[ANSOL-geral] EDRI-gram newsletter - Number 3.13, 29 June 2005

EDRI-gram newsletter edrigram edri.org
Quinta-Feira, 30 de Junho de 2005 - 10:18:51 WEST


============================================================

             EDRI-gram

  biweekly newsletter about digital civil rights in Europe

     Number 3.13, 29 June 2005


============================================================
Contents
============================================================

1.  Heated debate on ID cards in the UK
2.  French NGOs: no consensus possible on biometric ID-card
3.  Police backdoor discovered in Italian alternative server
4.  US Supreme Court: liability for P2P software providers
5.  Dutch study fails to prove usefulness and necessity data retention
6.  Freedom of information in Germany and the UK
7.  OSCE conference on media freedom on the Internet
8.  Preview G8-meeting in Gleneagles
9.  Rome II: Applicable law and freedom of expression
10. Update on Alvar Freude case
11. EDRI granted observer status in CoE HR group
12. EDRI contribution to WIPO prep-meeting Development Agenda
13. Support EDRI!
14. Agenda
15. About

============================================================
1. Heated debate on ID cards in the UK
============================================================

On 28 June the UK government narrowly won a vote on its identity card
proposals in the House of Commons, seeing its majority halved to just 31.
The previous day the UK Information Commissioner, Richard Thomas,
expressed strong concerns over the government's plans for a biometric
national identity card and database. He particularly criticised the
scheme's "disproportionate and excessive" storage of personal information
and the wide range of uses that would "permit function creep into
unforeseen and perhaps unacceptable areas of private life".

On 27 June the London School of Economics published "The Identity Project:
an assessment of the UK Identity Cards Bill and its implications". The
report looks at the potential costs and benefits of the government's
proposals, and finds that the scheme may be both more expensive and less
effective in targetting problems such as terrorism, illegal immigration
and identity fraud than the government has claimed.

The report is the outcome of a 6-month research project involving over 100
industry, government and academic experts. It has caused controversy in
the UK, with Prime Minister Tony Blair and Home Secretary Charles Clarke
forced to dispute its detailed cost estimates of around 435 euro per card.
Behind this headline figure the report highlights a number of other
potential problems with the scheme, ranging from the untested technology
involved, the compatibility of the legislation with the European
Convention on Human Rights, to the risks of unauthorised access to the
scheme's central database of personal information.

The UK Home Office has also finally published the results of a trial of
the technology to be used with the proposed card. 10.016 volunteers took
part, but even within this group of ID enthusiasts there were severe
problems with the biometrics that the government claim will make a card
totally secure. 10% of non-disabled participants and 39% of disabled
participants were unable to have their irises stored. 4% of non-disabled
participants and 9% of disabled participants could not have their irises
checked against a stored record. The fingerprints of 20% of participants
could not be checked. These results would be disastrous in a national
scheme that included over 50 million adults.

All of these problems mean that there is likely to be extremely strong
opposition when the Bill reaches the House of Lords, where the government
does not have a majority. The Lords could force the government to delay
the Bill for at least a year.

ID cards 'will reveal details of daily life' (28.06.2005)
http://www.guardian.co.uk/guardianpolitics/story/0,3605,1516069,00.html

LSE report The Identity Project
http://is.lse.ac.uk/idcard/identityreport.pdf

UK passport service biometrics enrolment trial (May 2005)
http://www.homeoffice.gov.uk/docs4/UKPS_Biometrics_Enrolment_summary.pdf

(Contribution by Ian Brown, board member EDRI)

============================================================
2. French NGOs: no consensus possible on biometric ID-card
============================================================

A coalition of 6 French organisations against the French biometric card
project INES (among them EDRI-member IRIS, see EDRI-gram 3.11) remains
convinced that 'no consensus is possible' to accept the project if
modified  according to the suggestions made by the Internet Rights Forum
('Forum des droits sur l'Internet' or FDI, a private association mainly
funded by the French government.) The Forum was asked to organise a public
debate about the project. The results were published on 16 June 2005 and
presented to the French ministry of Interior.

The FDI organised both online and off-line debates between February and
May 2005. Public meetings were held in 6 main French towns, and the online
forum collected over 3000 messages from 683 unique contributors. In
addition, a poll was conducted amongst a representative sample of 950
persons.

Although the poll showed that 74% of the respondents are in favour of the
INES project, 75% in favour of a national fingerprint database and 63% in
favour of making the biometric ID card mandatory, the online and off-line
debates also produced strongly argumented criticisms of the INES project.

As a follow-up, the FDI report calls for a number of actions and
modifications: better studies on identity fraud; the de-coupling of the
project from the passport system; studies on the risks of using a single
identifier; shifting responsibility for the project to the data protection
authority; the creation of a new social contract between the citizen and
the state; studies on the contact-less nature of the chip; a clear
statement from the Government on whether the card will be required for
commercial transactions; assurances that the card will be free at
enrolment (though individuals could be charged for renewal or loss); and a
clear Parliamentary debate on the obligatory nature of the card.

