08 Mar 2019

Women’s rights online: tips for a safer digital life

By Chloé Berthélémy

The internet is an incredible tool and has empowered women to speak up, react and organise to face patriarchy and oppression. But the internet is not a neutral place – sexist, racist, homophobic and other violent types of behaviour and content are disproportionately affecting women. This International Women’s Day, we would like to celebrate positive stories and provide practical tips, accessible tools and material for women’s digital safety, security and privacy.

This article covers:

  1. Browsing safely and anonymously
  2. Securing accounts and communications
  3. Gaming safely
  4. Facing and recovering from online harassment
  5. More resources

Women are more likely to be subject to online harassment and violence, massive campaigns of abuse and intimidation, or exploitation and manipulation of private data. An Amnesty International report found that women of colour, women with disabilities, lesbian, bisexual, trans women and women at the intersection of forms of oppression are even more targeted. Factors are manifold: little accountability of malicious attackers leading to a feeling of impunity, or the lack of knowledge of companies and developers about violence and abuse on their infrastructures. Victims are left with little support for the violence they’ve encountered. This leads women to self-censor, restrict their freedom of expression and their meaningful participation online.

Browsing safely and anonymously

When browsing the web, personal data and internet activity are being collected and recorded. Websites collect data such as demographics, intimate interests and tastes, personal habits and hobbies. This enormous amount of personal data includes sensitive information like credit card data, physical location, sexual preferences, religion, health and others. This information is extremely valuable to companies, governments and malicious actors alike and can be exploited and facilitate targeted attacks on women. One part of the solution is to use encryption. Using encryption is not as hard as it seems: Start with HTTPS Everywhere, a browser add-on that tells websites you visit to use encryption when available (a browser add-on is a small programme that customises your browser’s behaviour).

The infamous cookies are small pieces of data stored by websites on your devices and originally designed to remember your previous choices on a website such as form fields, shopping card items and language choice. Today, they are often used by third parties to assign you a unique identifying number which helps advertisement companies to follow you around across the web. While you probably want to allow some of the useful cookies on shopping portals and other websites, it’s definitely a good idea to block all third party cookies. This can be done directly in your browser settings.

Other forms of snooping include website trackers which are mostly used by advertisement companies. Trackers are little snippets of computer code often invisibly embedded in advertisement on all kinds of websites including your favourite newspaper, shopping site and social network. Trackers are often served by a third-party such as Google or Facebook rather than by the original owner of a website. You know those “Like” buttons you find all over the web? That’s actually a tracker telling Facebook which sites you’ve visited and which newspaper articles you’ve read. Luckily, two simple browser add-ons will help you block undesired trackers: Install Privacy Badger and Ublock Origin and you’re good to go.

Alternatively, in order to increase anonymity, you can use the Tor network or a Virtual Private Network. Those tools are particularly tailored and recommended for politically active women, human rights defenders or even women fearing for their safety. More information can be found here and here.

For women especially, the collection of data for commercial purposes can be very intrusive. Many doubts have been cast on menstruapps, which are very popular health-related mobile applications helping women to monitor their menstrual cycles. Not only do these apps know about the time period, but also invite users to share very intimate details about their periods like symptoms or sexual drive. Menstruation, pregnancy, online dating and many more aspects of women’s lives are turned into marketing targets. Another advice: never blindly trust mobile apps.

Lastly, it is important to note that websites often request too much information about users in order for us to be allowed to use of the service. More than just an email address and a password, websites may require a name, a location, and other unnecessary details. A good rule to follow is to only give personal information that is absolutely necessary – an email address to receive a registration confirmation or to retrieve a password for example. The rest is up to one’s imagination and creativity: fake address, fake birth date, etc. Faking means lowering the risk of having personal information possibly compromised.

Securing accounts and communications

Staying safe online also means protecting your communications and accounts against identity theft and hacking. When it comes to securing personal accounts, strong passwords are key. Here are the latest rules to create super strong passwords. Don’t use the same password across websites and services, and if you have more passwords than you can remember, use a password manager that keeps them all in one secure place for you. Another good practice to reduce the risk of hacking is to activate two-factors authentication when it is available: after entering a password, you will receive a second code on a different device or service.

As for browsing, encryption is good practice for communication, too, in order to avoid data mining by marketers and surveillance agencies. Pretty Good Privacy (PGP) for emails and messaging apps like Signal offer end-to-end encryption and are good starting points.

Intimate communications such as explicit pictures are particularly vulnerable content that can be used for all kinds of harassment practices such as “doxxing” (blackmail) or “revenge porn”. Specific advice on how to do sexting safely can be found here.

Gaming safely

When it comes to gaming, and especially multiplayer games, the experience for women can be less than enjoyable. In order to stay safe from harassment or sexism, there are a couple of things that you can put in place: You can make use of games’ reporting systems, mute an individual player in the chat function, don’t use your real name but instead register with a pseudonym that does not hint to your gender, don’t use a gamertag that you already use in other social media profiles, don’t use a real photo of yourself for your profile, and don’t give away any personal information in chats, such as your phone number or location.

Facing and recovering from online harassment

Women – and in particular women of colour, women with disabilities and lesbian, bisexual or trans women – represent the majority of harassment and violence targets. As a consequence, many women’s experience on social media leads them to self-censor what they post, and sometimes even delete their account. If you’re experiencing harassment on social media platforms such as Twitter, there are possibilities to cope with the situation and fight back. For example, victims can ask platforms to delete, suspend or send a warning to harassing accounts. HeartMob is a supportive tool where people can document the harassment they are experiencing on social media and request the support they need from an online community.

For women who are human rights defenders or political activists, taking action on this issue may include developing fully-fledged security and protection strategies for human rights defenders. Threats, incitement to rape or any form of violence is illegal and can be notified to law-enforcement authorities. Victims-support NGOs and services can assist you.

More resources


19 Feb 2019

EDRi’s Press Review 2018


During the past year, our work to defend citizens’ rights and freedoms online has gained an impressive visibility – we counted more than three hundred mentions! – in European and international media. Below, you can find our press review 2018.


01/01 EU i linedans mellem desinformation og censur (Mandag Morgen)
10/01 Does Software Piracy Hurt Sales? The $431,000 Buried EU Study Says ‘No’ (PC Steps)
16/01 O francês Macron poderá vencer a guerra contra as fake news? (Veja)
19/01 El RGDP: nueva normativa europea a partir de 2018 (1&1Digital Guide )
20/01 GDPR: Harmonization or Fragmentation? Applicable Law Problems in EU Data Protection Law (Berkley Technology Law Journal)
22/01 Šmírování zuby nehty (České noviny)
22/01 Kampf gegen Hate SpeechDie EU setzt weiterhin auf Freiwilligkeit (Deutschlandfunk)
23/01 Youtube scannt “hunderte Jahre” Videomaterial am Tag (Süddeutsche Zeitung)
31/01 Net neutrality in Europe: will the US case change the way our telecom suppliers provide internet services? (EU Logos)


03/02 Neutralité du net : “Certains voudraient faire d’internet un nouveau minitel” (Sciences et Avenir)
09/02 Commission lobbies for police access to website owners list (Euractiv)
12/02 Logan Paul: Following the YouTube controversy, should social media have the same regulations as journalism? (Independent)
13/02 EU-Kommission will Plattformen die Löschung von illegalen Inhalten ohne Netz und doppeltem Boden empfehlen (Netzpolitik.org)
13/02 Tutto quello che Tinder sa di te. Da leggere prima di San Valentino (Cyber Security)
13/02 Bruxelles passe à la vitesse supérieure contre les contenus illégaux en ligne (document) (Contexte)
14/02 Auf Facebook kommt in Europa eine Lawine an Verfahren zu (Radio fm4)
14/02 Germany: Flawed Social Media Law (No Comment Diary)
14/02 EU adds pressure on online platforms with plan for fast removal of terrorist content (EURACTIV)
14/02 L’UE durcit le ton sur les contenus à caractère terroriste en ligne (EURACTIV.fr)
14/02 Germany: Flawed Social Media Law (World Justice News)
14/02 Dating online, Garante Ue Buttarelli ‘L’uso dei nostri dati non è chiaro’ (Privacy Italia)
15/02 Netizen Report: In Leaked Docs, European Commission Says Internet Companies Should Self-Regulate on Harmful Speech (Slate)
15/02 Commission suggestions for speeding up removal of illegal online content in keeping with the voluntary approach (Agence Europe)
15/02 Europa will mehr löschen lassen (Spiegel)
15/02 EU-Kommission: Nutzer können gegen Facebook & Co in ihrem Herkunftsland klagen (HeiseOnline)
15/02 Leak: Online-Plattformen sollen illegale Inhalte innerhalb einer Stunde löschen (EurActive)
16/02 Tweets of the Week: Dutch minister resigns, Boris Johnson’s credibility, and Bad Valentines (EURACTIV)
16/02 De la neutralité du net à celle des terminaux (Le Monde)
18/02 «Echaríamos a todo gobierno que nos pidiera los datos que le damos a Facebook» (El Correo)
18/02 Terror als Vorwand der EU-Kommission für Copyrightfilter (Radio fm4)
17/02 Netzpolitischer Wochenrückblick KW7: Daten minimieren mal anders (Netzpolitik)
19/02 Keine Ent­schä­d­i­gungs­re­ge­lung für Ato­m­aus­s­tieg / BVerwG prüft Fahr­ver­bote / Deniz Yücel frei (Legal Tribune Online)
20/15 Rapport Netizen: Selon un document fuité de la Commission européenne, les entreprises de technologie devraient s’auto-réguler sur les discours offensants (Global Voices)
22/02 Une messagerie sécurisée, privée et chiffrée ? Voici Mailfence ! (GeekHebdo)
23/02 Explained: what the EU’s major new data protection rules mean for you (EuroNews)
23/02 The Rise of the Namibian Surveillance State: Part 2 (The Namibian)


