06 Feb 2018

Join EDRi’s Board: Call for applications

By Kirsten Fiedler

It’s time to take the next step to extend EDRi’s reach and efficacy. We are inviting you to apply to become a member of our Board.

As an EDRi Board Member, you’ll help shape the future of the organisation and advance our mission to promote and protect human rights in the digital environment. We are committed to growing and diversifying our organisation’s leadership by ensuring that there is a gender and geographic balance, and by seeking the representation of diverse cultural backgrounds on the Board.

How to apply

To apply, please send a brief biography (350 words max.) outlining your interest, experience and background, together with a statement of endorsement by an EDRi-member by email to julien.bencze[at]edri.org (PGP: AC5E 0016 07CB 5D6A CEDF E153 7663 3980 3013 A4F1).

Closing date for applications is 4 March 2018. The vote will take place during the General Assembly, 13–14 April 2018 in Brussels.

The next General Assembly will elect two Board members. The term of Board member Ot van Daalen is coming to an end this year. He has been filling the position of Treasurer and intends to re-stand, unless someone comes forward who can provide similar skills (budgeting and accounting) and continuity.

Our Board
  • Currently consists of 3 volunteer members, elected for a 3-year period;
  • Governs EDRi in compliance with its statutes and internal regulations;
  • Meets once per month (remotely) to discuss general management issues and once every 6–12 months for planning workshops;
  • Focuses on strategy and accountability rather than day-to-day operations;
  • Participates in deliberations and decisions in matters of policy, finance, fundraising, programs, personnel, and advocacy;
  • Deals with membership issues as they arise;
  • Assists in developing and maintaining positive relations among EDRi members, staff members, membership, donors and other stakeholders;
Required skills
  • Finances: Budgeting and accounting (only for the position of Treasurer);
  • Experience in advocacy, activism, outreach/community and campaigning for digital human rights;
  • Experience with NGO board membership, board chairing or working with boards, or a similar role;
  • Fluent command of spoken and written English.
We are looking for the following additional skills and tasks to complement the current Board:
  • Fundraising (especially corporate donations, high network individuals, foundation grants);
  • Knowledge of politics and culture in Northern and/or Southern Europe;
  • Knowledge of small and very small digital rights organisations (volunteers only, or staff under 3);
  • Knowledge of assisting with administrative issues (HR, governance);
  • Counseling, oversight, and evaluation of the Directors.
To be eligible for election
  • Any candidate must declare that they have permission to stand from their own organisation, if their organisation is a member of EDRi;
  • Any candidate joins the Board in their personal capacity and not as a representative of an organisation;
  • Any candidate must be endorsed. Members may set their own procedures for endorsements. When an individual steps forward to run for a position, he or she needs to seek endorsement from a member organisation. Organisations will have the opportunity to withdraw endorsement before the Board elections.
  • Any candidate shall have the opportunity to make a presentation for their candidacy in writing and in person at the General Assembly.
  • Any candidate must not have served on EDRi’s Board for more than three of the previous nine years.
  • Any candidate must declare any potential conflicts of interest, and anything else that might affect their eligibility, such as criminal convictions.

How to apply:

To apply, please send a brief biography (350 words max.) outlining your interest, experience, and background, together with a statement of endorsement by an EDRi member by email to julien.bencze[at]edri.org (PGP: AC5E 0016 07CB 5D6A CEDF E153 7663 3980 3013 A4F1).

Closing date for applications is 4 March 2018. The vote will take place during the General Assembly, 13–14 April 2018 in Brussels.

29 Jan 2018

EDRi-gram – 15 years of digital rights news (and counting)


15 years ago this day, on 29 January 2003, we published our very first EDRi-gram. To celebrate this occasion, we are looking back at the articles in this first newsletter.

If you are feeling nostalgic, you can read the original EDRi-gram Number 1 here:

A lot has changed, a lot stays the same.

Copyright Directive

Implementing the European Copyright Directive
(Click the link to read the original article)

In 2003, we had just escaped one of the biggest threats to the internet in Europe, the so-called “web caching ban”. Copyright fundamentalists tried to ban the incidental copies made by networks, unless they were separately authorised.

In 2018, we are facing one of the biggest threats to the internet in Europe. Copyright fundamentalists are trying to force everything uploaded to the internet to be subject to prior authorisation and/or upload filtering by internet hosting services.

Data retention

Rally Members European Parliament against data retention
(Click the link to read the original article)

In 2003, we were at the start of a long campaign by certain EU Member States to impose mandatory data retention, using the proposed ePrivacy Directive as a tool to achieve this goal.

In 2018, and despite two European Court rulings rejecting mandatory data retention, we are faced with a campaign from certain EU Member States to impose mandatory data retention, using the proposed ePrivacy Regulation as a tool to achieve this goal.

