JiscMail Logo
Email discussion lists for the UK Education and Research communities

Help for CYBER-SOCIETY-LIVE Archives

CYBER-SOCIETY-LIVE Archives

CYBER-SOCIETY-LIVE Archives


CYBER-SOCIETY-LIVE@JISCMAIL.AC.UK


View:

Message:

[

First

|

Previous

|

Next

|

Last

]

By Topic:

[

First

|

Previous

|

Next

|

Last

]

By Author:

[

First

|

Previous

|

Next

|

Last

]

Font:

Proportional Font
LISTSERV Archives

LISTSERV Archives
CYBER-SOCIETY-LIVE Home

CYBER-SOCIETY-LIVE Home
CYBER-SOCIETY-LIVE 2005

CYBER-SOCIETY-LIVE 2005

Options

Subscribe or Unsubscribe

Subscribe or Unsubscribe

 Log In

Log In

 Get Password

Get Password

Subject:

Digital Civil Rights in Europe: EDRi-news Digest, Vol 30, Issue 2

From:

J Armitage <[log in to unmask]>

Reply-To:

Interdisciplinary academic study of Cyber Society <[log in to unmask]>

Date:

Thu, 22 Sep 2005 07:27:48 +0100

Content-Type:

text/plain

Parts/Attachments:
Parts/Attachments

text/plain (802 lines) 

From: [log in to unmask]
[mailto:[log in to unmask]] On Behalf Of
[log in to unmask]
Sent: 21 September 2005 19:12
To: [log in to unmask]
Subject: EDRi-news Digest, Vol 30, Issue 2

Send EDRi-news mailing list submissions to
	[log in to unmask]

To subscribe or unsubscribe via the World Wide Web, visit
	http://mailman.edri.org/cgi-bin/mailman/listinfo/edri-news
or, via email, send a message with subject or body 'help' to
	[log in to unmask]

You can reach the person managing the list at
	[log in to unmask]

When replying, please edit your Subject line so it is more specific than
"Re: Contents of EDRi-news digest..."


Today's Topics:

   1. EDRI-gram newsletter - Number 3.19, 21 September 2005
      (EDRI-gram newsletter)


----------------------------------------------------------------------

Message: 1
Date: Wed, 21 Sep 2005 20:10:47 +0200 (CEST)
From: "EDRI-gram newsletter" <[log in to unmask]>
Subject: EDRI-gram newsletter - Number 3.19, 21 September 2005
To: [log in to unmask]
Message-ID: <[log in to unmask]>
Content-Type: text/plain;charset=iso-8859-1

============================================================

                  EDRI-gram

  biweekly newsletter about digital civil rights in Europe

     Number 3.19, 21 September 2005


============================================================
Contents
============================================================

1. Data retention proposal European Commmission 2. Draft directive data
protection in EU police co-operation 3. UK supermarket Tesco sells personal
data 4. New Dutch database to create lifelong record for every baby 5. Data
Protection Commissioners Conference in Montreux 6. EDRI-event at Data
Protection Conference in Montreux 7. Spanish gaming programmer faces prison
sentence 8. Human rights in the information society on CoE agenda 9.
Petition update 10. Support EDRI!
11. Recommended reading: camera surveillance and workplace privacy 12.
Agenda 13. About

===========================================================
1. Data retention proposal European Commission
===========================================================

The European Commission has finally launched its proposal for a directive on
data retention. During a press conference today (21 September 2005),
commissioner Frattini underlined how important it was that data retention
would be decided in the first pillar, by Commission and Parliament and not
by the ministers of Justice in the third pillar. Frattini was confident the
proposal would be adopted by the European Parliament before the end of the
year. But the happy information feeling didn't last until the end of the
conference. When asked by a journalist why the Commission did not include
failed call attempts, Frattini said that was indeed an omission, and would
be one of the first updates to the list. Failed attempts are important,
Frattini said, because law enforcement needs very complete information from
the basic stations used for mobile telephony. By storing failed call
attempts law enforcement gets a complete picture of all the mobile phones
that were near a base station at a certain point in time, including mobile
phones that were not engaged in a conversation.

The Commission proposal is very similar to the last versions of the proposal
from the Ministers of Justice (JHA Council) for a framework decision. The
Commission proposal only differs in a shorter retention
period: one year retention for data about telephony behaviour, including
location data of mobile phones. Internet data should be stored for 6 months.
Like the JHA Council, the Commission fails to provide any evidence for the
need and benefits of data retention. The Commission repeats meaningless
sentences like "It has now become urgent to adopt harmonised provisions at
the EU level on this subject."

