From: [log in to unmask] [mailto:[log in to unmask]] On Behalf Of EDRI-gram newsletter
Sent: 26 September 2007 20:31
To: [log in to unmask]
Subject: EDRI-gram newsletter - Number 5.18, 26 September 2007

============================================================

            EDRI-gram

 biweekly newsletter about digital civil rights in Europe

     Number 5.18, 26 September 2007


============================================================
Contents
============================================================

1. EU court confirms the 497 million euro fine against Microsoft 2. DNA tests proposed in France for family visa applicants 3. German police does not understand Tor 4. Human Rights in the Information Society - rediscover the proportionality 5. Winner Dutch Big Brother Awards 2007: 'You'
6. "Liberty instead of Fear": more than 15,000 participants 7. Turkey blocks again YouTube 8. European Commission investigates Apple's European prices 9. Pole faces prison for "Google bombing" targetted to the Polish President 10. ENDitorial: "Frattinising" isn't the only threat 11. Recommended Reading 12. Agenda 13. About

============================================================
1. EU court confirms the 497 million euro fine against Microsoft ============================================================

Microsoft has lost the appeal made to the Court of First Instance against the European Commission's (EC) ruling of monopoly abuse that obliged Microsoft to grant competitors access to its server protocols and to unbundle its Media Player software from its Windows operating system .

The case has a long history; following a complaint in 2003 from Novell that accused Microsoft of making server protocol information unavailable, the European Commission gave a preliminary ruling ordering Microsoft to unbundled Windows Media Player from Windows and to give information to competitors to ensure compatibility with Windows servers. Considering Microsoft had not complied with that ruling, in March 2004, the European Commission fined Microsoft with the highest fine in the EU history - 497 million euro.

Microsoft paid the fine but made an appeal to the Court of First Instance which, on 17 September 2007 rejected this appeal with the exception of a small part related to the appointment be the EC of a monitoring trustee "with the power to have access, independently of the Commission, to Microsoft's assistance, information, documents, premises and employees and to the source code of the relevant Microsoft products". The costs related to the trustee were to be supported by Microsoft.

"The Court finds that the Commission did not err in assessing the gravity and duration of the infringement and did not err in setting the amount of the fine. Since the abuse of a dominant position is confirmed by the Court, the amount of the fine remains unchanged at EUR 497 million" said the official press release of the Court.

Following the decision, José Manuel Barroso, President of the European Commission stated: "This judgement confirms the objectivity and the credibility of the Commission's competition policy. This policy protects the European consumer interest and ensures fair competition between businesses in the Internal Market."

The decision was considered by Competition Commissioner Neelie Kroes as a great victory: "That decision set an important precedent in terms of the obligations of dominant companies to allow competition, in particular in high tech industries. The Court ruling shows that the Commission was right to take its decision. Microsoft must now comply fully with its legal obligations to desist from engaging in anti-competitive conduct. The Commission will do its utmost to ensure that Microsoft complies swiftly."

The court's decision was largely welcomed by several organisations.
"Microsoft can consider itself above the law no longer. Through tactics that successfully derailed antitrust processes in other parts of the world, including the United States, Microsoft has managed to postpone this day for almost a decade. But thanks to the perseverance and excellent work of the European Commission, these tactics have now failed in Europe" said Georg Greve's, president of the Free Software Foundation Europe. Open Forum Europe also stated: "OpenForum Europe welcomes this decision, and looks to the whole ICT industry to respond by taking positive steps to increase competitive choice."

The reaction of the U.S. Department of Justice was, not surprinsingly, a critical one to the decision of the Court of First Instance and Thomas O.
Barnett, the assistant attorney general for antitrust, declared on 17 September that the decision would have "the unfortunate consequence of harming consumers by chilling innovation and discouraging competition."

In response to this statement, Neelie Kroes considered the US officials'
judgement as totally unacceptable: "The European Commission does not pass judgement on rulings by U.S. courts and we expect the same degree of respect from U.S. authorities on rulings by EU courts," she said.

Microsoft's top lawyer said that the first priority of the company was to comply with EU competition law and that the company has not yet taken any decision related to the next legal steps. Microsoft has two months to appeal the decison to the European Court of Justice.

Press Release No 63/07 - Judgement of the Court of First Instance in Case
T-201/04 -Microsoft Corp. v Commission of the European Communities
(17.09.2007)
http://curia.europa.eu/en/actu/communiques/cp07/aff/cp070063en.pdf

Court dismisses Microsoft appeal in antitrust case (17.09.2007) http://www.euractiv.com/en/infosociety/court-dismisses-microsoft-appeal-antitrust-case/article-166778?Ref=RSS

Microsoft loses anti-trust appeal (17.09.2007) http://news.bbc.co.uk/1/hi/business/6998272.stm

AUS Faults US Comment on Microsoft Ruling (19.09.2007) http://ap.google.com/article/ALeqM5jLvPjjYNmnwkYA7J_LjIiEN2Oxkw

EDRI-gram: Microsoft gets record-breaking fine (24.03.2004) http://www.edri.org/edrigram/number2.6/microsoft

============================================================
2. DNA tests proposed in France for family visa applicants ============================================================

On 19 September 2007, the French National Assembly adopted a draft law on immigration that allows DNA tests on candidates applying for a more than 3 month visa on family regrouping grounds. The draft law was sent to be examined by the Senate starting with 2 October.

