Respect My Net: online platform to report net neutrality violations

This initiative is essential to ensure that new rules on defending the open and competitive internet are effectively implemented. The Internet is about freedom, communication and innovation – not about short-term, anti-competitive strategies of access providers.

said Joe McNamee, Executive Director of European Digital Rights.

Without net neutrality, our rights to freedom of expression, freedom of choice, innovation, competition, privacy and communication are at stake. Respect My Net is a simple platform that provides you with the opportunity of reporting how Internet access providers are violating your freedoms online, by blocking, throttling or otherwise interfering with your Internet access. In addition, the platform provides you with an overview of easy-to-use tools which help monitoring whether or not your Internet Service Provider is manipulating or restricting your Internet traffic.

This project will also be useful for European telecom regulators, which now have to enforce the Regulation 2015/2120 on open internet access (aka net neutrality). “Respect My Net” will be complementary to the campaign platform Save The Internet, which will be relaunched soon to accompany the work of the Body of EU Telecoms Regulators known as “BEREC”.

As everyone probably knows, Facebook legally established its non-US headquarters in Ireland. Fewer users know that the opening an account on the platform amounts to a contract with Facebook Inc. registered in Menlo Park, making California the only jurisdiction under which cases against Facebook can be brought. Or at least, this is what Facebook argued. However, a French Court ruled this month that it has jurisdiction to rule on a case against Facebook.

The case, brought in 2011, was initiated by a French user whose account had been censored by Facebook after posting a image of a 19th century painting by realist painter Gustave Courbet, “The Origin of the World”. The French Tribunal de grande instance and Paris Court of Appeal have found Facebook’s clause that forces all users to agree that any litigation must be based in California to be “abusive” and therefore declared it void.

This decision sets an important legal precedent which could potentially impact other pending cases against Facebook in the European Union. Facebook is for instance seeking the invalidation of a Belgian Court decision from last November requesting the social media to stop tracking users. According to Facebook, the Belgian Court did not have the jurisdiction to judge this case as its headquarters are located in Ireland. Facebook also added a linguistic element to this jurisdiction battle by claiming that the Court could violate Belgian law by using the word “cookie” in the ruling, as this word does not exist in French. It is true that French people tend to translate every single English word, but this might be one of the few exceptions, as “cookies” haven’t become “madeleines” in French, at least not yet. Soon, perhaps, Facebook’s reliance on US jurisdiction will soon be little more than remembrance of things past.

Dispute over jurisdiction also continues in Austria where Facebook’s best friend, Max Schrems is seeking to bring a class action case against the company. This case, in which Facebook argues that the entire lawsuit cannot is neither admissible in Vienna, nor in fact anywhere else in the world, has now reached the Austrian Supreme Court.

Facebook is therefore arguing in France that it can only be judged in California, in Belgium that it can only be judged in Ireland and in Austria that no-one can bring class action cases at all. The saga continues.

Ordonnance du juge de la mise en état du 5 mars 2015 – Tribunal de grande instance de Paris (in French, 05.03.2015)
http://www.legalis.net/spip.php?page=jurisprudence-decision&id_article=4515

Facebook appeals Belgian cookie rule because it says ‘cookie’ (28.01.2016)
http://www.politico.eu/article/facebook-appeals-belgian-cookie-rule-because-it-says-cookie-data-protection/

“Facebook Class Action” reaches Austrian Supreme Court
http://www.europe-v-facebook.org/sk/PA_OGH_en.pdf

(Contribution by Estelle Massé, Access Now)

Why we studied Dutch data brokers

Recent research shows that, in some countries, companies such as data brokers are increasingly collecting personal data for profiling. They can then offer these profiles to commercial clients who use them for marketing and credit rating.

The conduct of data brokers and profiling can create ethical risks. Personal data can be processed in a way that gives companies and governments power over people. It allows them to follow someone’s information trail step by step, to manipulate their economic decisions, to categorize individuals, to sort and discriminate among individuals, to inhibit an individual from changing or progressing; and to infringe or steal one’s identity. In other words, in the wrong hands, or applied the wrong way, these technologies could harm people .

This research looked at the Dutch situation and aimed at mapping the scope of data brokers and the commercial profiling industry in the field of commercial marketing and credit rating in the Netherlands, their legality, and to evaluate how society can mitigate risks associated with it.