The purpose of the retention is "the prevention, investigation, detection
and prosecution of serious criminal offences, such as terrorism and
organised crime." The JHA Council didn't want to limit to purpose to
'serious' crime, but on the other hand, never considered 'prevention' a
valid purpose. In that respect the Commission seems to invite law
enforcement to start data-mining on a large scale on the travel and
communication patterns of completely innocent citizens.

Internet data are defined as "data related to electronic communications
taking place wholly or mainly the Internet protocol". In the annex of data
to be stored, the required internet data are limited to internet access,
e-mail and internet telephony.

But this list of data is completely meaningless, given the procedure the
Commission proposes to update this list. Opening a backdoor matching the
size of the law enforcement ambitions of the UK presidency, the Commission
proposes a flexible procedure to revise the list in 'comitology'. This
typical EU procedure means representatives of the member states form a
special committee. The European Commission can send proposals to such a
committee. In the case of data retention, the Commission has chosen the form
of a 'regulatory committee'. If a qualified majority of members agrees, the
Commission can send a proposal for drastic expansion of the kinds of data to
the Council. Within 3 months they have to decide by qualified majority to
reject or adopt the proposal. If they don't agree within 3 months, the
Commission may continue and adopt the proposed measure.

In this procedure, the national parliaments are completely excluded and the
European Parliament only has a so-called right of scrutiny. If the EP feels
a proposed measure "would exceed the implementing powers provided for in the
basic instrument", the Commission must re-examine its proposal, but can
completely ignore the protest from the EP.

Looking at the Council versions of June and July, a majority of member
states still rejects the proposal from Austria to specifically exclude the
subject line of e-mails from the list. This is just one example of the
pressure that will be exerted on the Commission to weaken the fundamental
protection of communication secrecy. On the Internet, the difference between
content and meta-data is blurred, a danger many experts have warned about
for a long time. Data such as subject lines and surfing behaviour reveal
detailed and intimate reading patterns. According to the last working party
version of the Council proposal, from 16 September 2005, Belgium, Denmark,
Spain, Lithuania and Sweden insist on retention of logs of web browsing,
Internet chat and peer-to-peer communications. The Council acknowledges once
more all the legal criticism of dealing with data retention in the third
pillar, but will return to the framework decision in the last formal JHA
Council of 2005, in December, if Commission and Parliament won't have
obliged by then. This is phrased as:
"During the proceedings, the Council will need to decide if it accepts the
approach of a Directive or if it will take measures on data retention on the
basis of the draft Framework Decision."

Some slight changes in the final Commission document compared to the
previously leaked version are:

-No longer will the Commission consult an advisory forum of data protection
authorities and industry for every update of the Annex. In stead, the Member
States can decide by themselves in comitology;

-In stead of the providers, the Member States bear the responsibility to
provide yearly statistics on the use of retained data to the Commission;

-The Commission -for the first time- says something in public about the
results of the consultation procedure in September 2004. But the summary is
grotesquely inaccurate when it comes to digital rights organisations.
The Commission writes: "In general terms, they questioned whether periods of
retention longer than six months can be considered to be proportional.
They also expressed concerns about the finality and aims of the retention,
which should be clearly specified." In reality, over a 100 digital rights
organisations signed the petition from EDRI and Privacy International that
objected to _any_ form of systematic retention of data on innocent citizens.

Commission press release (21.09.2005)
http://europa.eu.int/rapid/start/cgi/guesten.ksh?p_action.gettxt=gt&doc=IP/0
5/1167|0|RAPID&lg=EN

Commission memo (21.09.2005)
http://europa.eu.int/rapid/pressReleasesAction.do?reference=MEMO/05/328&form
at=HTML&aged=0&language=EN&guiLanguage=en

Leaked Commission proposal for a directive (15.09.2005)
http://www.statewatch.org/news/2005/sep/com-data-retention-prop.pdf

Working party version of the Council framework decision (16.09.2005)
http://www.quintessenz.at/doqs/000100003338/2005_09_16,EU_council_copen_42_t
elecom_90_data_retention.pdf

July version of the Council proposal (29.07.2005)
http://www.statewatch.org/news/2005/sep/eu-data-ret-draft-jul05.pdf

EDRI-gram analysis of first version Commission proposal (27.07.2005)
http://www.edri.org/edrigram/number3.15/commission

Press release EP rapporteur Alexander Alvaro (04.05.2005)
http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-204208

EDRI and PI response to Commission consultation (15.09.2004)
http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-103020

FAQ about comitology procedure
http://europa.eu.int/comm/secretariat_general/regcomito/aide.cfm?page=faq&CL
=en

===========================================================
2. Draft directive data protection in EU police co-operation
===========================================================

In the first week of October the European Commission will publish a proposal
for a Council Framework Decision on the protection of personal data
exchanged by courts and police under the Third Pillar in EU Member States.
Statewatch published a draft version earlier this week.