Software patents

New patent law on software threatens innovation
(Click the link to read the original article)

In 2003, European activists were faced by a massive, lobby-driven, well-financed attempt to impose software patents in Europe. The proposal was ultimately rejected, in one of the most unlikely of all “David and Goliath” successes of European activists.

Entitlement cards

Update: United Kingdom
(Click the link to read the original article)

In 2003, the UK government was trying to impose national ID cards through the back door via a national public service “entitlement” card.

In 2018, the Irish government is trying to impose national ID cards via a (“mandatory but not obligatory”) national public service entitlement card.

German censorship

Action against governmental censorship in Germany
(Click the link to read the original article)

In 2003, the German authorities were pushing censorship through the demonstrably ineffective use of blocking by internet access providers.

In 2018, the German authorities are pushing censorship through the coercion of internet services to delete content more quickly.

Recommended reading

“The Human Rights Network in Moscow has just released a very useful online report about online privacy in Russia. According to the introduction fundamental human rights and freedoms – freedom of speech, freedom of information, privacy – are apparently unprotected on the Net. While Russian Internet is growing these rights and freedoms suffer from frequent and widespread invasion.”

In 2003, our recommended reading was a study about online restrictions in Russia:

In 2018, the story continues:

Oh no! Did you miss the 363 previous editions of the EDRi-gram? No worries, you can read all of them here and here.

And it’s of course never too late to subscribe to our newsletter!



24 Jan 2018

ENDitorial: Living as if being at an airport

By Bits of Freedom

The internet is starting to look more and more like an airport. Not only because of the ubiquitous surveillance, but also in the way that advertising is trying to steal our attention. Should we start working on a right to not be addressed?

The title of this piece is inspired by Marleen Stikker of the Waag Society. She uses this metaphor to tell a story about how the internet has changed. From a public space without central rules, to a place where you change your behaviour to accommodate an invisible code of conduct, because everything you do is being tracked, and the data is being saved permanently.

The airport is a world where we accept that we abandon our usual rights because of the perceived threat level, and where we let the government come closer and closer. Another way in which it seems we are permanently in an “airport mode”: The way in which our daily experience is shaped by advertising.

The airport as advertising space

It is always surprising how aggressively the surroundings at the airport are trying to draw people’s attention. The airport is, as the advertising experts say, a “high dwell time environment, delivering a captive audience”. This means you often have to wait a long time and there’s nowhere to go. That’s why you even find advertising on the luggage claim, on the trays carrying your belongings through the scanner, and on your boarding pass. No surface can be left unused. In Canada, there are even branded parking spots where you can only park a Lexus. This led to a small riot, since in order to make the Lexus-spots, the parking spots for disabled people were moved to a less favourable place.

The arms race for attention

Also outside the airport, the arms race for attention is in full swing. Graffiti artist and activist Banksy pointed out the problem over more than ten years ago. He sampled a text about advertisers and turned it into this:

“They leer at you from tall buildings and make you feel small. They make flippant comments from buses that imply you’re not sexy enough and that all the fun is happening somewhere else. They have access to the most sophisticated technology the world has ever seen and they bully you with it. [..] They have rearranged the world to put themselves in front of you.”

By removing advertisements – as in a beautiful photo project by Nicolas Damiens’s where he has removed all ads from Tokyo – it becomes clear how contaminated our field of vision is with advertisements. This contamination is everywhere.

----------------------------------------------------------------- Support our work with a one-off-donation! https://edri.org/donate/ -----------------------------------------------------------------

Thanks to outdoor advertising company Exterion and with consent of the Nederlandse Spoorwegen (NS), the main Dutch railway service, Amsterdam Central train station is filled with advertising columns with moving images, which according to research are 52% more visible than images that don’t move. Those advertising columns have cameras to see if the viewer is actually looking at them, giving them their attention. Those cameras have now apparently been turned off. However, not because we don’t want to be followed by advertisements, which in the near future will be able to use facial recognition and then can be connected to Facebook in order to merge the offline and online advertising market. No, they have been turned off “for the time being”, because Exterion regrets that there has been a discussion about the cameras because they “have not communicated properly enough”.

Attention and internet freedom

This story is important because we are structurally underestimating the value and importance of our attention. That ensures that we can’t verbalise a decent answer to the way the internet is being ruined by its completely dominant business model – a business model that is based on gathering data and producing advertisements.