The draft law was passed with a new amendment proposed by its rapporteur, deputy Thierry Mariani that is meant to: "allow a long-term visa applicant to request the comparison, at his (her) expense, of his (her) genetic prints or those of his (her) spouse with those of his (her) minor children for a family regrouping request, in case diplomatic or consular agents have expressed a serious doubt regarding the authenticity of the legal status document presented".

The text adopted by the French National Assembly authorised this procedure until 31 December 2010 and only with an experimental character.Also it explicitly stated that the genetic exam would be reimbursed if the visa was granted.

Various associations consider this amendment is a violation of the civil code which forbids the use of genetic prints in establishing filiations unless requested by a magistrate. They also think the proposed law reduces the idea of filiations to strictly blood relations.

Martin Hirsch, High Commissary for Active Solidarities against Poverty, stated on RTL that he was not favourable to authorising DNA tests to prove filiation and that he "count(s) on the Senate not to go along that path".

The proposed draft law appears to go against the provisions of the law on bioethics of August 2004 which explicitly stipulates that the identification by genetic prints can be done only for medical or scientific research purposes. The exemption that allows such genetic tests "for medical purposes in the interest of the person" which is provided by the health code is not stipulated in the civil code.

Brice Hortefeux, Minister of Immigration, offered as an argument for DNA tests in the interest of family regrouping, the fact that several countries practice them. However, none of those countries have a rigorous legislation on bio-genetics as France does and in many of them this practice is exceptional.

EDRI-member IRIS is one of the groups that have fought against the use of biometrics in travel documents. IRIS points out the threats and risks the immigration draft law may bring forth such as abuses and manipulation leading to the denial of the visa, drawing attention at the same time on the weakening of data protection.
.
Following the adoption of Mariani amendment, more than 17 000 people signed a petition launched by Sauvons la Recherche group against it and the opposition prepares to challenge to the Constitutional Court the law, if adopted by the Senate.

The legal commission of the Senate decided today, 26 September 2007, with 24 votes for and 13 against, to delete the article regarding the DNA tests from the draft law. The text proposed by the legal commission will be discussed by the Senate starting with 2 October 2007.

Draft law on Immigration - version adopted by the National Assembly (only in French, 19.09.2007) http://www.assemblee-nationale.fr/13/ta/ta0026.asp

French National Assembly - Immigration law file (only in French) http://www.assemblee-nationale.fr/13/dossiers/immigration_integration_asile.asp

No to the genetic control of the immigration (only in French, 17.09.2007)
http://tmp.sauvonslarecherche.fr/spip.php?article1625

Reticent on DNA tests, the Senate hesitates to censor them (only in French,
21.09.2007)
http://www.lemonde.fr/web/article/0,1-0@2-3224,36-957895@51-928941,0.html

Researchers rise against DNA tests (only in French, 21.09.2007) http://www.liberation.fr/actualite/societe/279914.FR.php

The Senate deletes the ADN tests (only in French, 26.09.2007) http://www.liberation.fr/actualite/politiques/280898.FR.php

Visa applicants: after digital prints, DNA tests - IRIS Press Release (only in French, 17.09.2007) http://www.iris.sgdg.org/info-debat/comm-adnvisa0907.html

============================================================
3. German police does not understand Tor ============================================================

Alexander Janssen, a German operator of a Tor exit server, has recently revealed in his blog that, at the end of July 2007, the German police arrested him, checked out his entire house and seized his equipment during an investigation of bomb threats considered to have passed through an Internet protocol address that was under his control.

Janssen, who operated a Tor server carrying more than 40GB of random strangers' Internet traffic data per day, was interrogated for hours for an alleged threat to place a bomb in the German Federal Employment Services Agency offices and kill an employee. The police wrongly assumed the Tor server operator was responsible for placing the threat as the IP address related to the posting had been anonymized with the help of the network, thus pointing to the Tor exit node. Janssen was released by a federal German official who admitted the police had made a mistake. Ironically or as it was seen by Janssen, incompetently, the police did not confiscate or even shut down the server in cause, located 500km away in a data centre.

Although earlier Janssen was determined to continue operating the Tor server at any cost, the events related to his arrest made him give it up. "I'm at the end of my civil courage. I'll keep engaged in the Tor-project but I won't run a server any more. Sorry. No" he stated on his blog. His case shows the risks that are caused by law enforcement officials not knowing too much about the Internet.

Tor, endorsed by the Electronic Frontier Foundation and other civil liberties groups, is a an anonymity network, a tool designed to increase the privacy of Internet users allowing them to communicate and search anonymously on the Internet.

Germany is not at the first action of the kind. In 2006, German authorities seized 10 Tor servers in a child pornography investigation and in 2003, a German court ordered the developers of Jap, an anonymity system, to build in a back door that the authorities could access for national security investigations. In May 2007, Germany passed a severe anti-hacker law that "renders the creation and distribution of software illegal that could be used by someone to break into a computer system or could be used to prepare a break in. This includes port scanners like nmap, security scanners like nessus (as well as) proof of concept exploits."