The framework decision will allow the EU to move forward with plans for full
cross-border access to police databases under the "principle of
availability". The Council has become increasingly eager for a proposal to
be agreed, calling in July for the Commission to present proposals by
October at the latest.

The proposal would create a similar regime to the existing 1995 Data
Protection Directive, which applies to First Pillar (single market)
legislation. It would ensure data is processed for specific purposes for a
legitimate lawful purpose, and that European citizens have the right to
access and where necessary correct personal data held about them by legal
authorities. Supervisory authorities such as the existing Data Protection
Commissioners would be nominated to oversee the national schemes, and would
jointly act as a Working Party to ensure the directive was followed
uniformly across the EU.

While the proposal is a welcome step forward in the protection of personal
data, it contains some areas of concern. Most generally, it contains wide
optional exemptions for Member States, rather than strengthening protection
uniformly across the EU. Article 6, for example, would allow the exchange of
data concerning "racial or ethnic origin, political opinions, religious or
philosophical beliefs, trade-union membership, and data concerning health or
sex life" when provided for by law and "absolutely necessary" for the
"prevention, investigation, detection or prosecution of criminal offences".
Article 4.3 also allows basic protections to be set aside by Member States
if "exceptionally" "provided for by law".

The proposal also affects the personal data of a great many EU citizens:

"- a person who is suspected of having committed or having taken part in a
criminal offence or who has been convicted of such an offence, - a person
who there are serious grounds for believing will commit a criminal offence,
- a person who might be called on to testify in investigations in connection
with criminal offences or subsequent criminal proceedings, - a person who
has been the victim of a criminal offence or with regard to whom certain
facts give reasons for believing that they could be the victims of a
criminal offence, - a person who can provide information on criminal
offences, and - a contact or associate to one of the persons mentioned
above," (art.4.4)

Data may also be retained for "historical, statistical or scientific
purposes" (art.4.1b), and stored "to varying degrees of accuracy and
reliability" (art.4.1.d)

EDRI will be undertaking further analysis of the proposal and will call on
the Commission and Council to improve the protection of the extremely
sensitive personal data that it would allow police forces to exchange across
Europe and beyond.

Commission proposal for a framework decision on the protection of personal
data (04.08.2005)
http://www.statewatch.org/news/2005/sep/com-data-protection-prop.pdf

(Contribution by Ian Brown, board member EDRI)

===========================================================
3. UK supermarket Tesco sells personal data
===========================================================

The Guardian reports about a new daughter-company of the UK Supermarket
chain Tesco, that is selling very detailed information about every household
and every person in the UK to the highest bidder. The database called
Crucible contains "A map of personality, travel habits, shopping preferences
and even how charitable and eco-friendly you are." And even if you don't
shop at Tesco's, by combining data about for example magazine subscriptions
from other sources such as Experian, Claritas and Equifax, the company has,
in its own words collected a "massive pool" of consumer data. The company
also uses government information, such as the electoral roll, which contains
names, ages and housing information.

The two reporters from the Guardian started with an information request, on
data collected by the company through the Clubcard (the Tesco loyalty
system). Only after a 4 months battle and a formal appeal to the Information
Commissioner a reporter got her personal data. Though she provided as little
information about herself as possible when applying for the Club Card, after
1 year Tesco had 2 pages of information on her and her specific shopping
behaviour.

Tesco said its Clubcard was completely compliant with the data protection
act and Tesco itself did not sell data about individual shoppers to third
parties, only on an aggregated level.

Tesco stocks up on inside knowledge of shoppers' lives (20.09.2005)
http://www.guardian.co.uk/business/story/0,3604,1573821,00.html

===========================================================
4. New Dutch database to create lifetime record for every baby
===========================================================

The Dutch ministry of Health, Welfare and Sport plans to introduce a new
electronic file on every new-born, starting in January 2007. The file will
contain information about the child, the family situation and its
surroundings, later adding educational data, information from social workers
and possible police records. The file will be principally maintained by
youth doctors and medics working for the child public health care service.
The file will be connected to the citizen service number, a new electronic
ID for every Dutch resident and citizen replacing the old social-fiscal
number. Secretary of State Climence Ross explained: "Medics can easily trace
the development and situation of a child and thus get a clear picture of its
need for care. They can also see which other institutions work or have
worked with a child. The electronic childfile thus helps the smooth
hand-over between different caretakers."