The internet has become a completely commercialised space. In the scientific article from 1998 in which Larry Page and Sergey Brin introduced Google to the world, the gentlemen said advertisements and search engines could never go well together. They boasted about their top result for the keyword “cellular phone”, an article about the effect of making phone calls on driving behaviour. According to them, a search engine with advertisements would never have the incentive to show that result on top. Now when you search for “cellular phone” almost half the visual space has been taken by advertisements and much more than half of the data usage has been taken by the utterly unnecessary ways in which Google tracks us. This example is symptomatic for the current state of affairs on the internet. To internet platforms, it doesn’t matter what we look at. As long as we’re looking. We accept the current state of affairs on the internet – or more broadly speaking: in the public space – because we underestimate our own attention.

Insufficient appreciation for our own attention

In the introduction of his book The World Beyond Your Head, Matthew B. Crawford makes an analysis of how we currently treat attention. He was inspired to write this book when making an online payment, between entering his PIN code and confirming the payment, he was confronted with an advertisement.

According to him, attention is something intimate. It determines what is real to us, that what we have in our consciousness. In fact, companies like Google, Facebook and Amazon use our attention for their commercial goals. And because you only have a maximum amount of attention, Crawford doesn’t see this as creating new prosperity, but as a redistribution of existing prosperity – from you, to the companies in Silicon Valley. In other words, the time spent on Facebook is mainly benefiting Facebook and you can’t use it again for your own economic or socio-cultural activities. Crawford therefore argues for “attentional commons”, the recognition that attention is a limited and shared source that we all need. Like clear air enables breathing, cognitive silence – in the sense of no distraction – enables thinking.

Thankfully, attention has recently gotten more attention. Tim Wu, the driving force behind net neutrality, just wrote a book about it. And ex-Google philosopher Tristan Harris has started a non-profit with the name Time Well Spent. He believes that big companies from Silicon Valley are playing a zero-sum game to claim as much of our attention as possible. Everyone who has spent more time on Facebook or YouTube than they actually wanted will recognise this. According to Harris, this race for attention has negative effects. One example is the vulnerability of our democracy to fake news.

Fake news is the result of the way our information ecosystem works. Harris blames technology for this. But Crawford thinks that the problem lies elsewhere. We haven’t yet sufficiently politicised this attention-economy. Currently, it’s like Wild West, without rules, everything still possible. Weare not yet aware that attention is a limited source, like clean water or clean air. This is why we need to take the political decision to more efficiently protect it, both offline and online. It has been demonstrated in São Paulo that this is possible.

São Paulo, a city without ads

Mayor of São Paulo Gilberto Kassab passed his law for a clean city in 2007. He saw the law as necessary to address the pollution of water, air, noise and the visual domain. He started with that visual domain: billboards, video screens, and advertisements on buses, buildings, and so on were all prohibited. Politics defeated advertisers, with the support of a majority of the people. Companies needed to find different ways to reach their customers, and they ended up finding out that those ways often worked better than the billboards. Suddenly, there was literally space to tackle metropolitan issues in a new way.

The right not to be addressed

Maybe Crawford is right when he says that we have to add the “right to not be addressed” to our right to privacy. Maybe we can focus our attention to shared interests and build an internet where it’s pleasant to hang around – an internet that doesn’t have the characteristics of an airport. We should all look forward to that.

This is an edited version of the speech Hans de Zwart gave during the Big Brother Awards 2017 on Monday 11 December 2017 in the City Theatre in Amsterdam. Translation from Dutch to English by Ludwine Dekker. A version with images and background links is available here: www.bof.nl/2018/01/17/living-as-if-being-at-an-airport/

(Contribution by Hans de Zwart, EDRi member Bits of Freedom, the Netherlands)



24 Jan 2018

Romania: Culture Ministry rallies copyright lobbyists


On 17 January 2018, the Romanian Ministry of Culture organised a debate on the EU copyright reform proposal. With the room full with about fifty participants, three quarters were representing press publishers, record labels and collective management associations. It seemed almost like a full-fledged campaign meeting organised for and by traditional newspapers and rightsholders organisations to rally support for Articles 11 and 13 of the Copyright Directive proposal – a support meeting coincidentally (or not) organised just prior to national officials presenting their country’s position on the copyright reform in Brussels.

----------------------------------------------------------------- Support our work - make a recurrent donation! https://edri.org/supporters/ -----------------------------------------------------------------

Romania still needs to finalise its national position. How will it play its cards with such a fresh memory of this rally for a new right for press publishers and content filtering?

During the debate, EDRi member Asociația pentru Tehnologie și Internet (ApTI) remained constant in asking for the deletetion of Articles 11 and 13 and contributed with a detailed opinion regarding the Estonian Presidency proposal from 13 December 2017. ApTI’s analysis also deconstructed the questions put forward to Member States which are perpetuating a false premise to reinterpret (“clarify” in the creative language of the Council Presidency) “communication to the public” and redesign the intermediary liability regime.