The dangers highlighted by the report confirm the earlier fears and
warnings of the NGO coalition. However, the report fails to address the
main issue with a biometric ID card; the profound change in the relation
of power between the citizen and the state, as noted by the French NGO
coalition in a press release published on 20 June 2005.

The coalition remains convinced that the project should be withdrawn and
that a truly large public debate should be opened. A petition calling for
such a debate has already been signed by 1500 organisations and
individuals within 1 month, among them members of the French Parliament.

"The social contract remains founded on the presumption of mutual trust
and on the preservation of everyone's freedoms", the coalition reminded,
rejecting the FDI proposal of a so-called 'social contract' where the
citizen may obtain 'online, free and permanent access to his
administrative files' in compensation of 'an increased control of his
individual identity and identity documents' by the State.

It is likely that the project implementation, or even discussion by the
Parliament, will be postponed. The new French Interior minister declared
in a public meeting on 20 June that the project "will profoundly impact
the daily life of French citizens for a long time. If European provisions
impose us to quickly set up a biometric passport, the situation is
different for the electronic ID card. I don't want us to engage in this
project without having taken the necessary time to think about all its
consequences." Indeed, rumours indicate that the draft law has been
withdrawn from the French Data Protection Authority, which is now waiting
for the  new version. But there is no sign that the new project will show
more than minor changes: "the question is not to discard evolutions which,
for some, are necessary, but rather to identify where we want to go, at
which conditions, and at which price", the Interior minister added.

French NGO coalition press release (in French, 20.06.2005)
http://www.iris.sgdg.org/info-debat/comm-ines0605.html

French Interior minister public declarations (in French, 20.06.2005)
http://www.interieur.gouv.fr/rubriques/c/c1_le_ministre/c13_discours/2005_06_20_prefet

FDI report on the French biometric ID card debate (in French, 16.06.2005)
http://www.foruminternet.org/publications/lire.phtml?id=914

English overview of the project and the debate:
LSE Report, Chapter 7, France section, pp.66-70 (27.06.2005)
http://is.lse.ac.uk/idcard/identityreport.pdf

EDRI-gram 3.11, French campaign against biometric ID card (02.06.2005)
http://www.edri.org/edrigram/number3.11/biometrics

(Contribution by Meryem Marzouki, EDRI-member IRIS)

============================================================
3. Police backdoor discovered in Italian alternative server
============================================================

On 21 June 2005 the Italian collective Austistici/Inventati discovered a
major police backdoor in their server. The server hosts a large number of
websites, mailboxes, mailing lists and Internet services for NGOs,
grassroots activists and public interest associations. The backdoor was
installed over a year ago, on 15 June 2004 by the Italian "Polizia
Postale" (Postal Police), after a seizure ordered by the Procura di
Bologna (Office of the Public Prosecutor in Bologna) in the context of an
investigation into the anarchist collective Crocenera.

The legal owners of the server ('Investici', a legally recognised
association) were not informed, nor by the police nor by the public
prosecutor. The provider claimed that the downtime - caused by the Police
putting the server off-line -  was due to a power outage.

The police gained access to the private SSL certificate stored on the
server and installed several tools to monitor, intercept and decrypt all
the traffic going through the server - not only the traffic that was
actually relevant to the investigations. There is no actual proof that any
data (not relevant to the case  under investigation) were collected, but
the possibility is definitively there.

Austistici/Inventati are most furious about the fact that the server was
secretly monitored, intercepted and  decrypted for a whole year. All the
traffic that passed through the server from over 30.000 people was
potentially intercepted. Their basic rights to privacy and presumption of
innocence until proven guilty, as granted under the Italian constitution,
have been violated.

The collective discovered the backdoor on 21 June 2005, after three
hundred, seventy-one days of potential snooping of personal and/or
sensitive information. A first step will be a formal complaint to the
Italian Data Protection Authority; the general legal strategy is still
being discussed.

The server is still being hosted by ISP Aruba (based in Arezzo, Italy),
but Autistici/Inventati has clearly warned everyone that communication
going through that server is to be considered highly insecure and they are
looking for a new housing provider.

PRC (Partito della Rifondazione Comunista) members Titti de Simone and
Elettra Deiana, and Green Party members Mauro Bulgarelli and Paolo Cento
have already issued formal questions to the Minister of Communications in
order to find out whether the Postal Police, the Procura di Bologna and
Aruba S.p.a. have acted according to Italian laws on privacy and freedom
of speech.