Data brokers know more about you than you know

For our research we gathered a list of data brokers and approached them for interviews and with data access requests. The team also acted as a data broker to see which data it could access, and made profiles with the help of experts. An expert session was organised on ethical and legal aspects.

The research reveals that there are many (+180) data brokers in the Netherlands that collect personal (and at times sensitive) information. They get their data from various sources (public and commercial) and create profiles about individuals. The research also shows that it is fairly easy for data brokers to gain access to information and to make profiles. It also shows that small changes in algorithms can have big results and that it is not always clear why some profiling has certain outcomes.

For the people whose data is processed, it is difficult to control data flows as it is not transparent. It is also difficult to obtain information about how data is used or to get information about personal credit scores.

Data brokers break the law

We compared these outcomes with the legal framework and reached the following conclusions:

1. Data brokers lack the legal basis to process so much data.
The research reveals that in the case of data brokers, users have little control over what happens to their data. People have not consented to the processing of their data, because there is no direct contact between data brokers and the people whose data is being processed. Furthermore, the commercial ‘legitimate interest ‘data brokers claim as a legal basis for their processing is too weak to justify the privacy breach that further processing causes. Meanwhile, the research shows that data brokers process sensitive information, which requires explicit consent.

2. Data brokers don’t respect the obligation of purpose limitation.
Although some commercial entities state that data is shared with third parties, this says nothing about the purpose for which those third parties (the data brokers) will be processing their data. Individuals have no way of knowing how their data is further processed by those third parties. Furthermore, data brokers have given us little information about how the data is shared further. This denies people the opportunity to know and verify the purpose of the further processing.

3. There is too little transparency about data brokers and commercial data traffic.
Notices provided by parties that share data with brokers are vague and unspecific. Data brokers themselves are also not transparent about how they use their data, where they get their data and with whom they share their data.

4. There is no way for people to object.
The research shows that once data is shared, it is further shared with third parties. There should be limits to this chain and opportunities for people to object to processing. Onward sharing makes it increasingly difficult for users to exercise control over their data and to prevent further processing. We should also critically evaluate the reuse of public data and allow people the opportunity to object to processing.

5. Data subject rights are not respected.
The research reveals that some data brokers don’t respond to access requests and that people don’t get the information about their profile, even though they are legally entitled to this. People should be meaningfully informed about profiling. They should also be able to tell what that profile is and be able to ask for human intervention when decisions are made that concern them on the basis of profiles.

6. There should be more enforcement.
After new enforcement laws enter into force, the data authority should closely watch the behavior of these companies. We also recommend more proactive research and activity by the anti-discrimination authority. Research reveals that some profiles have the ability to indirectly discriminate against certain groups of people. The problem is, that this discrimination is difficult to spot, in particular when companies don’t directly use sensitive data.

Data brokers need to be studied extensively

Our research shows that the practices of data brokers pose risks to our society and that their conduct does not abide by the data protection laws. Furthermore, new technologies like big data and the Internet of things and the close alignment between the public and private sphere potentially exacerbate these risks. We therefore not only recommend more monitoring and enforcement, but also that these data broker practices are studied in other countries.

Floris Kreiken: Transparent consumers – Data brokers and profiling in the Netherlands
https://www.edri.org/files/transparent-consumers-bits-of-freedom.pdf

(Contribution by Floris Kreiken, Bits of Freedom)

The Directive was first launched as part of the 1999 Communications Review and aimed to provide specific data protection rules for the e-communications sector, following the entry into force of the 1995 Data Protection Directive the previous year. The Directive dropped out of the Review package quite early in the legislative process and was not finally adopted until 2002.

The new instrument needs to cover all online processing of personal data, insofar as not already covered by the GDPR. Not least because of this, the new instrument needs to be enforced by Data Protection Authorities and not Telcoms regulators, as is the case in some EU Member States. It also needs to be updated in relation to the treatment of traffic and location data, as well as other geographical information and how consent is provided in this cases. Location data – even “anonymous” location data – can raise serious security and privacy concerns.

Another element that requires considerable re-thinking is the Directive is the issue of “cookies”. A more consistent and thorough analysis needs to be done on the different types of cookies that exist (tracking cookies, non-tracking cookies, session cookies…) and how to treat them accordingly. The bad joke which consent for cookies has become, have given arguments to anti-privacy/Big Data lobbies for how (meaningless) consent is the new spam. New, clearer rules should have a focus on improving the quality of the (very frequently profoundly misleading) information given to individuals reducing the number of cookie consent requests. Generally, we advise following the recommendations set by the Article 29 Working Party on this point.

