privacy

The right to privacy is a crucial element of our personal security, for free speech and for democratic participation. It is a fundamental right in the primary law of the European Union and is recognised in numerous international legal instruments. Digital technologies have generated a new environment of potential benefits and threats to this fundamental right. As a result, defending our right to privacy is at the centre of EDRi’s priorities.

29 Jul 2015

European Commission will “monitor” existing EU data retention laws

By Diego Naranjo

The European Commission (EC) told EDRi that it “will continue monitoring legislative developments at the national level” regarding the existence of data retention laws in EU Member States. The EC provided this non-committal response to the letter we sent on 2 July 2015, asking the Commission to investigate illegal data retention laws in the European Union.

EDRi, along with the Electronic Frontier Finland (EFF), the IT-Political Association of Denmark (IT-Ροl), the Open Rights Group (ORG), Panoptykon and other EDRi members, produced an analysis of a sample of existing national laws in EU Member States which requires the retention of their citizens’ personal data. Even though the Court of Justice of the European Union (CJEU) invalidated the Data Retention Directive in April 2014 in the Digital Rights Ireland Case v. Minister for Communications case (Joined Cases C-293/12 and C-594/12), there are still a number of existing and national laws in the EU which appear to be illegal in light of this ruling.

EDRi’s analysis sent to the European Commission concluded that the existing laws in at least six countries appear to be in contravention to the Charter of Fundamental Rights. The Commission, as guardian of the treaties, is legally required to do the necessary further research and ensure that Member States bring their practices into line with EU law, making use of the infringement procedures if necessary. If the Commission continues only “monitoring”, with million of EU citizens being subject to illegal data retention laws one year after the CJEU ruling, this will not be enough.

It is worth remembering that, before the Directive was struck down by the Court of Justice of the European Union, the European Commission used its powers aggressively to both threaten and apply every legal sanction available to force Member States to implement the legislation. The Commission furthermore refused a freedom of information request from Access Info Europe requesting access to relevant document from these cases.

“[T]he fact that data are retained and subsequently used without the subscriber or registered user being informed is likely to generate in the minds of the persons concerned the feeling that their private lives are the subject of constant surveillance”

– Court of Justice of the European Union in the 2014 Digital Rights Ireland case (Joined Cases C-293/12 and C-594/12), para. 37

The European Commission’s response to EDRi’s letter (28.07.2015)
edri.org/files/eudatap/Re_EC_EDRi-GDPR.pdf

EC-dr-response

European Digital Rights asks the European Commission to investigate illegal data retention laws in the EU (02.07.2015)
https://edri.org/edri-asks-european-commission-investigate-illegal-data-retention-laws/

European Parliament Legal Service Opinion on CJEU Data Retention ruling (14.01.2015)
https://edri.org/legal-service-opinion-on-cjeu-data-retention-ruling/

EDRi: Data retention: EU Commission – guardian and enemy of the treaties (17.12.2014)
https://edri.org/data-retention-eu-com-guardian-enemy/

Digital Rights Ireland Case v. Minister for Communications case (Joined Cases C-293/12 and C-594/12)
http://curia.europa.eu/juris/document/document.jsf?docid=150642&mode=req&pageIndex=1&dir=&occ=first&part=1&text=&doclang=EN&cid=334440

Update on the status of data retention laws in Europe (28.07.2015)
http://mslods.com/2015/07/28/update-on-how-the-west-is-backing-away-from-data-retention/

Data retention: Commission takes Germany to Court requesting that fines be imposed (31.05.2015)
http://europa.eu/rapid/press-release_IP-12-530_en.htm

Access Info Europe document request: Infringement proceedings Data Retention Directive (2006/24/) (18.11.2012)
http://www.asktheeu.org/en/request/infringement_proceedings_data_re

Court of Justice of the European Union in the 2014 Digital Rights Ireland case (Joined Cases C-293/12 and C-594/12), para. 53
http://curia.europa.eu/juris/document/document.jsf?docid=150642&mode=req&pageIndex=1&dir=&occ=first&part=1&text=&doclang=EN&cid=334440

(Contribution by Diego Naranjo, EDRi)

EDRi-gram_subscribe_banner

Twitter_tweet_and_follow_banner

close
29 Jul 2015

ENDitorial: European Parliament – translating freedoms into Chinese

By Joe McNamee

In the autumn 2015, the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament (LIBE) will resume its discussions of a draft resolution on “radicalisation”, led by Rachida Dati, a French conservative member. Her draft includes several bizarre statements, but one on Internet “giants” stands out as being particularly extreme.

The proposal includes an entirely superfluous call for “Internet giants” (but not everyone else?) to be “made aware” of their responsibilities to delete illegal content. These obligations exist since 2000, and will therefore hardly be news to any internet company, and certainly not the ones with the best funded legal departments.

Then, however, the text becomes somewhat more sinister. It calls on EU Member States to consider criminal sanctions against undefined “digital actors” who do not take unspecified “action” “in response to the spread of illicit messages that praise terrorism on their internet platforms”. The proposal then goes on to suggest that an inadequate response from the the actor “should be considered an act of complicity with praising terrorism and should consequently be punished”. This would create an overwhelming pressure on any company, organisation or individual whose online presence could be considered to be a “platform” – particularly smaller ones that could not afford any litigation – to delete any content that risked subsequently being considered illegal.

The first question that needs to be asked is why? What is the experience in Europe that suggests that Internet platforms are leaving illegal terrorist material online? What is the experience that is so severe that criminal sanctions are necessary? What is the experience that shows that, in any European country, the existing sanctions are not adequate? In a democratic society, is it appropriate to use coercive measures to persuade private companies to delete content in the complete absence of any counterbalancing obligations to leave legitimate (even if unwelcome) speech online?

Dati’s suggestion would bring Europe very closely into line with the Chinese law on “Measures on the Administration of Internet Information Services” that was adopted in 2000.

As bad as this is, it actually gets worse. When Members of the Parliament (MEPs) were drafting their amendments, they relied on translations that drifted away from the original meaning. For example, the English translation would make Internet companies liable for “illegal messages OR messages praising terrorism” i.e. the platforms would become criminally liable for failing to take action against messages that were not, in fact, illegal.

