 31 March the Madrid Provincial Court ruled that Soto’s “activity is not only neutral, and perfectly legal, moreover it is protected by article 38 of our Constitution.”

The court recognised that Blubster was designed to allow all forms of audio content to be shared including those protected under free licenses, deciding that Soto “didn’t have any control over users’ actions by giving them the tools, as he wasn’t a mediator between the user and the service”

The ruling has been interpreted as a powerful victory for the legitimacy of P2P networks and applications in Spain.

Record labels lose landmark peer-to-peer judgement in Spain (11.04.2014)
http://news.en.softonic.com/peer-to-peer-now-legal-in-spain

Spanish Court Says “P2P Technology Doesn’t Promote Exploitation” (10.04.2014)
http://www.digitalmusicnews.com/permalink/2014/04/10/p2pspain

Favorable verdict for Pablo Soto (only in Spanish, 31.03.2014)
http://www.scribd.com/doc/217237433/Sentencia-favorable-a-Pablo-Soto

P2P tool is not illegal in itself, confirms Spanish court (only in French, 11.04.2014)
http://www.numerama.com/magazine/29065-un-outil-de-p2p-n-est-pas-illegal-en-soi-confirme-la-justice-espagnole.html

P2P, technology is a mere instrument (only in Italian, 15.04.2014)
http://punto-informatico.it/4031486/PI/News/p2p-tecnologia-mero-strumento.aspx

(Contribution by Andrew Walsh – EDRi intern)

close
23 Apr 2014

Google modifies ToS: “automated systems analyse your content”

By Heini Järvinen

In an update to its Gmail Terms of Service, Google has clarified that all users inbound and outbound email is scanned by automated software. Addressing the decision, a Google spokesperson said “We want our policies to be simple and easy for users to understand. These changes will give people even greater clarity and are based on feedback we’ve received over the last few months”. The updated Terms of Service states the following:

“Our automated systems analyse your content (including emails) to provide you personally relevant product features, such as customised search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.”

The content of emails is scanned in order to facilitate targeted advertising.

“This is not the worst thing Google does … The really dangerous things that Google is doing are things like the information held in Analytics, cookies in advertising and the profiling that it is able to do on individual accounts. It is the amount of information they hold on individuals that should be concerning us, both because that is attractive to government but also sometimes that information leaks out in various ways like the NSA’s use of cookies in general as a means to target users,”

said Jim Killock, Executive Director of EDRi member Open Rights Group.

Gmail does scan all emails, new Google terms clarify (15.04.2014)
http://www.theguardian.com/technology/2014/apr/15/gmail-scans-all-emails-new-google-terms-clarify

Google updates terms of service, includes word of user email scans (15.04.2014)
http://www.computerworld.com/s/article/9247677/Google_updates_terms_of_service_includes_word_of_user_email_scans

It’s official: Gmail scans emails to better target its ads (only in French, 15.04.2014)
http://www.01net.com/editorial/618244/cest-officiel-gmail-scanne-les-courriels-pour-mieux-cibler-sa-publicite/

All sent and received e-mails in Gmail will be analyzed, says Google (16.04.2014)
http://arstechnica.com/business/2014/04/google-adds-to-tos-yes-we-scan-all-your-e-mails/

(Contribution by Andrew Walsh – EDRi intern)

close
23 Apr 2014

Big Brother Awards Germany 2014

By Heini Järvinen

On 11 April 2014 the fourteenth German Big Brother Awards ceremony was held in Bielefeld, Germany. The awards are organised by EDRi member Digitalcourage and the gala was streamed via the Internet and reported by print and broadcast media across Germany. Six “regular” awards were given, and for the first time, a “positive” award was featured as well.

The winner in the Politics category was the German Federal Chancellery (Bundeskanzleramt), which serves the German head of government (i.e. the Chancellor), coordinates government policy across ministries, but also supervises the foreign intelligence agency and any cooperation that three federal German secret services have with each other and with other agencies in Germany or other countries. The BBA jury therefore held the Chancellery responsible for German agencies’ close cooperation with the NSA and other “Five Eyes” secret services, the agencies’ own participation in the NSA surveillance scandal, and not least for the German government’s inaction and reckless negligence in failing to address violations of the German Constitution, and failing to protect German citizens and businesses affected by industrial espionage.