Although this was not the first public debate organised by the Ministry of Culture, it was surely the last one before the final national position is put forward. Several other debates were organised in 2016 and 2017 by the Ministry of Culture and the National Copyright Office (ORDA), without affirming a clear opinion on a national position.

ApTI sent its input in several stages of the process (see here and here) and in turn organised four public debates, especially on the most thorny aspects of the copyright reform such as “link tax” and “upload filters” and their consequences for users, freedom of speech, online media and digital business.

On 15 March 2017, the IT&C Committee of the Romanian Parliament held a roundtable debate. The meeting was fairly balanced with representatives from all sectors present and voicing concerns. After this, the Romanian Parliament issued its point of view. Regrettably, it did not mention Article 11 at all, but issued an overall negative report on the copyright reform.

In reply to the Romanian Parliament’s report, the European Commission gave an unsatisfying and partially misleading answer. Trying to give reassurance on the Romanian Parliament’s concern on the impact of Article 13, the Commission falsely invoked its Impact Assessment, which was criticised by the European Parliamentary Research Service and did not include the comments received during the European Commission public consultation between March-June 2016 .

Keeping all this in mind, as next in line for the Presidency of the Council of the European Union, Romania has the opportunity to set the record straight. It has the chance to point out that the objectives of the Digital Single Market cannot be achieved with a piece of legislation that produces even more fragmentation, attacks freedom of speech, and blocks innovation and creativity.

ApTI copyright reform video campaign (only in Romanian)

Romanian MEPs, you’ve got mail!

Romanian Parliament to European Commission: Copyright reform does more harm than good (24.05.2017)

Romanian Parliament point of view on the copyright reform (03.05.2017)

Chamber of Deputies (partially) agrees with ApTI: EU copyright reform proposal is not adapted to the modern society (only in Romanian, 08.05.2017)

Copyright reform proposal: summary of ApTI’s intervention at the ITC Commission public debate, Chamber of Deputies (only in Romanian)

Preliminary point of view on the copyright reform – Ministerul Culturii public debate (only in Romanian, 14.10.2016)

ApTI’s point of view regarding EU copyright reform and Estonian Presidency communication (only in Romanian, 18.01.2018)

(Contribution by Valentina Pavel, EDRi member ApTI, Romania)



24 Jan 2018

UN Security Council mandates worldwide air traveller profiling

By Statewatch

In the name of “preventing, detecting and investigating terrorist offenses and related travel”, all United Nations (UN) Member States should develop systems for processing and analysing Passenger Name Record (PNR), Advance Passenger Information (API) and “fingerprints, photographs, facial recognition, and other relevant identifying biometric data”, according to a UN Security Council resolution (no. 2396) on threats to international peace and security caused by terrorist acts agreed on 21 December 2017.

PNR for all

PNR data is collected by airlines and travel agents when individuals purchase airline tickets and includes a wide range of personal and other data. API is the biographical data contained in individuals’ passports.

EU Member States are obliged to gather and process API under a 2004 Directive and by May 2017 all EU Member States were supposed to implement the EU PNR Directive that mandates the gathering and processing of PNR data on all travellers leaving, entering or travelling within the EU; numerous other states around the globe also collect and process PNR and API data for ostensible counter-terrorism and law enforcement purposes. (The EU provisions on flights within the EU were added by Member States by means of a “declaration”, ignoring the opposition of the European Parliament.)

----------------------------------------------------------------- Support our work with a one-off-donation! https://edri.org/donate/ -----------------------------------------------------------------

Under the title “Border Security and Information Sharing”, the UN Security Council Resolution – which is binding on UN Member States – demands that practically every state in the world adopt API and PNR systems, if they do not already have them, opening the door to massive pre-emptive profiling of air travellers. In the future, other modes of transport may also be covered – the EU has previously considered extending PNR schemes to rail and boat travel, while last year Belgium, France, the Netherlands and the UK agreed to introduce a PNR system for rail travel.

As observed by EDRi member Access Now:
“Under the EU PNR Directive, everyone’s PNR information – whether or not you are a suspect for any crime – is indiscriminately collected and shared with local enforcement authorities, and then stored for five years just in case it later becomes relevant to vaguely defined ‘serious’ crime and terrorism. Nothing has been presented to show this will do anything to help catch criminals or terrorists, and with more than 900 millions air passengers travelling in the EU every year, the sheer volume of personal information gathered and retained is well beyond what is necessary or proportionate. The directive therefore stands in violation of your fundamental rights to privacy and data protection.”

One of the key aims of the EU PNR Directive is the development of profiling systems against which all passengers’ data will be compared to determine whether they may be a person of interest”. Such “risk-based screening” is now set to go global.

