Policy Observatory

Germany: Constitutional complaint against intelligence agency BND

Wed, 2018-02-07 18:53

EDRi observer Gesellschaft für Freiheitsrechte (GFF) has filed a constitutional complaint against surveillance by Germany’s foreign intelligence agency, the Bundesnachrichtendienst (BND). A new law that the German Parliament passed in October 2016 allows the BND to spy on foreign journalists.

GDPR and Google Analytics

Tue, 2018-01-30 12:16

Enforcement of the European Union’s General Data Protection Regulation is coming very soon. This regulation is not limited to companies based in the EU—it applies to any service anywhere in the world that can be used by citizens of the EU.

Under the old “cookie law”, using a third-party cookie-setting service like required informing users who were citizens of the EU. Under GDPR, explicit consent is required and implied consent isn’t enough.

Artificial intelligence is going to supercharge surveillance

Tue, 2018-01-30 12:12

Artificial intelligence is giving surveillance cameras digital brains to match their eyes, letting them analyze live video with no humans necessary. This could be good news for public safety, helping police and first responders more easily spot crimes and accidents and have a range of scientific and industrial applications. But it also raises serious questions about the future of privacy and poses novel risks to social justice.

Mozilla files suit against FCC to protect net neutrality

Fri, 2018-01-19 23:03

Mozilla has filed a petition in federal court in Washington, DC against the Federal Communications Commission for its recent decision to overturn the 2015 Open Internet Order.

e-Privacy proposal undermined by EU Member States

Sat, 2018-01-13 16:29

The discussions on the e-Privacy Regulation continue in the European Union legislative process. On 5 December 2017, the Estonian Presidency of the Council proposed new compromises on key articles. This latest proposal for amendments is related to Articles 6, 7 and 8 of the draft e-Privacy Regulation, which concern permitted processing (Art. 6), storage and erasure of communications data (Art. 7) and the protection of stored communications in users’ devices (Art. 8).

EU-Japan trade agreement not compatible with EU data protection

Sat, 2018-01-13 16:27

The EU and Japan have announced the conclusion of the final discussions on a trade agreement, the EU-Japan Economic Partnership Agreement (EPA).

EU Parliament criticises incompetent Commission work on child abuse

Sat, 2018-01-13 16:25

The European Commission proposed its badly drafted “Directive on combating sexual abuse, sexual exploitation of children and child pornography” in 2010. In 2011, it was finally adopted by the Council of the European Union and the European Parliament. Under the Directive, the European Commission was legally required to publish an implementation report by 18 December. The Commission ignored its legal obligation and published its report a year late, on 16 December 2016. It published one report on the whole Directive and one on the implementation of Article 25 on the Directive, on internet blocking. Despite taking an extra year to collect information, the 13-page document is almost entirely devoid of useful data.

Proposal to revoke data retention filed with the Czech Court

Sat, 2018-01-13 16:08

On 20 December 2017, EDRi member Iuridicum Remedium (IuRe) filed a request with the Constitutional Court of the Czech Republic to revoke the Czech data retention related legislation. The filing of the request was achieved in close cooperation with the Czech Pirate Party, whose 22 deputies were for the first time elected to the Chamber of Deputies of the Czech Parliament in October 2017.

Swedish Supreme Court confirms that domain names constitute property that can be seized by the state

Sat, 2018-01-13 16:00

In April 2015, prosecutor Fredrik Ingblad directed claims against Fredrik Neij (one of the creators of The Pirate Bay) in an effort to disrupt the operation of The Pirate Bay website in Sweden. Ingblad also filed a complaint against Punkt SE (IIS), the organisation responsible for Sweden’s .se top-level domain. Mr Ingblad argued that the domains ‘ThePirateBay.se’ and ‘PirateBay.se’ were used as “tools” to aid and abet copyright infringement and should therefore be seized by the Swedish state.

In December 2017 the Swedish Supreme Court confirmed that the two domains can indeed be seized by the state.

WhatsApp security flaws could allow snoops to slide into group chats

Sat, 2018-01-13 15:52

At the Real World Crypto security conference in Zurich, Switzerland, a group of researchers from the Ruhr University Bochum in Germany plan to describe a series of flaws in encrypted messaging apps. While the Signal and Threema flaws they found were relatively harmless, the researchers unearthed far more significant gaps in WhatsApp's security: They say that anyone who controls WhatsApp's servers could effortlessly insert new people into an otherwise private group, even without the permission of the administrator who ostensibly controls access to that conversation.