Tor madness reloaded (16.09.2007)
http://itnomad.wordpress.com/2007/09/16/tor-madness-reloaded/

Tor anonymity server admin arrested (16.09.2007) http://www.cnet.com/surveillance-state/8301-13739_1-9779225-46.html?

German police raid home of man who operated Tor server (16.09.2007) http://www.theregister.co.uk/2007/09/16/bomb_threat_leads_police_to_raid_tor_operator/

Tor server operator shuts down anonymizing server after police raid
(17.09.2007)
http://www.heise.de/english/newsticker/news/96107/

EDRI-gram: TOR servers seized in Germany (13.09.2006) http://www.edri.org/edrigram/number4.17/tor

============================================================
4. Human Rights in the Information Society - rediscover the proportionality ============================================================

On 13-14 September 2007 the French Commission for UNESCO, UNESCO and the Council of Europe organised the conference "Ethics and Human Rights in the Information Society" in Strasbourg, to which EDRi was invited to contribute.

This conference was the third in a cycle of regional conferences on the ethical dimensions of the information society, which aims to contribute to the WSIS process and the Internet Governance Forum (IGF). The first two regional conferences took place in Latin-America and Africa. While the Latin-American conference contributed to the exchange of views in the region, the African conference was suffering from a lack of participation of local stakeholders. There, mainly African expatriots from the USA and Europe and representatives of South Africa were present.

At the conference in Strasbourg some estimated fifty participants were present. With equality of access, freedom of expression, identity and social networks and security and governance, the presentations and discussions covered the topics of the four round table sessions on a rather global level, while the draft code of ethics presented by the organisers was hardly discussed.

Different views on codes of ethics in general were expressed in the presentations and discussions. Questions like if soft law (like codes of
ethics) is the right mean to address the global challenges of the Information Society, if the different ethical standards around the world can reasonably be merged into a single code of ethics, if it had been better to choose a multi stakeholder bottom up or a closed doors top down approach were addressed in various contributions but not finally agreed on.

There was mutual consent that human rights are the core ethical basis on which any regulation of the Information Society has to be built.
Unfortunately it remains questionable if all participants share the same perception of what defining human rights as the core ethical basis means in practice. While for example some consider the CoE Cybercrime Convention to be a basis for a global regulation of the Information Society (this convention lacks - amongst others - privacy and civil rights protections and covers any crime where the evidence could be in computerised form), others like EDRi (and myself) argue that this convention should be rejected and is now more dangerous than ever.

In my presentation at the security and governance round table I consequently addressed the question if all the anti terror measures adopted in the last years in Europe were proportionate to the threat stemming from terrorism in this region. To this end I presented the findings on terrorism submitted by Europol.

According to Europol "EU Terrorism Situation and Trend Report TE-SAT 2007" terrorism in the EU is basically a local problem in France (separatists in Corsica) and Spain (separatists in the Basque region). The vast majority of terrorist attacks in the EU in 2006 was carried out in these regions (419 of 498 attacks). The rest were left or right wing motivated attacks. There were no successful Islamist terrorist attacks in
2006 and the vast majority of all attacks was not intending to kill. The number of arrested individuals differs. Of the 706 suspects 257 were suspected of islamism, 226 of separatism, 52 of left wing and 15 of right wing terror. Of the approx. 260 suspects of islamist terror less than 10 % (meaning less than 26) were suspected of the preparation, planning or execution of terrorist attacks.

Given this figures it is certainly questionable if measures like:
- mandatory data retention, that infringes the human rights of all 450 million Europeans,
- the transfer of passenger name records and SWIFT financial data to the US,
- the introduction of biometric identifiers in European passports,
- the mutual access of member states to police databases (Prüm Treaty) and
- the central EU fingerprint database, that is planned for 2008, are proportionate to the threat stemming from terrorism in Europe.

Given the series of measures for fighting terrorism and crime limiting the freedom of individuals and infringing human rights, it is necessary to reconsider their impact on human rights, which are the foundation of our society, and to rediscover the protection of human rights as a core obligation of all European states.

To this end, a multi stakeholder approach should be taken, involving all relevant groups, governments, the private sector and civil society alike.
The first steps have already been taken during the World Summit on the Information Society and the IGF. The concrete outcome will depend on how seriously this process is treated and if the results elaborated will find their way into binding policy.

Ethics and human rights in information society (13-14.09.2007) http://portal.unesco.org/ci/en/ev.php-URL_ID=24772&URL_DO=DO_TOPIC&URL_SECTION=201.html

UNESCO Draft Code of Ethics
http://portal.unesco.org/ci/en/files/24935/11841676611Code_of_Ethics.pdf/Code%2Bof%2BEthics.pdf

EDRi's Contribution - The Interrelation of Human Rights and Security http://www.unwatched.org/files/vortraege/Krisch_The_Interrelation_of_Human_Rights_and_Security_20070914.pdf
German version
http://www.unwatched.org/node/633

Cybercrime Convention
http://conventions.coe.int/Treaty/Commun/QueVoulezVous.asp?NT=185&CM=8&DF=24/03/04&CL=ENG

Eight Reasons the International Cybercrime Treaty Should be Rejected http://www.treatywatch.org/about.html