Biometrics and watchlists for all

Resolution 2396(2017) also:
Decides that Member States shall develop and implement systems to collect biometric data, which could include fingerprints, photographs, facial recognition, and other relevant identifying biometric data, in order to responsibly and properly identify terrorists, including foreign terrorist fighters, in compliance with domestic law and international human rights law, calls upon other Member States, international, regional, and subregional entities to provide technical assistance, resources, and capacity building to Member States in order to implement such systems and encourages Member States to share this data responsibly among relevant Member States, as appropriate, and with INTERPOL and other relevant international bodies.” [emphasis added]

It further mandates that:
“Member States shall develop watch lists or databases of known and suspected terrorists, including foreign terrorist fighters, for use by law enforcement, border security, customs, military, and intelligence agencies to screen travelers and conduct risk assessments and investigations, in compliance with domestic and international law, including human rights law, and encourages Member States to share this information through bilateral and multilateral mechanisms.”

“Downgrade” intelligence

Amongst other things, the Resolution also calls for UN Member States to “consider, where appropriate, downgrading for official use intelligence threat and related travel data”. In this regard it must be recalled that “intelligence” gathered by security agencies does not always have to meet the legal standards that would be required for data gathered by law enforcement agencies.

Aside from “Border Security and Information Sharing”, the Resolution also outlines a host of requirements under the headings “Judicial Measures and International Cooperation” and “Prosecution, Rehabilitation and Reintegration Strategies”, as well as outlining various actions that should be taken by the UN.

Resolution 2396(2017) was accompanied by Resolution 2395(2017) that extends the mandate of the UN’s Counter-Terrorism Committee Executive Directorate (CTED), responsible for monitoring the implementation of UN counter-terrorism measures, until December 2021.

This article was originally published at http://www.statewatch.org/news/2018/jan/un-pnr-for-all.htm

UN press release: Security Council Urges Strengthening of Measures to Counter Threats Posed by Returning Foreign Terrorist Fighters, Adopting Resolution 2396 (21.12.2017)

UN Security Council Resolution 2395 (2017) on threats to international peace and security caused by terrorist acts (21.12.2017)

UN Security Council Resolution 2396 (2017) on threats to international peace and security caused by terrorist acts (21.12.2017)

Massive biometric “smart borders” database may be illegal (15.09.2017)

Court of Justice says no to EU-Canada travel surveillance deal as implementation of European system continues (26.07.2017)

PNR Directive: USA offers a helping hand to EU air travel surveillance and profiling efforts (14.06.2017)

(Contribution by EDRi member Statewatch, the United Kingdom)



24 Jan 2018

You can’t uphold the law by breaking the law

By Bits of Freedom

The Alliance of Liberals and Democrats for Europe (ALDE) invited EDRi member Bits of Freedom to speak at their annual New Year’s Seminar. Hans De Zwart, Director of Bits of Freedom, talked about how the rule of law can only be defended by the European Union taking an exemplary role including by strictly adhering to the rulings of the Court of Justice of the European Union and urgently taking action to be more transparent in its legislative processes:

Thank you very much for the opportunity to talk about these urgent topics. It is a pleasure to be here at the ALDE new year’s seminar.

For us, it might be stating the obvious that a Union can only successfully protect democracy, the rule of law and fundamental rights if it performs an exemplary role on all these points. And unfortunately, it is currently also obvious that the EU is not yet fulfilling that role. Two points need to be stressed. For one the EU should vigorously respect the rulings of the European Court of Justice and secondly, the EU must become (even) more transparent in its legislative processes.

So if we take a bird’s-eye view, we can see for example that the Court of Justice has ruled twice against data retention and those rulings have been wilfully ignored (meaning that in the Netherlands we had to go to a Dutch court to get the unlawful retention of data stopped).

We have seen the Court of Justice of the EU (thanks to tireless work by key ALDE MEPs like Sophie in’t Veld) rule against the proposed deal between Canada and the EU on PNR, the registration and profiling of air passengers. But the consequences of this ruling for the EU/Australia and EU/US agreements have been left wilfully unexplored.

----------------------------------------------------------------- Support our work - make a recurrent donation! https://edri.org/supporters/ -----------------------------------------------------------------

We have seen the Court of Justice rule against the mandatory filtering of internet access and social media services while at the same time seeing this ruling being explicitly circumvented through the introduction of an upload filter in the proposed Copyright Directive.

We’ve seen the EU adopt the Charter of Fundamental Rights, which requires that restrictions on our rights have to be necessary and provided for by the law, while also seeing the Europol Regulation giving unaccountable power to Europol’s Internet Referral Unit to make referrals not based on the law, but based on terms of service for the “voluntary consideration” of internet companies. There is no review process for these referrals, no statistics on subsequent investigations and — ironically in light of the data retention demands for records of innocent people — no retention of the associated evidence.