It is not clear if the electronic file also requires biometric identifiers.
In that case, another problem with biometrics will become apparent.
Fingerprinting children, especially babies, can be very challenging. In an
analysis of the first pilot with the issuing of biometric passports in the
Netherlands, the Dutch institute for applied scientific research TNO
concludes: "It is especially difficult to get babies to unclench their fists
in order to take good prints." In addition, facial features of young
children change rapidly, making subsequent automatic facial-verification
unreliable.

The announcement of the ministry comes as an extra surprise given the recent
spectacular hack of the databases of  two hospitals in the Netherlands. The
hackers - in collaboration with the direction of the hospitals - obtained
access to records about 1.2 million people. The hack made it painfully clear
the government plans to introduce electronic medical and medication files
lack basic attention for security. Questions were immediately raised in
Parliament, where the Minister admitted he was shocked by the hack. He
promised he would raise the standards for security, but didn't promise to
dedicate any extra money.

Press release Ministry of Health, Welfare and Sport (in Dutch, 16.09.2005)
http://www.minvws.nl/persberichten/djb/2005/kabinet-in-operatie-jong.asp

TNO report about the first trial with biometric passports (in Dutch,
12.09.2005)
http://www.minbzk.nl/persoonsgegevens_en/reisdocumenten/publicaties/evaluati
erapport

Dutch treat: personal database (15.09.2005)
http://www.wired.com/news/privacy/0,1848,68866,00.html

===========================================================
5. Data Protection Commissioners Conference in Montreux
===========================================================

The 27th international conference of data protection commissioners took
place in Montreux/Switzerland from 13 to 15 September 2005. The meeting with
the title "The protection of personal data and privacy in a globalised
world: A universal right respecting diversities" saw several hundred data
protection authorities (DPA) officials, industry, cyberrights groups and
other stake-holders for three intense days of discussion. One big issue was
the tenth anniversary of the EU's data protection directive from 1995. The
assessment was mixed, though. There are still many differences in national
laws and enforcement is weak. While the EU directive had a big impact on the
globalisation of data protection legislation, this approach is hard to
enforce on the border-less Internet.
There is also a strategic rival emerging with the APEC privacy guidelines
(Asia-Pacific Economic Cooperation) that incorporate a lower privacy
standard than the EU directive or the OECD guidelines.

Part of the discussion therefore focused on other means of privacy
protection, ranging from industry self-regulation to incorporating privacy
protection into the design of the technical infrastructures. Most presenters
agreed that the 'user empowerment' approach failed, and that there needs to
be some legal foundation for data protection. The commissioners in their
closed session on 16 September adopted the Montreux Declaration. It calls
for the spread of universal privacy principles around the world, including
through the U.N.; cooperation with NGOs around the world; and for
intergovernmental organisations (like ICAO, creator of the biometric/RFID
passport standard) to comply with such principles and to appoint privacy
officers.

The conference also passed resolutions on biometric identity documents and
on the use of personal data for political communications. EDRI and other
cyberrights groups were present at the conference with some speakers, a
number of participants and a successful pre-event on 12 September (see next
article). Many of the DPA representatives also referred to the importance of
EDRI and similar groups for their work. Next year's conference will take
place in Buenos Aires, Argentina.

Montreux conference website
http://www.privacyconference2005.org

Montreux declaration (16.09.2005)
http://www.edsb.ch/e/aktuell/konferenz/declaration-e.pdf

Montreux Resolution on the use of biometrics in passports, identity cards
and travel documents (16.09.2005)
http://www.edsb.ch/e/aktuell/konferenz/biometrie-resolution-e.pdf

Montreux Resolution on the use of personal data for political communication
http://www.edsb.ch/e/aktuell/konferenz/political-communication-resolution-it
aly-e.pdf

(Contribution by Ralf Bendrath, EDRI member Netzwerk Neue Medien)

===========================================================
6. EDRI-event at Data Protection Conference in Montreux
===========================================================

EDRI and a coalition of civil liberty groups has organised a pre-event at
the international conference of data protection commissioners on 12
September in Montreux. The aim was to strengthen cooperation between NGOs
and official data protection authorities (DPAs). The meeting was
well-attended by NGOs, privacy officials and industry representatives and
led to promising discussions on how to improve collaboration in the future.