The revised instrument should state that the deliberate installation of any piece of software or hardware on any device without the knowledge or consent of the owner of the device is an unauthorised access and/or data/system interference, as defined in the Council of Europe Cybercrime Convention. Another of the topics that cannot be avoided is related to the use of encryption in devices. In the new legislation, legislators should consider whether attempts to remove encryption, including the installation of “backdoors”, should be explicitly forbidden. Attention to how consent is provided (and revoked) for value-added services and the harmonisation and enforcement of the “national security/pubic order/crime prevention” exemptions is also needed.
The agreed text of the GDPR was the best possible outcome in the current political scenario, bearing also in mind the heavy lobby it received. The revision of the e-Privacy Directive needs not to undermine the good parts of the GDPR while at the same time trying to fix the loopholes it has created. Some lobbies call to “leveling the playing field” in this area, which is not objectionable, as long as the playing field is levelled upwards and to the level set by the GDPR and the case law of the courts in Luxembourg and Strasbourg. That is the playing field and any policy development in this are needs to stay up to those levels of protection.

Directive 2002/58/EC on privacy and electronic communications
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32002L0058:en:HTML

Article 29 Working Party: Opinion 04/2012 on Cookie Consent Exemption (07.06.2012)
http://ec.europa.eu/justice/data-protection/article-29/documentation/opinion-recommendation/files/2012/wp194_en.pdf

Data Protection Regulation Update: precise implementation depends on exceptions and Recitals (19.01.2016)
http://amberhawk.typepad.com/amberhawk/2016/01/data-protection-regulation-update-precise-implementation-depends-on-exceptions-and-recitals.html

EU Data Protection Package – Lacking ambition but saving the basics (17.12.2015)
https://edri.org/eu-data-protection-package-lacking-ambition-but-saving-the-basics/

Recommendation No. R (95) 4 on the protection of personal data in the area of personal data in the area of telecommunication services
https://wcd.coe.int/com.instranet.InstraServlet?command=com.instranet.CmdBlobGet&InstranetImage=535549&SecMode=1&DocId=518682&Usage=2

(Contribution by Diego Naranjo, EDRi)

From February to May 2015, the main opposition party the Social Democratic Union of Macedonia (SDSM) published excerpts of leaked wiretapped conversations recorded illegally by the Security Services under direct command of the prime minister’s cousin. These wiretaps indicated mass illegal surveillance and corruption at highest level of government. In May, a group of experts lead by former European Union (EU) Commission Home Affairs Director Reinhard Priebe undertook an inquiry confirming the allegations, and their findings were used by the European Commission (EC) to shape the reform priorities needed to reverse the state capture in Macedonia.
In June and July, the four biggest Macedonian parties forged an agreement in a village called Przhino outlining the steps out of the crisis. The EU and USA serve as mediators and guarantors of the Przhino Agreement, which stipulated measures such as end of the opposition boycott of Parliament, reforming of institutions such as State Electoral Commission (SEC), forming of a new state body of Special Public Prosecutor to investigate the crimes that were previously not addressed by the judiciary.

The last stage of this agreement includes “free and democratic” elections, initially scheduled for 24 April. However, since much of the implementation was sabotaged and delayed, the opposition, domestic civil society organizations, and the guarantors issued opinions that conditions for such elections are not met.
One of the keys to such issues is the capacity of the State Election Commission (SEC), both in terms of human resources and legal competences. The SEC was formed with a delay of 5 months, in November instead of June 2015, and by 21 February 2016 it had not been able to “clean” the Voters’ Registry by removing dead and “phantom” voters, who were a major factor in previous elections. The incumbent ruling party Internal Macedonian Revolutionary Organization – Democratic Party for Macedonian National Unity (VMRO-DPMNE), on the other hand, insists on speedy elections.