When it comes to transparency we have seen a shift from the traditional treaty-based decision-making process of legislation in the EU towards a non-democratic, non-accountable and non-transparent process of legislating: the trilogues.

The EU Ombudsman has demanded more transparency around the trilogues. She proposes that the documents in and around the trilogue negotiations — the trilogue dates, the initial positions, the agendas, the “four column documents”, the notes, the list of political decision makers involved and the final compromise texts — should all be made available to the public. This too is underpinned by a decision of the EU Court of Justice which states that the ability of EU citizens to find out the considerations that underpin legislative action is a precondition for the effective exercise of their democratic rights.

And very recently the Dutch COSAC delegation has also recommended to make the EU more transparent to its citizens. Their prime recommendation is, once again, for the EU to stick to its own law, in this case the Transparency Regulation and thus make legislative documents public in a systematic way and without any delay. Too often is too hard for people like me — civil society as the representation of citizens — to get access to the documents that they need to do their work.

So my ask here today for this Alliance of Liberals and Democrats for Europe is twofold, and I ask it with urgency:

Firstly, the Union can’t afford the current lackadaisical attitude towards the rulings of the European Court of Justice. Due process starts with respecting the law. Or in other words: you can’t uphold the law by breaking it.

And secondly, ALDE should support the Dutch perspective on transparency of the EU and at a minimum argue for a full implementation of the European Ombudsman’s position on the trilogues.

Because we can only develop a Europe of values by defending those values when it is difficult. And we develop a Europe of values by making decisions in public and not in closed-door trilogues. We should empower citizens by making the institutional changes necessary to ensure that citizens are truly heard.

This article was originally published at https://www.bof.nl/2018/01/09/you-cant-uphold-the-law-by-breaking-the-law/

(Contribution by Hans de Zwart, EDRi member Bits of Freedom, the Netherlands)



24 Jan 2018

CJEU hate speech case: Should Facebook process more personal data?

By Maren Schmid

Austria’s Supreme Court of Justice has referred a case to the Court of Justice of the European Union (CJEU) regarding hate speech on social media platforms. The referral could have a global impact on Facebook – and ultimately on our privacy and freedom of speech.

----------------------------------------------------------------- Support our work with a one-off-donation! https://edri.org/donate/ -----------------------------------------------------------------

The case goes back to 2016, when the former leader of the Austrian Green party, Eva Glawischnig, filed a lawsuit against Facebook over insulting post written about her, calling her a “corrupt oaf” and “wretched traitor to her people.” In May 2017, a court in Vienna ruled that the postings must be deleted across the platform, not just in Austria, but worldwide. The Austrian Supreme Court has now asked the Court of Justice of the European Union (CJEU) to confirm (a) if the deletion of a posting is only limited to the member state or should be done globally and (b) if Facebook has to delete only the individual post they were informed about, or also similar postings (for example by using an algorithm).

This raises numerous quite fundamental questions. First, the imposition of such a restriction based on automatic filtering appears to be a fairly literal contradiction to the Netlog/Sabam ruling, which opposed prior filtering of all content at the cost of a service provider (albeit dealing with different subject matter – copyright).

Secondly, it requires additional personal data processing from a company that rapaciously exploits user data for commercial purposes. While such cases are generally considered to be a simple balancing exercise between freedom of expression and the right being breached, the issue is more complex. Due to the personal data processing that the automatic filtering would require, the balance is between privacy, freedom of expression and freedom to conduct a business (especially if imposed on all providers subsequently, thereby also restricting competition) on the one hand, and combating hate speech on the other.

Thirdly, the application of the algorithm to “similar” cases requires a balancing judgement on how an (almost by definition) imperfect technology will be implemented by Facebook. This is especially relevant with regards to the last section of paragraph 1.3.8 of the Draft Recommendation of the Council of Europe (pending approval by Ministers in March 2018) on the roles and responsibilities of intermediaries, which points out the imperfection of automatic filtering – particularly as it cannot assess context. This article, for example, quotes the same words as were used against Eva Glawischnig, but are obviously not hate speech in this context.

If the CJEU were to support the view that Facebook should be obliged to filter by algorithm, it would have to configure its systems in a way that minimises its legal risks. To do this it would need to find a balance between the compelling reasons to over-censor and the limited reasons not take a more diligent approach:

Encouraging an error on the side of over-deletion, we have:

  • direct legal liability for failing to respect the order
  • secondary law on hate speech
  • implementation of terms of service, which are less clear and narrower than the law

Encouraging an error on the side of accuracy or under-deletion, we have:

  • customer relations

This would contradict various existing CJEU law on balancing of obligations. This balance of incentives is not conducive to free speech being protected. Support for extra-territorial application seems even more antithetical to the notion of freedom of expression and the rule of law. Restrictions on fundamental rights need to be accessible and predictable – it is challenging to imagine that the CJEU would consider that citizens elsewhere in the EU being subjected to regulation by imperfect Facebook algorithms would meet this criterion. It is puzzling that the Austrian court asked the question.