Aruba has issued a public press release, stating that it just complied to
Italian criminal laws and that it  would reserve its right to sue
Autistici/Inventati and/or any other interested party for libel and
slander.

Autistici/Inventati web site
http://www.inventati.org/

English summary: "It's not a private matter - it's a matter of privacy"
(21.06.2005)
http://www.autistici.org/ai/crackdown/

Press releases (in Italian)
http://www.autistici.org/ai/crackdown/stampa.html

Reply from the ISP: Caso Autistici, la replica di Aruba (28.06.2005)
http://punto-informatico.it/p.asp?i=53734&r=PI

(Contribution by Andrea Glorioso, Italian consultant on digital policies)

============================================================
4. US Supreme Court: liability for P2P software providers
============================================================

The US Supreme Court has handed down a slashing verdict for the makers of
peer to peer software. In the case of MGM versus Grokster and StreamCast
the judges find the software producers liable for copyright infringements
committed by users of the software. The court uses three arguments for
this theory of extended liability.

First of all, the CEOs clearly "marketed themselves as Napster
alternatives" and "took active steps to encourage infringement". Secondly,
they didn't make any effort to prevent the sharing of copyrighted files.
And thirdly, they gain a profit from selling advertising space. "Since the
extent of the software's use determines the gain to the distributors, the
commercial sense of their enterprise turn on high-volume use, which the
record shows is infringing."

The Supreme Court has ordered the lower court to reconsider its decision
from 2001 with the new doctrine. In the 2001 case, and in the appeal in
2004, the software producers successfully claimed protection from
liability, based on the 1984 landmark decision in the Sony (Betamax) v.
Universal City Studios case. Since the VCRs were mainly used for
timeshifting (substantial noninfringing use), the producer could not be
held liable for possible infringing use.

In the earlier cases against the P2P software makers, the courts also took
into account the software providers had no actual knowledge of
infringement, did not monitor the behaviour of users and had no
involvement in any infringement other then providing the software.

The US Electronic Frontier Foundation provided legal council to the case
from the beginning. Fred van Lohmann, the EFF senior intellectual property
attorney commented: "Today the Supreme Court has unleashed a new era of
legal uncertainty on America's innovators. The newly announced inducement
theory of copyright liability will fuel a new generation of entertainment
industry lawsuits against technology companies. Perhaps more important,
the threat of legal costs may lead technology companies to modify their
products to please Hollywood instead of consumers."

Supreme Court case 545 MGM v. Grokster et al (27.06.2005)
http://www.eff.org/IP/P2P/MGM_v_Grokster/04-480.pdf

Press release EFF (27.06.2005)
http://www.eff.org/news/archives/2005_06.php#003748

============================================================
5. Dutch study fails to prove usefulness and necessity data retention
============================================================

On 22 June 2005 the Dutch Erasmus University published a report about the
usefulness and necessity of data retention for law enforcement purposes.
The report is the first public research in Europe into the actual use by
law enforcement of historical traffic data.

The researchers looked at 65 police investigations that were provided by
the Dutch ministry of justice as good examples of the usefulness for
traffic data for law enforcement. They conclude 'in virtually all cases'
the police could get all the traffic data they needed, based on average
availability of telephony traffic data of 3 months. The researchers also
warn they can't qualify the usefulness of these data as direct or indirect
evidence, or the representativeness of the sample of cases for law
enforcement in general.

But after failing to meet this essential test, the researchers organised
talks with several anonymous police representatives. Based exclusively on
those talks, the report recommends 1 year mandatory data retention, for
Internet even to a much wider extent than the current European proposal.
Besides logging every incoming and outgoing IP-request from each
customer's computer(s) and registering every service used by customers,
ISPs should also log URLs and the obligation should be extended to hosting
providers and internet-cafes. On the other hand, the report mentions no
need at all for data about modern messaging services, such as SMS, EMS and
MMS, or new data services such as GPRS and UMTS, or failed
caller-attempts.

Dutch EDRI-member Bits of Freedom immediately issued a press release
stating that the report can only be qualified as a police wish-list,
without any substantial evidence for the necessity of data retention.
Members of the special European Legal Affairs Committee of the Senate
debating on the report on 28 June 2005 clearly agreed with this vision. In
a unique confrontation with his own christian-democrat minister of
Justice, MP Hans Franken thoroughly blasted the report and the decision
making process so far. Fully supported by the other government coalition
partner (right-wing liberals) and the major opposition parties, he said
the government completely failed to meet the essential proportionality
test decreed by Article 8 of the ECHR. The government did not prove the
necessity, did not consider any less infringing alternatives to general
data retention, and did not do any valid investigation into the costs and
economic impact of the proposal. Last but not least, the government
apparently did not consider the effectivity. The 68 year old Franken
clearly caught the minister by surprise when he summed up a long list of
technical problems with the proposal, especially in connection with
Internet and new data services provided by mobile operators. He mentioned
the astronomical   amount of data handled by ISPs, explained that data
retention requires a full internet wiretap on every user, and mentioned
cost calculations amounting to a 7 million euro initial investment for a
small Dutch ISP with a 2.5% market share. Franken also pointed at the
wider context, both technically with IPv6 and Voice over IP replacing
regular telephony networks and internationally, with no similar obligation
planned for providers in the United States and an abundance of choices for
internet-users to use proxies or encrypt all traffic.

