Policy Observatory

France and Germany: Fighting terrorism by weakening encryption

Wed, 2016-08-24 19:56

On 23 August, the French and German Ministers of Interior met in Paris to discuss an initiative that would extend surveillance in Europe and weaken encryption, in the name of the fight against terrorism.

Romania: Mass surveillance project disguised as eGovernment

Wed, 2016-08-24 19:55

The Romanian Intelligence Services (SRI) has been recently granted EU funds for the project “SII Analytics” to acquire software and hardware for “consolidating and assuring eGovernment interoperability between public information systems”. The project seems to aim at gathering all major state owned databases (e.g. citizens and company registry, health card data, fiscal data) in SRI’s playground. The data would be joined into one large system, through which other public institutions would potentially have unlimited and unwarranted access to the personal data collected.

Copyfails bonus track: Copyright levies

Wed, 2016-08-24 19:50

The EU is reforming its copyright rules. EDRi wants to introduce you to the main failures of the current copyright system, with suggestions on how to fix them. You can find all the Copyfails here.

This article is an additional one – a “bonus track” – to the series presenting Copyfails.

EU Telecom Regulators meet to analyse over 500 000 consultation responses

Wed, 2016-08-24 19:46

BEREC, the Body of European Regulators of Electronic Communications must publish new rules on net neutrality by 30 August, which leaves them little time to process the hundreds of thousands of responses.

Copyright reform: Unlocking copyright for users?

Wed, 2016-08-24 19:38

On 8 September 2016, only a few days before the European Commission will announce its plans for a copyright reform, Communia and EDRi will be organising an event to discuss some of they key issues, namely the failures of the current EU copyright law, and the situation of exceptions and limitations. The event “Copyright Reform: Unlocking copyright for users?” takes place at the European Parliament, room 6G1.

New documents reveal Europol’s plans to increase surveillance

Wed, 2016-08-24 19:20

The Europol work programme until the end of the year 2016 reveals that the agency’s goals are to gradually expand its surveillance capacities, to facilitate cross-border access to data, and increase the use of biometrics.

ICANN submits implementation planning status report to NTIA

Mon, 2016-08-15 14:33

ICANN today submitted an implementation planning status report to the National Telecommunications and Information Administration (NTIA), in response to a request NTIA made on 9 June 2016.

The implementation planning status report is available here.

IANA transition milestone reached

Mon, 2016-08-15 14:27

On 9 June 2016, NTIA releases a comprehensive evaluation of the proposals for transitioning the IANA functions to the multistakeholder community.

EU privacy watchdogs leave the new U.S. data pact on a one year trial run

Mon, 2016-08-08 14:00

European Union privacy watchdogs will let a new EU-U.S. commercial data pact underpinning billions of dollars of transatlantic trade run for at least a year without any legal challenge, they said on Tuesday.

Encryption backdoors appear on EU data chief’s ban wishlist

Mon, 2016-08-08 13:49

Revised ePrivacy laws should guarantee confidentiality of communications and encourage encryption, the European Union’s data watchdog has said. European Data Protection Supervisor (EDPS) Giovanni Buttarelli published his official opinion on the review of the ePrivacy Directive on Monday.

An overhaul to the so-called Cookie Law is currently be worked on by officials at the European Commission, with the completion date expected before the end of the year to bring it into line with the new General Data Protection Regulation (GDPR).

Privacy Shield still presents a number of concerns, DPAs say

Mon, 2016-08-08 13:46

The Article 29 Working Party (WP29) agreed that while Privacy Shield is an improvement on Safe Harbour, it's still potted with shortcomings. In its first opinion on the draft text in April, the WP29 was highly critical of the proposed deal. Following its meeting on Monday, the group admitted that the final version has addressed some of its issues, but by no means all of them.

European Data Protection Supervisor calls for stronger protections for electronic communications

Mon, 2016-08-08 13:40

The top European data protection official, the European Data Protection Supervisor, has called for strong privacy protections in the "ePrivacy Directive", an updated framework to safeguard personal information. "The scope of new ePrivacy rules needs to be broad enough to cover all forms of electronic communications irrespective of network or service used." The Data Protection Supervisor also said the legislation should "allow users to use end-to- end encryption without back doors". NGOs and data protection officials have also called for the reform of the European legislation after the adoption of the General Data Protection Regulation. EPIC has urged the FCC to establish a comprehensive framework for communications privacy, noting the work now underway in Europe to update privacy laws.