German ‘hate-speech’ law tries to regulate Facebook and others - will it work?

Sat, 2018-01-13 15:42
In September 2017, a law with the euphonious name ‘Netzwerkdurchsetzungsgesetz’ (‘network enforcement law’) was adopted in Germany. Its goal is to force social networks to remove hate speech and certain other unlawful content within 24 hours in obvious cases, otherwise within 7 days upon being notified. The transition period ended on 31 December 2017 - meaning the new rules can now be enforced. Failure to delete content within the given deadlines can result in heavy administrative fines of up to EUR 50m.

French privacy watchdog raps WhatsApp over Facebook data sharing

Sat, 2018-01-13 15:39

France's data privacy watchdog may fine messaging app WhatsApp if it does not comply with an order to bring its sharing of user data with parent company Facebook into line with French privacy law.

End of the privacy debate in the European Parliament: overview

Sat, 2018-01-13 15:38

 On 26 October, the European Parliament as a whole decided to end it's debate about the future ePrivacy Regulation. It's position already adopted on 19 October by the leading Civil Liberties committee was thus confirmed. Now, governments of the Member States and representatives of the European Parliament will negotiate in order to find a compromise in form of a final text. La Quadrature du Net reviews the first step of legislation which has come to an end.

FBI chief calls unbreakable encryption 'urgent public safety issue'

Sat, 2018-01-13 15:35

The inability of law enforcement authorities to access data from electronic devices due to powerful encryption is an "urgent public safety issue," FBI Director Christopher Wray said on Tuesday in remarks that sought to renew a contentious debate over privacy and security.

New US policy wants to demand passwords of travelers’ electronic devices

Fri, 2018-01-12 11:23

US Customs and Border Protection (CBP), a component of the Department of Homeland Security, today posted a revised policy on Border Searches of Electronic Devices and a Privacy Impact Assessment of some of the changes made by the new policy. CBP is now claiming the authority to confiscate cellphones, laptops, memory cards, and any other electronic devices if the traveller refuses to tell CBP their passwords, and to retain the passwords given to them as well as the contents of those devices.

Spanish Court recognizes an individual's right to be forgotten against Google

Thu, 2018-01-11 22:20

Spanish Audiencia Nacional Court has supported a resolution from the Data Protection Agency mandating Google to take the necessary measures to avoid the name of an individual to appear in the search results linked to a resolution from ten years ago.

The fight for patent-unencumbered media codecs is nearly won

Thu, 2018-01-11 22:17

After Apple joining the Alliance for Open Media, now all the most powerful tech companies — Google, Microsoft, Apple, Mozilla, Facebook, Amazon, Intel, AMD, ARM, Nvidia — plus some content providers like Netflix and Hulu, are on now in the Alliance to keep media codec suite AV1 patent-free.

Mercosur-EU Free Trade Agreement: a bad deal for the public domain

Sat, 2018-01-06 11:13

Like many other multilateral agreements that have been negotiated in recent years (TPP, TTIP, etc.), the Mercosur-EU FTA covers a large number of areas (not all strictly related to trade) ranging from the exchange of goods to capital movements, phytosanitary measures, electronic commerce and intellectual property (IP). The area of ​​negotiation related to IP is extremely broad, including patents, trademarks, geographical indications and copyright, among other topics.

The year the open Internet came under siege: 2017 year in review

Sat, 2018-01-06 10:11

The fight between the Federal Communications Commission’s choice to abandon the principles of net neutrality and the majority of Americans started early in 2017 and continued into the very last month of the year. Check out EFF's year in review on net neutrality.

Resolution on transparency of trade negotiations endorsed at UN Internet Governance Forum meeting

Wed, 2017-12-20 12:34
EFF's involvement during the last two Internet Governance Forum meetings led to a resolution on transparency which was drafted in a multistakeholder process and which was endorsed by participants at the meeting by rough consensus.

The recommendations are similar to those that EFF and other groups and experts delivered to the United States Trade Representative in January this year, which were in turn influenced by the previous year’s Brussels Declaration on Trade and the Internet.