Minister Donner could only stammer a reply that cost calculations differed
a lot and for example Denmark had a very effective data retention law,
with much lower costs. MP Franken didn't let that pass, and told the
minister there was indeed a framework law in Denmark decreeing data
retention, but the law had not materialised in a specific decree yet. That
left the minister with no other argument than a reference to the next
informal JHA meeting, in Newcastle on 8 September 2005, where besides
police officials apparently also representatives from the telecom-industry
will be given a chance to explain their problems with the proposal.

Both chambers of parliament will debate the Erasmus report in depth in
September 2005, but only after they have jointly been coached to the right
opinion by a presentation by the Public Prosecutors department and police
commissioners. Meanwhile, the European ministers of Justice and Home
Affairs will continue to work on the proposal, with a next meeting of the
working party of government officials planned on 4 and 5 July 2005 and the
UK presidency of the EU already having warned several members of the
European Parliament their resistance is futile, since the UK is set on
creating mandatory data retention via Europe after they failed nationally.

Report Erasmus University (in Dutch only, 22.06.2005)
http://www.justitie.nl/Images/20050620_5357934b%20aanbieding%20rapport%20Erasmus%20Universiteit_tcm74-75134.pdf

Press release Bits of Freedom (in Dutch only, 22.06.2005)
http://www.bof.nl/docs/persbericht_bewaarplicht_21062005.pdf

============================================================
6. Freedom of information in Germany and the UK
============================================================

On 8 July 2005 the German Senate (Bundesrat) is set to decide on a freedom
of information law, granting formal access rights to governmental
decisions. But the christian-democrat governments in many of the 16 states
have threatened to block the law.

In July 2004 the German government announced the rapid introduction of the
Federal Freedom of Information Act (Gesetz zur Regelung des Zugangs zu
Informationen des Bundes) and on 3 June 2005 the Lower House adopted the
text in second and third reading, after having considered strong
objections from national health insurance companies and the parliamentary
health committee. They were afraid individual medical records could be
requested as well.

Though the Bundesrat officially only has a say on laws directly affecting
the regional states, in this case their rejection could actually block the
proposal. Normally, after such a formal objection the law could still be
adopted by the Lower House. But after the upcoming elections in Germany,
the Lower House might very well see a comfortable conservative majority
strongly opposing the act.

The liberal-democrats (FDP) abstained from the vote in the Lower House,
and also announced they would abstain in the Bundesrat vote. If they keep
their promise, the christian-democrats won't be able to block the law.

Together with Luxembourg, Germany is the only country in the EU, and one
of the very few in the larger Council of Europe without an access to
information law. The UK was also very late in creating formal access
rights. The Freedom of Information Act went into force on 1 January 2005.
Earlier this month, the law was analysed by the Department of
Constitutional Affairs. They found that access could be refused under no
less than 210 different statutory provisions. The Secretary of State has
the power to amend 183 of these. Other provisions either have already
changed, or cannot be changed because they were adopted after the Act was
adopted.

On 23 June 2005 the UK Government also published the first statistics on
requests and results. The Campaign for Freedom of Information responded
with an angry press release and said "a disturbing level of requests were
not being dealt with within the Act's time limits."

The figures show that 36% of requests took longer than the 20-working day
deadline, with the worst record for the Home Office. "In 60% of all
requests it failed either to respond to the request within 20 days, or
even tell the applicant that it needed more time within that period."

Gesetzentwurf (original proposal in German, 14.12.2005)
http://dip.bundestag.de/btd/15/044/1504493.pdf

Unauthorised English translation of the version adopted by the Lower House
http://www.informationsfreiheit.info/files/foia_germany_final_june05_track.pdf

EDRI-gram 2.14, German promise to adopt freedom of information law
(15.07.2004)
http://www.edri.org/edrigram/number2.14/akten

UK: 210 reasons to refuse a Freedom of Information request (22.06.2005)
http://195.188.8.75/php/page.php?page_id=reasonstorefus1119444004&area=news

DCA, Review of Statutory Prohibitions on Disclosure (June 2005)
http://www.dca.gov.uk/StatutoryBarsReport2005.pdf

Government statistics highlight "unacceptable" freedom of information
delays (23.06.2005)
http://www.cfoi.org.uk/foi230605pr.html

============================================================
7. OSCE conference on media freedom on the Internet
============================================================

The third OSCE Amsterdam Internet Conference was held on 17-18 June 2005.
The conference focused on the situation of information and communication
technologies (ICT) in the Southern Caucasus and Central Asian regions,
with experts from this region delivering presentations on the situation in
their countries. The debate showed that governmental over-regulation and
content censorship are common in Central Asian countries and pose a
serious danger to new media in the emerging Internet scene. "In countries
where almost all information is tightly controlled, the Internet is
already used, but it needs to be developed and more accessible to advocate
free speech, access to information and a stronger foundation for
democracy", Mark Skogen of Access and Training Program (IATP) in
Kazakhstan stressed in his presentation.

