Edrigram: Newsletter of European Digital Rights Initiative

scavenger — Wed, 10 Oct 2007 20:56:24 +0200

From: EDRI-gram newsletter
To: edri-news@edri.org
Subject: EDRI-gram newsletter - Number 5.19, 10 October 2007
Date: Wed, 10 Oct 2007 21:06:11 +0300 (19:06 BST)

============================================================

EDRI-gram

biweekly newsletter about digital civil rights in Europe

Number 5.19, 10 October 2007

============================================================
Contents
============================================================

1. EDRI Statement and Call for Action on new CoE Rec. failing to uphold FoE
2. WIPO General Assembly adopted the PCDA proposals
3. French ISPs agree to spy on Internet users to stop online piracy
4. The days of the Austrian DPA are numbered
5. Italian Minister of Justice wants to close sarcastic blog
6. UK fails to implement properly the EU data protection directive
7. German DP Commissioner against Google-Doubleclick deal
8. UK: Decrypt data or go to prison!
9. European Parliament resolution on a European digital library
10. ENDitorial: Montreal Privacy Week: Terra Incognita or Deja Vu?
11. Agenda
12. About

============================================================
1. EDRI Statement and Call for Action on new CoE Rec. failing to uphold FoE
============================================================

Today EDRI issued a statement to express its serious concerns over a new
Council of Europe Recommendation on 'promoting freedom of expression and
information in the new information and communications environment'.

According to EDRI, the newly adopted instrument promotes opaque
"self-regulation" and other soft law instruments driven by private interests and implemented through technical mechanisms. EDRI considers this Recommendation to be damaging and a retrograde step for freedom of expression and freedom of the press in the online world. EDRI is deeply concerned that such instruments will be used to legitimize subtle means of
censorship, through privatised censorship and measures to protect against
so-called harmful content.

As other related instruments are currently in preparation by the CoE, EDRI
calls for NGOs and groups from all over the world to sign up in support of
EDRI statement and take further action to help avoid the risk of more
damages to freedom of expression and information in the online world.

EDRI statement, call for action, and background information (10.10.2007)
http://www.edri.org/coerec200711

New Council of Europe Recommendation fails to uphold online freedom of
expression - European Digital Rights Statement and Call for
Action(10.10.2007) - PDF format
http://www.edri.org/files/EDRI-coerec200711.pdf

============================================================
2. WIPO General Assembly adopted the PCDA proposals
============================================================

The World Intellectual Property Organization (WIPO) member states adopted
during the General Assembly on 28 September 2007 the recommendations made in
June 2007 by the Provisional Committee on Proposals for a WIPO Development
Agenda (PCDA).

The recommendations include 45 proposals that cover six activity
clusters: Technical Assistance and Capacity Building; Norm-setting,
Flexibilities, Public Policy and Public Knowledge; Technology Transfer,
Information and Communication Technology (ICT) and Access to Knowledge;
Assessments, Evaluation and Impact Studies; Institutional Matters including
Mandate and Governance; and Other Issues.

The Plan of Action started in 2004 at WIPO General Assembly with a proposal
made by Argentina and Brazil and supported by twelve other members. A series
of meetings followed in order to discuss proposals and the establishment of
PCDA was agreed on at the 2005 session of the WIPO General Assembly, in
order to speed up the discussions on the proposals. The PCDA had two
meetings in 2006 to discuss the 111 submitted proposals and during the 2006
WIPO General Assembly session it received a new mandate for one year to
complete the verification of the proposals that were narrowed down to 45.

During the meeting of 28 September, WIPO members agreed on establishing a
Committee on Development and Intellectual Property made of member states
that would draft a program for the implementation of the recommendations and
would have the task to monitor and assess their implementation. The
Committee that will meet twice a year in a five-day session, would
coordinate its activity and reporting with other WIPO bodies and would
annually report and make recommendations to WIPO General Assembly. The first
meeting of the Committee is expected to take place during the first part of
2008.