EDRI-gram: ENDitorial: The 2001 CoE Cybercrime Convention more dangerous than ever (20.06.2007) http://www.edri.org/edrigram/number5.12/cybercrime-convention-dangerous

Europol, EU Terrorism Situation and Trend Report TE-SAT 2007 (03.2007) http://www.europol.europa.eu/publications/EU_Terrorism_Situation_and_Trend_Report_TE-SAT/TESAT2007.pdf

(Contribution by Andreas Krisch - EDRi)

============================================================
5. Winner Dutch Big Brother Awards 2007: 'You'
============================================================

The Dutch Big Brother Award 2007 in the Individual category has been awarded to the Dutch citizen. He is the biggest threat to privacy according to the jury. Due to indifference - "I have nothing to hide" - and lack of interest in what happens to their personal data, citizens share responsibility for the disappearance of privacy in The Netherlands. While Time magazine praised 'You' as person of the year, the jury gives 'You' an award for your acceptance of far reaching intrusions upon your privacy.

In the Corporate category the Dutch railroad service (NS) were the winner. It has a dominant role in the implementation of a privacy intruding smart card for public transportation. The system will collect, keep and use personally identifiable data on all travel. The NS, the national rail monopoly, penalise those who wish to travel anonymously.
The NS were present to receive the award. Five minutes later they received a warning from guest speaker Jacob Kohnstamm, chair of Dutch Data Protection Authority. He confirmed that their current privacy policy is not in line with the data protection legislation. He promised severe penalties if they introduce the system without changes to their policy on the use of personal data.

De Nederlandsche Bank (DNB), the Dutch central bank, received the award for government institutions. DNB looked the other way when it was informed about the transfer of financial records to American authorities through SWIFT. Following the discovery of the central bank's knowledge, DNB defended itself by stating that the privacy of Dutch citizens is not one of its responsibilities.

The Electronic Child Dossier won in the Proposal category. The blind trust of authorities that problems will be solved by registration of personal data is shocking. To implement the Dossier, Youth and Families Minister Rouvoet plans on establishing a centralised database of all Dutch children. A file will be updated for every child until they reach the age of nineteen. and the file will be kept for another 15 years after that. The dataset is very broadly defined and will contain a wide variety of medical and psychosocial data, including all sorts of subjective opinions about children and their parents.

The Big Brother Awards put individuals, companies, government institutions and proposals that violate privacy in the spotlight. The jury announced the winners at the fifth Dutch Big Brother Awards ceremony on 21 September 2007 in De Balie in Amsterdam. The jury consisted of lawyer Christiaan Alberdingk Thijm, legal researcher and advisor Bart Schermer, Professor of Computer Security Bart Jacobs, Professor of Regulation & Technology Bert-Jaap Koops, Professor of Law & Information Science Corien Prins and author Karin Spaink (Chair). The Dutch Big Brother Awards are organised by Bits of Freedom.

Dutch Big Brother Awards 2007 (26.09.2007) http://www.bigbrotherawards.nl/index_uk.html

Centre for Culture and Politics De Balie http://www.debalie.nl

De Nederlandse Spoorwegen
http://www.ns.nl/pages/index.html

De Nederlandsche Bank
http://www.dnb.nl/dnb/home?lang=en

Ministry of Youth and Families
http://www.jeugdengezin.nl/english/

(Contribution by Joris van Hoboken - EDRI-member Bits of Freedom -
Netherlands)

============================================================
6. "Liberty instead of Fear": more than 15,000 participants ============================================================

On Saturday, 22 September 2007, more than 15,000 took to the streets of Berlin under the slogan "Liberty instead of Fear - stop the Surveillance Mania!".  Several Civil Liberty organisations, affiliated in the "Working Group Data Retention" (Arbeitskreis Vorratsdatenspeicherung), organised the march.

55 groups called for  participation, among them the "Young Liberals" (Junge Liberale, Youth organisation of the FDP), Buendnis 90 / Die Gruenen, ver.di, journalist associations, ATTAC, the Protestant telephone Counselling (evangelische Telefonseelsorge), medical associations, FoeBuD e.V., and the Chaos Computer Club. Police initially estimated 8,000 participants, later correcting their count to confirm the working group's numbers.

"This is the largest protest for civil liberties and privacy protection since the census in 1987", Thilo Weichert, data protection commissioner of Schleswig-Holstein said to news portal tagesschau.de.

Rena Tangens of FoeBuD e.V.: "The overwhelming success of this protest shows that by now a large proportion of the population are worried about our constitutional state. Citizens do not want our democracy to be turned into a surveillance state. The Bundestag must reject the proposed date retention bill."

The large turnout of 15,000 shows that people consider the continuing tightening of security and surveillance laws to be decidedly too far-reaching. Citizens are concerned, not because of the supposed danger of international terrorism, but because of the impertinence and lack of restraint security politicians show in declaring civil rights and liberties defunct. The large cross-section of society participating in the demonstration makes it evident that these are not the views only a few civil rights experts, but that the issue now unites broad parts of the population. Politics cannot ignore this signal.