As the Macedonian government has been refusing to conduct a population census, clear-cut data on the population of the country does not exist. Thus, the cleaning of the Voters’ Registry first involves a comparison of datasets from various state institutions, in order to determine the scope of the anomalies. A lack of interoperability between state institutions makes this task difficult, especially considering that the SEC announced that not enough candidates applied for the IT positions.
In the past, citizens had the opportunity to check if they are listed in the Voter’s Registry, by entering their Unique Master Citizen Numbers in a web application. However, on 10 February 2016, the software developer Kalina Zografska pointed out a critical flaw in the application through a blog post, alerting the public that the citizen’s data are available for harvesting to anyone who can write a simple script. According to Zografska, it is relatively easy to scrape the whole Voters’ Registry for citizens’ personal data including names, birthdays and locations.

The SEC closed the access to the web application on the same day, at first claiming it was “due to internet connection problems.” As a result of a follow-up inquiry one week later by the Independent News Agency Meta.mk the SEC admitted that the application is closed “due to security issues,” without providing details.
The quick reaction to public scrutiny indicates the new SEC’s awareness of their obligations as data controller under the Personal Data Protection Law. The role of international community monitoring has been crucial in preventing the abuse of state power. The next several months will be crucial for reversing the backsliding of democracy in Macedonia, a candidate for EU membership, which has been noted in the EC annual reports. The whole process will benefit from increased scrutiny by international institutions and civil society.

EDRI-gram 13.3: Macedonia: Massive surveillance revelation: 20 000 people wiretapped (11.02.2015)
https://edri.org/macedonia-massive-surveillance-revelation/

Mass surveillance endangers freedom of expression in Macedonia (11.02.2015)
https://www.ifex.org/macedonia/2015/02/11/mass_surveillance/

The former Yugoslav Republic of Macedonia: Recommendations of the Senior Experts’ Group on systemic Rule of Law issues relating to the communications interception revealed in Spring 2015 (08.06.2015)
http://ec.europa.eu/enlargement/news_corner/news/news-files/20150619_recommendations_of_the_senior_experts_group.pdf

Former Yugoslav Republic of Macedonia: No time to lose to reform the country! (24.07.2015)
http://ec.europa.eu/commission/2014-2019/hahn/blog/former-yugoslav-republic-macedonia-no-time-lose-reform-country_en

In Sweeping Effort to Spy on Civil Society, Macedonia Broke Its Own Privacy Laws (14.07.2015)
https://advox.globalvoices.org/2015/07/14/in-sweeping-effort-to-spy-on-civil-society-macedonia-broke-its-own-privacy-laws/

A Blogger Exposes Personal Data Protection Flaw on Macedonia’s Election Commission Website (18.02.2016)
https://globalvoices.org/2016/02/18/a-blogger-exposes-personal-data-protection-flaw-on-macedonias-election-commission-website/

Electoral List inaccessible due to a security problem on the SEC website (17.02.2016)
http://meta.mk/en/electoral-list-inaccessible-due-to-a-security-problem-on-the-sec-website/

Civil Society Analysis of the state of the Przhino Agreement: Reforms First, then Elections (19.02.2016)
http://metamorphosis.org.mk/en/aktivnosti_arhiva/the-long-road-to-przhino-reforms-first-then-elections/

Electoral list still inaccessible on the SEC’s website (19.02.2016)
http://meta.mk/en/electoral-list-still-inaccessible-on-the-sec-s-website/

Joint US-EU Letter to Prime Minister Dimitriev (21.02.2016)
http://eeas.europa.eu/delegations/the_former_yugoslav_republic_of_macedonia/documents/press_corner/jointletter2016-02-21.pdf

Insufficient Number of IT Specialists Applied for SEC Job Opening (22.02.2016)
http://goo.gl/WsafyT

(Contribution by Filip Stojanovski, Metamorphosis, Foundation for Internet and Society)

The European privacy law is huge
Information plays a central role in our society. Every action you take leaves an information trail related to you personally: personal data. Meanwhile, almost every company and organisation works with information and those are often also personal data. Ongoing digitisation only increases the amount of personal data processed. This makes rules on the processing of personal data incredibly important.
In Brussels, there have been negotiations for years about the new data protection regulation, which aims to replace all the national privacy legislation and to enhance and harmonise data protection levels. It won’t come as a surprise that this new law is big and important. The 201 page law touches the lives of millions of people and all kinds of companies and organisations.