A number of 19 proposals out of the 45 have been chosen by informal
consultations within the PCDA context to be immediately implemented. The
most important proposals are related to the establishment of norms, to
technology transfers and to the structure that needs to be created in order
to support and integrate the development of the organisation, as it was
explained by Alberto Dumont, the Argentinean Ambassador. He also considered
that the Plan of Action would have effects not only on WIPO activities but
also on the activities of other international organisations such as the
World Health Organisation in the work related to public health, intellectual
property and innovation.

Dr. Kamil Idris, the Director General of WIPO considered this decision as
a "milestone decision" that is "an important and positive step towards
ensuring that the international intellectual property system continues to
serve the public good by encouraging and rewarding innovation and creativity
in a balanced and effective manner."

A significant impact upon the adoption of this Plan of Action was played by
national and international NGOs. Wend Wendland, head of WIPO's programme on
traditional knowledge, confirmed that the NGOs have succeeded in
influencing the discussions and the priorities for WIPO, in helping
developing countries better understand Intellectual Property and in
increasing the focus on "new beneficiaries" of the IP system.

Member States Adopt a Development Agenda for WIPO (1.10.2007)
http://www.wipo.int/pressroom/en/articles/2007/article_0071.html

WIPO action plan for development is on the track (only in French 4.10.2007)
http://www.ip-watch.org/weblog/index.php?p=771&res=1024_ff&print=0

NGOs Having Major Impact On WIPO Agenda, Panel Says (5.10.2007)
http://www.ip-watch.org/weblog/index.php?p=775&res=1024_ff&print=0

Report of the Provisional Committee on Proposals Related to a WIPO
Development Agenda (PCDA) (17.09.2007)
http://www.wipo.int/meetings/en/doc_details.jsp?doc_id=85452

EDRI-gram: PCDA brings a major change in the WIPO mandate (20.06.2007)
http://www.edri.org/edrigram/number5.12/pcda-change-wipo

============================================================
3. French ISPs agree to spy on Internet users to stop online piracy
============================================================

The Association of the French ISPs (AFA) agreed to propose concrete
solutions to stop illegal downloading, following the discussion on 3 October
2007 with the Commission fighting Internet piracy led by Denis
Olivennes. The solutions included the introduction of a system to detect the
Internet users that illegally post copyrighted contents on the Internet.

On 5 September 2007, this French Commission received its formal mission from
the French government to find ways of combating illegal downloads on the
Internet and thus support the legal cinema and music offer. By taking the
decision to create this mission, the French government wanted to show its
determination to take initiatives against online piracy and support the
cultural industry. "The idea that everything is possible must come to an
end. We cannot let the idea that culture must be free of charge and that
creation (...) has no price, therefore no value" stated Christine Albanel,
Minister of Culture. On that occasion she also suggested to offer Internet
users an alternative like that of the offer of limited music downloading
made by Neuf Cegetel in partnership with Universal. Denis Olivennes,
President-Director General of FNAC, the largest French retailer of cultural
and consumer electronics products, was appointed president of this
Commission (called Olivennes mission).

The Commission led by Olivennes is to consider issues such as price,
interoperability, DRM and any aspects that can favour legal downloading. As
the issue of contraventions for illegal downloading was eliminated from the
copyright law (DADVSI), the Olivennes mission has also the task to come up
with tools and measures to address this subject.
One topic that was excluded for the mission was that of the global licence
considered dangerous by the Minister of Culture and to which President
Nicolas Sarkozy promised to oppose during his election campaign.

During the meeting with the Commission, AFA suggested the introduction of a
system to detect the Internet users that illegally post copyrighted contents
on the Internet, such as music or movies, based on "radar" robot
computers that would react as if their users wanted to download content on
P2P networks. The system would use different ISP accounts and
dynamic addresses in order to keep anonymous. The Association did not
however want to monitor the system suggesting that it should be placed
outside the ISPs networks. The system "must be administered by a police
authority as it touches questions of individual liberty" stated Dahlia
Kownator, AFA general delegate .On the other hand the association opposed
to any type of content filtering which is considered an inefficient tool,
especially as regards the encrypted transmission .