A Transport award went to MeinFernbus GmbH (approx. “My Long-Distance Bus, Ltd”) for obliging passengers to always show an official ID along with travel tickets they booked online, making anonymous bus journeys impossible, contradicting the German Act on Identity Cards. The only way of opting out is to buy tickets at the time of boarding, which is more expensive and carries the risk that all seats are already sold. MeinFernbus is not the only long-distance bus operator to require IDs in their Terms and Conditions. What singles this case out is the fact that they also assign themselves far-reaching and well-hidden rights to share data with third parties, especially if certain payment methods are chosen that involve a “partner” company, Billpay.   For the Technology category, no single “winner” was identified as the award went to “the spies in our cars”, highlighting technological and legislative developments that are gradually introducing full-time monitoring of movements and driving behaviour. One of these developments is “e-Call”, an automatic emergency call system planned by the European Union that will cause a SIM card to be carried by all vehicles. This system does not require the SIM card to be logged into a mobile phone network; it will therefore not necessarily create a trail of movement data. But car manufacturers are adding other services to this technology that do require a continuous mobile data connection. Apart from this, there are several systems present in modern cars already that function much like a flight data recorder, and car manufacturers mostly regard these data as their property, giving themselves the right to read and share this data at various points, most prominently when the car is serviced in an authorised repair shop. Another point of concern are on-board computers, which increasingly use the Android mobile operating system and expose driving-related data to Google and other providers for the purposes of localised information, retrieving the car after a theft, and more.

The award in the Business category was given to CSC (Computer Sciences Corporation), which is currently working on commissions by 10 Federal German Ministries on security-related projects, such as the electronic identity card, the De-Mail project for exchanging legal electronic documents, and the nation-wide firearms registry. At the same time, the parent company functions as the external IT department of US secret services, it has organised rendition flights for the CIA, and the company has so far refused to sign a “Zero Tolerance for Torture” declaration by Reprieve, a UK-based human rights organisation. CSC have variously portrayed their German operations as either separate from or well connected with the US headquarters, depending on what would suit the intended message, but there is evidence for close integration throughout the company and with US and British intelligence agencies.

The Workplace category highlighted the use of surveillance software to monitor call centre workers, focusing on a case where such software is being used by subcontractors of RWE Vertrieb GmbH, the sales subsidiary of Germany’s second-largest energy utility company. The software in use can produce a continuous record of conversations and desktop activities without the workers’ knowledge, and the software maker is Verint, which also produces monitoring technology for secret services such as the NSA.

In the Consumer Protection category, the award went to LG Corp. because their “smart” TV sets transmitted detailed information about what people were watching to the company’s servers in South Korea, via the Internet, including any tracks that users might play from a connected USB device. This was recently discovered by a blogger who also found a relevant setting in the setup menu, but even deactivating this setting did not stop the transmissions.

Not a regular award, but by now a traditional feature of the German Big Brother Awards is the Newspeak award. This year’s contribution highlighted the term “metadata”, reminding us that even though these data do not reveal the actual contents of our communications, they reveal what we do – and this allows deep insights in what we think, where we go, and what we intend to do.

For the first time ever, a positive award was included this year. The “Julia and Winston Award” was named after the “rebellious” main characters in George Orwell’s dystopian novel “1984”, from which the “Big Brother” concept is also taken. The award is to honour persons who have taken an extraordinary stand against surveillance and data collection mania. The winner of this year’s Julia and Winston awards was Edward Snowden. A response was received and played during the gala in the form of a “thank you” video by Jacob Applebaum. The award comes with an endowment of one million – not one million Euro, but one million stickers calling for asylum to be granted to Edward Snowden in Germany. Digitalcourage is sending these stickers free of charge to any volunteers in Germany, asking them to display the stickers in prominent places and document these by emailing images to Digitalcourage and share them on social networks using the hashtag #Snowden.

Big Brother Awards Germany (coverage in English and German)
https://www.bigbrotherawards.de/2014

Digitalcourage shop for ordering Snowden stickers
https://shop.digitalcourage.de/thema/snowden

(Contribution by Sebastian Lisken – EDRi member Digitalcourage – Germany)

close
22 Apr 2014

Finishing my internship with EDRi

By Andrew

The last three months have provided a great opportunity to get first-hand experience observing digital policy in the European decision-making process. I have worked on a number of topics and assisted with the launch of the WePromise.eu campaign. By far the most memorable (and successful) thing I’ve worked on has been the Telecoms Single Market Regulation, which saw net neutrality take a significant step forwards towards being enshrined in EU law.

Getting to this stage hasn’t been easy, and has largely been the result of a collaboration beween EDRi and its member organisations. This development proves that the EU has the capacity to be a world leader on the future of digital policy, and that digital rights will be central to the next parliamentary term. Not everyone was pleased. Telecoms representative ETNO lamented the fact that its ambitions for a two-tier internet designed to account for the loss of revenue that its members can charge on mobile roaming had been defeated. On Twitter, its chairman referred to the amendments as “populist” measures, a fair assessment given that they favour consumers and civil society over discriminatory networks.