Worse still, rather than objecting to this notion, the Parliamentarian representing the Socialists and Democrats group, the “shadow rapporteur” Ana Gomes, suggested that law enforcement authorities should have the quasi-judicial role of telling Internet companies what they should delete and, in addition, that they should become criminal liability for failing to do everything “to the best of their human and technical capability” not just to delete illegal content, but to identify it as well. Instead of the rule of law and a Charter of Fundamental Rights that requires restrictions on our human right to be necessary, proportionate and effective, we would have the police as judges and automatic software finding and automatically deleting anything that would create a legal risk for Internet companies.

This would make European law somewhat more restrictive than those of China’s Administrative Measures on Internet Information Services (2000), which do no require proactive searching for potentially illegal content:

Article 15. Internet information service providers shall not produce, reproduce, distribute or disseminate information that includes the following contents:

(1) content that is against the basic principles determined by the Constitution;
(2) content that impairs national security, divulges State secrets, subverts State sovereignty or jeopardizes national unity;
(3) content that damages the reputation and interests of the State;
(4) content that incites ethnic hostility and ethnic discrimination or jeopardizes unity among ethnic groups;
(5) content that damages State religious policies or that advocates sects or feudal superstitions;
(6) content that disseminates rumors, disturbs the social order or damages social stability;
(7) content that disseminates obscenity, pornography, gambling, violence, homicide and terror, or incites crime;
(8) content that insults or slanders others or that infringes their legal rights and interests; and
(9) other content prohibited by laws or administrative regulations.
Article 16. If an Internet information service provider discovers that information transmitted by its website clearly falls within the contents listed in Article 15 hereof, it shall immediately discontinue the transmission of such information, keep relevant records and make a report to relevant State authorities.

LIBE Draft Report on prevention of radicalisation and recruitment of European citizens by terrorist organisations (2015/2063(INI)) (01.06.2015)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2f%2fEP%2f%2fNONSGML%2bCOMPARL%2bPE-551.967%2b01%2bDOC%2bPDF%2bV0%2f%2fEN

LIBE Draft Report on prevention of radicalisation and recruitment of European citizens by terrorist organisations (2015/2063(INI)) (in French, 01.06.2015)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2f%2fEP%2f%2fNONSGML%2bCOMPARL%2bPE-551.967%2b01%2bDOC%2bPDF%2bV0%2f%2fFR

Amendments on prevention of radicalisation and recruitment of European citizens by terrorist organisations (03.07.2015)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2f%2fEP%2f%2fNONSGML%2bCOMPARL%2bPE-560.923%2b01%2bDOC%2bPDF%2bV0%2f%2fEN

China’s Administrative Measures on Internet Information Services (20.09.2000)
http://www.china.org.cn/business/2010-01/20/content_19274704.htm

(Contribution by Joe McNamee, EDRi)

EDRi-gram_subscribe_banner

Twitter_tweet_and_follow_banner

close
27 Jul 2015

EU PNR document pool

By Diego Naranjo

nopnr

The proposal for a EU PNR Directive  (Fight against terrorism and serious crime: use of passenger name record (PNR) data (procedure file 2011/0023(COD) ) was adopted by the European Parliament’s Civil Liberties Committee on 15 July 2015. The narrow vote (32 in favor, 26 against, no abstentions) in favour happened despite the rejection of this same EU PNR proposal by same Committee in 2013, despite the Court of Justice of the European Union (CJEU) despite the ruling invalidating the Data Retention Directive last year and despite the referral to the CJEU of the EU Canada PNR agreement.

EDRi has repeatedly reported , in line with the opinions presented by a range of independent experts of EU law, that this profiling measure presents serious risks for fundamental rights, that it is not necessary, that it is not proportionate to the aims that seeks to achieve and that it is not even effective. The rapporteur of the proposal, Timothy Kirkhope (UK, ECR) brought the proposal back to the European Parliament (EP) despite the number of criticisms coming from MEPs, civil society organisations, the Article 29 Working Party, the EU Fundamental Rights Agency and the European Data Protection Supervisor.

The votes per political group were (according to data shared with MEPs by the LIBE Committee secretariat):

EPP: 18 in favour

In favour: Heinz K. Becker, Michal Boni, Anna-Maria Corazza Bildt, Rachida Dati, Frank Engel, Mariya Gabriel, Esteban González Pons, Kinga Gál, Monika Hohlmeier, Barbara Kudrycka, Jeroen Lenaers, Monica Macovei, Roberta Metsola, Artis Pabriks, Csaba Sógor, Traian Ungureanu, Axel Voss, Tomáš Zdechovský.

Socialists and Democrats: 2 in favour 11 against

In favour: Claude Moraes, Marju Lauristin

Against: Tanja Fajon, Monica Flašíková Beňová, Anna Gomes, Sylvie Guillaume, Iliana Iotova, Sylvia-Yvonne Kaufmann, Kashetu Kyenge, Norbert Neuser, Péter Niedermüller, Soraya Post, Birgit Sippel

ECR: 6 in favour:

In favour: Daniel Dalton, Jussi Halla-aho, Timothy Kirkhope, Helga Stevens, Michał Ujazdowski Kazimierz, Branislav Škripek

ALDE: 4 in favour, one against

In favour: Louis Michel, Cecilia Wikström, Nathalie Griesbeck, Filiz Hyusmenova,

Against: Sophia In’t Veld

EFDD: One in favour, three against

In favour: Cristina Winberg

Against: Gerard Batten, Ignazio Corrao, Laura Ferrara

GUE/NGL: 4 against

Against: Malin Björk, Cornelia Ernst, Barbara Spinelli, Marie-Christine Vergiat

Greens/EFA: 4 against

Against: Jan-Philipp Albrecht, Eva Joly, Judith Sargentini, Valero Bodil

ENF: 2 against

Against: Lorenzo Fontana, Vicky Maeijer

Non-aligned: 1 in favour, 1 against

In favour: Juan Fernando López Aguilar

Against: Udo Voigt

When the LIBE Committee of the EP adopted the proposal, it also approved the initiation of trialogue discussions with the Council, which will start next September. The EP negotiating team is composed as follows: Mr Moraes (S&D), LIBE Chair; Mr Kirkhope (ECR), rapporteur, and the shadow rapporteurs Mr Voss (EPP), Ms Sippel (S&D), Ms In’t Veld (ALDE), Ms Ernst (GUE/NGL), Mr Albrecht (Greens/EFA), Ms Winberg (EFDD) plus an ENF Member to be confirmed.