A lobbyist feeding frenzy
The law was therefore a feast for lobbyists. Even before the European Commission proposed it in 2012, US-American companies were making lobby phone calls to Commission employees and using other channels to exert pressure. Former European Commissioner Viviane Reding called it the most aggressive lobbying campaign she had ever encountered.
Afterwards, the European Parliament was flooded with the largest lobby offensive in its political history. The website lobbyplag (an initiative by Europe v. Facebook) showed that some of the amendments proposed by lobby groups were copied word for word by European politicians. Apart from that, ‘astroturf’ groups were active: organisations that claimed to be independent organisations, like the European Privacy Association were caught breaking lobby transparency rules and had to change their entry in the lobby register. Despite all of this, Members of the European Parliament eventually adopted a text which would offer citizens more protections against unfair data processing.

Unfortunately, representatives of national governments took a very different approach and left few of those protections in their proposed text. In particular, they aimed to undermine the protection of citizens in the context of profiling and big data.

The lobby-freedom of information request
We were therefore very curious about the lobby offensive at the level of government. So using the Dutch freedom of information act (called Wet Openbaarheid van Bestuur), we asked for all the lobby documents on this subject at the ministries of Economic Affairs, Security and Justice and the Netherlands permanent representation to the EU (that negotiates on behalf of the Dutch government in the EU). They will be called EA, S&J and Permrep in the remainder of the blogs.

The Lobby-tomy
These lobby documents were then sent to us by the Dutch government and we gladly published them on our website. They show what kind of organisations have tried to influence the Dutch government and what their positions are. In these blogs we provide some insight. What kind of organisations are lobbying? What are the most important themes that constantly surface? What kind of arguments are used?
This way, we try to give an insight about the lobby that took place behind the scenes. We obviously don’t have all the information. For example, we lack information about phone calls or what has been said in-between meetings. This document deals with the lobby documents only, which also contain emails. We invite anyone to read along as we go on.

Hereafter
This introduction will be followed by a series of blogs that have been published on our website. These blogs will be included in the upcoming EDRi—grams. In these blogs, we will at times refer to lobby documents that are in a database on our website (we will also specify the URL so you can read them yourselves – although some of the documents are in Dutch). That database contains a list with all the lobbying parties and all the documents they have sent. Our next article will be about the most important topics addressed in the lobby documents.

For the series of blogs and documents, see the Bits of Freedom website (in Dutch)
https://www.bof.nl/category/lobby-tomie/

Floris Kreiken, “Herrie in de Europese privacykeuken,” Bits of Freedom website (15.06.2015)
https://www.bof.nl/2015/06/15/herrie-in-de-europese-privacykeuken/

“Commission proposes a comprehensive reform of the data protection rules,” European Commission press release (25.01.2012)
http://ec.europa.eu/justice/newsroom/data-protection/news/120125_en.htm

European Digital Rights and Access, “Data Protection \Lobbying,” #EUdataP – issue 03
https://edri.org/files/eudatap-03.pdf

Thomas Brewster, “Facebook Lobbies Brussels In Earnest On EU Data Privacy Proposals,” TechWeek Europe (08.11.2012)
http://www.techweekeurope.co.uk/workspace/facebook-lobbying-eu-data-privacy-98645

Matt Warman, “EU Privacy regulations subject to ‘unprecedented lobbying’,” The Telegraph (08.02.2012)
http://www.telegraph.co.uk/technology/news/9070019/EU-Privacy-regulations-subject-to-unprecedented-lobbying.html

William Long, “Significant impact of new EU data protection regulation on financial services,” Global Banking & Finance Review (18.04.2014)
http://www.globalbankingandfinance.com/significant-impact-of-new-eu-data-protection-regulation-on-financial-services/

Glyn Moody, “How Lobbyists’ Changes to EU Data Protection Regulation Were Copied Word-For-Word Into Proposed Amendments,” Techdirt (12.02.2013)
https://www.techdirt.com/articles/20130212/04013421949/how-lobbyists-changes-to-eu-data-protection-regulation-were-copied-word-for-word-into-proposed-amendments.shtml

Complaint forces European Privacy Association to confirm Facebook, Google, Microsoft, Yahoo are corporate backers
http://corporateeurope.org/lobbycracy/2013/06/complaint-forces-european-privacy-association-confirm-facebook-google-microsoft

Janneke Slöetjes, “Drie gaten in nieuwe EU Privacywet,” Bits of Freedom website (in Dutch, 12.03. 2014)
https://www.bof.nl/2014/03/12/drie-gaten-in-nieuwe-eu-privacywet/