01/03 EU Commission’s Recommendation: Let’s put internet giants in charge of censoring Europe (EUbusiness.com)
01/03 EU gives Facebook and Google three months to tackle extremist content (The Guardian)
01/03 EU piles pressure on internet giants to remove extremist content (The Jerusalem Post)
02/03 /EU Tells Internet Firms to Delete Terrorist Content Within One Hour (PCMag)
07/03 General Data Protection Regulation: new laws from 2018 (1&1 Digital Guide)
08/03 Es duro ver a España en la misma lista que Turquía al hablar de respeto los derechos digitales y la privacidad (Publication)
08/03 Council of Europe takes world-leading step towards protecting online rights (EUbusiness.com)
08/03 EU ‘Recommends’ 1 Hour Takedown on Terrorist Content (Find VPN)
09/03 #failoftheweek: Es lebe das Flugtaxi / Die neuesten Tricks der Tracker / Dillon zu Gast im Studio / Interview mit den Young Fathers / Auf ARD-Alpha startet “Respekt” (1:05:30) (Radio Bayern 2)
15/03 EU Pushes More Censorship… To “Protect” You (Zero Hedge)
13/03 ‘Insidious’ and ‘Dangerous’: Digital Privacy Groups Issue Urgent Warning Over CLOUD Act (Common Dreams)
20/30 CLOUD Act Could Repeal Fourth Amendment Rights by March 23 (Trillions)
22/03 Interview: The ethics of big data, Facebook & Cambridge Analytica (WikiTribune)
23/03 Facebook under scrutiny in the the U.S. and the UK over Cambridge Analytica scandal, users in Iran blocked from Apple’s App Store, U.S. Congress urged to consider “implications” of CLOUD Act (Ranking Digital Rights)
26/03 Rushed US Cloud Act triggers EU backlash (EU Observer)
28/03 CLOUD Act puts Fourth Amendment at Risk (Liberty Nation)
30/03 Upload Filter: Das Ende des freien Internets? (Undogmatisch.net)
31/03 Europe is dealing with Facebook in a way the U.S. hasn’t (NY Daily News)


02/04 GOOGLE E FACEBOOK: espionagem no tempo de internet – Por Estevam Dedalus (Polêmica Paraíba)
02/04 Google och Facebook lägger miljoner på att påverka EU-politikerna (Expressen)
03/04 Contra el filtrado de contenido en Internet y el impuesto a la cita: paremos la #CensorshipMachine (Publico)
03/04 Retro: Ústavní soud zrušil protiústavní šmírovací zákon (Almanach)
04/04 Around 100 organisations urge Council of Europe to show greater transparency in negotiations on cybercrime (Agance Europe)
04/04 “Not Transparent”: NGOs Hit Out at Cybercrime Convention Talks (Computer Business Review)
05/04 Cos’è la General Data Protection Regulation (GDPR), la nuova legge UE per la privacy (EuroNews)
06/04 Forze dell’ordine e Ministeri italiani in balia dell’antivirus… di Mosca (EuroNews)
07/04 Russia e Cina monopolizzano la sicurezza informatica europea (Gli Occhi Della Guerra)
09/04 EU: Více cenzury pro vaše „dobro“ (Tadesco)
09/04 Websites Worry EU May Seek Heavy Copyright Monitoring (Big Law Business)
10/04 Gafa : «Les géants du Net ont compris qu’il faut composer avec l’UE» (La Croix)
11/04 Contra el filtrado de contenido en internet (Avanguardia)
12/04 L’activisme digital alça la veu contra la directiva europea que vol protegir els drets d’autoria a Internet (Directa)
12/04 Internet Censorship – Guess What’s Coming Next? (True Publica)
16/04 EU to give judges power to seize terror suspect emails and texts (Financial Times)
17/04 Proposal Gives EU Judges Power To Demand Data Across Borders (Silicon UK)
17/04 Brussel wil bedrijven buiten EU dwingen data te overhandigen (NU.nl)
17/04 Η Κομισιόν θα αναγκάσει τους τεχνολογικούς κολοσσούς να παραδίδουν άμεσα τα ηλεκτρονικά μηνύματα υπόπτων τρομοκρατίας (Lifo)
17/04 Europa dwingt techbedrijven data van terreurverdachten vrij te geven (Demorgen)
17/04 Europa dwingt techbedrijven data van terreurverdachten vrij te geven (HLN)
17/04 EU to force tech firms to hand over terror suspects’ messages (The Guardian)
17/04 Tech companies to be forced to give police overseas data under EU proposal (Reuters)
17/04 EU proposes ‘revolutionary’ fast-track system for police data access (EURActive)
17/04 The EU may order tech firms to hand over terror suspects’ data inside 6 hours (Technology review)
17/04 Europese Commissie wil dat techbedrijven data sneller gaan overhandigen (Dutch IT Channel)
17/04 EU “e-evidence” proposals turn service providers into judicial authorities (EU Business)
17/04 Kritik mot EU-förslag om utlämning av data (Ny Teknik)
17/04 Kritik mot EU-förslag om utlämning av data (Sydvenskan)
17/04 EU kräver snabbare hjälp från Facebook och Apple (BreakIt)
17/04 EU vil tvinge techgiganter til at udlevere data hurtigt (Berlingske Business)
17/04 Perusahaan Teknologi Wajib Serahkan Data Pengguna ke Otoritas UE (Kabar24)
18/04 EU proposal to force tech firms to give overseas data to police (EJ Insight)
18/04 Title (Publication)
18/04 EU plans to increase access to electronic evidance in court cases (EU Policies)
18/04 Tech titans could be forced to give police overseas data under new proposal (ARN)
18/04 L’UE s’achemine vers l’obligation de partage de données avec la police (EurActive)
18/04 EU: Mere censur for at “beskytte” (Dokument)
18/04 EU wil bedrijven buiten Europa gaan dwingen data te overhandigen (Numrush)
18/04 Unia chce dać policji łatwiejszy dostęp do naszych danych online (Onet Wiadomości)
18/04 Proposals on electronic evidence perceived as hasty response to US CLOUD Act (Agance Europe)
19/04 Szykują się pierwsze skargi na podstawie RODO (Gazeta Prawna)
23/04 Tarifários zero rating em Portugal criticados por organizações internacionais (SapoTek)
23/04 “Portugal tem as piores violações da neutralidade da internet” (Pais ao Minuto)
23/04 Associações europeias pedem à Anacom medidas para “internet livre e aberta” (Expresso)
23/04 Associações europeias pedem à Anacom medidas para “Internet livre e aberta” (Diario de Noticias)
Associações europeias pedem à Anacom medidas para “Internet livre e aberta”
(Dinheiro Vivo)
23/04 Organizações de diversos países pedem à ANACOM que defenda a neutralidade da Internet (Ardina)
23/04 Perusahaan Teknologi Harus Serahkan Data Luar Negeri di bawah Proposal U (Saru Harapan)
24/04 Portuguese NGOs urge Anacom to block zero-rating offers (Telecom Paper)
24/04 Organizações internacionais pedem à ANACOM o fim do zero-rating (Aberto até de Madrugada)
24/04 Facebook is about to get hit with regulation, just not from the U.S. (The Informer)
25/04 Männer in der digitalen Welt (Volksblat)
25/04 Net neutrality death delayed (Capacity Media)
26/04 Tech Companies to Be Forced to Give Police Overseas Data under EU Proposal (OMG News)
26/04 Over 145 organisations representing a broad spectrum of stakeholders join forces to call upon the EU Member State Ambassadors to continue technical discussions on the copyright reform and to not grant the Bulgarian Council Presidency a mandate to negotiate with the European Parliament (CopyBuzz)
26/04 EU pritišće Facebook i Google da pojačaju borbu protiv lažnih vijesti (Lider)
26/04 EU piles pressure on social media over fake news (Reuters)
26/04 EU-Kommissar für Sicherheitsunion fordert Klarnamen-Registrierung im Internet (NetzPolitik)
26/04 EU tells platforms to sort fake news by October or face new law (EU Observer)
26/04 “Fake news” strategy needs to be based on real evidence, not assumptions (EU Business)
26/04 Organizações de diversos países pedem à Anacom que defenda a neutralidade da Internet (Ardina)
26/04 EU jača pritisak na društvene mreže zbog širenja lažnih vijesti (AlJazeera Balkans)
26/04 EU tells social media giants to combat fake news or face new regulations (BrinkWire)
26/04 EU jača pritisak na društvene mreže zbog širenja lažnih vijesti (Publication)
26/04 EU piles strain on social media over faux information (Mining for news)
26/04 Europska komisija sastavlja Kodeks za sprječavanje širenja lažnih vijesti (Index.hr)
26/04 EU piles pressure on social media over fake news (UsamaTech)
26/04 EU Piles Pressure on Social Media Over Fake News (America News Portal)
27/04 EU piles pressure on social media over fake news (CGTN)
27/04 EU Piles Pressure on Tech Giants Like Facebook, Google Over Fake News (News18)
27/04 EU Piles Pressure on Social Media Over Fake News (NewsRains)
27/04 EU Piles Pressure on Tech Giants Like Facebook, Google Over Fake News (Newsnow)
27/04 Letzte Ausfahrt: Gesetzgeberische Maßnahmen (MDR.de)
27/04 Unión Europea no sede terreno ante noticias falsas (El Tiempo)
29/04 EU tells social media giants to combat fake news or face new regulations (ProNews)
30/04 Burgerrechtenbeweging bezorgd om e-privacywetten (Computable)