An example of positive use of the Internet was given by Angela Beesley of
Wikipedia which empowers users to build an information resource as well as
a global free knowledge community to participate and to access.

The Conference closed on 18 June 2005 with the OSCE Representative on
Freedom of the Media issuing a "Joint Declaration on Guaranteeing Media
Freedom Online" together with the Paris-based NGO Reporters sans
frontières.

The Declaration lists six main principles for protecting online media
freedom and stresses that in a democratic and open society citizens
themselves should decide what they wish to access and view on the
Internet. Any filtering or rating of online content by governments is
unacceptable and websites should not be required to register with
governmental authorities, the declaration states. The Declaration once
more stresses that Internet Service Providers (ISPs) must not be held
responsible for the mere conduit or hosting of content unless they refuse
to obey a court ruling and that all Internet content should be subject to
the legislation of the country of its origin ('upload rule') and not to
the legislation of the country where it is downloaded.

This Declaration has been one of the arguments used by the French
Association of ISPs (AFA) against the filtering decision issued by a
French court, ordering 10 French ISPs to block access to a website hosted
in the US because of its holocaust denial and anti-Semitic content (see
EDRI-gram 3.12). In its press release, the AFA announced that the
concerned ISPs will appeal this decision.

EDRI-member IRIS also formerly contested the decision by raising the
democratic question. According to the French NGO, the case should not be
regarded, under the national legislation, as an issue of freedom of
expression of the content provider, but as the question of freedom of
information of French citizens, being denied by the court decision. IRIS
considers that this decision is one of the malicious effects of the French
digital economy law, a legislation that goes far beyond the E-commerce
Directive which it is supposed to transpose. This effect results in
allowing victims of damages to dictate their conceptions of the moral and
social norms, by deciding what may be read and what should be censored.

AFA press releases (in French, 23.06.2005 and 14.06.2005)
http://www.afa-france.com/p_20050623.html
http://www.afa-france.com/p_20050614.html

OSCE and RSF declaration on guaranteeing media freedom online (18.06.2005)
https://www.osce.org/documents/rfm/2005/06/15239_en.pdf

OSCE 3rd Amsterdam Internet Conference (17-18.06.2005)
http://www.osce.org/item/9759.html

IRIS press release (in French, 15.06.2005)
http://www.iris.sgdg.org/info-debat/comm-aaargh0605.html

EDRI-gram 3.12, French court issues blocking order to 10 ISPs (15.06.2005)
http://www.edri.org/edrigram/number3.12/blocking

(Thanks to Meryem Marzouki, EDRI-member IRIS)

============================================================
8. Preview of the G8-meeting in Gleneagles
============================================================

>From 6 to 8 July 2005 the leaders of the 8 richest industrial countries,
the G8, will meet in Gleneagles, Scotland. This upcoming G8-summit has
been in the media spotlight for debating solutions to the world poverty,
but is equally important as a driving force of the surveillance society.
According to an article in the Guardian the leaders will discuss a plan to
exchange and bundle terrorism research, computer material and possibly DNA
and fingerprint samples, "testing the limits of data protection and
privacy laws". This proposal was prepared by a 3 day meeting of the
Justice and Home Affairs ministers in Sheffield, UK from 16 to 18 June
2005.

Researcher Tom Blickmann from the Dutch Trans National Institute recently
published a convincing analysis of the previous law enforcement activities
from the G8. "The G8 is more than just a series of summit meetings. Over
the years a full-fledged programme of political co-ordination has grown up
around this annual event. Although the G8 is no more than an informal
grouping, which can only create obligations for its members, nonetheless,
its intention is to raise issues, which can then be taken further by the
eight member states using other multilateral instruments." Blickmann sees
a predominant US national security interest effectively turned into EU
legislation. "No one doubts that international cooperation is needed to
address global security issues, but there is serious doubt on the
effectiveness of the current construction of a global enforcement regime,
as well as worries about the predominant role of the US in setting the
agenda." In stead, he argues for a human security concept, which takes
into account root causes and social solutions and puts more emphasis on
good governance, social and economic development and human rights.