The organisers decisively criticised actions by the police, as well as some radical left-wing demonstrators: "A bloc of radical left-wing demonstrators did not abide by police obligations. The police in turn used disproportionate means in reaction to violations such as disguising and use of oversize banners, and did not appear to pursue de-escalation in all situations. The massive use of video cameras by the police, especially at this particular protest march, was a provocation. Overall, however, these were marginal incidents which did not impair the progress of the demonstration."

Rena Tangens remarked, "On balance it was a very positive, creative and colourful demonstration, in which hackers demonstrated peacefully beside doctors, and the 'Young Liberals' beside the 'Left Party'
(Linkspartei)." The Giant Data-Octopus ("Datenkrake") of FoeBuD e.V., the "glass patient" on the car of the "Freie Aerzteschaft" (an occupational union of physicians), as well as several trojan horses were among the March's highlights.

Patrick Breyer of the Working Group Data Retention announces further
activities: "We will resist data retention by all legal means."
According to the working group about 20,000 citizens have already declared their support for the prepared constitutional recourse
(Verfassungsbeschwerde) against data retention.

Among other things the demonstration takes a stand against the retention of data about telecommunication behaviour of the entire population, that is on this Autumn's political agenda in Germany, as well as against the covert online-searching of computers. Key demands include a halt to new surveillance laws and a review of existing surveillance laws.

Home page of the demonstration - Working Group Data Retention http://www.vorratsdatenspeicherung.de/

Radio1984 feature live from the demonstration (22.09.2007) http://wiki.vorratsdatenspeicherung.de/images/Demo_berlin_2007_english.m3u
German version
http://wiki.vorratsdatenspeicherung.de/images/Demo_berlin_2007_deutsch.m3u

Biggest demonstration for more data protection and privacy since 20 years!
(in German only, 22.09.2007)
http://netzpolitik.org/2007/groesste-demonstration-fuer-mehr-datenschutz-seit-20-jahren/

Thousands of citizens demonstrate for "Freedom instead of Fear" (in German only, 22.09.2007)
http://www.heise.de/newsticker/meldung/96385

Berlin Data Tussles (in German only, 24.09.2007) http://ftd.de/politik/deutschland/:Berliner%20Datenkämpfe/256868.html

Biggest data protection demonstration within 20 years (in German only,
23.09.2007)
http://www.focus.de/politik/deutschland/berlin_aid_133680.html

Other articles about the demonstration (in German only) http://wiki.vorratsdatenspeicherung.de/Pressespiegel

(Contribution by Jan E. Hennig and Bernd Sieker, EDRI-member FoeBuD -
Germany)

============================================================
7. Turkey blocks again YouTube
============================================================

A Turkish court from the eastern city of Sivas decided on 18 September 2007 to order the ISPs to block the access to YouTube, considering that one of the video hosted there insulted Turkey's founding father, Mustafa Kemal Ataturk, President Abdullah Gul, Prime Minister Recep Tayyip Erdogan and the Turkish army.

Anatolia news agency reported that the order "has been forwarded to the state regulatory body, the Telecommunications Board, to be put into effect." YouTube declared it was ready to cooperate with Turkish authorities to resolve the dispute.

The trial has been initiated by a citizen from Sivas, who complained to the Turkish prosecutors on that video content.

The decision triggered prompt reaction from Reporters Without Borders:
"Blocking an entire website because of a few videos is a disproportionate measure," the press freedom organisation said. "We urge the authorities to reverse this decision."

Turkey is not at the first case of this kind, in March 2007 a court obtaining the blocking of the entire YouTube website for two days until some videos allegedly insulting Ataturk were removed from the website.

Another trial related to a video uploaded on YouTube was brought against a Turkish punk band, that produced a song considered to have insulted the Turkish authorities by complaining about a university entrance exam.

The song of the band "Deli" or "Crazy" was several years old, but came into the prosecutors attention after a teenager posted it on the video sharing site last year. The song says that "Life should not be a prison because of an exam" or "I have gotten lost/ You have ruined my future ..."

However, a court decided on the 25 September this year to drop the charges considering that the crime of insulting had not been proved.

Court orders YouTube blocked (20.09.2007)
http://www.turkishdailynews.com.tr/article.php?enewsid=83842

YouTube access again blocked by court order because of "insulting" videos
(20.09.2007)
http://www.rsf.org/article.php3?id_article=23714

Turkey orders YouTube blocked over clips (20.09.2007) http://www.businessweek.com/ap/tech/D8RP94F80.htm

Court clears punk band of charges of insulting authorities (26.09.2007)
http://www.turkishdailynews.com.tr/article.php?enewsid=84424

EDRI-gram: YouTube blocked for 2 days in Turkey (14.03.2007) http://www.edri.org/edrigram/number5.5/youtube-turkey

============================================================
8. European Commission investigates Apple's European prices ============================================================

The representatives of the European Commission (EC) had a closed meeting last week with Apple and other four major record companies, regarding the different pricing schemes used in different countries in Europe.

The meeting should have lasted for two days, but two record companies EMI Group and Warner Music Group decided they didn't need to show up in the oral hearings, considering the EC had been "persuaded that they are not responsible for how Apple prices songs". Therefore the meeting lasted just one day with Apple's iTunes global president Eddy Cue and general counsel Donald Rosenberg that joined Universal Music and Sony BMG.