02/05 Why Europe’s privacy clampdown may not solve Facebook’s data scandal woes (Foxnews)
02/05 “Rights offline are valid online, laws offline are valid online”, says global Internet expert at World Press Freedom Day launch (DemerareWaves)
02/05 France, Spain, Italy and Portugal go beyond maximalist on © (CopyBuzz)
07/05 EU-Staaten arbeiten an neuen Ansätzen zur Vorratsdatenspeicherung (Heise Online)
08/05 Nowy model pozyskiwania danych cyfrowych w sprawach karnych (Publication)
10/05 Conoces tus derechos digitales (ElMundo)
15/05 EDRi calls on Parliament’s political groups to ban micro-targeting in their election campaigns (Agance Europe)
15/05 Offener Brief: Europäische Parteien sollen auf Microtargeting verzichten (Netzpolitik)
15/05 Title (DKE Chicago)
18/05 Netzpolitischer Wochenrückblick KW 20: Bayern kriegt Polizeigesetz, Berlin informiert über Funkzellenabfrage (Netzpolitik)
22/05 What Europe needs to ask Mark Zuckerberg (Politico)
22/05 Perusahaan-Perusahaan Teknologi Wajib Berbagi Data (NNews.id)
22/05 GDPR: How Europe’s new Internet rules could change your life (alJazeera)
22/05 Facebook CEO Mark Zuckerberg begins European leg of apology tour (Los Angeles Times)
23/05 Facebook’s Zuckerberg in Europe as tough data rules take effect (rfi)
23/05 European Union’s General Data Protection Regulation and Lessons for U.S. Privacy Policy (Competitive Enterprise Institute)
23/05 Cos’è la General Data Protection Regulation (GDPR), la nuova legge UE per la privacy (EuroNews)
24/05 Ons vier jaar durende gevecht voor de bescherming van jouw gegevens (HQ-Niews)
24/05 Com ens protegeix el nou reglament europeu de protecció de dades? (VilaWeb)
25/05 RODO: koniec z traktowaniem nas jak towar (Portal Pomorza)
25/05 Czy RODO oznacza koniec traktowania nas jak towarów? (DII)
25/05 Today, a new E.U. law transforms privacy rights for everyone. Without Edward Snowden, it might never have happened. (The Washington Post)
25/05 GDPR: European tech firms struggle with new data protection law (AlJazeera)
25/05 POLITICO Brussels Influence, presented by The GSMA: Facebook hearing mess — EU election countdown — In-house agencies (Politico)
25/05 Unión Europea implementa fuertes medidas de protección de privacidad en internet (LeRed21)
31/05 The latest EDRi-gram (Wired)
31/05 Proposed EU Copyright Law Could Drastically Change Internet Sharing and Publishing (ECW)
31/05 Industry groups amp up lobby campaign to topple ePrivacy bill (EurActive)


01/06 GDPR a EDSM: Od svobodného internetu na hlídaný EUnet? (PCtunning)
03/06 European Digital Rights Activists Warns About EU Censorship Machine (FreezeNet)
04/06 EU-US work on police access to data hits roadblocks (PoliticoPRO)
05/06 Compte rendu de la conférence du 24 mai 2018 – Conversations européennes #3 – Réguler l’internet, un enjeu politique européen (EU Logos)
08/06 EU GDPR Comes Into Force, But Reaction Is Divided (FreezeNet)
11/06 Internet se může zcela změnit. Kontroverzní zákon je o krok blíž (Svobodni Svet)
DD/MM Title (Publication)
06/06 Dok se mi “zabavljamo” GDPR-om, EU uvodi “porez na linkove” i filtriranje naših sadržajae (Netokracija)
11/06 Kodi CLAMPDOWN: New piracy laws could change the face of illegal streaming FOREVER (Express)
12/06 Will EU copyright law ‘carpet bomb’ the digital world? (New Internationalist)
13/06 Will US net neutrality repeal be felt around the world? (WikiTribune)
14/06 What’s really behind the EU law that would ‘ban memes’ – and how to stop it before June 20 (TheNextWeb)
15/06 What’s in actuality within the help of the EU law that can perchance “ban memes” – and cease it before June 20 (Multinews)
14/06 L’Internet libre et ouvert est en danger : vous pouvez arrêter ce désastre (Linuxfr)
15/06 Europe’s Proposed “E-Evidence” Package Draws Fire (FreezeNet)
20/06 EU birokrati izglasali cenzuru interneta i zabranu memea, što sada? (Index)
20/06 EU takes first step in passing controversial copyright law that could ‘censor the internet’ (The Verge)
20/06 EU Copyright Reform Proposal Clears Lead Legislative Committee, To Cheers And Jeers (Intellectual Property Watch)
20/06 New EU Rules Could Ban Memes and Destroy the Internet as We Know It (AntiMedian)
20/06 EU Committee Approves Copyright Directive (Computer Business Review)
20/06 Internet Pioneers Warn New EU Rules Would Turn Web Into “Tool for Automated Surveillance and Control” (Common Dreams)
20/06 Joe McNamee: «Cette directive renforce la domination des géants du web» (Le Soir)
20/06 MEPs ignore expert advice and vote for mass internet censorship (EU Observer)
20/06 Europe takes another step towards copyright pre-filters for user generated content (TechCrunch)
20/06 Europe Slams the Door on Free Speech and Passes Article 13 (Freezenet)
20/06 EU-Urheberrecht: Weichenstellung für Upload-Filter und Presse-Leistungsschutzrecht (iRight info)
20/06 Europe takes another step towards copyright pre-filters for user generated content (Blogramo)
20/06 Europe Slams the Door on Free Speech and Passes Article 13 (FreezeNet)
20/06 Europe takes another step towards copyright pre-filters for user generated content (TopTechz)
20/06 Europe takes another step towards copyright pre-filters for user generated content – TechCrunch (Tech News)
20/06 Copyright: la commissione giuridica del Parlamento europeo ha votato per la censura di massa su Internet (Virtual Blog News)
20/06 La red se moviliza contra la propuesta europea de copyright que pretende convertir a las empresas en policías de contenidos (Publico)
20/06 Pioneros de Internet advierten que las nuevas normas de la UE convertirán la web en una “herramienta para la vigilancia y el control automatizados” (Steemit)
20/06 Europe takes another step towards copyright pre-filters for user generated content (Tech News Park)
20/06 Europe takes another step towards copyright pre-filters for user generated content – TechCrunch (Tech Snaq)
20/06 https://www.curtisryals.com/2018/06/20/eu-parliamentary-committee-votes-to-put-american-internet-giants-in-charge-of-what-speech-is-allowed-online/ (Curtis Ryals Reports)
20/06 EU Parliamentary Committee Votes To Put American Internet Giants In Charge Of What Speech Is Allowed Online (Give info)
20/06 https://netzpolitik.org/2018/schlag-gegen-die-netzfreiheit-eu-abgeordnete-treffen-vorentscheid-fuer-uploadfilter-und-leistungsschutzrecht/ (NetzPolitik)
21/06 Como uma nova legislação europeia de direitos autorais pode arruinar a internet como a conhecemos (Gizmodo Brasil)
21/06 Internet Pioneers Warn New EU Rules Would Turn Web Into “Tool for Automated Surveillance and Control” – Jessica Corbett (Wall Street Window)
21/06 Europe takes another step towards copyright pre-filters for user generated content – TechCrunch (Tech News)
21/06 European Parliament’s Legal Affairs Committee Goves green Light to Harmful Link Tax and Pervasive Platform Censorship (Censored Today)
21/06 Филтри и данък върху линковете – какво означават те за нас? (Conservative)
21/06 Пагубни решения за свободното разпространение на информация (Terminal3)
22/06 #LaRéplique – L’approbation par le parlement européen de la directive Copyright suscite des inquiétudes (EurActive Blogs)
22/06 Schlag gegen die Netzfreiheit:EU-Abgeordnete treffen Vorentscheid für Uploadfilter und Leistungsschutzrecht
(Demokratisch Links)
24/06 “Copyright protection in the EU”: the new reform can affect not only the media platforms (Habrahabr)
24/06 The new reform can affect not only the media platforms / IT-GRAD / Habr company blog (TechOrt)
24/06 Die große Filterphobie (Taz)
24/06 European Parliament’s Legal Affairs Committee Gives Green Light to Damaging Link Tax and Pervasive Platform Censorship (SCAm Channel)
25/06 Zivilgesellschaft: EU-Kommission muss gegen Vorratsdatenspeicherung vorgehen (Heise Online)
25/06 La commission des affaires juridiques du Parlement européen a voté pour les robots-censeurs de l’article 13 : quelle sera la suite ? (My tiny Tool)
26/06 La direttiva europea sul copyright minaccia internet? (World News netwoek Italy)
28/06 The latest EDRi-gram (Wired)
29/06 Segons European Digital Rights (EDRi) Espanya destaca “vergonyosament” en llibertat d’expressió (Català Digital )
29/06 EU-Copyright-Eklat: Dorothee Bär und Netzpolitiker gegen Upload-Filter (Heise Online)
29/06 Otra ONG de defensa de los derechos civiles pide derogar la ‘ley mordaza’ (El Nacional)
28/06 Directive Copyright : le vote du Parlement européen fixé au 5 juillet (Numerama)
28/06 La direttiva dell’UE sul copyright: una minaccia per la rete? (Buongiorno Slovachia)
29/06 Otra ONG de defensa de los derechos civiles pide derogar la ‘ley mordaza’ (Niews Reporter)
30/06 Europe takes another step towards copyright pre-filters for user generated content (TYoungSystems)