Quite likely, the leaders will also discuss a harmonisation of the current
EU proposal for mandatory data retention with the United States, Canada,
Japan and Russia. The G8 already organised a workshop about data retention
in May 2001 and published a data retention wish-list in May 2002, well
aware of the fact that the Cybercrime Treaty already provided law
enforcement with abundant data preservation powers. While the US House of
Congress never considered data retention proposals, not even after 9/11,
the climate in the US apparently is changing. In a secret meeting between
Justice Department officials, Internet service providers and the National
Center for Missing and Exploited Children, a proposal was discussed to
oblige ISPs to store traffic data for 2 months. Journalist Declan
McCullagh has a report about the meeting. He quotes Dave McClure,
president of the U.S. Internet Industry Association, which represents
small to midsize companies: "We were told, "You're going to have to start
thinking about data retention if you don't want people to think you're
soft on child porn."

G8 to pool data on terrorism (18.06.2005)
http://www.guardian.co.uk/g8/story/0,13365,1509268,00.html

Tom Blickman: G8 and Security (17.06.2005)
http://www.tni.org/archives/tblick/g8.htm

G8 press declaration: Principles on the Availability of Data Essential to
Protecting Public Safety (May 2002)
http://canada.justice.gc.ca/en/news/g8/doc3.html

Report of G8 workshop on data retention (May 2001)
http://www.mofa.go.jp/policy/i_crime/high_tec/conf0105-4.html

Declan McCullagh: Your ISP as Net watchdog (16.06.2005)
http://news.com.com/Your+ISP+as+Net+watchdog/2100-1028_3-5748649.html

============================================================
9. Rome II: Applicable law and freedom of expression
============================================================

According to the European Federation of Journalists (EFJ), severe threats
to freedom of expression and freedom of the press may occur if the
European Parliament adopts Article 6 of the draft Rome II Treaty as 
modified by the EP Legal Affairs Committee on 21 June 2005. The rapporteur
was Diana Wallis, ALDE UK MEP. The EP Plenary vote in the first reading is
scheduled for 6 July 2005. After the final adoption in the co-decision
procedure, Rome II will determine the law applicable to non-contractual
obligations, thus regulating judicial co-operation in civil and commercial
matters.

But the Rome II draft also regulates the law applicable in case of
violations of privacy and rights relating to the personality (Article 6,
which applies e.g. in defamation cases). This article provides for
exceptions to the general rule set by Article 3 that  the applicable law
is the law of the country where the damage arises. Taking into account the
necessary protection of freedom of expression and freedom of the press,
the initial proposal by the European Commission provided for safeguards in
Article 6.1. "Any forum chosen by the claimant may discard the applicable
law following the general rule, if the application of that law would be
contrary to the fundamental principles of the law of the forum, as regards
freedom of expression and of information." Diana Wallis gives a practical
example of how this would work:

Suppose a German minister feels libeled by a UK newspaper circulated not
only in the UK, but also in France and Germany. Under Rome II the Minister
can either sue in the UK courts, in which case he can claim damages for
the whole of the damage wherever incurred or, for instance, in the German
courts but only for the damage incurred in that State (i.e. in respect of
the amount of newspapers sold in Germany). If the Minister sues in the UK
and the application of German law would be contrary to the fundamental
principles of UK law relating to freedom of the press/freedom of
expression, the British court would set aside the application of those
laws and apply national law. If the Minister sues in Germany, German law
would apply but only as respects the losses arising in Germany.

This particular provision was severely weakened by the EP Legal Affairs
Committee, thus threatening freedom of expression and freedom of the
press. The amended version of Article 6.1 re-establishes the general rule,
with the sole condition that "a manifestly closer connection with a
particular country may be deemed to exist having regard to factors such as
the country to which a publication or broadcast is principally directed or
the language of the publication or broadcast or sales or audience size in
a given country as a proportion of total sales or audience size or a
combination of these factors". Moreover, this provision shall now "apply
mutatis mutandis to Internet publications".

As argued by the EFJ, if adopted, this amended provision will create
judicial insecurity, promote judicial forum-shopping, and, in the end,
lead to self-censorship by the media. This chilling effect would be
extended to any publication, especially on the Internet.

In addition, as noted by the European Economic and Social Committee in its
opinion, it is surprising Rome II deals with personality rights. According
to this institution, this could be explained by the fact that such issues
are more and more being brought into the sphere of torts. This explanation
is on the contrary rather more preoccupating, in a context where freedom
of expression and freedom of information, as well as freedom of the press,
are more and more reduced, with for example stronger jurisprudence against
the principle of protection of sources.

Finally, the Rome II discussion marks a trend in the European Union to
deal with judicial co-operation instruments, rather than focusing on
approximation of substantive laws.  Even though the latter is indeed a
long and difficult process, the former, currently pursued in civil as well
as criminal matters, is likely to threaten fundamental rights and
freedoms.