Floris Kreiken, “Herrie in de Europese privacykeuken,” Bits of Freedom website (in Dutch, 15.06.2015)
https://www.bof.nl/2015/06/15/herrie-in-de-europese-privacykeuken/

Floris Kreiken, “Echte (Big) Databescherming vraagt om goede regels rond profilering,” Bits of Freedom website (in Dutch, 17.9.2015)
https://www.bof.nl/2015/09/17/echte-big-databescherming-vraagt-om-goede-regels-rond-profilering/

(Contribution by Floris Kreiken, Bits of Freedom)

The 2015 report contains the following headings:

Media Activisim, Citizen Journalism, Alternative and Independent Media
Digital Surveillance at Internet Environment
Hate Speech and Discriminative Discourse at Internet Environment
Trolling and Cyber Bullying
Free Software in Turkey
Online Art Practices in Turkey
Media Literacy and New Media Literacy

State of the Art Report of the Internet in Turkey 2015
https://yenimedya.wordpress.com/2016/02/19/state-of-the-art-report-of-the-internet-in-turkey-2015/

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Turkey again far above all other countries in Twitter removal requests

Twitter released the removal request report for the second half of 2015. Like the previous periods, the removal requests from Turkey was again far above all other countries. 450 of the total number of 486 removal requests by court orders (93%) and 90% of the tweets withheld were from Turkey in this period. Although Turkey occupied the first rank in the removal requests from government agencies, the number of such requests were only slightly higher than in Russia.

Twitter Transparency Report
https://transparency.twitter.com/removal-requests/2015/jul-dec

The consultation is of great importance not only to those working on copyright or “intellectual property rights” in general, but in fact crucial to anyone using the Internet. This consultation covers how private companies should or should not be involved in law enforcement online – for example by removing your online content in case it might include copyrighted material. It also covers the range of Internet intermediaries that could or should be subject to legal obligations to undertake law enforcement activities.

In order to make it easier for individuals to answer the consultation, EDRi has created an “answering guide” – an online tool with the European Commission’s questions and our analysis to guide your responses. The answering guide can be found here: http://youcan.fixcopyright.eu/limesurvey/index.php/829127?lang=en

Have your say in the reform of copyright enforcement!

(Contribution by Diego Naranjo, EDRi)

European Digital Rights (EDRi) has joined forces with an international coalition of experts, scholars, groups representing Internet users, consumers and businesses to make this change happen. We are calling for reform of trade negotiations in order to protect the Internet and digital rights at a global level.

Today, we issue the “Brussels Declaration on Trade and the Internet”. The Declaration makes six specific recommendations for States and Regions participating in global trade agreements. These include regular releases of draft proposals, meaningful public participation and engagement with the public, experts and organisations fighting for Internet users and consumers’ human rights and fundamental freedoms online.

The opaque and undemocratic way under which trade agreements are being negotiated jeopardise the enjoyment of human rights online. This Declaration contains clear recommendations for a much-needed reform,

said Joe McNamee, Executive Director of European Digital Rights (EDRi).

The Declaration was signed by 20 groups and individuals concerned about secretive and closed trade negotiations, like the negotiations on the Transatlantic Trade and Investment Partnership (TTIP), the Trade in Services Agreement (TiSA) and the Comprehensive Economic and Trade Agreement (CETA). Among the experts involved, the coalition gathers Mr Alfred-Maurice de Zayas, the United Nations Independent Expert on the promotion of a democratic and equitable international order.

Trade agreements must work for human rights and not against them. Multi-stakeholder participation in the elaboration, negotiation and adoption of trade agreements are essential if they are going to have democratic legitimacy,

said UN Expert Alfred de Zayas.

All agreements must be subject to periodic review, so as to monitor their impacts on human rights, including the right to privacy, digital rights and online freedom of expression and access to information. Revision of trade-agreements must be built into the treaties,

he added.

Background:

Brussels Declaration on Trade and the Internet
https://edri.org/files/brussels_trade_declaration.pdf

TTIP and Digital Rights
https://edri.org/files/TTIP_and_DigitalRights_booklet_WEB.pdf

TiSA and Digital Rights
https://edri.org/files/TiSA_Position_Jan2016e.pdf