02/07 Interview zur DSGVO: Mit so krassen Reaktionen wurde wirklich nicht gerechnet (TreffPunktEuropa)
02/07 MEPs’ email says Article 13 “will not filter the internet”; JURI MEP’s tweet says it will (CopyBuzz)
02/07 https://unita.news/2018/07/02/i-danni-che-la-direttiva-sul-copyright-fara-alle-nostre-liberta-e-cosa-possiamo-fare-per-contrastarla/ (Unità News)
03/07 Italian Wikipedia ‘goes dark’ in protest over proposed EU copyright laws (NewsTalk)
03/07 Title (Heise Online)
03/07 EDRI Publishes Legal Analysis of Upload Filter Legislation, Article 13 (FreezeNet)
03/07 Copyright Filter: EU Rapporteur Voss accuses opponents of “Fake News” before (Techwarf)
03/07 Folgenschwere Abstimmung: EU-Parlament entscheidet über Zukunft des Urheberrechts (NetzPolitik)
04/07 Copyright: Wikipedia dopo Italia, al buio anche Spagna, Lettonia ed Estonia (Radio Roseto)
04/07 Όταν το όραμα γίνεται ψευδαίσθηση: Η Πρόταση Οδηγίας για τα δικαιώματα πνευματικής ιδιοκτησίας στην ψηφιακή ενιαία αγορά (Lawpost)
04/07 Es geht um Fairness – nicht um Zensur (Frankfurter Allgemeine Zeitung)
04/07 Folgenschwere Abstimmung: EU-Parlament entscheidet über Zukunft des Urheberrechts (Kein Feiwild)
05/07 European MEPs Saves the Internet and Rejects Article 11 and Article 13 (FreezeNet)
05/07 Im nächsten Kampf um die Netzfreiheit (Sichtplaz)
05/07 Im nächsten Kampf um die Netzfreiheit (Sichtplaz)
05/07 Chi vuole e chi no la direttiva europea sul copyright (Wired)
05/07 Direttiva Ue sui diritti d’autore, quali conseguenze sull’informazione digitale (Due Righe)
05/07 “Todesdrohungen”: Klagen über Lobbying überschatten EU-Copyright-Entscheid (Heise Online)
05/07 Im nächsten Kampf um die Netzfreiheit (Sichtplaz)
05/07 Article 13 rejected by MEPs: What you need to know about the law that could have killed internet culture (alphr)
05/07 European Parliament Rejects Starting Negotiations On Copyright Reform Proposal (Intelectual Property Watch)
05/07 EU Parliamentarians support an open and democratic debate around the Copyright Directive (EUbusiness)
06/07 European Union rejects controversial copyright reforms (PCfind)
06/07 Europe takes another step towards copyright pre-filters for user generated content (VivalTopFeeds)
06/07 EU-Urheberrechtsreform: Das sind die Reaktionen auf die Entscheidung des Europäischen Parlaments (Cancom)
06/07 Alleged “meme ban” stalls in Europe; internet celebrates with memes (Salon)
06/07 Reform des Urheberrechts – Zwischen Todesdrohungen und Begeisterung – Reaktionen auf EU-Entscheid (Gamestar)
10/07 MEPs send copyright reform proposal back for rethink (EUbusiness)
11/07 Council of Europe cooperation against cybercrime — human rights Octopus or fishy deals? (FinTechLog)
14/07 Privacy Rights Organization Zwiebelfreunde Raided by German Police (FreezeNet)
16/07 Ceta, si crede ancora che porterà guadagni miracolosi. Ma i numeri dicono altro (Il Fatto Quotidiano)
16/07 Get to Know Berlin’s Hottest Female Entrepreneurs for 2018 (The Culture Trip)
18/07 What will it take to #savetheinternet in Europe? The view from Romania (Globam Voices)
23/07 Schutz gegen Tracking unerwünscht: Österreich verschiebt ePrivacy-Reform auf den St. Nimmerleinstag (Netzpolitik)
24/07 YouTube patzt beim Löschen von Terrorvideos (Heise Online)
27/07 Digitaler Binnenmarkt – here we come? (UdL Digital)
31/07 EFF Pioneer Awards 2018 an Netzaktivisten Joe McNamee, Fair-Use-Kämpferin Stephanie Lenz und Forscherin Sarah T. Roberts (Netzpolitik)
31/07 Cosa bisogna fare per #salvareinternet in Europa? Punti di vista dalla Romania (Global Voices)


14/08 How to file a copyright infringement complaint on YouTube (Pleaders)
15/08 3 ways to ensure the internet’s future is creative, collaborative, and fair (BigThink)
19/08 El Internet Freedom Festival 2019 buscará consolidar València como la “capital mundial de los derechos digitales” (EuropaPress)
20/08 Internet Freedom Festival torna per a consolidar València com a “capital mundial dels drets digitals” (Valencia Extra)
21/08 EU aiming at early removal of extremist content (China Daily)
21/08 EU to force removal of extremist content (Ecns.cn)
23/08 #SaveYourInternet: Europljani izlaze na ulice 26. kolovoza, pridružite se i vi! (Netokracija)
30/08 I’m back in Europe just in time for the latest EDRi-gram (Wired)