European Journalists Call on Brussels to Drop New Legal Threat to Media
(27.06.2005)
http://www.ifj.org/default.asp?Index=3206

EP Legislative Observatory Rome II file
http://www2.europarl.eu.int/oeil/file.jsp?id=235142

(Contribution by Meryem Marzouki, EDRI-member IRIS)

============================================================
10. Update on Alvar Freude case
============================================================

Alvar Freude, the German internet activist, was acquitted on all accounts
in the appeal at the German penal State Court of Stuttgart on 15 June
2006. On his website, Freude documents many developments regarding
filtering and blocking in Germany, including hyper-links to websites with
radical right-wing content and a distasteful website. 4 of these sites had
to be blocked by all ISPs in the state of Nordrhein-Westfalen since 2002.
Two of the sites have meanwhile been dropped from the blocking order.

The public prosecutor demanded the financial equivalent of 140 days of
prison sentence for incitement of the masses, distributing propaganda from
anti-constitutional organisations and representation of violence.
According to the prosecutor, all hyper-links to radical right-wing
websites were forbidden. But according to Freude's lawyer and to the
appeal court, linking to right-wing hate speech can be permissible in the
context of reporting current events and contributing to the general civil
education.

The court made it clear freedom of speech is essential and underlined
explicitly that citizens/netizens that wish to form an opinion about the
blocking orders, can only get a full picture if they have the possibility
to study the specific contents of the blocked materials.

The court decided separately on the hyper-link to the distasteful website
rotten.com. That could not be considered illegal in any context at all,
since the penal code only bans explicit glorification of horrible or
inhuman violent acts against people and that was not the case, since
rotten.com does not provide any comments to pictures of for example car
crashes. On yet another account, the FreedomFone project that allows users
to have the contents of the banned websites read out loud to them, the
court said it was clearly a case of satire, and as such widely recognised
by the internet community.

Heise, Freispruch im Hyperlink-Prozess (in German, 15.06.2005)
http://www.heise.de/newsticker/meldung/60673

Alvar Freude: complete documentation on the trial (in German)
http://odem.org/linkverfahren/

============================================================
11. EDRI granted observer status in CoE HR group
============================================================

After informal participation to the last meeting of the Multidisciplinary
Ad-hoc Committee of Experts on the Information Society (CAHSI), EDRI was
granted observer status to the Council of Europe group of Specialists on
Human Rights in the Information Society (MM-S-IS).

On behalf of European Digital Rights, Meryem Marzouki from the French
digital rights organisation IRIS presented EDRI activities at the CDMC
(Steering Committee on Medias and Communications, under the CoE Human
Rights DG) plenary meeting on 23 June 2005.

The CAHSI was an ad hoc committee, which mandate ends in 2005. Its main
role was to prepare a political statement on the principles and guidelines
for ensuring respect for human rights and the rule of law in the
information society (see EDRI-gram 3.8). This statement was adopted by the
CoE Summit of heads of states on 13 May 2005. It will be the main CoE
contribution to the World Summit on Information Society (WSIS).

The MM-S-IS mandate is larger, both in scope and in duration, as set by
its terms of reference. In participating to MM-S-IS work, EDRI aims at
promoting its views for the respect for human rights in the context of the
information society, not least regarding freedom of expression and
privacy, and how these rights translate in this specific context. With two
of its members (IRIS, France, and Digital Rights, Denmark) co-chairing the
WSIS civil society Human Rights Caucus, and with its unique features of
global approach of the issue, expertise in the field, worldwide civil
society partnership, and already established relations with other
intergovernmental organisations, EDRI feels its added value to the CoE
development in the information society sector has been acknowledged.

Next steps for EDRI are participation to the CoE Pan-European Forum on
"Human Rights in the Information Society" and to the second meeting of
MM-S-IS, both to be held in the 'Palais de l'Europe' in Strasbourg,
mid-September 2005.

EDRI-gram 3.8: Council of Europe draft statement on human rights and
Internet (20.04.2005)
http://www.edri.org/edrigram/number3.8/CoE

Group of Specialists on Human Rights in the Information Society (MM-S-IS)
http://www.coe.int/T/E/Human_Rights/media/1_Intergovernmental_Co-operation/MM-S-IS/

CoE Pan-European Forum on Human Rights in the Information Society
(12-13.09.2005)
http://www.coe.int/T/E/human_rights/media/

(Contribution by Meryem Marzouki, EDRI-member IRIS)

============================================================
12. EDRI contribution to WIPO prep-meeting Development Agenda
============================================================

The Second Inter-sessional Intergovernmental Meeting on a Development
Agenda took place in the WIPO Headquarters in Geneva from 20 to 22 June
2005. EDRI was represented this time by Ville Oksanen. He got two chances
to address the meeting. EDRI stressed the importance of the creation of
the independent WIPO Evaluation and Research Office as described in item
Five based on the proposal by the Friends of the Development.