Fourthly, in the Telekabel case, the CJEU ruled as follows: “Accordingly, in order to prevent the fundamental rights recognised by EU law from precluding the adoption of an injunction such as that at issue in the main proceedings, the national procedural rules must provide a possibility for internet users to assert their rights before the court once the implementing measures taken by the internet service provider are known.” In addition to the fact that such national procedural rules generally do not exist, as shown by experience in Austria implementing that ruling, this safeguard is unenforceable in practice, because the measure will be (by definition) implemented for both illegal content and violations of terms of service.

Fifthly, the application of imperfect algorithms to “similar” and not necessarily illegal content (as well as inevitable extension to terms of service implementation) appears to fall below the standards demanded by the court in relation to the respect of the obligation for restrictions to be “provided for by law”. See, in particular, paragraph 139 of the EU/Canada PNR Opinion: “It should be added that the requirement that any limitation on the exercise of fundamental rights must be provided for by law implies that the legal basis which permits the interference with those rights must itself define the scope of the limitation on the exercise of the right concerned”.

How will the Court balance the rule of law, freedom of expression, privacy, basic principles of international law on predictability and accessibility and freedom to conduct a business with hate speech? Time will tell.

Draft Recommendation of the Committee of Ministers to member states on the roles and responsibilities of internet intermediaries

CJEU Opinion on EU/Canada PNR Opinion

(Contribution by Joe McNamee, EDRi, and Maren Schmid, EDRi intern)



24 Jan 2018

Can we ensure EU terrorism policies respect human rights?

By Ana Ollo

During 2017, the European Union (EU) increased its arsenal its “fight against terrorism”, namely by adopting a Directive on combating terrorism and by setting up a Special Committee in the European Parliament. In partnership with the Open Society European Policy Institute (OSEPI), the European Network Against Racism (ENAR), Amnesty International, Human Rights Watch and the International Court of Justice (ICJ), EDRi has been working to ensure that the EU and its Member States do not restrict fundamental rights and freedoms when developing, transposing and implementing EU counter-terrorism policies, in particular the EU Terrorism Directive.

----------------------------------------------------------------- Support our work - make a recurrent donation! https://edri.org/supporters/ -----------------------------------------------------------------

The Terrorism Directive was formally adopted on 15 March 2017, and Member States are expected to transpose it into their national legal systems by 8 September 2018. EDRi identified various sources of concern deriving from the text, but also some positive aspects.

On the negative side, the Directive uses unclear wording when defining terrorist offences, which could lead to abusive practices by national authorities. In addition, it says that consulting terrorist websites can be a terrorist crime. This is particularly interesting because the French Constitutional court ruled unconstitutional a similar provision in two occasions, most recently on 15 December 2017.

On the positive side, the Terrorism Directive offers Member States the opportunity to ensure more legal predictability and put an end to practices leading to unnecessary and disproportionate restrictions of fundamental rights, such as freedom of expression and opinion, privacy and non-discrimination. For instance, the Directive is clear that “the expression of radical, polemical or controversial views in the public debate” is excluded from the scope of application, and that “the notion of intention must apply to all the elements constituting [criminal] offences”. If the Directive was duly transposed and implemented in this regard, some mistakes made in the past would not be made in the future. As one example, the Spanish rapper César Strawberry would not have been condemned to prison for posting six tweets, as the Court would have had to consider whether he actually had the intention to commit a terrorist act.

Along with Amnesty International, ENAR, OSEPI, Human Rights Watch and ICJ, EDRi is participating in workshops organised by the European Commission with representatives from EU Member States to discuss the transposition and implementation of the Terrorism Directive. These workshops do not guarantee that the Member States’ national counter-terrorism legislations and policies will be human rights-compliant, in line with their obligations both under the Directive and the EU Charter of Fundamental Rights. However, we welcome this rare opportunity to raise awareness of human rights violations detected in several EU Member States and provide recommendations and legislative advice to countries’ representatives and the Commission itself.

By 8 March 2020, the Commission will have to produce a report to assess the completeness and the compliance of national rules with the EU Terrorism Directive. As advocated by EDRi, the Commission will also have to produce a report to assess the impact of this Directive on non-discrimination, fundamental rights and freedoms and the rule of law by 9 September 2021. For this, the Commission and the Member States will have to rigorously gather the necessary data, and they could make available streams of funding for NGOs to help with this an arduous job. We hope that the positive work of the Commission in facilitating our input in the transposition process presages a more timely and thorough report than it provided in the case of the data retention Directive (seven months late) and the child exploitation Directive (one year late).