In this document pool we will add the documents that will be used during the trialogues:

European Commission proposal (02.02.2011)

– Council document: Background information for the trialogues (20.07.2015)

– Council document: 5 column table with the proposal for the trialogues (20.07.2015) (pdf).

close
15 Jul 2015

ICANN considers banning privacy services

By Guest author

The Internet Corporation for Assigned Names and Numbers (ICANN) is proposing a new Internet policy which comes at the expense of human rights, especially privacy and freedom of speech. The proposed rules are addressed to companies that provide WHOIS privacy/proxy services (which restrict access to domain registrant information) and limit their availability to individuals only, denying this service to organisations.

Why is this a problem?

When you register a domain on the Internet, you are asked for a set of information which will appear in the WHOIS database – a public registry with all the domain names.

Under the terms of the ICANN proposal, domain name registrants who will register commercial sites will not have the possibility to make the registration via companies that offer the service of de-listing personal information from the WHOIS registry. This policy would be unfair and discriminatory for vulnerable groups, organisations and entrepreneurs who wish to exercise their right to freedom of expression on the Internet. Is it even in ICANN’s remit to decide what is a commercial activity and what is not? And what is a commercial site? Is it a non-governmental organisation (NGO) selling personalised merchandise via a commercial site? What about a humanitarian website asking for donations? Or a blog that sells advertisement space?

It is important to understand that there are actors such as political groups, religious organisations, ethnic groups, gender orientation groups, and others engaged in freedom of expression activities who have a clear need for protection.

EDRi member ApTI has prepared a comment for ICANN’s public consultation expressing firm disapproval regarding the proposal. Below are some of the reasons why greater confidentiality and privacy are needed in the WHOIS directory:

1. ICANN’s anti privacy domain registration = the new Stop Online Piracy Act (SOPA)

The copyright industry’s pressure on ICANN to take action against domains being used for infringing purposes is well known. However, the domain name industry should not be asked to play any part in policing the Internet by being forced to suspend Internet domain names based on accusations of copyright or trademark infringement by a website. The effort to restrict the privacy of domain name registrants is part of this wider lobbying effort to push ICANN into an enforcement role.

2. Privacy and anonymity are fundamental for the open use of the Internet

The argument that criminals use proxy and privacy registrations to hide their identities has been intensively used in the WHOIS privacy debate. However, illegal uses represent a small minority of cases and privacy registrations do not contribute to a wide-spread criminal behaviour. The vast majority of domain owners are not criminals, so why put everyone at risk just for catching few perpetrators? This measure is disproportionate and unjustified and it resembles the deeply flawed reasoning behind adopting mass surveillance decisions.

3. The proposal violates the Internet’s core values

The proposal closes up the free and open use of the Internet. Certain categories of people will be left with no guarantees that their message will be delivered without abuse and repercussions. Website owners with less popular content or presenting dissident views will fear becoming easy targets. With their sensitive data displayed in the public registry, more and more people will refrain from making their voice heard online. Self-censorship is not going to contribute to a free and open Internet.

Several privacy campaigns opposing ICANN’s proposal, such as savedomainprivacy.org and respectourprivacy.com, were launched, and a total of 11510 comments were sent to the public consultation. The comments are publicly available and a report based on the inputs received is expected on 21 July 2015.

ApTI’s full comment for ICANN’s public consultation (07.07.2015)
http://www.apti.ro/sites/default/files/WHOISprivacy-ICANNpubliccomment7JULY2015_0.pdf

ICANN: Initial Report on the Privacy & Proxy Services Accreditation Issues Policy Development Process (05.05.2015)
https://gnso.icann.org/en/issues/raa/ppsai-initial-05may15-en.pdf

Save domain privacy
https://www.savedomainprivacy.org/with-without-privacy/

Changes to domain name rules place user privacy in jeopardy (23.06.2015)
https://www.eff.org/deeplinks/2015/06/changes-domain-name-rules-place-user-privacy-jeopardy

MPAA & RIAA demand DNS action against “pirate” domains (14.05.2015)
https://torrentfreak.com/mpaa-riaa-demand-dns-action-against-pirate-domains-150514/

GNSO privacy & proxy services accreditation issues working group initial report (05.05.0215)
https://www.icann.org/public-comments/ppsai-initial-2015-05-05-en

Comments to the public consultation
https://forum.icann.org/lists/comments-ppsai-initial-05may15/threads.html

(Contribution by Valentina Pavel, EDRi member ApTI, Romania)

EDRi-gram_subscribe_banner

Twitter_tweet_and_follow_banner

close
15 Jul 2015

Surveillance technology company Hacking Team hacked

By Heini Järvinen

On 5 July, Italian surveillance technology company Hacking Team was hacked. 400GB of data from its servers was shared on BitTorrent, and Hacking Team employees’ emails, invoices and other documents posted publicly via the company’s own Twitter feed (that was renamed “Hacked Team” for the occasion). The authenticity of the documents has not been independently verified, but based on the scale of the breach and the data that the files contain, few experts are questioning the legitimacy of the documents.

Hacking Team is best known for its surveillance software Remote Control System (RCS, also known as Galileo, DaVinci and Ornella), which can be installed on a computer or a mobile phone without the user’s knowledge and is used to monitor the phone or Skype calls, text messages and emails.

Even though Hacking Team has repeatedly denied that its technology is being sold to repressive regimes, and has declared that they are not doing business with governments that are blacklisted by the EU, the US, NATO and other similar international organisations, invoices and contracts included in the hacked documents suggest that it has been selling its spyware to government agencies in countries such as Bahrain, Uzbekistan, Sudan, Azerbaijan, Saudi Arabia, Morocco, the United Arab Emirates, and Ethiopia. However, the company has also been in negotiations with Western countries like Germany and Poland. Last week, the head of the Cyprus Intelligence Service resigned following revelations that the island’s secret service had purchased Hacking Team’s software. The company has previously been accused of assisting repressive regimes in spying on their own citizens and of targeting human rights activists – for example, a 2013 report by Reporters Without Borders named Hacking Team as one of the “Corporate Enemies of the Internet”.

The company also claims that it is providing tools to “government agencies that can prevent crimes or terrorism”. The hacked data suggest, however, that the software may have been provided to non-state actors as well.