Oksanen said: "We strongly believe that all decision making should be
based on the best scientific knowledge available. Only a totally
independent unit, which uses the best practices of the science, can
produce results which can be trusted by all stakeholders."

The meeting itself was a dissappointment. Instead of substantial
discussion, the developed countries did their best to sidetrack the
meeting to procedual matters and succeeded rather well. The positive side
of the meeting was the strong participation from civil society, almost
equal to the amount of organisations from the right holders' side.

EFF informal blog notes about the meeting (22.06.2005)
http://www.eff.org/deeplinks/archives/003743.php#003743

Official WIPO information on the meeting
http://www.wipo.int/meetings/en/details.jsp?meeting_id=8486

(Contribution by Ville Oksanen, EDRI-member EFFI)

============================================================
13. Support EDRI!
============================================================

European Digital Rights needs your help in upholding digital rights in the
EU. Donations allow EDRI to hire part-time professional assistance in
Brussels and invest in targeted campaigns. With the plans for mandatory
data retention and the continuous erosion of digital civil rights, your
donation could make a huge difference.

If you wish to help us promote digital rights, please consider making a
private donation, or interest your organisation in sponsorship. We will
gladly send you an invoice for any amount above 250 euro to confirm the
donation.

KBC Bank Auderghem-Centre, Chaussée de Wavre 1662, 1160 Bruxelles, Belgium
EDRI Bank account nr.: 733-0215021-02
IBAN: BE32 7330 2150 2102
BIC: KREDBEBB

============================================================
14. Agenda
============================================================

28 June - 1 July 2005, Geneva, Switzerland
ITU WSIS Thematic Meeting on Cybersecurity
http://www.itu.int/osg/spu/cybersecurity/

30 June - 1 July 2005, Geneva, Switzerland
International Symposium on Intellectual Property (IP) Education and
Research, organised by WIPO
http://www.wipo.int/academy/en/meetings/iped_sym_05/

11-15 July 2005, Genova, Italy, OSS 2005
http://oss2005.case.unibz.it/index.html

20-22 July 2005, Geneva, Switzerland
Third and final Inter-sessional Intergovernmental Meeting on a Development
Agenda for WIPO. This crucial meeting will conclude discussions held by
Member States in April and June and is key to the report which the
Secretariat must produce for the WIPO General Assemblies in September
2005. EDRI will be represented at the meeting.
http://www.wipo.int/meetings/en/details.jsp?meeting_id=8487

28-31 July 2005, Den Bosch, The Netherlands
What The Hack, major open air hacker / internet lifestyle event.
http://www.whatthehack.org/

8 September 2005, Brussels, Belgium
EuroSOCAP Workshop on confidentiality and privacy in healthcare
3 year programme to develop new ethical standards for privacy and patient
access to (electronical) files, started on 31 January 2003.
http://www.eurosocap.org/eurosocap-workshop.aspx

12-13 September 2005, Strasbourg, France
CoE Pan-European Forum on Human Rights in the Information Society
http://www.coe.int/T/E/human_rights/media/

============================================================
15. About
============================================================

EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 17 members from 11 European countries. European Digital
Rights takes an active interest in developments in the EU accession
countries and wants to share knowledge and awareness through the
EDRI-grams. All contributions, suggestions for content or agenda-tips are
most welcome.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 2.0 License. See the full text at
http://creativecommons.org/licenses/by/2.0/

Newsletter editor: Sjoera Nas <edrigram  edri.org>

Information about EDRI and its members:
http://www.edri.org/

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request  edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.

unsubscribe by e-mail
To: edri-news-request  edri.org
Subject: unsubscribe

- EDRI-gram in Ukrainian and Italian

EDRI-gram is also available in Ukrainian and Italian, a few days
after the English edition. The contents are the same.

Translations are provided by Privacy Ukraine and autistici.org, Italy

The EDRI-gram in Ukrainian can be read on-line via
http://www.internetrights.org.ua/index.php?page=edri-gram

The EDRI-gram in Italian can be read on-line via
http://www.autistici.org/edrigram/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help

Please ask <edrigram  edri.org> if you have any problems with subscribing or
unsubscribing.

============================================================
Publication of this newsletter is made possible by a grant from
the Open Society Institute (OSI).
============================================================





_______________________________________________
Comunicado de Imprensa da ANSOL - Associação Nacional para o Software Livre
http://www.ansol.org/
Se não desejar os comunicados de imprensa da ANSOL, por favor contacte-nos para direccao  ansol.org



Mais informações acerca da lista Ansol-geral