The panel on data retention noticed the interesting development of an
emerging "rainbow coalition" between civil liberties groups, DPAs, Internet
and telecommunication providers, and the European Parliament.
Hielke Hijmans from the Office of the European Data Protection Supervisor
(EDPS) presented the concerns of the EDPS. He made it clear that "terrorism
is not out of this world when you retain data", and while protecting our
societies, "we must not forget our basic values like privacy, as enshrined
in article 8 of the European Convention on Human Rights". Because data
retention is already applied in some EU member states, the EDPS is currently
working under the assumption that an EU directive can not be stopped
completely. Therefore, they focus on safeguards and limiting types of data
and retention periods. Cidric Laurant from co-organiser EPIC pointed out
that data preservation regimes (only retaining data in specific
investigations) "have not prevented law-enforcement agencies from doing
their job". Even the heavily criticised Council of Europe's Cybercrime
Convention only contains data preservation. Following the EU discussions on
data retention, though, a number of countries including Nigeria, Estonia,
and Argentina have adopted data retention laws. Peter Swire from Ohio State
University, the former Clinton Administration's Chief Counselor for Privacy,
introduced a new way of framing the debate on data retention. It is not just
a cost argument that helps to align with industry, but also a security risk.
If all Internet traffic data are retained, Internet usage of police officers
and security agencies will also be retained. Therefore, organised crime no
longer has to bribe police officers in order to get inside information, but
just needs to bribe ISP employees. This led to an interesting discussion on
the security risks related to data retention. In the end, the most appealing
argument was that not even the Bush administration agencies want data
retention in their "war on terrorism".

The panel on biometrics started with the assumption by Gus Hosein from
co-organiser Privacy International that these technologies are already here
and can not be stopped anymore. Therefore, civil liberty groups have to come
up with more realistic approaches. The Swiss Data Protection Commissioner
Hanspeter Th|r then presented his approach to biometrics.
Different from the EU rush, Switzerland started a pilot project before
deciding about the introduction of biometric passports. The DPA's biggest
concern at the moment is the plan for a central national database for
biometric passports. A plan for such a database for immigration control has
already been stopped by the DPA. Barry Steinhardt from co-organiser ACLU
pointed out the governments' "policy laundering" strategy, where they
introduced biometric passports through the mostly unknown and in-transparent
organisation ICAO and then at the national level referred to "international
obligations". Stephanie Perrin from the Office of the Canadian Federal Data
Protection Commissioner gave some examples of how to and how not to fight
biometrics. The "it does not work" argument is tricky, because many of the
technologies will work in a few years. More successful are early privacy
impact assessments that are mandatory in Canada and a focus on standards
organisations. The biggest problem and concern in biometrics is the creation
of central databases, the participants agreed after also discussing security
aspects in this field.

EDRI likes to thank EDRI-member Swiss Internet User Group (SIUG) and the
Swiss coalition Communica-ch for taking care of the local arrangements and
funding for this event.

Agenda of EDRI pre-event in Montreux (12.09.2005) http://www.edri.org/panels

(Contribution by Ralf Bendrath, EDRI member Netzwerk Neue Medien and chair
of the data retention panel)

===========================================================
7. Spanish gaming programmer faces prison sentence
===========================================================

A Spanish gaming programmer may face up to one year prison charges for
developing a video-game which makes fun of religious practices. 'Matanza
Cofrade' is a video-game, a first person shooter Doom-like game in which the
player shoots participants to the famous Holy Week procession. After that,
the participants are turned into zombies while  images of several religious
brotherhoods from Sevilla are shown.

This game was supposed to be offered as a present with a CD of the Spanish
Rock band "Narco" in November 2002, but when the brotherhoods heard about
it, they started a lawsuit against it. In the end, the game was removed from
the CD.

In a legal movement that it is becoming a classic when facing issues of
freedom of expression, the programmer has been accused by the attorney of
both offending religious feelings and of misuse of intellectual property,
since the programmer didn't have permission to use images from the
brotherhoods.

The court will hear the case on 29 September. The public prosecutor asks for
one year in prison for the intellectual property charge and ten months for
offending religious feelings.

(Contribution by David Casacuberta, EDRI-member CPSR-Spain)

===========================================================
8. Human rights in the information society on CoE agenda
===========================================================

On 12 and 13 September the Council of Europe convened a Pan-European Forum
on "Human Rights in the Information Society: Responsible Behaviour by Key
Actors" with representatives from state, industry and civil society.