Some of the other highlights of my internship have been attending events and meetings with key figures in EU digital policy. These events have been diverse, ranging from discussions on the Trans-Atlantic Trade Investment Partnership, to the ethics of civilian drones. Attending these events can provide a real advantage in getting up to speed with the latest developments. The panellists are often highly informed on the subject and can provide unique perspectives that are otherwise difficult to find. For example, the various occasions in which I saw MEP Marietje Schaake discuss internet governance gave real insight into the status of this issue in Europe. In another discussion, Jacob Appelbaum’s talk on the extent of government surveillance was highly informative and illustrated the threat of hardware-level backdoors in the future.

I would recommend the internship to anyone with a keen interest in digital policy. The office is located extremely close to the European Parliament, making it easy to attend events and meet with key individuals. Interns’ main task is to produce a weekly report – a summary of everything happening on an EU level that concerns digital rights. In producing this report you, gain an awareness of digital policy developments as they happen, which provides a sort of vantage point over the direction this policy will take in the future. This is of great benefit to anyone who wants to get involved with digital policy from the perspective of consumers and civil society.

Perhaps the greatest thing about working with EDRi lies with the fact that it is a European hub for its 36 member organisations, with many lively discussions occurring on a range of topics concerning digital policy. Following these discussions introduced me to a number of digital rights issues that I had not previously considered.

Andrew Walsh

close
15 Apr 2014

Why did UK Labour MEP Arlene McCarthy fail to vote to protect vulnerable children?

By Joe McNamee

On Wednesday 3 April, British Labour MEP Arlene McCarthy sent an urgent e-mail to her colleagues about a vote on “net neutrality” (part of the Telecoms Single Market Regulation) that was scheduled to take place the following day. In her e-mail, she alleged that amendments tabled by the Socialist Group in the European Parliament (of which she is a member) would make the protection of vulnerable children ineffectual. She said that she hoped that her colleagues would join her in voting against the amendments and “ensuring online safety for the most vulnerable in society”.

Screenshot_2014-04-11-15_20_20

(Click image to read McCarthy’s e-mail)

She then left Brussels, failing to turn up for the vote. This was not very surprising, as she missed a total of 1880 votes in the last 5 years and has a voting record worse than 88% of Members of the European Parliament. If she actually believed what she was alleging, on the other hand, it would be surprising.

She explicitly attacked her own Socialist colleague, former French Culture Minister Catherine Trautmann, implicitly also accusing her colleagues from the Liberal, Green and GUE/NGL political groups that had signed those (or identical) amendments, of undermining the protection of children.

Remarkably, Ms McCarthy also took it upon herself to invent proof to back up the case she was making (where she did not even identify the amendments in question). She said that campaign website savetheinternet.eu argued that “preventing online censorship is worth more than protecting children online”. Neither the word “child” nor “children” appears anywhere on that website. This statement was simply never made.

We do not know what was happening elsewhere that Ms McCarthy thought was more important than the allegedly crucial vote in Brussels to protect, according to her, “vulnerable children”. All we know is Ms McCarthy left Brussels and chose not to vote.

In the end, the amendments that Ms McCarthy was presumably referring to were adopted by substantial majorities. In the final vote for the legislative resolution, which included the alleged child unfriendly amendments, all of the British Labour MEPs present voted in favour.

So, what does all of this mean? Well, either McCarthy was right or she was wrong. If she was wrong, then:

  • she has defamed Catherine Trautmann MEP and the MEPs from the other political groups and owes them an apology;
  • she has defamed La Quadrature du Net, Access and EDRi and owes us an apology

If she was right, then:

  • she failed in her duties by prioritising whatever it was she was doing when she was supposed to be voting, which is what is expected of a paid full-time Member of the European Parliament
  • all of her UK Labour colleagues voted, in the final legislative resolution, for measures that undermine child protection
  • Mary Honeyball MEP, “Internet Watch Foundation Champion” voted to undermine the protection of children when she voted for the offending amendment during the unanimous final vote in the Culture and Education Committee.

Ms McCarthy was, of course, completely wrong. For more information on what actually happened, click here.

close
14 Apr 2014

Is Commissioner Malmström accusing herself of violating EU law?

By Joe McNamee

On the 8th of April, the European Court of Justice ruled that Data Retention Directive was incompatible with European law and declared it invalid. Recent comments by Commissioner Cecilia Malmström (whose Home Affairs portfolio covered the Directive) appear to claim that she was always aware of the incompatibility of the Directive with European law.