Spy Tech Company “Hacking Team” Gets Hacked (05.07.2015)
http://motherboard.vice.com/read/spy-tech-company-hacking-team-gets-hacked

For Arab Human Rights Defenders, Hacking Team Files Confirm Suspicions of State Surveillance
https://advocacy.globalvoicesonline.org/2015/07/08/for-arab-human-rights-defenders-hacking-team-files-confirm-suspicions-of-state-surveillance/

Hacking Team hacked: firm sold spying tools to repressive regimes, documents claim (06.07.2015)
http://www.theguardian.com/technology/2015/jul/06/hacking-team-hacked-firm-sold-spying-tools-to-repressive-regimes-documents-claim

Intelligence Service chief steps down (11.07.2015)
http://in-cyprus.com/intelligence-service-chief-steps-down/

In Light of Hacking Team Leaks, EFF and Latin American Civil Society Groups Call for Greater Oversight of Surveillance Technology (07.07.2015)
https://www.eff.org/deeplinks/2015/07/eff-join-latin-american-civil-society-calls-greater-oversight-surveillance

A detailed look at Hacking Team’s emails about its repressive clients (07.07.2015)
https://firstlook.org/theintercept/2015/07/07/leaked-documents-confirm-hacking-team-sells-spyware-repressive-countries/

EDRi-gram_subscribe_banner

Twitter_tweet_and_follow_banner

close
14 Jul 2015

EU PNR: Unproven, ineffective strategies are not security

By Diego Naranjo

“When people are scared, they need something done that will make them feel safe, even if it doesn’t truly make them safer. Politicians naturally want to do something in response to crisis, even if that something doesn’t make any sense.”

Bruce Schneier, Security expert

The proposal for a EU PNR Directive (Fight against terrorism and serious crime: use of passenger name record (PNR) data 2011/0023(COD)) will be put to a vote on Wednesday 15 July, in the Civil Liberties Committee (LIBE) of the European Parliament. Timothy Kirkhope, the Rapporteur (Member of the Parliament in charge of the proposal) has pushed during the last weeks to have this proposal voted on as soon as possible, despite the opposition from civil society groups, from experts including the European Data Protection Supervisor (EDPS) and the Fundamental Rights Agency, and the scepticism shown by many Parliamentarians and political groups in Brussels.

As we presented in our infograph, the (il)logical steps behind the EU PNR proposal are the same ones that are increasingly used in the “fight against terrorism”. After tragic terrorist attacks happen, politicians feel obliged to do “something” to show that “something” is being done – even if that something is useless, even if it generates new risks, even if it is counterproductive.

PNR is a profiling measure. It intends to guess, using algorithms, who is likely to pose a terrorist threat according to the patterns created by mixing different types of passenger data (nationality, flight routes, paying method used…) obtained by the airlines when a person books a flight. As Emeritus Professor of International Law Douwe Korff has noted in his recent Report on PNR presented at the Council of Europe, profiling “poses a serious threat of a Kafkaesque world in which powerful agencies (like the DHS and the NSA – or in the near future European agencies? ) take decisions that significantly affect individuals , without those decision-makers being able or willing to explain the underlying reasoning for those decisions, and in which those subjects are denied any effective individual or collective remedies. That is how serious the issue of profiling is: it poses a fundamental threat to the most basic principles of the Rule of Law and the relationship between the powerful and the people in a democratic society.” These issues were highlighted by the New York Times on 9 July in an article entitled “When algorithms discriminate”.

Creating lists of people with alleged similar characteristics seems in theory useful for law enforcement purposes, but in fact it usually produces mismatches which end up with serious consequences for those who are wrongly profiled. Korff provided examples of this, such as the case of Maher Arar: “The case of Mr Arar was in fact one of the most scandalous instances of an innocent person being classified as a terrorist on a US watchlist. Amnesty International summarises the case as follows: Maher Arar, a Canadian citizen, was travelling home to Canada from visiting relatives in Tunisia in 2002. While changing planes at New York City’s JFK airport, he was detained by U.S. authorities and then transferred secretly to Syria, where he was held for a year and tortured.” Other serious cases (although not as extreme as that of Mr Arar) have been raised in other parts of the world.

The EU PNR proposal adds nothing more than the insecurity of another set of unnecessary databases, the risk of an unaccountable algorithm putting innocent people at risk of suspicion, of delays, of denied boarding or arrest and indiscriminate mass surveillance. If the European Parliament goes down the same road than it used for the Data Retention Directive, it is likely to find the same result – a failed, ineffective placebo for security fears. The European Parliament should be a strong institution that produces durable, evidence-based coherent policies for the benefit of EU citizens, and not as a reactionary body that over-reacts, adopting rules based on false assumptions.

Additional reading:

Bruce Schneier: Is aviation security mostly for show? – (29.12.2009)
http://edition.cnn.com/2009/OPINION/12/29/schneier.air.travel.security.theater/index.html

Douwe Korff and Marie Georges: Passenger Name Records, data mining & data protection: the need for strong safeguards (15.06.2015)
https://www.coe.int/t/dghl/standardsetting/dataprotection/TPD_documents/T-PD%282015%2911_PNR%20draft%20report%20Douwe%20Korff%20&%20Marie%20Georges_15%2006%202015.pdf

Statewatch: Protests in the EU: “Troublemakers” and “travelling violent offenders [undefined] to be recorded on database and targeted (16.04.2010)
http://www.statewatch.org/analyses/no-93-troublemakers-apr-10.pdf

Statewatch: Schengen Information System Article 99 report: 33,541 people registered in SIS for surveillance and checks
http://www.statewatch.org/news/2008/feb/08SISart99.htm

Council of the European Union, 8570/10: Draft Council Conclusions on the use of a standardised, multidimensional semi- structured instrument for collecting data and information on the processes of radicalisation in the EU (16.04.2010): http://www.statewatch.org/news/2010/apr/eu-council-info-gathering-uardicalisation-8570-10.pdf.

Twitter_tweet_and_follow_banner

close
13 Jul 2015

EU Parliament to vote on indiscriminate collection and storage of travel data on 15 July

By Joe McNamee

Two years after rejecting the Commission proposal for a Directive on Passenger Name Record (PNR) in April 2013, the Committee on Civil Liberties, Justice and Home Affairs (LIBE) is expected to vote again on the adoption of this blanket surveillance measure on 15 July.

The purpose of the Directive is to collect and store the data of air travellers arriving into or leaving the EU (including an amendment that this should also cover intra-EU flights). It is proposed that data will be stored for the entirely arbitrary period of five years, that the data will be compared with unspecified other databases and used to profile all passengers as potential serious criminals. The European Commission has previously defended the proposal on the basis that indiscriminately collecting travellers’ data is “less indiscriminate” than the indiscriminate collection and storage of communications data under the Data Retention Directive.