Another suggestion made by the AFA was that warning messages could
be sent to Internet users by a public authority as it was done in the US.
AFA also agreed to contraventions as a last measure, but with the parallel
development of legal opportunities to buy content on the Internet.

The idea of contraventions is favoured however by the National Union of the
Phonographic that hopes the idea will be resumed. Not surprisingly its
General Director, Hervé Rony considers there is the need of rapid sanctions
for the Internet user who makes illegal downloads. He believes that there
should be a legal way to fine such downloading, something similar to a fine
for speeding.

ISPs favourable to anti-pirates "radars" (only in French, 5.10.2007)
http://www.01net.com/editorial/360819/les-fournisseurs-d-acces-favorable...

The government reopen the illegal downloading file (only in French,
5.09.2007)
http://www.01net.com/editorial/358286/le-gouvernement-rouvre-le-dossier-...

============================================================
4. The days of the Austrian DPA are numbered
============================================================

The lack of adequate independence of the Austrian Data Protection Authority
(Datenschutzkommission) is an issue the European Commission deals with since
a complaint was filed by the data protection association Arge Daten
back in October 2003.

In July 2005 the Commission started infringement procedures against Austria
for a faulty implementation of Article 28 (1) second sentence of the data
protection directive (95/46/EG) which requires that data protection
authorities shall exercise their functions with complete independence.

The Austrian Data Protection Commission is, in terms of organisation and
staff, integrated in the Federal Chancellery.

According to a draft law, aiming to change various regulations of the
Austrian Constitution that was open for public consultation until mid
September, the DPA will be closed down. Some of the duties of the DPA are
planned to be assigned to nine administration courts (one in each of the
nine Austrian provinces) that will be established with this new law. By
which organisation(s) the remaining duties will be fulfilled remains
unclear.

In its bi-annual activity report for the years 2005 - 2007 the DPA strongly
opposes these plans, arguing that the possibilities to assign the duties of
the DPA to administration courts are limited, since these courts can only
deal with complaints about unlawful behaviour of administrative bodies.
Complaints about unlawful behaviour of private sector entities will then be
dealt with by civil courts.

This will not only make it difficult for citizens to find the responsible
court but also increases the barrier and costs to execute ones' rights,
since (administration) court procedures are by far more formal than the very
informal procedures of the existing Data Protection Authority.

While it remains unclear which organisation(s) will fulfil the remaining
duties of the DPA the draft law includes provisions to create "independent"
institutions that are not bound to directives of their superior
institutions. But superior institutions will be granted the right to examine
all procedures of the "independent" institution and to withdraw the
"independent" institutions for "important reasons".

If this draft law comes into force without substantial corrections this will
lead to an even lower level of enforcement of data protection rights than
Austria enjoys today. This level is rather low in Austria since the DPA
suffers of a lack of staff while its workload constantly increases.

In a comparison of the number of staff of European DPAs in relation to
inhabitants of their countries, the Austrian DPA is on rank 27 (24 in the
year 2004) out of 31 countries. On the average, similar sized countries have
DPAs with 40 staff members, the Austrian DPA only has 20.

While in most other countries the number of staff increased between 2004 and
2006 it remained the same in Austria, but even worse, the important position
of the contact person to international organisations like the Article 29
working party had to be given up due to new duties that were assigned to the
DPA.

Concluding, it has to be said that the draft law, that will result in
shutting down the Austrian DPA, seems to be a consistent step further in a
history of non-ambitious data protection policy. While Austria's officials
are proud to be rated again number one in E-Government they should rather be
ashamed of being tail-light in data protection.

Austrian Data Protection Authority
http://www.dsk.gv.at

Arge Daten
http://www.argedaten.at

EDRI-gram: EC: data protection inadequate in Austria and Germany
(24.08.2005)
http://www.edri.org/edrigram/number3.17/DPA

Draft law - on the Austrian Parliament webpage
http://www.parlinkom.gv.at/portal/page?_pageid=908,6614640&SUCHE=J&_dad=...