According to a Reuters source, an Apple representative said during the meeting that "there was nothing in its contract with Universal obliging it to operate national stores or to set a higher price in countries such as Britain. Apple, according to the observer, said it had made unilateral decisions, in part because doing business in Europe turned out to be more complex than in the United States."

But Steve Jobs, that was present at the iPhone's German launch in Berlin had a conciliatory tone on this topic: "We think prices should be the same. We think anybody in Europe should buy off any store."

As previously reported by EDRI-gram, EC main concern is that "consumers can only buy music from the iTunes' on-line store in their country of residence.
Consumers are thus restricted in their choice of where to buy music, and consequently what music is available, and at what price. The Commission alleges in the Statement of Objections that these agreements violate the EC Treaty's rules prohibiting restrictive business practices (Article 81)."

The case is not related with the Apple's dominant position in the EU online music market, its DRM-related practices or its lock down problems investigated by pro-consumers associations from all over Europe.

The case will now be referred to the competition commissioner Neelie Kroes that will decide if a penalty should be applied with the maximum being a fine of 10% of the companies' global turnover.

Apple and record companies to face Brussels over EU music distribution
(18.09.2007)
http://euobserver.com/9/24787

Apple defends iTunes in Berlin, Brussels (19.09.2007)
http://investing.reuters.co.uk/news/articleinvesting.aspx?type=media&storyID=nL19356655

Apple Blames Labels, Then Taxes For European iTunes Woes; Antitrust Attention May Intensify (20.09.2007) http://www.forbes.com/technology/2007/09/20/apple-itunes-europe-tech-cx_pco_0920paidcontent.html

EDRI-gram: Free-DRM music by iTunes, but EC starts official investigation
(12.04.2007)
http://www.edri.org/edrigram/number5.7/ituned-free-drm

============================================================
9. Pole faces prison for "Google bombing" targetted to the Polish President ============================================================

A Polish computer programmer, Marek W, might go to prison for 3 years for having created a program that linked Polish President Lech Kaczynski's website to the word "kutas" meaning penis in Polish vulgar language.

Marek, charged for insulting the President, admitted he had created a so-called "Google bomb" in order to check out his abilities. He has written a software programme for what is known as "website positioning." Typing a certain word into a search engine automatically brings forth a certain website; in this case typing "kutas" in Google triggered the President's website.

Andrzej Holdys, a regional prosecutor stated: "If somebody uses a derogatory word to libel the head of state than it's a clear insult which violates the law" considering that the case had nothing to do with the freedom of speech.

Yet, the charges were criticised by Jacek Bialas of Amnesty International in Poland who thought that the President should have filed a case against Marek as a private person if he had felt insulted.

Google stated at the beginning of 2007 that they had succeeded in defusing the impact of Google bombs by applying a scalable algorithm.

Linking president to penis may put Pole in prison (14.09.2007)
http://uk.reuters.com/article/internetNews/idUKL1470285520070914

Polish Man Allegedly Arrested for Googlebombing (11.09.2007) http://blogoscoped.com/archive/2007-09-11-n78.html

============================================================
10. ENDitorial: "Frattinising" isn't the only threat ============================================================

So there's a new verb in Europe: to frattinise. It first appeared in German, soon after in French and in Italian, it may creep around in other languages.
Or it may be replaced by another one, next time someone else jumps on the same hideous bandwagon.

On 10 September 2007 (quite deliberately, one day before the anniversary of "September Eleven") European Commissioner Franco Frattini declared to
Reuters: "I do intend to carry out a clear exploring exercise with the private sector... on how it may be possible to use technology to prevent people from using or searching dangerous words like bomb, kill, genocide or terrorism."

As far as I can tell, there wasn't much reporting of this statement in mainstream media. But there was immediate reaction online, starting with ALCEI's press release  "Repression and censorship. The ghost is still around in Italy and in Europe. A distressing statement by European commissioner Frattini leads to a devastating form of censorship: the prohibition of words or concepts. The way is open for punishing who dares to "think" too much."

The "threat" per se is so stupid that it could be brushed off as sheer nonsense. Mr. Frattini didn't even notice that, by following his suggestion, his own statement would be censored and removed from any accessible source.
But, unfortunately, this isn't a joke.

Would it work? Of course not. Thousands or millions of perfectly legitimate pages could be removed from networks, or made "unsearchable", just because they contain one of the "forbidden words" (or any other content assumed to be "dangerous".) While criminals could easily bypass the problem by not using "revealing" terminology... it is quite easy to write instructions on how to make disruptive weapons and call them "how to repair a vacuum cleaner." Or, even more easily, to "disguise" words so that no automatic system can detect them. Once again, all sorts of "authorities" don't understand how the internet works. Or deliberately choose to ignore realities, in order to gain control.

But... is crime prevention the real objective?

Since the very beginning of networking, there have always been attempts to censor, regulate, prohibit, filter, profile, centralise, spy etc.
"Frattinizing" is just one of many ways of interfering with free opinion and communication, with all sorts of excuses and disguises.

Terrorism and violent crime have always been one of those false pretences.
Of course "how to make a bomb" can be found by anyone in simple chemistry manuals. But it's easy to play on "scare" and thus obtain political and "public opinion" support for actions that are useless for that purpose, while they "justify" all sorts of abuses. And, of course, that has been getting worse after the "September eleven" tragedy.