Addressing journalists in Brussels on Tuesday, DN.se reporter Johan Schück observed the Commissioner say that “the criticism from the ECJ is similar to the objections she herself had against the directive during her time as a MEP”.

More explicitly (albeit also more spuriously), her press release on the ruling “confirms the critical conclusions in terms of proportionality of the Commission’s evaluation report of 2011 on the implementation of the data retention directive”

These two statements that the Commissioner was aware of the incompatibility (whether since her time as a member of the European Parliament or just since 2011) suggest that she failed to respect both her own personal obligations as a Commissioner and the duties of the Commission itself.

On a personal level, Commissioner Malmström swore an oath at the Court in Luxembourg “to respect the Treaties and the Charter of Fundamental Rights of the European Union in the fulfillment of all my duties”. On that day, Commission President Barroso said “the oath of independence and respect for the EU Treaties is more than a symbolic act. The European Commission is a unique institution and the Commissioners have today made clear that they will uphold all the principles and values enshrined in the Treaties and the Charter of Fundamental rights”. All of the principles and values…

In reality, it seems likely that Ms Malmström would have reformed the Directive, if it had not been made very clear to her by Member States that they would not accept a revision of the Directive. She said this unequivocally in a plenary session of the European Parliament in 2012 that she believe that Member States “will not accept any proposal to abolish it.” However, if this is the reason why she did not undertake the revision that she apparently thought was necessary, this too would have been in breach of her oath to “be completely independent” in the carrying out of her obligations and “to neither seek nor take  instructions from any government or from any other institution, body, office or entity.”

On the other hand, maybe, despite the Commissioner’s claims about having been fully aware of the incompatibility of the measure with European law, she might just be innocent of her implicit arguments against herself. After all, in December 2010, she stated:

We have to recognise that data retention is here to stay, and for good reasons. Access to telecommunications data are, at least in some cases, the only way of detecting and prosecuting serious crime. And in some cases it can be vital to exclude individuals from crime scenes and clearing them of suspicion. We do need data retention as an instrument to maintain security in our Member States. – Conference in Brussels, 3rd December 2010.

Similarly, in April 2011, she argued that “overall, the information we have received indicates that data retention subject to EU regulation is indeed a necessary measure”.

So, she knew, she didn’t know, she might have known, she might have wanted to do something, but she believed she would not be supported, but she has a legal obligation to be act independently. To borrow a quotation from a different political era – we are given the impression of a Commissioner who is in office but not in power.

For some historical context, see:
29 February 2012: ENDitorial: Member States turn a drama into a crisis for Commissioner Malmström on data retention
April 2011: Shadow implementation report for the data retention Directive
6 April 2011: ENDitorial: Data retention: Is the EC trying to dig itself out of a hole?

close
09 Apr 2014

ECJ: Data retention directive contravenes European law

By Heini Järvinen

On 8 April, the European Court of Justice ruled that the EU legislation on mass surveillance contravenes European law. The case was brought before the Court by EDRi member Digital Rights Ireland, together with the Austrian Working Group on Data Retention.

While it will take some time to get a clear view of what is going to happen in this policy area, the initial comments from key players may give some clues.

Perhaps the most remarkable comment is from Commissioner Cecilia Malmstroem, who has legal obligation ensure that the Charter of Fundamental Rights is respected. She claimed that her services were fully aware of the incompatibility of the Directive with primary European law for at least three years but chose to do nothing:

“The judgment of the Court brings clarity and confirms the critical conclusions in terms of proportionality of the Commission’s evaluation report of 2011 on the implementation of the data retention directive. The European Commission will now carefully assess the verdict and its impacts.”

The European Court of Justice didn’t provide any guidance on its ruling implications on national legislation. Luxembourg Minister of Justice Félix Braz annouced shortly after the ruling in his statement that “the national legislation, even though it was adopted in application of the invalidated Directive, will remain in place and continue to bind telecom operators”. He added that

“a deep analysis of the national legislation must be conducted to quickly establish whether the respect for fundamental rights in our legislation can be considered as adequate with respect to the ECJ requirements [...] particularly concerning issues related to access to data by judicial authorities and to the definition of serious crime”.

Braz urged the EU institutions to adopt the data protection Regulation as a starting point, in order to define “a general regime establishing a harmonised high level of protection prior to any definition of potential derogations that might include data retention”.