Bi-annual report of the Austrian DPA for the years 2005 - 2007
http://www.dsk.gv.at/Datenschutzbericht2007.pdf

(contribution from Andreas Krish - EDRI-member VIBE! - Austria)

============================================================
5. Italian Minister of Justice wants to close sarcastic blog
============================================================

The Italian Police, following a complaint from Clemente Mastella, the
Minister of Justice, has asked for the closing down of blog
Mastellatiodio.blogspot.com (translation - I hate you Mastella) which has
been placing material on the Minister that he considers as defamatory. If
found so, the blog authors might face penal consequences.

The site, which was opened in California, but is hosted on an Italian
server, was considered by Mastella as neo-Nazi, as he said it during a TV
transmission. He also stated that the blog was trying to show him as the bad
character of the country and asked whether this was "good politics".

The authors of the blog have rejected these accusations considering that the
contents of the comments posted on the blog have nothing to do with
neo-Nazism or inciting to violence as the minister considers. "The title of
our blog is clearly of symbolic nature".

They believe that censoring their blog would be "a severe and scandalous
precedent for the democracy of this country. We are really curious to know
what laws of the Italian Republic we have violated".

They also think that as compared to other blogs, like anti-Bush or
anti-Blair blogs, their is a very innocent one. They appeal to their readers
to defend the blog and create banners against its closing down.

The latest comments posted on the blog are mostly favourable to it, people
showing their intention to support it and even place the information on
other blogs in case it is shut down. There are some different opinions but
it seems that the difference is not related to the effects that the action
of shutting down the blog would have on the freedom of expression but rather
to the different opinions that people have on the ministers' political
actions.

Apparently the Police has already addressed Google for the shutting down of
the anti-Mastella blog, but the blog is still available on the blogspot
platform.

Mastella: close down that blog (only in Italian, 4.10.2007)
http://punto-informatico.it/p.aspx?i=2079987

Anti-Mastella blog close down asked (only in Italian, 3.10.2007)
http://www.corriere.it/politica/07_ottobre_03/mastella_blog_chiuso.shtml

Addio? (only in Italian, 3.10.2007)
http://mastellatiodio.blogspot.com/2007/10/addio_03.html

============================================================
6. UK fails to properly implement the EU data protection directive
============================================================

The European Commission (EC) is concerned about the way the UK has
implemented the provisions for protecting personal data, according to
information revealed by out-law.com following freedom of information
requests.

An investigation has been initiated by the EC three years ago regarding
the way the UK legislation has implemented 11 articles of the 34-article
European data protection directive. This investigation has been kept secret
by the UK authorities, that have concluded through the Ministry of Justice
that UK "has implemented the Directive fully."

Dr. Chris Pounder of Pinsent Masons explained the wrong interpretation of
the authorities: "All UK Governments involved in implementing the Directive
have had a policy of minimising the Data Protection Directive's effect. The
number of problems raised by the Commission seem to indicate that the UK
Government may have misjudged the situation and minimised the effect of too
many obligations".

The situation could be more complicated after the implementation of the Data
retention directive through a new law that came into force on 1 October
2007. This UK law will oblige the electronic communications companies to
keep a one-year log of certain communication data such as: the number from
which a call is made, the customer's name and address, any number dialled,
the date and time of a call or the geographic location data for mobile
calls.

The UK data retention law will not apply to the content of communication or
to the Internet data, but the latter will probably be included by 15 March
2009 - the limit day in the European directive.

The information commissioner, Richard Thomas, will have the obligation,
under the new law to monitor the security of the data kept according to the
new data retention provisions. However, the lack of strong powers of the
information commissioner is one of the key concerns the European Commission
has addressed in its investigation on the UK data protection legislation.