03/09 Curtain up for the next round (Web Schauder)
03/09 La guerra del copyright vuelve a la Eurocámara sin consenso a la vista (El Diario)
04/09 How the EU will force all artists to use Youtube, forever (BoingBoing)
04/09 Tech Firms Brace for Salvo of European Privacy Rules (National Jpurnal)
05/09 La UE abre la puerta a garantizar el anonimato de los alertadores de corrupción (La Vanguardia)
05/09 New European Copyright Proposal Blasted As Internet Threat (Freezenet)
05/09 Lobbyismus per Mail-Lawine (Frankfurter Allgemeine)
05/09 How the EU will drive all artists to make use of Youtube, endlessly (WakaJobs)
06/09 YouTube Chief Says Article 13 “Undermines Creative Economy” (TorrentFreak)
0709 YouTube’s CBO speaks out against Article 13 of EU’s controversial copyright law (PacktHub)
07/09 YouTube Chief Says Article 13 “Undermines Creative Economy” (Dimitrology)
11/09 The continental rift: Two pieces of EU legislative reform that could have ‘substantial effect’ on freedom of expression rights for media and public alike (Press Gazette)
12/09 Here Comes Another EU Law Threatening Google and Facebook With Enormous Fines (Fortune)
12/09 European Parliament Approves Negotiating Stance On Copyright Reform (Intelectual Property Watch)
12/09 EU lawmakers back controversial copyright reforms (EuroNews)
12/09 Juncker goes to war against disinformation and online terrorist content (EurActive)
12/09 EU Parliament flip-flops backwards on copyrigh (EUBussines)
12/09 Here Comes Another EU Law Threatening Google and Facebook With Enormous Fines (Yahoo)
12/09 EU-Kommission will Terrorismus mit Upload-Filtern und automatischen Systemen bekämpfen (Netzpolitik)
12/09 Tout comprendre sur la directive européenne sur le droit d’auteur (Konbini)
12/09 EU-Parlament stimmte für Uploadfilter und Linksteuer (Der Standard)
12/09 La riforma sul Copyright è passata (StartUp Italia)
12/09 Perché l’approvazione della riforma del copyright non è un buona notizia (Wired Italia)
12/09 La Comisión Europea quiere que las webs borren los comentarios relacionados con terrorismo en menos de una hora (El Diario)
12/09 União Europeia dá sinal verde para nova lei de direitos autorais que pode arruinar a web (Gizmodo)
12/09 European Parliament Approves Catastrophic Copyright Bill That Threatens the Internet (Gizmodo)
12/09 Here Comes Another EU Law Threatening Google and Facebook With Enormous Fines (Yahoo News)
12/09 Today, the EU will vote on the future of the internet (again) (The Verge)
12/09 Internetbedrijven riskeren miljardenboete bij te laat verwijderen terreurpropaganda (RTL Z)
12/09 EU Government Rejects Internet Rights and Passes Copyright Laws (FreezeNet)
12/09 Google: Nytt direktiv kan strypa de kreativa (Svenska Dagbladet)
13/09 https://www.gizmodo.com.au/2018/09/european-parliament-approves-catastrophic-copyright-bill-that-threatens-the-internet/ (Gizmodo)
13/09 Il Parlamento europeo minaccia Internet con una catastrofica legge sul copyright (Il Corriere Nazionale)
13/09 New Copyright Powers, New “Terrorist Content” Regulations: A Grim Day For Digital Rights in Europe (IT Security News)
13/09 EU Introduces New Law Forcing Tech Firms to Censor Unwanted Speech in 24 Hours (Breibart)
13/09 Ξετυλίγοντας το κουβάρι: Μεταρρύθμιση στο Δίκαιο της Πνευματικής Ιδιοκτησίας (The Press project)
13/09 Title (MaeketWatch)
13/09 EU Copyright Reform Meets Resistance From Stakeholders, Some Governments (ip-watch.org)
13/09 EU Introduces New Law Forcing Tech Firms to Censor Unwanted Speech in 24 Hours (Breitbart)
15/10 Facebook-Datenleck: Drei Fehler, 30 Millionen erbeutete Profile (Netzpolitik.org)
16/09 Security and migration proposals dominate Juncker`s `State of the Union` announcements (NoRacism.net)
17/09 Europe Doubles Down, Now Demands 1 Hour Removal of Terrorism (FreezeNet)
18/09 Ξετυλίγοντας το κουβάρι: Μεταρρύθμιση στο Δίκαιο της Πνευματικής Ιδιοκτησίας (Ipyxida)


01/10 Tu DNI electrónico por fin servirá de algo en la Unión Europea, aunque surgen dudas sobre la privacidad (Genbeta)
03/10 Öffentliches Geld? Öffentliches Gut! (Netzpolitik)
05/10 Los trabajadores tendrán desconexión digital en 2019 (ibercampus.es)
06/10 YouTube chief warns EU Copyright Directive could ‘undermine’ the creative economy (IPP Pro)
12/10 > The European Commission’s E-evidence Proposal: Toward an EU-wide Obligation for Service Providers to Cooperate with Law Enforcement? (European Law Blog)
15/10 Wie Europa den Schutz gegen Tracking im Netz aufs Abstellgleis manövriert (netzpolitik.org)
19/10 Civil society warns Commission about a binding solution to online misinformation (Agence Europe)
25/10 The EU call it copyright, but it is massive Internet censorship and must be stopped (Open Democracy)
30/10 Nicht nur die üblichen Verdächtigen: Breites Bündnis fordert von Altmaier Einsatz für Anti-Tracking-Gesetz [Update] (netzpolitik.org)


01/11 European NGOs Launch GDPR Campaign (Michigan Standard)
13/11 EU DPAs Receive Thousands of Complaints Under the GDPR (Lexology)
14/11 Censure antiterroriste : Macron se soumet aux géants du Web pour instaurer une surveillance généralisée (ewb.one)
16/11 RGPD: l’autorité belge de protection des données a du mal à tenir le rythme (Le Soir)
22/11#SaveYourInternet : l’Union Européenne va-t-elle tuer la création artistique sur le web ? (Moustique)
23/11Is The Internet Under Threat? Interview With #SaveYourInternet Member On EU’s Copyright Directive (Forbes)


05/12 E-Evidence: A threat to people’s fundamental rights? (Euractiv)
05/12 Alertan de que Europa frena su propuesta de privacidad ‘online’ mientras avanza hacia un mayor control policial de las redes (Publico)
06/12 EU-Staaten stimmen für Upload-Filter im Kampf gegen Terrorpropaganda (Heise Online)
06/12 Civil society invites Council to review its copy of proposal for a Regulation on electronic evidence (Agence Europe)
07/12 Los Estados paralizan el plan de la UE para vetar las cookies abusivas y blindar los metadatos (El diario)
07/12 e-Evidence: EU-Staaten beschließen umstrittenen Entwurf zu elektronischen Beweismitteln (Netzpolitik)
12/12 Alerta por el JEFTA, el controvertido tratado entre la UE y Japón aprobado este miércoles (Cuarto Poder)
14/12 The UN airs ‘serious concerns’ about an EU bid to control ‘terrorist content’ online (The Canary)
17/12 French privacy watchdog tells Whatsapp to stop sharing data with Facebook (RFI)
19/12 E-Privacy: Österreich legte neue EU-Datenschutzregeln auf Eis (Der Standard)
20/12 Europe and USA Face Off on Data Protection Rules (Courthouse News Service)
22/12 What does the repeal of net neutrality mean for development? (Devex)
30/12 Réseaux sociaux, données personnelles, algorithmes… comment inventer un futur numérique plus radieux ? (Le Monde)

EDRi’s Press Review 2017

EDRi’s Press Review 2016

EDRi’s Press Review 2015

EDRi’s Press Review 2014


28 Jan 2019

noyb files eight strategic complaints on “right to access”

By noyb

A test by EDRi member noyb, a European non-profit organisation for privacy enforcement, shows structural violations of most streaming services. In more than ten test cases noyb was able to identify violations of Article 15 of the General Data Protection Regulation (GDPR) in many shapes and forms by companies like Amazon, Apple, DAZN, Spotify or Netflix. On 18 January 2019, noyb filed a wave of ten strategic complaints against eight companies.

----------------------------------------------------------------- Support our work with a one-off-donation! https://edri.org/donate/ -----------------------------------------------------------------

Under the new GDPR, users enjoy a “right to access”. Users are granted a right to get a copy of all raw data that a company holds about them, as well as additional information about the sources and recipients of the data, the purpose for which the data is processed or information about the countries in which the data is stored and how long it’s stored. This “right to access” is enshrined in Article 15 of the GDPR and Article 8(2) of the Charter of Fundamental Rights of the European Union.

noyb put eight online streaming services from eight countries to the test – but no service fully complied. In eight out of eight cases, noyb filed formal complaints with the relevant data protection authorities.

All major providers even engaged in ‘structural violation’ of the law

 said Max Schrems, Director of noyb.