The Romanian Government had no reaction to the ECJ decision, but in the day after the ruling decided to extend the mass surveillance on its citizens in a new draft law: all the citizens that connect to free WiFis must identify themselves to the operators, that need to keep the personal data for at least 6 months. Also, all the pre-paid mobile cards owners have to be present an ID card if they want to buy such a card. All the current 7 million pre-paid card users in Romania need to register in 6 months, otherwise their cards will be de-activated. Impact on human rights? None, according the Ministry of Justice.

Finnish Minister of Education, Science and Communications Krista Kiuru welcomed the decision. She commented:

“Naturally, we must clean out the paragraphs enacted due to the directive. We will gladly adhere to this decision. If we want Finland to be a model country when it comes to data protection, our legislation has be be in accordance with the fundamental citizen rights,”

The ruling may have an impact on ongoing legislative projects in Finland, such as the preparatory work on the online surveillance law.

European Court overturns EU mass surveillance law (08.04.2014)
http://edri.org/european-court-overturns-eu-mass-surveillance-law/

Data retention directive: Commissioner Malmström’s statement on today’s Court judgment (only in French, 08.04.2014)
http://europa.eu/rapid/press-release_STATEMENT-14-113_en.htm?locale=en

Felix Braz: “The judgment of the ECJ clearly states that all the fundamental rights of EU citizens are to be respected” (08.04.2014)
http://www.gouvernement.lu/3641093/08-cjue

Romanian new draft law (09.04.2014)
http://gov.ro/ro/stiri/proiectul-de-lege-pentru-modificarea-si-completarea-oug-nr-111-2011-privind-comunicatiile-electronice

ECJ ruled data retention directive illegal (only in Finnish, 08.04.2014)
http://www.lvm.fi/tiedote/4395687/eu-tuomioistuin-totesi-tietojen-sailyttamista-koskevan-direktiivin-laittomaksi

Finland must revise its data protection laws (08.04.2014)
http://www.helsinkitimes.fi/finland/finland-news/domestic/10120-finland-must-revise-its-data-protection-laws.html

close
09 Apr 2014

Net Neutrality – What happens next?

By Heini Järvinen

After the big vote on net neutrality in the European Parliament on 3 April 2014, many people are asking “what now”? The answer is that the Council of Ministers of the European Union will decide what parts of the overall “Telecoms Single Market Regulation” it can accept, which parts it wants to amend and which parts it wants to reject completely. The Council is made up of the ministers responsible for telecommunications from the 28 Member States of the European Union.

The views of the 28 ministers vary widely. On the one hand, countries like the Netherlands and Slovenia see a need to protect the open and pro-competition legislation that they have already put in place. On the other, countries whose governments have, for various reasons, maintained uncompetitive oligarchies in their telecoms markets, would prefer to maintain and expand this approach.

Somewhere in the middle, the UK wants to both have competition and to permit non-competitive blocking, as long as the companies in question tell the consumer what services are being blocked – with the blocked services having not choice other than to pay for access to the ISP’s customers or be cut out of that part of the market. The national regulator, Ofcom, simply wants access providers not to call their services “Internet access services”, if they are not providing access to the full Internet. Remarkably, even though the current “code of practice” in the UK is very weak, some major companies have still not signed up to it. More remarkably still, the UK would prefer to have this confusion multiplied in each of the 28 EU Member States rather than supporting the basic principle that the open Internet should be clearly protected in law.

Obviously, the Commission’s “package” approach (where radio spectrum, net neutrality, enforcement and mobile roaming are squeezed together for no obvious reason) means that unrelated policy areas will be traded off against each other in the negotiations, in order to be able to produce a final legislative instrument. After an overwhelming vote of the European Parliament in favour of net neutrality and the overall package, the big question is whether Council can use its famously untransparent procedures to reject the democratic decision of the Parliament and bounce the new Parliament into rejecting the pro-innovation position that it has just adopted.

The next stage in the process is that the proposals will be discussed under the Greek presidency of the Council until the end of June, and then (under the six-month revolving presidency) under the Italian presidency. As several of the bigger countries in the EU (France, Italy and the UK, for example) are opposed to net neutrality, it will be difficult to build a strong majority. On the other hand, the European Parliament has equal powers, so its strong pro-net neutrality position can only be overturned if it allows this to happen. The upcoming European Parliament elections are therefore crucial for the future of net neutrality.

UK’s net neutrality position
http://consumers.ofcom.org.uk/2011/11/improving-traffic-management-transparency/

Council voting procedures
http://www.consilium.europa.eu/council/voting-system-at-the-council?tab=Voting-calculator

European Parliament leads the world with open internet vote (03.04.2014)
http://edri.org/european-parliament-leads-world-open-internet-vote

(Contribution by Joe McNamee – EDRi)

close