Europe's concern over UK data protection 'defects' revealed (1.10.2007)
http://www.guardian.co.uk/law/story/0,,2180823,00.html

Europe claims UK botched one third of Data Protection Directive (17.09.2007)
http://www.out-law.com/page-8472

Data retention law makes little difference to telcos, says trade body
(1.10.2007)
http://www.out-law.com/page-8513

EDRI-gram: Data retention for one year for UK telecom companies (1.08.2007)
http://www.edri.org/edrigram/number5.15/data-retention-UK

============================================================
7. German DP Commissioner against Google-Doubleclick deal
============================================================

The Data Protection Commissioner of the German state of Shleswig-Holstein
Thilo Weichert publicly opposed the Google's acquisition of Doubleclick in a
letter to EU Competition Commissioner Neelie Kroes.

Mr. Weichert declared that: "At present we have to assume that in the event
of a takeover of DoubleClick the databases of that company will be
integrated into those of Google, with the result that fundamental provisions
of the European Data Protection Directive will be violated."

The Commissioner is concerned that creating a user profile and a detailed
analysis of personal data will be much easier after the merge. "Such an
approach contradicts fundamental data privacy principles of the European
Union: limited specific use, transparency, the right to object, the
protection of sensitive data and the right to having data deleted." He added
that even before the merge, the companies could have used behavioural
targeting and therefore not meet their obligations under European law on
data protection regarding sensitive data or deleting data that is no longer
required.

He concluded that "The merger of the two Internet companies would thus
lead to a massive violation of data privacy rights" in the European Union
and asked for a direct intervention in this case.

Mr. Weichert's open letter comes at the time when the European Commission
has already sent questionnaires to Google customers on the matter, even
before Google has actually filed to the European Union's top antitrust
regulator for the purchase. Also BEUC (the European Bureau of Consumers'
Unions) asked the EU support in checking the privacy aspects of this deal.

Meanwhile, Google is defending the deal in the US Senate where an
investigation has started regarding the creation of a possible online
advertising monopoly. Google's Chief Legal Officer David Drummond claimed
that: "Google's acquisition of DoubleClick will help advance these goals
while protecting consumer privacy and enabling greater innovation,
competition, and growth." Microsoft's General Counsel Brad Smith told
Senators that the deal "would put Google in control of 80% of the market for
both text and banner adverts on the Internet."

Google also presented in a written submission to the Senators its plans to
better protect the privacy of its consumers, following consultations with
consumer and industry groups. One of the suggestions would be to use a
"crumbled cookie", which would be "a way of storing personal information
separately without identifying it all as coming from one person or machine."

Data protection advocates protest against Google's DoubleClick deal
(28.09.2007)
http://www.heise.de/english/newsticker/news/96722/

Google defends DoubleClick bid (28.09.2007)
http://www.vnunet.com/computing/news/2199848/google-defends-doubleclick-...

Google proposes 'crumbled cookies' in privacy pledge (1.10.2007)
http://www.out-law.com/page-8511

EDRI-gram: EU asks the customers' opinion on the DoubleClick - Google affair
(12.09.2007)
http://www.edri.org/edrigram/number5.17/doubleclick-google

============================================================
8. UK: Decrypt data or go to prison!
============================================================

The controversial Part 3 of the Regulation of Investigatory Powers Act
(RIPA) in UK is in force starting with 1 October 2007. This new regulation
gives the power to police forces to ask for the disclosure of encryption
keys, or force suspects to decrypt encrypted data.

RIPA was adopted in 2000, but Part 3 was not in force until last year when
the UK government has started a public consultation on its enforcement.
Despite the negative comments received from the security experts and the
major concerns that the adoption of such a measure will push businesses
outside UK, the authorities decided to uphold their initial position and
to apply the law starting with 1 October 2007.

Section 49 of RIPA Part 3 foresees that people are obliged by law to provide
to the law enforcement authorities, when served with a notice either the key
to decrypt the materials or the materials as such. If they refused, a
five-year imprisonment penalty could be applied for cases involving
anti-terrorism efforts or a maximum two-year sentence for other cases.