The EU-PNR proposal was first proposed by the European Commission in 2011. However, it was rejected by the Parliament’s LIBE committee in 2013, presumably because there is no evidence to suggest that it is necessary and proportionate and, therefore, legal. Shortly after, the Parliament asked the Committee to reconsider its position.

The following are some of the reasons why the proposal should be rejected:

The EU should not repeat past mistakes

Fast-tracking these measures after the Paris and Copenhagen terrorists attacks in 2015 will lead to the EU repeating exactly the same mistake it made when adopting the failed Data Retention Directive. As previously explained in our PNR infographic, the LIBE Committee rejected the Data Retention Directive, only for the Directive to be subsequently pushed through following a terrorist attack. It was then declared illegal by the European Court of Justice. Now, after the LIBE Committee rejected the PNR Directive in 2013, it is being pushed through, following terrorist attacks.

Lack of evidence regarding the effectiveness of the PNR profiling

There is simply no evidence showing PNR schemes are an effective anti terrorism measure. There is no evidence that tracking of all passengers and collecting PNR data is necessary or even useful for the fight against terrorism and transnational serious crimes.

Principle at stake

The question is simple. In the absence of any evidence of necessity, of usefulness, of proportionality, is it acceptable to treat every citizen as a potential serious criminal? Is it acceptable to indiscriminately collect individual’s information, storing it in stockpiles of data which will become a security risk in their own right? Is it acceptable that, having made this mistake with telecommunications data retention, the European Parliament looks set to make this mistake again?

We urge you to contact your Members of the European Parliament (MEP) and remind them that privacy and protection of personal data are essential elements of every democratic society. Ask your MEP to support the amendments 48 and 49 in order to make sure that the Commission’s proposal, which evidently undermines key fundamental rights, is rejected.

Jointly written with EDRi intern Morana Perušić

Further reading:

Data retention: EU Commission – guardian and enemy of the treaties (17.12.2014.)
https://edri.org/data-retention-eu-com-guardian-enemy/

“We still need to watch you, really”: PNR back in the Parliament (02.04.2015)
https://edri.org/pnr-back-in-the-ep/

EU-PNR: “Those who don’t know history are doomed to repeat it” (03.06.2015)
https://www.accessnow.org/blog/2015/06/03/eu-pnr-those-who-dont-know-history-are-doomed-to-repeat-it

Article 29 Data Protection Working Party, Opinion 10/2011 on the proposal for a Directive of the European Parliament and of the Council on the use of passenger name record data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime (05.04.2011.)
http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp181_en.pdf

Twitter_tweet_and_follow_banner

close
02 Jul 2015

European Digital Rights asks the European Commission to investigate illegal data retention laws in the EU

By Heini Järvinen

European Digital Rights (EDRi) this morning sent a letter to European Commission First Vice-President Frans Timmermans, asking the European Commission to investigate the data retention laws in EU Member States which appear to be illegal in light of the Court of Justice of the European Union (CJEU) ruling on this issue from 8 April last year.

Looking superficially at a cross-section of 14 EU Member States’ approaches to data retention, EDRi identidied strong similarities between the provisions in force and those ruled illegal by the European Court. We therefore carried out case studies in relation to six countries (Croatia, Denmark, Finland, Italy, Poland and the United Kingdom) and sent them to the Commission as compelling proof that action needs to be taken.

“Over a year after the Court ruling, it is finally time for the Commission to act,” said Joe McNamee, Executive Director of European Digital Rights. “EU Member States cannot be allowed to break European law with impunity.”

The focus of EDRi’s analysis is:

  1. if EU Member States have provisions which link the data being retained with a particular time period, location, group of people or a serious crime;
  2. the procedures to access the retained data, and who can access it, and
  3. the conditions and the period during which the data is kept.

Although there are differences between the selected Member States, EDRi concluded that the existing laws in these six countries appear to be contravention to the Charter of Fundamental Rights, following the analysis of the CJEU.

EDRi calls on the European Commission, as the Guardian of the Treaties, to investigate further these and any other national laws that may be in breach of EU case law.

Read more:
Belgian Constitutional Court rules against data retention (17.06.2015)
Data retention: German government tries again (03.06.2015)
Hungarian data retention case: ORG, PI & scholars file amicus briefs (22.04.2015)
In Germany, Data Retention refuses to die (25.03.2015)
Dutch data retention law struck down – for now (12.03.2015)
Data retention in Kosovo and Switzerland – legalising illegal laws (28.01.2015)
Legal Service Opinion on CJEU Data Retention ruling (14.01.2015)
Data retention: EU Commission – guardian and enemy of the treaties (17.12.2014)
Dutch government: Let’s keep data retention mostly unchanged (03.12.2014)
Denmark: Data retention is here to stay despite the CJEU ruling (04.06.2014)
ECJ: Data retention directive contravenes European law (09.04.2014)
Data Retention in Austria: Constitutional Court turns to the CJEU (16.01.2013)

 


European Digital Rights ruft die Europäische Kommission dazu auf, illegale Gesetze zur Vorratsdatenspeicherung in der EU zu prüfen

European Digital Rights (EDRi) hat heute Morgen einen Brief an den Ersten Vizepräsidenten der Europäischen Kommission geschickt. In dem Schreiben wird die EU-Kommission dazu aufgerufen, die Gesetze zur Vorratsdatenspeicherung in den Mitgliedstaaten der EU zu untersuchen, da diese vor dem Hintergrund der Entscheidung des Europäischen Gerichtshofs vom 8. April letzen Jahres illegal erscheinen.

EDRi hat nach einer kusorischen Betrachtung der Regulierungen zur Vorratsdatenspeicherung von 14 EU-Mitlgiedstaaten festgestellt, dass grosse Ähnlichkeiten zwischen den momentan geltenden Bestimmungen und jenen, die der Gerichtshof als illegal befunden hat, bestehen. Daher haben wir Fallstudien über sechs Länder (Kroation, Dänemark, Finnland, Italien, Polen und Grossbritannien) angefertigt und diese der Kommission übermittelt, um klar aufzuzeigen, dass entsprechende Massnahmen ergriffen werden müssen.