While many smaller companies manually respond to GDPR requests, larger services like YouTube, Apple, Spotify or Amazon have built automated systems that claim to provide the relevant information. When tested, none of these systems provided the user with all relevant data.

“Many services set up automated systems to respond to access requests, but they often don’t even remotely provide the data to which every user has a right. In most cases, users only got the raw data, but, for example, no information about who this data was shared with. This leads to structural violations of users’ rights, as these systems are built to withhold the relevant information,” said Schrems.

While all other streaming services have provided some response to the request of users to access their data at least, the United Kingdom sports streaming service DAZN and the German music streaming service SoundCloud simply ignored the request . However, the responses received were lacking background information, such as the sources and recipients of data or on how long data is actually stored (“retention period”). In many cases, the raw data was provided in cryptic formats that made it extremely hard or even impossible for an average user to understand the information. In many cases certain types of raw data were also missing.

noyb has filed complaints with the Austrian Data Protection Authority (dsb.gv.at) against eight companies, on behalf of ten users. The Austrian authority will have to cooperate with the relevant authorities at the main establishment of each streaming service. As GDPR foresees 20 million euro or 4% of the worldwide turnover as a penalty, the theoretical maximum penalty across the ten complaints could be 18,8 billion euro.

The right to access is a cornerstone of the data protection framework. Only when users can get an idea of how and why their data is stored or shared, they can realistically uncover violations of GDPR and consequently take action. Every user has the right to get a copy of his or her data and to receive additional information. Usually users can fill out a form or send an email to most services. noyb has collected the links and forms for major streaming services on its webpage for everyone to use.

Article 80 of the GDPR foresees that data subjects can be represented by a non-profit association, as individual users are usually unable to file the relevant legal complaints. In this case all ten users are represented by the non-profit organisation noyb.

“noyb is meant to reasonably enforce the new rules, so that the benefits actually reach the users,” Schrems said.

noyb.eu is funded by over 3100 individual supporting members and sponsors. In order to finance the fight against data breaches in the long term, the association is looking for more supporting members. “In 1995 the EU already passed data protection laws, but they were simply ignored by the big players. We now have to make sure this does not happen again with GDPR – so far many companies only seem to be superficially compliant,” said Schrems.


Press release: Structural Violation of “Right to Access” and GDPR Complaints against Netflix, Amazon, Spotify, YouTube and Apple filed (18.01.2019)

Netflix, Spotify & YouTube: Eight Strategic Complaints filed on “Right to Access” (18.01.2019)

(Contribution by EDRi member noyb, Austria)



28 Jan 2019

Period tracker apps – where does your data end up?

By Bits of Freedom

More and more women use a period tracker: an app that keeps track of your menstrual cycle. However, these apps do not always treat the intimate data that you share with them carefully.

----------------------------------------------------------------- Support our work - make a recurrent donation! https://edri.org/supporters/ -----------------------------------------------------------------

An app that notifies you when to expect your period or when you are fertile can be useful, for example to predict when you can expect to suffer the side effects that for a lot of women come with being on your period. In itself, keeping track of your cycle is nothing new: putting marks in your diary or on your calendar have always been an easy way to take your cycle into account. But sharing data on the workings of your body with an app is more risky.

There seems to be quite a large market for period tracker apps. From “Ladytimer Maandstonden Cyclus Kalender” to “Magic Teen Girl Period Tracker”, from “Vrouwenkalender” to “Flo” – all neatly lined up in different shades of pink in the appstore. “Femtech” is seen as a growing market that has raised billion-dollar investments over the last couple of years by different startups. Are these apps made to provide women with more insight into the workings of their bodies, or to monetise that need?

It’s interesting to look at the kind of data these apps collect. The app usually opens with a calendar overview. In the overview you can input the date of your last period. In addition, you can keep a daily record of how you feel (happy, unhappy, annoyed) and whether you experience blood loss. But for most of these apps it doesn’t end there. Have you had sex? And if so, with or without protection? With yourself or with another person? How would you grade the orgasm? Did you have a stomach ache? Were your bowel movements normal? Did you feel like having sex? Sensitive breasts? An acne problem? Did you drink alcohol? Exercise? Did you eat healthy?

For a number of these questions it is understandable why answering them might be useful, if the app wants to learn to predict in what stage of your cycle you are. But a lot of these questions are quite intimate. And all this sensitive data often seems to end up in possession of the company behind the app. The logical question then is: What exactly does a company do with all this data you hand over? Do you have any say in that? Do they treat it carefully? Is the data shared with other parties?

After digging through a number of privacy statements, it appears that one of the most used apps in the Netherlands, “Menstruatie Kalender”, gives Facebook the permission to show in-app advertisements. It’s not clear what information Facebook gathers about you from the app to show you advertisements. For example, does Facebook get information on when you are having your period?

Another frequently used app in the Netherlands is “Clue”. It’s the only one we found that has a comprehensive and easily readable privacy statement. You can use the app without creating an account in which case data is solely stored locally on your phone. If you do choose to create an account you give explicit consent to share your data with the company. In that case it is stored on secure servers. With your consent it will also be used for academic research into women’s health.

This can not be said of many other apps. Their privacy statements are often long and difficult to read, and require good reading-between-the-lines skills to understand that data is being shared with “partners”. It’s possible that the sensitiveness of your breasts in itself is not very interesting to an advertiser, but by keeping track of your cycle the apps automatically acquire information on the possible start of one of the most interesting periods of your life for marketeers: motherhood.

The most extreme example is Glow, the company behind the period tracker app “Eve”. Their app is focused on the potential desire to have children. The company’s tagline is as straightforward as they come: “Women are 40% more likely to conceive when using Glow as a fertility tracker”. Besides Eve, Glow has three other apps: an ovulation and fertility tracker, a baby tracker and a pregnancy tracker. The apps link to the Glow-community, a network of forums where hundreds of women share their experiences and give each other tips.

But that’s not the only thing that Glow offers. You can’t use a Glow webpage or app without being shown the “Fertility Program”. For 1200-7000 euro, you can enroll in different fertility programs. Too expensive? You are able to take out a cheap loan through a partnership with a bank. And in the end, freezing your eggs, if you are in your early thirties, is the most economically viable option, according to the website.

Turns out that Glow is a company selling fertility products. It has built a number of apps to subtly (and sometimes not so subtly) attract more female customers. As a consumer you think you are using an app for keeping track of your cycle, but in the meantime you are constantly notified of all the possibilities of freezing your eggs, the costs of pregnancy at a higher age, and your limited fertile years. Before you know it, you are lying awake at age 30, wondering whether it would be more “economical” to freeze your eggs.

These apps shed light on what seems to be a contract to which we are forced to consent more and more often. In exchange for the use of an app that makes our lives a little bit easier, we have to give away a lot of personal information, without knowing exactly what happens with it. The fact that these apps deal with intimate information doesn’t mean that the creators treat it more carefully. To the contrary: it increases the market value of that data.

So before you download one of these apps, or advise your daughter to download one, think again. Take your time to read an app’s privacy statement, to know exactly what the company does with your data. But there is also a responsibility for the regulatory body, such as the Autoriteit Persoonsgegevens in the Netherlands, to ensure companies don’t abuse your intimate data.

Are you using one of these apps and do you want to know which data the company has gathered on you, or do you want to have that data erased? You can easily draw up a request which you can send by mail or email using My Data Done Right.

Bits of Freedom

Who profits from period trackers? (25.01.2019)

Who benefits from cycle trackers? (only in Dutch, 03.12.2018)

(Contribution by EDRi member Bits of Freedom; translated from Dutch by volunteer Axel Leering)



14 Jan 2019

2019: Important consultations for your Digital Rights!


Public consultations are an opportunity to influence future legislation at an early stage, in the European Union and beyond. They are your opportunity to help shaping a brighter future for digital rights, such as your right to a private life, data protection, or your freedom of opinion and expression.

Below you can find a list of public consultations we find important for digital rights. We will update the list on an ongoing basis, adding our responses and other information that can help you get engaged.

Call for inputs on views on the impact of 5G on regulation, and to the role of regulation in enabling the 5G ecosystem

  • Deadline 2 September 2019

Consultation from the Council of Europe on a draft Recommendation on the human rights impacts of algorithmic systems

  • Deadline 19 August 2019

Call for input on the Body of European Regulators for Electronic Communications (BEREC) Work Programme 2020.

Consultation for new guidelines on how to assess the proportionality of measures that limit privacy and data protection.

Consultation for inputs to a proposal that seeks to make toys connected with smart watches safer for children.