The UK Government has pushed the application, considering that the
terrorist, paedophiles, and hardened criminal could use encryption to hide
their actions, but a criminal that refuses to decrypt its incriminating
data could, in this way, serve less time in jail. "The measures in Part III
are intended to ensure that the ability of public authorities to protect the
public and the effectiveness of their other statutory powers are not
undermined by the use of technologies to protect electronic information"
explained the Home Office.

The Home Office said that the process will be overseen by the Interception
of Communications Commissioner, the Intelligence Services Commissioner and
the Chief Surveillance Commissioner.

The law also foresees that someone that has received a notice based on
Section 49 can be prevented to disclose this information to anyone
else, except his attorney.

RIPA can be applied only on UK territory, thus to data hosted on UK
servers or stored on devices located within the UK.

UK can now demand data decryption on penalty of jail time (1.10.2007)
http://arstechnica.com/news.ars/post/20071001-uk-can-now-demand-data-dec...

EDRI-gram : UK Government asks for the encryption keys (24.05.2006)
http://www.edri.org/edrigram/number4.10/ukencryption

Law requiring disclosure of decryption keys in force (2.10.2007)
http://www.out-law.com/page-8515

============================================================
9. European Parliament resolution on a European digital library
============================================================

The European Parliament (EP) adopted on 27 September 2007 a resolution
that endorses the 2005 European Commission's Communication i2010: Digital
Libraries supporting the digital libraries initiative that aims at making
European information resources easier and more interesting to use in an
online environment

The Commission's "2010 Digital Libraries Initiative" came from the heads of
states and governments of France, Germany, Hungary, Italy, Poland, Spain in
April 2005 and covered digitised and born digital material.

The EP resolution, based on a report by French MEP Marie-Hélène Descamps
entitled "i2010: towards a European digital library" emphasised the need for
more books to be put online and urged the Commission to speed up the process
of creating the European Digital Library.

The Parliamentarians viewed European Digital Library as the one-stop shop
for accessing literary and scientific works online and asked "all European
libraries to make available to the European Digital Library works that are
free of rights which they already hold in digital form".

The proposal acknowledged the fact that although the European cultural
heritage is largely made up of works in the public domain, it is not limited
to this category alone. It welcomes the establishment of the high-level
expert group and "supports its proposals to list all orphan and out-of-print
works and to develop mechanisms to facilitate the search for right holders."

According to the EP Resolution "the project symbolises Europe united in
diversity (and) contributes to the enhancement and strengthening of an
authentic European identity" and could be built upon other European projects
already existing (The European library, TEL-ME-MOR, Europeana).

European Parliament resolution of 27 September 2007 on i2010: towards a
European digital library (27.09.2007)
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT%20TA%20...

Parliamentarians call for more books to be put online (27.09.2007)
http://www.euractiv.com/en/culture/parliamentarians-call-books-put-onlin...

European culture at the click of your finger (21.09.2007)
http://www.europarl.europa.eu/news/public/story_page/037-10388-260-09-38...

EDRI-gram: Copyright clearing for EU digital libraries project (25.04.2007)
http://www.edri.org/edrigram/number5.8/copyright-digital-libraries

============================================================
10. ENDitorial: Montreal Privacy Week: Terra Incognita or Deja Vu?
============================================================

More than 600 persons from 50 countries gathered in Montreal to
participate to the 29th International Conference of Data Protection
and Privacy Commissioners, on 25-28 September 2007, making this year
venue attended by a record number of interested parties. The theme of
the conference, 'Privacy Horizons: Terra Incognita', certainly played
a role in this attraction. The audience has not been disappointed by
presentations and panels indeed exploring currently challenging
issues in the field of privacy and data protection, such as
nanotechnology, ubiquitous computing, the body as data..., not to
mention already well known, but continuously concerning issues like
globalization, public safety and the interpenetration between law an
technology.