The Forum was a follow-up to the recent Declaration of the Committee of
Ministers on Human Rights and the Rule of Law in the Information Society,
plus general Council of Europe priorities regarding the protection of
children and internet content. The Forum aimed at identifying and discussing
"responsible" and "irresponsible" behaviour by key actors and how states,
industry and civil society can work together (inter alia through
partnerships, policy making, greater awareness and education) to ensure the
promotion and protection of human rights in the Information Society. On
behalf of EDRI, Meryem Marzouki (IRIS, France) and Rikke Frank Joergensen
(Digital Rights, Denmark) were invited to participate to the Forum, and
especially to the panel on the civil society role.

The Forum was followed on 14 and 15 September by the second meeting of the
CoE Group of specialists on human rights in the information society
(MC-S-IS), where EDRI now enjoys a civil society observer status. This group
has been set up by the CoE media and new communication services steering
committee (CD-MC). Main points on the agenda were:

-discussion on the development of CoE guidelines to promote "responsible
behaviour by key actors", in a direct link with the Forum;

-the development of strategies to promote CoE standards among information
society actors;

-discussion about a questionnaire proposed by the group Secretariat on the
implementation of CoE guidelines on freedom of expression in the information
society in member States;

-and finally, an answer to the CD-MC invitation to propose clarifications of
various governance models or regimes (self-, co-regulation, or State
regulation only), in view of establishing a common position.

It is a positive development that Council of Europe is increasingly
involving civil society in its work, and shows awareness and willingness to
address the specific human rights challenges within an information society
context. However, because the link is still relatively new within this
setting, some issues were reopened that should not be reopened, for example
whether HR standards on privacy and freedom of expression, including
conditions to restrict these standards, apply to internet in the same way as
they do off-line. Specific issues in this discussion are the protection of
children that should go above the rights of adults to freely seek
information and the responsibility forced on ISPs to act as judges of the
content on their servers. From a human rights perspective it is crucial to
distinguish clearly between content which is illegal and content which is
legal, though it might be perceived as harmful by some actors. The latter
enjoys full protection under art. 10 of the European Convention on Human
Rights.

One of conclusions of the Forum was a commitment to further address media
literacy, HR education and HR-proofing. This latter issue means states need
to demonstrate their national legislation and policies are HR compliant.

During the Forum as well as, in a more operational manner, during the
MC-S-IS meeting, EDRI reminded the participants of these principles,
proposing that they could be more formally reaffirmed in future CoE
guidelines to be prepared by the group of specialists. EDRI also proposed
that an independent Commission on human rights and the rule of law in the
information society be set up at the CoE level. This commission should
assess, on a regular basis, the implementation of human rights and the rule
of law standards in the legislation and practices relevant to the
information society in all CoE member States, and to promote these standards
at national level. In this respect, EDRI welcomed the proposed questionnaire
on the implementation of CoE guidelines on freedom of expression in the
information society. EDRI saw it as a good example of the tools an
independent Commission should use for its assessment work and proposed that
such questionnaires be also developed on other issues, for example on the
implementation of the CoE guidelines on privacy.

Next MM-S-IS group meeting is scheduled in December 2005. A second edition
of the CoE Pan-European Forum is planned in 2006.

CoE Pan-European Forum (12-13.09.2005)
http://www.coe.int/T/E/human_rights/media/Links/Events/ForumStbgSept2005_en.
asp

Second meeting of the MC-S-IS (14-15.09.2005)
http://www.coe.int/T/E/human%5Frights/media/1_Intergovernmental_Co-operation
/MM-S-IS/default.asp

(Contribution by Rikke Frank Joergensen and Meryem Marzouki, EDRI-members
Digital Rights Denmark and IRIS, France)

===========================================================
9. Petition update
===========================================================

The EDRI and XS4ALL petition against data retention has attracted over
48.000 signatures, of which over 19.000 from the Netherlands (where the
campaign was launched) and over 5.500 from Germany and Finland. Runners-up
in the daily country count are Bulgaria and Sweden (over 2.000 each),
followed by Austria (over 1.500). Italy, Spain, Belgium, France, Slovenia,
the US and the UK have each contributed over a 1.000 signatures.

Currently, 75 organisations and companies have signed in support of the
petition. The petition is now available in 20 languages, including Basq,
Catalan and Greek.

The campaign continues to invite signatures and support throughout September
and possibly October 2005, as long as the political battle between the
European Commission and the Council of ministers of Justice and Home Affairs
continues.