“Über ein Jahr nach dem Gerichtsbeschluss ist es endgültig an der Zeit, dass die Kommission handelt,” sagt Joe McNamee, Geschäftsführer von European Digital Rights. “Es darf EU-Mitgliedstaaten nicht erlaubt sein, ungestraft EU Recht zu brechen.”

Die Schwerpunkte der Analyse sind:

  1. Ob die Bestimmungen der Mitgliedstaaten die auf Vorrat gespeicherten Daten mit einem spezifischen Zeitpunkt, Ort, Gruppe oder einem schweren Verbrechen in Verbindung setzen;
  2. Die Verfahren zum Zugriff auf die auf Vorrat gespeicherten Daten sowie wer auf diese Daten Zugriff hat;
  3. Die Bedingungen zur Speicherung der Daten sowie die Dauer der Speicherfrist.

Obwohl es Unterschiede zwischen den untersuchten Mitgliedstaaten gibt, ist EDRi auf Grundlage des EuGH-Urteils zu der Schlussfolgerung gekommen, dass die Gesetze, die in diesen sechs Ländern existieren, gegen die Charta der Grundrechte verstossen.

EDRi ruft die Europäische Kommission als Hüterin der Verträge dazu auf, zu untersuchen, ob diese und andere nationale Gesetze zur Vorratsdatenspeicherung gegen EU-Recht verstoßen.

Mehr dazu:
Belgian Constitutional Court rules against data retention (17.06.2015)
Data retention: German government tries again (03.06.2015)
Hungarian data retention case: ORG, PI & scholars file amicus briefs (22.04.2015)
In Germany, Data Retention refuses to die (25.03.2015)
Dutch data retention law struck down – for now (12.03.2015)
Data retention in Kosovo and Switzerland – legalising illegal laws (28.01.2015)
Legal Service Opinion on CJEU Data Retention ruling (14.01.2015)
Data retention: EU Commission – guardian and enemy of the treaties (17.12.2014)
Dutch government: Let’s keep data retention mostly unchanged (03.12.2014)
Denmark: Data retention is here to stay despite the CJEU ruling (04.06.2014)
ECJ: Data retention directive contravenes European law (09.04.2014)
Data Retention in Austria: Constitutional Court turns to the CJEU (16.01.2013)

 


European Digital Rights chiede alla Commissione Europea di aprire un’indagine all’interno dell’UE sulle leggi illegittime in materia di data retention

Questa mattina European Digital Rights (EDRi) ha inviato una lettera al Primo Vice-Presidente della Commissione Europea Frans Timmermans, nella quale ha chiesto di aprire un’indagine, all’interno degli Stati Membri dell’UE, riguardo alle norme in materia di data retention che risultano illegali alla luce della decisione adottata dalla Corte di Giustizia dell’Unione Europea (CGUE) lo scorso 8 Aprile.

Dopo una prima analisi dell’approccio intrapreso in materia di data retention nelle legislazioni di 14 Stati Membri, EDRi ha individuato delle profonde somiglianze tra le norme in vigore e quelle dichiarate illegali dalla Corte di Giustizia. Abbiamo quindi studiato la situazione riguardante sei Paesi (Croazia, Danimarca, Finlandia, Italia, Polonia e Regno Unito) e inviato i risultati della nostra ricerca alla Commissione, come prova evidente della necessità di prendere provvedimenti.

“A piu di un anno di distanza dalla decisione della Corte, è giunto il momento di agire per la Commissione,” ha dichiarato Joe McNamee, Direttore Esecutivo di European Digital Rights. “Non si puo’ permettere agli Stati Membri dell”UE di violare il diritto Europeo impunemente.”

Gli elementi su cui si concentra l’analisi effettuata da EDRi sono:

  1. se le norme in vigore negli Stati Membri dell’UE mettono in relazione i dati che vengono conservati ad un certo periodo di tempo, ad un luogo o un gruppo di persone particolari, o ad un reato grave;
  2. le procedure di accesso ai dati conservati, e chi puo’ accedervi;
  3. le condizioni e la durata del periodo di conservazione dei dati.

Nonostante ci siano differenze tra gli Stati Membri selezionati, EDRi ha concluso che, in seguito all’analisi effettuata dalla CGUE, le norme vigenti in questi sei paesi risultano essere in contrasto con la Carta dei Diritti Fondamentali.

EDRi lancia un appello alla Commissione Europea, in quanto Custode dei Trattati, affinchè investighi piu’ a fondo queste leggi, e ogni altra legge nazionale che possa violare la giurisprudenza dell’UE.

Approfondisci:
Belgian Constitutional Court rules against data retention (17.06.2015)
Data retention: German government tries again (03.06.2015)
Hungarian data retention case: ORG, PI & scholars file amicus briefs (22.04.2015)
In Germany, Data Retention refuses to die (25.03.2015)
Dutch data retention law struck down – for now (12.03.2015)
Data retention in Kosovo and Switzerland – legalising illegal laws (28.01.2015)
Legal Service Opinion on CJEU Data Retention ruling (14.01.2015)
Data retention: EU Commission – guardian and enemy of the treaties (17.12.2014)
Dutch government: Let’s keep data retention mostly unchanged (03.12.2014)
Denmark: Data retention is here to stay despite the CJEU ruling (04.06.2014)
ECJ: Data retention directive contravenes European law (09.04.2014)
Data Retention in Austria: Constitutional Court turns to the CJEU (16.01.2013)

 


European Digital Rights anmoder Europa-Kommissionen om at undersøge ulovlige logningslove i EU

European Digital Rights (EDRi) har her til morgen sendt et brev til 1. næstformand for Europa-Kommissionen Frans Timmermans, der beder Europa-Kommissionen undersøge logningslovene i EUs medlemsstater, som synes at være ulovlige i lyset af dommen fra EU-domstolen om logningsdirektivet den 8. april 2014.

Ud fra en indledende analyse af logningsreglerne i 14 EU medlemsstater, har EDRi identificeret stærke ligheder mellem de gældende lovbestemmelser og de bestemmelser som blev kendt ulovlige af EU-domstolen. Vi har derfor udført casestudier på seks lande (Kroatien, Danmark, Finland, Italien, Polen og Storbritannien) og sendt dem til Kommissionen som et overbevisende argument for at der er behov for handling.

“Et år efter EU-domstolens afgørelse er det endelig tid for Kommissionen til at handle,” siger Joe McNamee, Executive Director for European Digital Rights. “EUs medlemsstater skal ikke ustraffet kunne bryde europæisk lov.”