Google meets Italy's demands on data use practices

Mon, 2016-08-08 13:37

Italy's data privacy regulator said on Friday Alphabet Inc's Google had met its requests to change the way it treats and stores user data to bring practices into line with Italian rules.

Two years ago, the watchdog told Google its disclosure to users on how their data was being treated was inadequate, giving it 18 months to comply fully and indicating a series of measures that needed to be carried out.

The move was one of several privacy challenges against the U.S. Internet giant in the European Union, highlighting the bloc's desire to ensure its citizens' data is treated according to EU law, even when held in foreign jurisdictions.

Data Protection Experts Recommend New Protections for Internet Communications

Mon, 2016-08-08 13:25

The International Working Group on Data Protection in Telecommunications adopted new recommendations to improve the privacy and security of Internet Telephony technologies. The Berlin-based Working Group includes Data Protection Authorities and experts who work together to address emerging privacy challenges. "Privacy and Security Issues in Internet Telephony (VoIP)" focuses on the gap in "the legal protection and confidentiality of communications." The experts urge service provide to adopt "similar privacy and data protection" safeguards to all services. EPIC presented a comprehensive country report at the last meeting of the Working Group outlining recent developments in the United States. EPIC will host the 60th meeting of the International Working Group in Washington DC in April 2017.

EU-US data pact launched

Mon, 2016-08-08 13:03

The EU and US have launched their data transfer pact known as Privacy Shield. The agreement is supposed to protect the privacy of EU nationals when their personal details are transferred to the United States. The pact replaces the 15-year old Safe Harbour agreement, which was invalidated last October by the European Court of Justice.

Romanian Secret Services uses European funding for mass surveillance project disguised as eGovernment services

Mon, 2016-08-08 13:00

The Romanian Secret Service (SRI) is granted European funding in order to acquire software and hardware for “increasing eGovernment system usage”. However, as the technical specifications of the project show, one of its declared purposes is to design a Big Brother system that will, among others, intercept Internet traffic from instant messaging apps or other similar electronic communications programmes.

Entitled SII Analytics, the project aims at aggregating data sets from all major public institutions and at allowing advanced search in order to permit inquiring any type of information about any citizen or resident. Moreover, the project includes a chapter on behaviour analysis, which will allow to correlate information from databases as well as other public information (such as Facebook account information) and create individual profiles. Additionally, the system will have facial recognition features and it will include a database of approximately 50-60 million images (passport or identity card photos) to which SRI will have unlimited access.

As the project flagrantly violates Articles 7 and 8 of the Charter of Fundamental Rights of the European Union, namely the rights to privacy and to personal data protection, several NGOs sent a letter to Romanian and European officials urging for the public procurement to be annulled.

French DPA issues formal notice to Microsoft to comply with data protection rules

Mon, 2016-07-25 10:31

The Chair of the National Data Protection Commission (CNIL) has ordered Microsoft to stop collecting excessive user data and to stop tracking the web browsing of Windows 10 users without their consent.

Judge dismisses movie piracy case - linking IP address to a download is not enough

Fri, 2016-07-22 12:09

In what's believed to be a first of its kind ruling, a federal court in Oregon has dismissed a direct infringement complaint against an alleged movie pirate from the outset. According to the judge, linking an IP-address to a pirated download is not enough to prove direct copyright infringement.

Bulgaria adopted open source law

Fri, 2016-07-22 11:46

The Bulgarian parliament has voted and approved a series of amendments to the Electronic Governance Act that require all software written for the government to be open-source and to be developed as such in a public repository.

US court: No expectation of privacy if using computers connected to the Internet

Fri, 2016-07-22 11:41

A federal judge for the Eastern District of Virginia has ruled that the user of any computer that connects to the Internet should not have an expectation of privacy because computer security is ineffectual at stopping hackers.