Other "classic excuses" are "pornography" (or an even more vague definition of what is considered "decent"), child abuse (or, more broadly, "protection of minors"), "copyright" etc.- as well as deliberate "misunderstanding", by law enforcement bodies, of civil rights-related computer forensics and other investigative tool issues, such as an online DNA database built for the sake of "crime prevention" (see the Prum Convention text).

Time goes by, it has been proved countless times that repression of freedom does not solve these problems, while it causes countless abuses, but the same mistakes (or deliberate distortions) are happening over and over again.

A bit of "history."

ALCEI was founded in August, 1994. Some people, at that time, thought that it was a reaction to the infamous "Italian crackdown." It wasn't. From its very beginning, it intended to be a permanent watchdog for continuing presence, not just short-lived reactions to specific episodes.

The 1994 crackdown was, to some extent, misunderstood internationally. It was described as "the largest police seizure of bulletin board systems in world history." But it wasn't aimed at hackers or (assumed) terrorists. It was originated by a search for unregistered software, expanded to a grotesque extension by a few overzealous and technically ignorant magistrates. In following years there were no single events of such overwhelming size, but countless cases of similar abuses, based on an Italian law that treats as "criminal" the use of not fully registered software (or the unauthorised reproduction of music etc).

"Protection of minors" was used as an excuse for several extended "crusades", de facto scarcely aimed at arresting those who produce infamous content, and even less at identifying people guilty of actual violent crimes - while aggressively investigating thousands of individuals (and their families) who were often totally innocent, or were "guilty" of such "crimes" as looking at a few sexy pictures of girls who were (or appeared to
be) under 18 years old.

Of course innocent people, eventually, are acquitted in court. But, before that, they are submitted to persecution, defamation, disgrace etc., that are not remedied by the fact that they are not found guilty. In several cases, defendants just negotiated a "guilty" verdict - abdicating their right to defend themselves in court - in exchange for a lighter sentence, not having the strength (in terms of money and psychological endurance) to face a long and uncertain criminal trial.

In many instances the Italian interpretation of European Union directives, as well as locally produced legislation, was warped by politicians' desire to assuage (existing or assumed) "public concern" (thus not risking their privileged positions) as well as satisfying specific lobbying interests.
One of many examples is the infamous "Peppermint case".

What is "behind" all this? In 1996 I wrote a short article called Cassandra.
It was soon "adopted" by ALCEI, and also published by the Electronic Frontier Foundation in the US as a statement with international value.
Eleven years later, things haven't basically changed.

Other reports in English on the general situation in Italy are two presentations at the 2000 Computers, Freedom and Privacy convention and an article in Cyberspace and Law.

There are a few critical words in Commissioner Frattini's threat that deserve some specific analysis "an exploring exercise with the private sector". This isn't a new trick, and it's very dangerous. Some obnoxious forms of repression can be obtained in parliament, by getting legislation though when watchdogs aren't watching, or are deliberately ignored - and by using "popular" excuses such as terrorism, crime, "protection of minors", copyright etc. But there is a faster and (unfortunately) easier way.

It's unlikely (or so we can hope) that search engines will be persuaded to censor keywords. But service providers can be conditioned in many ways (they may even "voluntarily" comply just to "stay out of trouble" - and that has already been happening.) Not only individual pages, but entire websites can be wiped out with all sorts of excuses - and that, too, has already been done. We may not care abut some specific cases. We can live without one more offering of illegal gambling, kinky sex, or maybe "miracle medicine" or other fake stuff. We would be actually pleased if some spam, especially scam, could be removed (but very little, if anything, has been done effectively in that direction.) The problem is that, once the principle is accepted that "something" can be removed, blacklisted, censored or "filtered", by immediate execution of an authority's decree or by so-called "voluntary compliance", that concept can be used to interfere with any information or opinion that displeases some controlling power.

Even in countries, such as Italy and all of the European Union, where freedom of opinion is an unquestionable constitutional right, manipulation of fear, or distaste for obnoxious content, can lead to censorship and other abuse in many disguised forms - with "public opinion" being tricked into believing that such abuses are "acceptable."

The "Frattini threat" is just one of many such dangers. They have been there for many years and they will not come to an end. That is why we need watchdogs such as EDRi, and our associations in each country, to keep watching and, when necessary, biting. We can't stop them altogether, because whatever we do they will come up with some other trick. But we can prevent them from completely prevailing.