Terrorism Directive: Document pool

EU Directive on combating terrorism (15.03.2017)

(Contribution by Ana Ollo, EDRi intern)



22 Jan 2018

Press release: 6th annual Privacy Camp takes place on 23 January 2018


Tomorrow, on 23 January 2018, Privacy Camp brings together civil society, policy-makers and academia to discuss problems for human rights in the digital environment. In the face of what some have noted as a “shrinking civic space” for collective action, the event provides a platform for experts from across these domains to discuss and develop shared principles to address key challenges for digital rights and freedoms.

Themed “Speech, settings and [in]security by design”, the one-day conference at the Saint-Louis University in Brussels features panel discussions and privacy workshops led by experts in the fields of privacy, surveillance and human rights advocacy. The nonprofit, nonpartisan event draws privacy activists, civil society representatives, public servants and academia of all ages and backgrounds who are interested in improving privacy and security in communications and work towards the respect of human rights in the digital environment.

This year, Privacy Camp also features the “Civil Society Summit” of the European Data Protection Supervisor (EDPS).

Among others, speakers of the Privacy Camp 2018 are Giovanni Buttarelli, Wojciech Wiewiorowski, Fanny Hidvegi, Glyn Moody, Katarzyna Szymielewicz, Juraj Sajfert, Marc Rotenberg. The full programme can be accessed here.


10 Jan 2018

2017: From EDRi to the world

By Maryant Fernández Pérez

2017 was a busy year for digital rights defenders. To advance our mission to defend and promote your rights to privacy, data protection, and freedom of information, expression and opinion, we worked hard to engage with European level decision-making, but also did our best to get out of the Brussels “EU bubble” and enhance digital rights across Europe and beyond. How?

1. Increasing our international outreach

In 2017, EDRi spoke in events in 15 countries. We gave numerous expert presentations in the European Parliament, the European Commission, the Council of Europe, national Permanent Representations to the European Union, the European Economic and Social Committee, and other key institutions. We also spoke about our work in many universities to explain the importance of digital rights. In addition, we wrote guest articles in various publications and were quoted in international news outlets.

Furthermore, we participated in key international events, including the Computers, Privacy and Data Protection International Conference (CPDP), the Internet Freedom Festival (IFF), Re:publica, RightsCon, the OSCE-Council of Europe’s Internet Freedom Conference, Council of Europe’s expert meetings on intermediaries, Copycamp, the United Nations Internet Governance Forum, and the Chaos Communication Congress.

We also co-organised several events with international reach , such as the Privacy Camp, the Civil Society Trade Lab, and the School of Rock(ing) Copyright in Slovenia, Hungary and Portugal.

In addition to the events, EDRi set up an Advisory Council to add expertise from international experts outside the EDRi network.

2. Maintaining and building new international alliances

The defence and promotion of digital rights cannot be achieved by only one single organisation. That is why in 2017 we led and participated in several formal and informal coalitions, including on data protection, e-Privacy, encryption, cross-border access to data, net neutrality (see here, here and here), telecoms, net competition, copyright reform (see here, here and here), free and open source software, and digital trade.

Moreover, we remained an active and proud member of the Trans Atlantic Consumer Dialogue (TACD). In 2017, EDRi also became a member of the Non Commercial Users Constituency (NCUC).

3. Strengthening the EDRi network globally

In 2017, we focused on invigorating our network. Without our 35 members and many other observer organisations and individuals, we could not have the reach and impact that EDRi has worldwide. After launching a Community network working group in 2016 and seeking internal and external input, we hired our amazing Community Manager, Guillermo Peris.

We organised four informal EDRi meet-ups on top of our annual General Assembly: one at Freedom Not Fear (Brussels); one in cooperation with Epicenter.works (Vienna); one at Re:publica (Berlin) and one at the United Nations Internet Governance Forum (Geneva). The purpose of these informal gatherings was to better connect, cooperate and share knowledge among the membership.

4. Thanks for supporting our work for digital rights

We want to thank all those supporting European Digital Rights (EDRi). May 2018 bring us many victories for the protection and defence of our privacy, personal data & freedom of opinion and expression online!

We are committed to defending digital rights in the best possible way. Do you have any suggestions to further improve in 2018? Please, contact us at brussels [at] edri.org.

----------------------------------------------------------------- Support our work - make a recurrent donation! https://edri.org/supporters/ -----------------------------------------------------------------

From EDRi to the world in 2016 (25.01.2017)

(Contribution by Maryant Fernández Pérez, EDRi)