Petition
http://www.dataretentionisnosolution.com
http://www.stopdataretention.com

Petition WIKI
http://wiki.dataretentionisnosolution.com

===========================================================
10. Support EDRI!
===========================================================

European Digital Rights needs your help in upholding digital rights in the
EU. Donations allow EDRI to hire part-time professional assistance in
Brussels and invest in targeted campaigns. With the plans for mandatory data
retention and the continuous erosion of digital civil rights, your donation
could make a huge difference.

If you wish to help us promote digital rights, please consider making a
private donation, or interest your organisation in sponsorship. We will
gladly send you a confirmation for any amount above 250 euro.

KBC Bank Auderghem-Centre, Chaussie de Wavre 1662, 1160 Bruxelles, Belgium
EDRI Bank account nr.: 733-0215021-02
IBAN: BE32 7330 2150 2102
BIC: KREDBEBB

===========================================================
11. Recommended reading: camera surveillance and workplace privacy
===========================================================

In the series Information Technology & Law, the Dutch University of Tilburg
has published a volume on camera surveillance and workplace privacy, which
includes 11 country reports. The European countries covered by the report
are: the Netherlands, Belgium, the UK, Germany, Hungary and Italy.

The editors argue that Europeans, similar to the US, have a 'reasonable
expectation of privacy'. But is this right codified in national law or
perhaps granted by case law? When it comes to workfloor privacy, there is no
specific national legislation in any of the examined EU countries.
Though data protection authorities have drafted useful codes of conduct,
employers seem to have an advantage when a case comes to court. "The overall
picture is that the lack of legislation has a negative effect on the privacy
expectations of employees and that little has been done in general to
strengthen their vulnerable position."

In general, the editors note that the concept of reasonable expection of
privacy is usually only tested in court in criminal and dismissal cases.
"In these cases, the privacy intrusion is sufficiently important to go to
court (...) Therefore, the case law does not draw a clear picture of what
'normal' people might expect. This is especially the case with camera
surveillance technology that is permanently used to monitor behaviour in
public areas and permanent workplace monitoring of, for instance, e-mail."

Reasonable Expectations of Privacy?
Eleven country report on camera surveillance and workplace privacy Edited by
Sjaak Nouwt, Berend R. de Vries and Corien Prins, IT & Law nr 7, The Hague
2005 http://www.asserpress.nl/cata/itlaw7/fra.htm

===========================================================
12. Agenda
===========================================================

19-30 September 2005, Geneva, Switzerland 3rd meeting of the Preparatory
Committee for the World Summit on the Information Society (PrepCom-3)
http://www.wsis.org civil society perspectives
http://www.worldsummit2005.org

21-23 September 2005, French Riviera, World E-ID The three day conference
World e-ID (previously named 'eGovernment & SmartCard International
Meeting') is organised by the main pan-european e-government association
eForum and deals with the future application of DNA and other biometrics for
identification usages, both politically and technically. High-level
representatives from the national governments and from the European
Commission will present an inventory of current initiatives and speak about
their visions of the future.
http://www.strategiestm.com/conferences/we-id/05/program.htm

1 October 2005, deadline Call for Papers 22C3 The 22nd German Chaos
Communication Conference is inviting submissions from potential speakers,
either in German or English. The conference will take place in Berlin from
27 to 31 December 2005.
http://www.ccc.de/congress/2005/cfp.html

5 October 2005, Paris, France, RFID
Radio-Frequency Identification (RFID): Applications and Public Policy
Considerations. Conference convened by the Committee for Information,
Computer and Communications Policy (ICCP) of the Organisation for Economic
Co-operation and Development (OECD).

25 October 2005, Vienna, Austria
28 October 2005, Bielefeld and Prague, Germany and Czech Republic
29 October 2005, Zurich, Switzerland
Presentations of the Big Brother Awards
International ceremony schedule
http://www.bigbrotherawards.org/

1-2 December 2005, London, UK, Patenting Lives Conference in the Queen Mary
Intellectual Property Research Institute. The call for papers closes on 26
August 2005 and invites abstracts on topics such as Access to Knowledge,
Consumer Aspects, Public Interest, Public Goods, Public Domain and Human
Rights.
http://www.patentinglives.org/conference.htm

===========================================================
13. About
===========================================================

EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 21 members from 14 European countries. European Digital
Rights takes an active interest in developments in the EU accession
countries and wants to share knowledge and awareness through the EDRI-grams.
All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and visibly on the
EDRI website.