Web search for bomb recipes should be blocked: EU (10.09.2007) http://www.reuters.com/article/internetNews/idUSL1055133420070910

ALCEI Press Release - Sept. 11 2007 (11.09.2007)
http://www.alcei.org/?p=28

Prum Convention text (7.07.2005)
http://www.ictlex.net/wp-content/Prum-ConventionEn.pdf

An update on the Peppermint affaire (15.05.2007)
http://blog.andreamonti.eu/?p=26

Cassandra (06.1996)
http://gandalf.it/free/casseng.htm

The network society as seen from Italy (6.04.2000) http://gandalf.it/free/cfp2000.htm
http://gandalf.it/free/monticfp.htm

Internet freedom, privacy and culture in Italy (and the activity of NGOs)
(02.2000)
http://gandalf.it/free/ifp.htm

EFFI: Search engine censorship is an absurd proposal (13.09.2007) http://www.effi.org/en/julkaisut/tiedotteet/pressrelease-2007-09-12.html

An explosive idea - download frattinizzare.js In Italian http://www.sclerosi.org/frattinizzare.php
In German
http://www.spreeblick.com/2007/09/15/bombenidee/
In French
http://www.spreeblick.com/2007/09/15/une-idee-de-bombe-frattinizerjs-a-telecharger/

(Contribution by Giancarlo Livraghi - EDRI-member ALCEI -Italy)

============================================================
11. Recommended Reading
============================================================

Data Protection Framework Decision: EDPS concerned about dilution of Data Protection standards http://edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/EDPS/PressNews/Press/2007/EDPS-2007-10-EN_DPFD.pdf

Nuffield Council on Bioethics : The forensic use of bioinformation: ethical issues. This Report considers whether current police powers in the UK to take and retain bioinformation are justified by the need to fight crime.
Executive Summary
http://www.nuffieldbioethics.org/fileLibrary/pdf/The_forensic_use_of_bioinformation_-_Executive_Summary.pdf
Full Report
http://www.nuffieldbioethics.org/fileLibrary/pdf/The_forensic_use_of_bioinformation_-_ethical_issues.pdf

============================================================
12. Agenda
============================================================

25-28 September 2007, Montreal, Canada
29th International Conference of Data Protection and Privacy Commissioners http://www.privacyconference2007.gc.ca/Terra_Incognita_home_E.html

27 September 2007, Rome, Italy
Dialogue Forum on Internet Rights organised by the Italian Government, in the framework of the Internet Governance Forum process, and in cooperation with the UN and the IGF Secretariat http://www.dfiritaly2007.it/

28-20 September 2007, Pisa, Italy
HACKIT_07
http://www.hackmeeting.org/

29 September 2007, Bern, Switzerland
Wikipedia Day 2007 - Switzerland
http://www.wikipediatag.ch

3 October 2007,  Ottawa, Canada
Participative Web Forum
http://www.oecd.org/futureinternet/participativeweb

12 October 2007, Bielefeld, Germany
FoeBuD organises the 8th German Big Brother Awards and celebrates a great gala. The winners will be chosen from more than 500 proposals.
http://www.bigbrotherawards.de/

12 October 2007, Bielefeld, Germany
DVD (Deutsche Vereinigung für Datenschutz e.V.) held their congress "Datenschutztag 2007" to celebrate 30 years of German Data Protection Act and also the 30 year jubilee of DVD e.V.
Registration at: [log in to unmask] http://www.datenschutzverein.de

13-14 October 2007, Bielefeld, Germany
FIfF (Forum InformatikerInnen für Frieden und gesellschaftliche Verantwortung e.V.) holds their 23rd annual congress also in Bielefeld.
This year's motto is "Datensammelwut" (data acquisitiveness) Registration at: [log in to unmask] http://fiff.hbxt.de/23-jahrestagung-des-fiff

27-28 October 2007, Sofia, Bulgaria
Openfest - 5th annual conference for FOSS and free knowledge share http://openfest.org/

11 November 2007, Rio de Janeiro, Brazil
GigaNet'07 - Global Internet Governance Academic Network 2nd Annual Symposium http://www.igloo.org/giganet

12-15 November 2007, Rio de Janeiro, Brazil The Government of Brazil will host the second Internet Governance Forum meeting.
http://www.intgovforum.org/
http://cgi.br/igf/

4-5 December 2007, Rome, Italy
First QualiPSo Conference - Fostering trust and quality of Open Source Software systems Contributions Submission Deadline: 30 September 2007
http://www.qualipso.org/index.php?option=com_content&task=view&id=63&Itemid=64

17 January 2008, London, UK
Nanontechbology for security and the crime prevention III http://www.nano.org.uk/events/ionevents.htm#security

============================================================
13. About
============================================================

EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 28 members based or with offices in 17 different countries in Europe. European Digital Rights takes an active interest in developments in the EU accession countries and wants to share knowledge and awareness through the EDRI-grams.

All contributions, suggestions for content, corrections or agenda-tips are most welcome. Errors are corrected as soon as possible and visibly on the EDRI website.

Except where otherwise noted, this newsletter is licensed under the Creative Commons Attribution 2.0 License. See the full text at http://creativecommons.org/licenses/by/2.0/

Newsletter editor: Bogdan Manolea <[log in to unmask]>

Information about EDRI and its members:
http://www.edri.org/

European Digital Rights needs your help in upholding digital rights in the EU. If you wish to help us promote digital rights, please consider making a private donation.
http://www.edri.org/about/sponsoring

- EDRI-gram subscription information

subscribe by e-mail
To: [log in to unmask]
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.

unsubscribe by e-mail
To: [log in to unmask]
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations are provided by Metamorphosis http://www.metamorphosis.org.mk/edrigram-mk.php

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for Internet Users http://www.unwatched.org/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help
Please ask <[log in to unmask]> if you have any problems with subscribing or unsubscribing.

************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************