  • Deadline: 4 March 2019

Consultation on the interim evaluation of the programme on interoperability solutions for administrations, businesses and citizens.

  • Deadline: 1 March 2019

Consultation on guidance on how data storage & processing services rules interact with EU data protection rules

  • Deadline: 12 March 2019

Consultation on the Council of Europe Cybercrime Convention Committee (T-CY) draft text on emergency mutual assistance and languages

You can find public consultations of importance to digital rights and EDRi’s responses from previous years here:

05 Dec 2018

Civil society calls Council to adopt ePrivacy now


EDRi has joined a letter of 30 representatives from civil society and online industry, to the Ministers in the Telecoms Council, to express the wide support for the ePrivacy Regulation. The letter describes the clear and urgent need to strengthen privacy and security of electronic communications in the online environment, especially in the wake of repeated scandals and practices that undermine citizens’ right to privacy and the trust on online services.

The support from privacy-friendly businesses such as Qwant, Startpage, Startmail, TeamDrive, Tresorit, Tutanota, ValidSoft or WeTransfer show the positive implications that ePrivacy will have for a dynamic and innovative European internet industry. The collaboration between organisations defending citizens’ rights and industry representatives underlines that both EU citizens and privacy-friendly business models have much to gain from a strong ePrivacy Regulation.

EDRi full-heartedly supports the call of the coalition to the Council of Minister’s to finally move the ePrivacy discussion forward, so that a compromise with the European Parliament can be found before the elections in May 2019. If this is achieved, European citizens will benefit from a strong privacy regime and a less intrusive, more dynamic and more innovative EU data economy.

You can find the letter here.

Open letter to EU member states from consumer groups, NGOs and industry representatives in support of the ePrivacy Regulation (03.12.2018)

ePrivacy review: document pool

Council continues limbo dance with the ePrivacy standards (24.10.2018)



07 Nov 2018

UN Special Rapporteur analyses AI’s impact on human rights

By Chloé Berthélémy

In October 2018, the United Nations (UN) Special Rapporteur for the promotion and protection of the right to freedom of opinion and expression, David Kaye, released his report on the implications of artificial intelligence (AI) technologies for human rights. The report was submitted to the UN General Assembly on 29 August 2018 but has only been published recently. The text focuses in particular on freedom of expression and opinion, privacy and non-discrimination. In the report, the UN Special Rapporteur David Kaye first clarifies what he understands by artificial intelligence and what using AI entails for the current digital environment, debunking several myths. He then provides an overview of all potential human rights affected by relevant technological developments, before laying down a framework for a human rights-based approach to these new technologies.

----------------------------------------------------------------- Support our work - make a recurrent donation! https://edri.org/supporters/ -----------------------------------------------------------------

1. Artificial intelligence is not a neutral technology

David Kaye defines artificial intelligence as a “constellation of processes and technologies enabling computers to complement or replace specific tasks otherwise performed by humans” through “computer code […] carrying instructions to translate data into conclusions, information or outputs.” He states that AI is still highly dependent on human intervention, as humans need to design the systems, define their objectives and organise the datasets for the algorithms to function properly. The report points out that AI is therefore not a neutral technology, as the use of its outputs remains in the hands of humans.

Current forms of AI systems are far from flawless, as they demand human scrutiny and sometimes even correction. The report considers that AI systems’ automated character, the quality of data analysis as well as systems’ adaptability are sources of bias. Automated decisions may produce discriminatory effects as they rely exclusively on specific criteria, without necessarily balancing them, and they undermine scrutiny and transparency over the outcomes. AI systems also rely on huge amounts of data that has questionable origins and accuracy. Furthermore, AI can identify correlations that can be mistaken for causations. David Kaye points at the main problem of adaptability when losing human supervision: it poses challenges to ensuring transparency and accountability.

2. Current uses of artificial intelligence interfere with human rights

David Kaye describes three main applications of AI technology that pose important threats to several human rights.

The first problem raised is AI’s effect on freedom of expression and opinion. On one hand, “artificial intelligence shapes the world of information in a way that is opaque to the user” and conceals its role in determining what the user sees and consumes. On the other, the personalisation of information display has been shown to reinforce biases and “incentivize the promotion and recommendation of inflammatory content or disinformation in order to sustain users’ online engagement”. These practices impact individuals’ self-determination and autonomy to form and develop personal opinions based on factual and varied information, therefore threatening freedom of expression and opinion.

Secondly, similar concerns can be raised in relation to our right to privacy, in particular with regard to AI-enabled micro-targeting for advertisement purposes. As David Kaye states, profiling and targeting users foster mass collection of personal data, and lead to inferring “sensitive information about people that they have not provided or confirmed”. The few possibilities to control personal data collected and generated by AI systems put into question the respect of privacy.

Third, the Special Rapporteur highlights AI as an important threat to our rights to freedom of expression and non-discrimination due to AI’s increasingly-allocated role in the moderation and filtering of content online. Despite some companies’ claims that artificial intelligence can support exceeded human capacities, the report sees the recourse to automate moderation as impeding the exercise of human rights. In fact, artificial intelligence is unable to resist discriminatory assumptions or to grasp sarcasm and the cultural context for each piece of content published. As a result, freedom of expression and our right not to be discriminated against can be severely hampered by delegating complex censorship exercises to AI and private actors.

3. A set of recommendations for both companies and States

Recalling that “ethics” is not a cover for companies and public authorities to neglect binding and enforceable human rights-based regulation, the UN Special Rapporteur recommends that “any efforts to develop State policy or regulation in the field of artificial intelligence should ensure consideration of human rights concerns”.

David Kaye suggests human rights should guide development of business practices, AI design and deployment and calls for enhanced transparency, disclosure obligations and robust data protection legislation – including effective means for remedy. Online service providers should make clear which decisions are made with human review and which by artificial intelligence systems alone. This information should be accompanied by explanations of the decision-making logic used by algorithms. Further, the “existence, purpose, constitution and impact” of AI systems should be disclosed in an effort to improve the level of individual users’ education around this topic. The report also recommends to make available and publicise data on the “frequency at which AI systems are subject to complaints and requests for remedies, as well as the types and effectiveness of remedies available”.

States are identified as key actors responsible for creating a legislative framework hospitable to a pluralistic information landscape, preventing technology monopolies and supportive of network and device neutrality.

Lastly, the Special Rapporteur provides useful tools to oversee AI development:

  1. human rights impact assessments performed prior, during and after the use of AI systems;
  2. external audits and consultations with human rights organisations;
  3. enabled individual choice thanks to notice and consent;
  4. effective remedy processes to end human rights violations.

UN Special Rapporteur on Freedom of Expression and Opinion Report on AI and Freedom of Expression (29.08.2018)

Civil society calls for evidence-based solutions to disinformation

(Contribution by Chloé Berthélémy, EDRi intern)



24 Oct 2018

Council continues limbo dance with the ePrivacy standards

By Yannic Blaschke

It’s been six-hundred-fifty-two days since the European Commission launched its proposal for an ePrivacy Regulation. The European Parliament took a strong stance towards the proposal when it adopted its position a year ago, but the Council of the European Union is still only taking baby steps towards finding its position.

----------------------------------------------------------------- Support our work - make a recurrent donation! https://edri.org/supporters/ -----------------------------------------------------------------

In their latest proposal, the Austrian Presidency of the Council continues, unfortunately, the trend of presenting the Council with suggestions that lower privacy protections that were proposed by the Commission and strengthened by the Parliament. In the latest working document that was published on 19 October 2018, it becomes apparent that we are far from having reached the bottom of what the Council sees as acceptable in treating our personal data as a commodity.

Probably the gravest change of the text is to allow the storing of tracking technologies on the individual’s computer without consent for websites that partly or wholly finance themselves through advertisement, provided they have informed the user of the existence and use of such processing and the user “has accepted this use” (Recital 21). The “acceptance” of such identifiers by the user as suggested is far from being the informed consent that the General Data Protection Regulation (GDPR) established as a standard in the EU. The Austrian Presidency text will put cookies which are necessary for a regular use (such as language preferences and contents of a shopping basket) on the same level as the very invasive tracking technologies which are being pushed by the Google/Facebook duopoly in the current commercial surveillance framework. This opens the Pandora’s box for more and more sharing, merging and reselling citizen’s data in huge online commercial surveillance networks, and micro-targeting them with commercial and political manipulation, without the knowledge of the person whose private information is being shared to a large number of unknown third parties.