Fokus for EDRi’s analyse er:

  1. om EUs medlemsstater i deres nationale lovbestemmelser har begrænset dataindsamlingen til bestemte perioder eller bestemte forbrydelser;
  2. proceduren for at få adgang til de indsamlede data, og hvem der kan få adgang, og
  3. betingelserne for opbevaring af logningsdata og opbevaringsperioden.

Selv om der er forskelle mellem de udvalgte medlemsstater, konkluderer EDRi at de eksisterende love i disse seks lande ser ud til at være i strid med Charter om Grundlæggende Rettigheder, jf. analysen fra EU-domstolen.

EDRi opfordrer Europa-Kommissionen, som vogter af traktaterne, til at undersøge lovgivningen i disse seks lande og andre nationale love, som kan være i strid med retspraksis fra EU-domstolen.

Læs mere:
Belgian Constitutional Court rules against data retention (17.06.2015)
Data retention: German government tries again (03.06.2015)
Hungarian data retention case: ORG, PI & scholars file amicus briefs (22.04.2015)
In Germany, Data Retention refuses to die (25.03.2015)
Dutch data retention law struck down – for now (12.03.2015)
Data retention in Kosovo and Switzerland – legalising illegal laws (28.01.2015)
Legal Service Opinion on CJEU Data Retention ruling (14.01.2015)
Data retention: EU Commission – guardian and enemy of the treaties (17.12.2014)
Dutch government: Let’s keep data retention mostly unchanged (03.12.2014)
Denmark: Data retention is here to stay despite the CJEU ruling (04.06.2014)
ECJ: Data retention directive contravenes European law (09.04.2014)
Data Retention in Austria: Constitutional Court turns to the CJEU (16.01.2013)

 


European Digital Rights traži Europsku Komisiju da istraži ilegalne zakone ozadržavanju podataka u Europskoj Uniji

European Digital Rights (EDRi) poslao je danas ujutro pismo prvom potpredsjedniku Europske Komisije, Fransu Timmermansu, u kojem traži da Europska Komisija provede istragu o zakonima o zadržavanju podataka u državama članicama EU, za koje se smatra da nisu u skladu s presudom Suda pravde Europske Unije (CJEU) na tu temu, donesene 8. travnja prošle godine.

Površno pregledavajući presjek pristupa zadržavanju podataka 14 država članica EU, EDRi je uočio snažne sličnosti između odredaba na snazi i onih proglašenih nezakonitima od strane Europskog suda. Iz tog razloga proveli smo analizu stanja u šest država (Hrvatska, Danska, Finska, Italija, Poljska i Ujedinjeno Kraljevstvo) koju smo proslijedili Komisiji kao neoboriv dokaz da je djelovanje nužno.

“Nakon više od godinu dana nakon što je presuda donesena, krajnje je vrijeme da Komisija počne djelovati”, izjavio je Joe McNamee, izvršni direktor European Digital Rights. “Državama članicama Europske Unije ne smije biti dopušteno nekažnjeno kršiti Europske zakone.”

Provodeći analizu EDRi se usredotočio na sljedeće glavne točke:

  1. imaju li države članice u svojim nacionalnim zakonodavstvima odredbe koje povezuju zadržane podatke s određenim razdobljem, zemljopisnim područjem, skupinom ljudi ili teškim kaznenim djelom;
  2. postupak pristupa zadržanim podacima i tko im može pristupiti;
  3. uvjete i razdoblje unutar kojeg su podaci zadržani.

Unatoč razlikama koje postoje između spomenutih država, prema zaključku EDRi-ja čini se da postojeći zakoni u ovih šest država predstavljaju kršenje Povelje o ljudskim pravima, imajući u vidu analizu Suda pravde (CJEU).

EDRi poziva Europsku komisiju, kao Čuvara Europskih ugovora, da podrobnije istraži navedene kao i bilo koje druge nacionalne zakone koji potencijalno predstavljaju kršenje sudske prakse Europske Unije.

Pročitajte više:
Belgian Constitutional Court rules against data retention (17.06.2015)
Data retention: German government tries again (03.06.2015)
Hungarian data retention case: ORG, PI & scholars file amicus briefs (22.04.2015)
In Germany, Data Retention refuses to die (25.03.2015)
Dutch data retention law struck down – for now (12.03.2015)
Data retention in Kosovo and Switzerland – legalising illegal laws (28.01.2015)
Legal Service Opinion on CJEU Data Retention ruling (14.01.2015)
Data retention: EU Commission – guardian and enemy of the treaties (17.12.2014)
Dutch government: Let’s keep data retention mostly unchanged (03.12.2014)
Denmark: Data retention is here to stay despite the CJEU ruling (04.06.2014)
ECJ: Data retention directive contravenes European law (09.04.2014)
Data Retention in Austria: Constitutional Court turns to the CJEU (16.01.2013)

 


European Digital Rights vaatii Euroopan komissiota tutkimaan laittomat teletunnistetietojen säilyttämistä koskevat lait EU:ssa

Tänä aamuna European Digital Rights (EDRi) lähetti Euroopan komission varapuheenjohtaja Frans Timmermansille kirjeen, jossa vaaditaan komissiota käynnistämään tutkinta EU-jäsenmaiden teletunnistetietojen säilyttämistä koskevista laeista, jotka Euroopan unionin tuomioistuimen (ECJ) viime vuoden huhtikuun 8. päivän päätöksen valossa vaikuttavat lain vastaisilta.

EDRi havaitsi vertaillessaan 14 EU-jäsenmaan kantoja teletunnistetietojen säilyttämiseen selkeitä yhtäläisyyksiä eri jäsenmaissa voimassa olevien säännösten ja tuomioistuimen laittomiksi julistamien säännösten välillä. Kuuden jäsenmaan (Kroatia, Tanska, Suomi, Italia, Puola ja Iso-Britannia) tilanteesta tehdyt tarkemmat analyysit lähetettiin Euroopan komissiolle vakuuttavana todisteena siitä, että komission on ryhdyttävä pikaisesti toimiin asian korjaamiseksi.

“Yli vuosi tuomioistuimen päätöksen jälkeen komission olisi vihdoin aika toimia”, sanoi Joe McNamee, EDRi:n toiminnanjohtaja. “Jäsenmaiden ei voi antaa rikkoa EU:n lainsäädäntöä rangaistuksetta.”