Except where otherwise noted, this newsletter is licensed under the Creative
Commons Attribution 2.0 License. See the full text at
http://creativecommons.org/licenses/by/2.0/

Newsletter editor: Sjoera Nas <[log in to unmask]>

Information about EDRI and its members:
http://www.edri.org/

- EDRI-gram subscription information

subscribe by e-mail
To: [log in to unmask]
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.

unsubscribe by e-mail
To: [log in to unmask]
Subject: unsubscribe

- EDRI-gram in Ukrainian and Italian

EDRI-gram is also available in Ukrainian and Italian, a few days after the
English edition. The contents are the same.

Translations are provided by Privacy Ukraine and autistici.org, Italy

The EDRI-gram in Ukrainian can be read on-line via
http://www.internetrights.org.ua/index.php?page=edri-gram

The EDRI-gram in Italian can be read on-line via
http://www.autistici.org/edrigram/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help

Please ask <[log in to unmask]> if you have any problems with subscribing or
unsubscribing.

============================================================
Publication of this newsletter is made possible by a grant from the Open
Society Institute (OSI).
============================================================









End of EDRi-news Digest, Vol 30, Issue 2
****************************************

--
This message has been scanned for viruses and dangerous content by the
NorMAN MailScanner Service and is believed to be clean.

The NorMAN MailScanner Service is operated by Information Systems and
Services, University of Newcastle upon Tyne.


====
This e-mail is intended solely for the addressee. It may contain private and
confidential information. If you are not the intended addressee, please take
no action based on it nor show a copy to anyone. Please reply to this e-mail
to highlight the error. You should also be aware that all electronic mail
from, to, or within Northumbria University may be the subject of a request
under the Freedom of Information Act 2000 and related legislation, and
therefore may be required to be disclosed to third parties.
This e-mail and attachments have been scanned for viruses prior to leaving
Northumbria University. Northumbria University will not be liable for any
losses as a result of any viruses being passed on.

************************************************************************************
Distributed through Cyber-Society-Live [CSL]: CSL is a moderated discussion
list made up of people who are interested in the interdisciplinary academic
study of Cyber Society in all its manifestations.To join the list please visit:
http://www.jiscmail.ac.uk/lists/cyber-society-live.html
*************************************************************************************

Top of Message | Previous Page | Permalink

JiscMail Tools


RSS Feeds and Sharing


Advanced Options


Archives

May 2024
April 2024
March 2024
February 2024
January 2024
December 2023
November 2023
October 2023
September 2023
August 2023
July 2023
June 2023
May 2023
April 2023
March 2023
February 2023
January 2023
December 2022
November 2022
October 2022
September 2022
August 2022
June 2022
May 2022
March 2022
February 2022
October 2021
July 2021
June 2021
April 2021
March 2021
February 2021
January 2021
December 2020
November 2020
October 2020
September 2020
July 2020
June 2020
May 2020
April 2020
February 2020
January 2020
December 2019
November 2019
October 2019
September 2019
August 2019
July 2019
June 2019
May 2019
March 2019
February 2019
January 2019
December 2018
November 2018
October 2018
September 2018
August 2018
July 2018
June 2018
May 2018
April 2018
March 2018
February 2018
January 2018
December 2017
November 2017
October 2017
September 2017
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
January 2017
December 2016
November 2016
October 2016
September 2016
August 2016
June 2016
May 2016
April 2016
March 2016
February 2016
January 2016
December 2015
November 2015
October 2015
September 2015
August 2015
July 2015
June 2015
May 2015
April 2015
March 2015
February 2015
January 2015
December 2014
November 2014
October 2014
September 2014
August 2014
June 2014
May 2014
April 2014
March 2014
February 2014
January 2014
December 2013
November 2013
October 2013
September 2013
August 2013
July 2013
June 2013
May 2013
April 2013
March 2013
February 2013
January 2013
December 2012
November 2012
October 2012
September 2012
August 2012
July 2012
June 2012
May 2012
April 2012
March 2012
February 2012
January 2012
December 2011
November 2011
October 2011
September 2011
July 2011
June 2011
May 2011
April 2011
March 2011
February 2011
January 2011
December 2010
November 2010
October 2010
September 2010
August 2010
July 2010
June 2010
May 2010
April 2010
March 2010
February 2010
January 2010
December 2009
November 2009
October 2009
September 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
2006
2005
2004
2003
2002
2001
2000


JiscMail is a Jisc service.

View our service policies at https://www.jiscmail.ac.uk/policyandsecurity/ and Jisc's privacy policy at https://www.jisc.ac.uk/website/privacy-notice

For help and support help@jisc.ac.uk

Secured by F-Secure Anti-Virus CataList Email List Search Powered by the LISTSERV Email List Manager