One of the great added values of the ePrivacy Regulation (which was originally intended to enter into force at the same point in time as the GDPR) is that it’s supposed to raise the bar for companies and other actors who want to track citizens’ behaviour on the internet by placing tracking technologies on the users’ computers. Currently, such an accumulation of potentially highly sensitive data about an individual mostly happens without real knowledge of individuals, often through coerced (not freely given) consent, and the data is shared and resold extensively within opaque advertising networks and data-broker services. In a strong and future-proof ePrivacy Regulation, the collection and processing of such behavioural data thus needs to be tightly regulated and must be based on an informed consent of the individual – an approach that becomes now more and more jeopardised as the Council seems to become increasingly favourable to tracking technologies.

The detrimental change of Recital 21 is only one of the bad ideas through which the Austrian Presidency seeks to strike a consensus: In addition, there is for instance the undermining of the protection of “compatible further processing” (which is itself already a bad idea introduced by the Council) in Article 6 2aa (c), or the watering down of the requirements for regulatory authorities in Article 18, which causes significant friction with the GDPR. With one disappointing “compromise” after another, the ePrivacy Regulation becomes increasingly endangered of falling short on its ambition to end unwanted stalking of individuals on the internet.

EDRi will continue to observe the developments of the legislation closely and calls everyone in favour of a solid EU privacy regime that protects citizens’ rights and competition to voice their demands to their member states.

Five Reasons to be concerned about the Council ePrivacy draft (26.09.2018)

EU Council considers undermining ePrivacy (25.07.2018)

Your ePrivacy is nobody else’s business (30.05.2018)

e-Privacy revision: Document pool (10.01.2017)

(Contribution by Yannic Blaschke, EDRi intern)



24 Oct 2018

ePrivacy: Public benefit or private surveillance?

By Yannic Blaschke

92 weeks after the proposal was published, the EU is still waiting for an ePrivacy Regulation. The Regulation is supposed to replace the current ePrivacy Directive, aligning it with the General Data Protection Regulation (GDPR).

While the GDPR regulates the ways in which personal data is processed in general, the ePrivacy Regulation specifically regulates the protection of privacy and confidentiality of electronic communications. The data in question not only includes the content and the “metadata” (data on when, where and to whom a person communicated) of communications, but also other identifiers such as “cookies” that are stored on users’ computers. To make the legislation fit for its purpose in regard to technological developments, the European Commission (EC) proposal addresses some of the major changes in communications of the last decade, including the use of so-called “over the top” services, such as WhatsApp and Viber.

----------------------------------------------------------------- Support our work with a one-off-donation! https://edri.org/donate/ -----------------------------------------------------------------

The Regulation is currently facing heavy resistance from certain sectors of the publishing and behavioural advertising industry. After an improved text was adopted by the European Parliament (EP), it is now being delayed at the Council of the European Union level, where EU Member States are negotiating the text.

One of the major obstacles in the negotiations is the question to what extent providers such as telecommunication companies can use metadata for other purposes than the original service. Some private companies – the same ones that questioned the need of consent from users in the GDPR – now re-wrapped their argument saying that an “overreliance” on consent would substantially hamper future technologies. Over-reliance on anything is not good, by definition, as is under-reliance, but such sophistry is a mainstay of lobby language.

However, this lobby attack omits reference to the fact that compatible further processing would not lead only to benign applications in the public interest: Since the proposal does not limit further processing to statistical or research purposes, it could just as well be used for commercial purposes such as commercial or political manipulation. But even with regard to the potentially more benevolent applications of AI, it should be kept in mind that automated data processing has in some cases shown to be highly detrimental to parts of society, especially vulnerable groups. This should not be ignored when evaluating the safety and privacy of aggregate data. For instance, while using location data for “smart cities” can make sense in some narrowly-defined circumstances when it is used for traffic control or natural disaster management, it gains a much more chilling undertone when it leads for instance to racial discrimination in company delivery services or law enforcement activities. It is easily imaginable that metadata, one of the most revealing and easiest to process forms of personal data, could be used for equally crude or misaligned applications, yielding highly negative outcomes for vulnerable groups. Moreover, where aggregate, pseudonymised data produces adverse outcomes for an individual, not even a rectification or deletion of the person’s data will lead to an improvement, as long as the accumulated data of similar individuals is still available.

Another pitfall of the supposedly private, ostensibly pseudonymised way of processing is that even if individual users are not targeted, companies may need to maintain the metadata of citizens in identifiable form to link existing data sets with new ones. This could essentially lead to a form of voluntary data retention, which might soon attract the interest of public security actors rapaciously seeking new data sources and new powers. If such access was granted, individuals would essentially be identifiable. Even retaining “only” aggregate data for certain societal groups or minorities might often already be enough to spark discriminatory treatment.

Although the Austrian Presidency of the Council of the European Union did include in their most recent draft compromise some noteworthy safeguards for compatible further processing, most notably the necessity to consult the national Supervisory Authority or to conduct a data protection impact assessment, the current proposal does not adequately empower individuals. Given that the interpretation of what is a “compatible” further processing may vary significantly among Member States (which would lead to years of litigation), it should be up to citizens to decide (and for the industry to prove) which forms of metadata processing are safe, fair and beneficial in society.

Five Reasons to be concerned about the Council ePrivacy draft (26.09.2018)

EU Council considers undermining ePrivacy (25.07.2018)

Your ePrivacy is nobody else’s business (30.05.2018)

e-Privacy revision: Document pool (10.01.2017)

(Contribution by Yannic Blaschke, EDRi intern)



18 Oct 2018

#PrivacyCamp19 – Save the Date and Call for Panel Proposals


Join us for the 7th annual Privacy Camp!

Privacy Camp will take place on 29 January 2019 in Brussels, Belgium, just before the start of the CPDP conference. Privacy Camp brings together civil society, policy-makers and academia to discuss existing and looming problems for human rights in the digital environment.

Take me to the call for panel submissions.
Take me to the call for user story submissions.

Platforms, Politics, Participation

Privacy Camp 2019 will focus on digital platforms, their societal impact and political significance. Due to the rise of a few powerful companies such as Uber, Facebook, Amazon or Google, the term “platform” has moved beyond its initial computational meaning of technological architecture and has come to be understood as a socio-cultural phenomenon. Platforms are said to facilitate and shape human interactions, thus becoming important economic and political actors. While the companies offering platform services are increasingly the target of regulative action, they are also considered as allies of national and supranational actors in enforcing policies voluntarily and gauging political interest and support. Digital platforms employ business models that rely on the collection of large amounts of data and the use of advanced algorithms, which raise concerns about their surveillance potential and their impact on political events. Increasingly rooted in the daily life of many individuals, platforms monetise social interactions and turn to questionable labor practices. Many sectors and social practices are being “platformised”, from public health to security, from news to entertainment services. Lately, some scholars have conceptualised this phenomenon as “platform capitalism” or “platform society”.

Privacy Camp 2019 will unpack the implications of “platformisation” for the socio-political fabric, human rights and policy making. In particular, how does the platform logic shape our experiences and the world we live in? How do institutional actors attempt to regulate platforms? In what ways do the affordances and constraints of platforms shape how people share and make use of their data?


We welcome panel proposals relating to the broad theme of platforms. Besides classic panel proposals we are also seeking short contributions for our workshop “Situating Platforms: User Narratives”.

1. Panel proposals

We are particularly interested in panel proposals on the following topics: platform economy and labour; algorithmic bias; democratic participation and social networks.

Submission guidelines:

  • Indicate a clear objective for your session, i.e. what would be a good outcome for you?
  • Indicate other speakers that could participate in your panel (and let us know which speaker has already confirmed, at least in principle, to participate).
  • Make it as participative as possible, think about how to include the audience and diverse actors. Note that the average panel length is 75 minutes.
  • Send us a description of no more than 400 words.

2. “Situating Platforms: User Narratives” submissions

In an effort to discuss situated contexts with regard to platforms, we will have a session on lived practices and user narratives. Individuals, civil society groups or community associations are welcome to contribute in the format of a short talk or show & tell demonstration. Details and the online submission form are here: [[link to submission form coming soon!]]


The deadline for all submissions is 18 November. After the deadline, we will review your submission and let you know by the end of November whether your proposal can be included in the programme. It is possible that we suggest merging panel proposals if they are very similar.

Please send your proposal via email to privacycamp(at)edri.org!

If you have questions, please contact Kirsten at kirsten.fiedler(at)edri(dot)org or Imge at imge.ozcan(at)vub(dot)be.

About Privacy Camp

Privacy Camp is jointly organised by European Digital Rights (EDRi), the Institute for European Studies of the Université Saint-Louis – Bruxelles (USL-B), the Law, Science, Technology & Society research group of the Vrije Universiteit Brussel (LSTS-VUB), and Privacy Salon.

Participation is free. Registrations will open in early December.