EDRi:n analyysi keskittyy seuraaviin kohtiin:

  1. onko EU-jäsenmaissa on voimassa säännöksiä, jotka yhdistävät tietyn ajanjakson, sijannin tai ihmisryhmän tietoja tai tietoja jotka liittyvät vakaviin rikoksiin
  2. menettelytavat liittyen siihen, kuinka ja kenellä on pääsy säilytettyihin tietoihin
  3. tietojen säilyttämisen ehdot ja ajanjakso, joka tiedot säilytetään

Vaikka jäsenmaiden laeissa on eroja, voimassa olevat lait kuudessa tutkitussa jäsenmaassa vaikuttavat olevan ristiriidassa Euroopan unionin perusoikeuskirjan kanssa, perustuen ECJ:n päätökseen ja analyysiin.

EDRi kehottaa Euroopan komissiota perussopimusten vartijana tutkimaan kyseisten maiden teletunnistetietojen säilyttämistä koskevat lait, sekä muut kansalliset lait, jotka saattavat rikkoa EU:n oikeuskäytäntöä.

Lisätietoa:
Belgian Constitutional Court rules against data retention (17.06.2015)
Data retention: German government tries again (03.06.2015)
Hungarian data retention case: ORG, PI & scholars file amicus briefs (22.04.2015)
In Germany, Data Retention refuses to die (25.03.2015)
Dutch data retention law struck down – for now (12.03.2015)
Data retention in Kosovo and Switzerland – legalising illegal laws (28.01.2015)
Legal Service Opinion on CJEU Data Retention ruling (14.01.2015)
Data retention: EU Commission – guardian and enemy of the treaties (17.12.2014)
Dutch government: Let’s keep data retention mostly unchanged (03.12.2014)
Denmark: Data retention is here to stay despite the CJEU ruling (04.06.2014)
ECJ: Data retention directive contravenes European law (09.04.2014)
Data Retention in Austria: Constitutional Court turns to the CJEU (16.01.2013)

 


Twitter_tweet_and_follow_banner

close
17 Jun 2015

Belgian Constitutional Court rules against data retention

By Guest author

On 12 June, following two actions for annulment brought independently, the Belgian Constitutional Court ruled against the mass collection of communications metadata. This ruling is line with a recent ruling from the Court of Justice of the European Union (CJEU) invalidating the directive that inspired the Belgian law.

The Data Retention Directive (2006/24/CE) adopted in the aftermath of the terrorist attacks in Madrid (2004) and London (2005) – and invalidated in 2014 -required telecommunication service providers or operators to retain communications metadata on each and every customer for between 18 months and two years. In July 2013, the Belgian Federal Parliament adopted, under an emergency procedure, a law and a decree transposing the Directive into Belgian law.

In February 2014, NURPA, datapanik.org, EDRi member Liga voor Mensenrechten and the Ligue des Droits de l’Homme (LDH) jointly initiated a crowdfunding campaign to finance an action for annulment before the Constitutional Court. The success encountered by the campaign – the 5 000 euro goal was exceeded in a couple of weeks – has shown how much citizens value their privacy.

In the ruling, the Belgian Constitutional Court reaffirms the importance of the right to privacy under the Article 22 of the Belgian Constitution, and recalls that any limitation of this right must be proportionate. Belgium joins the growing list of Member States in which the national transposition of the Directive was challenged successfully. It should be noted that it is currently not clear whether the European Commission plans to introduce a new proposal for the retention of communications data or not.

“This constitutional ruling should have the effect of a shock to our governments: they cannot expand indefinitely the massive surveillance of their citizens. There is an increasingly obvious imbalance between the respect for privacy and the legitimate need for security. This is what prompted LDH to make data protection and privacy our main themes for 2015,”

said Alexis Deswaef, President of LDH.

“The ruling of the Constitutional Court brings a breath of fresh air in a nauseating context where murderous acts of a few terrorists are enough to destroy the fundamental principles of rights and freedoms of our democracies. This should remind everyone that rights and freedoms are a constant struggle, even more so when the trend in Europe is the stacking of securitarian measures, as sadly demonstrated by the French case,”

concluded André Loconte, spokesman of NURPA.

The Constitutional Court repeals the transposition of the data retention directive (12.06.2015)
http://nurpa.be/actualites/2015/06/const-court-repeals-data-retention-belgium

Avis de la Cour de justice de l’Union au sujet de la directive sur la conservation des données (12.06.2015)
http://nurpa.be/actualites/2013/12/avis-CJUE-data-retention#contexte-belge

Data retention in Belgium
http://stopdataretention.be/en/

Ruling in Dutch
http://nurpa.be/files/20150611_ruling-const-cour-dataretention-belgium_nl.pdf

Ruling in German
http://nurpa.be/files/20150611_ruling-const-cour-dataretention-belgium_de.pdf

Status of data rentention Directive transpositions accross Member States
http://wiki.vorratsdatenspeicherung.de/Transposition

EU executive plans no new data retention law (12.06.2015)
www.reuters.com/article/2015/03/12/us-eu-data-telecommunications-idUSKBN0M82CO20150312

(Contribution by NURPA, Belgium)

EDRi-gram_subscribe_banner

Twitter_tweet_and_follow_banner

close
04 Jun 2015

Surveillance of air passengers: Letter to Parliamentarians

By Diego Naranjo

Surveillance in the EU - infographics

Today, 4 June, in light of the discussion in the European Parliament Committee on Civil Liberties, Justice and Home Affairs (LIBE) of the amendments for the Passenger Name Record (PNR) proposal, we have sent the following e-mail to all members in the Committee:

“Dear Ms/Mr ……,

Ahead of today’s debate on the proposed EU-PNR Directive, EDRi and Access would like to draw your attention on the striking and deeply concerning similarities between this proposal and the now invalid Data Retention Directive.

Please find attached an infographic comparing these proposals and here a short post providing more information on these issues here and here.

We remain at your disposal for any information you might need.

Best regards,
Diego Naranjo & Estelle Masse.

Contact information:
Diego Naranjo (EDRi) – diego.naranjo@edri.org
Estelle Masse (Access) – estelle@accessnow.org

EDRi is a pan-European organisation working on human rights in the digital environment.

Access is an international organisation that defends and extends the digital rights of users at risk around the world.”

Twitter_tweet_and_follow_banner

close