The host of the Conference, Canadian Federal Privacy Commissioner
Jennifer Stoddart and her team invited US Department of Homeland
Security Secretary Michael Chertoff as keynote speaker of the opening
ceremony. The Big Neighbour representative's speech was not
disappointing either, or rather not surprising, as even those who haven't
listened may infer from his own blog report.

Far more worth attending were most of the other sessions and panels.
In particular, I went back home with confirmation and further food
for thought on three main ideas. First, the well renowned security
expert Bruce Schneier (BT Counterpane, USA) insisted on the fact that
the world has changed without us having changed accordingly the
framing of the debate, and that the dichotomy is not anymore between
privacy and security but rather between freedom and control. Second,
Law professor Joel Reidenberg (Fordham University School of Law, USA)
advocated the need for a 'design liability' when privacy and data
protection principles breaches are implemented by design in a given
architecture. Although Reidenberg generally advocates too much in
favour of so-called "co-regulation" and "codes of conducts" for my
taste, this 'design liability' concept should certainly be developed
and implemented, as a mean to work towards more privacy-friendly
services, tools and standards. Third, Canada Research Chair in
Ethics, Law & Technology holder Ian Kerr (University of Ottawa,
Canada) gave a very interesting panorama of the privacy issues with
ubiquitous computing, highlighting how the current hierarchy between
the personal (body data), the territorial (property and good data) and the
informational (basic biographical data) spheres, as considered e.g.
by the Canadian Supreme Court, may be questioned in the near future
with new services and technologies making these spheres merge.

"Here be dragons", then. The whole idea of the Terra Incognita/Dragon
for this conference came, as we learnt through Jennifer Stoddart
acknowledgements from Stephanie Perrin (Director of Integrity Policy,
Integrity and Risk Management, Service Canada), who chaired this year
edition of the Computers, Freedom and Privacy Conference, also held in
Montreal in May 2007.

It is then no surprise that Stephanie shared with the audience of the
Civil Society Privacy Workshop, held the day before and in liaison
with the DPA Conference, her impression of 'deja vu'! As a matter of
fact, this civil society event, under the global theme of 'Privacy
Rights in a World Under Surveillance' was the confirmation of Bruce
Schneier's intuition that the whole debate should be reframed
according to new world paradigm. If civil society groups do not seriously
work on this, they risk to go on meeting each year simply to
acknowledge that the situation is worse than the previous year!
Trying to open up civil society discussions on privacy to new actors,
from both other regions and cultures than simply north-western, anglo-
saxon countries and other backgrounds than privacy stricto sensu,
would certainly help.

This would at least help understand issues as framed during another
event I attended in Montreal this same week, which was the inaugural
conference of Data Protection Commissioners from La Francophonie,
where I was invited by the 'Commission d'accès à l'information du
Québec (Quebec DPA, probably the only DPA authority also acting as
the access to information authority) to give a talk on 'Protecting
Personal Data in a Virtual World: French and European Perspectives'.
La Francophonie is a political space comprising 53 member 13 observer
States and governments from the 5 continents (many of which no one
would have thought they have any link with French language and
culture, but anyhow...). By attending this conference, one may
realize - if not already aware - how much the privacy and personal
data protection debate needs to find viable arguments to answer basic
problems of democracy: how to ensure transparent elections, how to
guarantee a working civil status registry, to name a few, in
countries where life is a daily struggle. This is not to say that
privacy, personal data protection, and other related issues are a
luxury, but to help realize that different arguments should be worked
out when privacy is not anymore opposed to security, but rather to
corruption, illiteracy, etc. At the end of this event attended by
representatives from 27 countries from La Francophonie, 14 of them
having a DPA, the new international association of DPA from La
Francophonie was created, with its bureau composed by Quebec DPA
(presidency), French DPA (general secretariat), Burkina Faso DPA and
Swiss DPA (vice-presidencies). The association will have its seat in
Paris.

29th International Conference of Data Protection and Privacy
Commissioners: 'Privacy Horizons: Terra Incognita' (English and
French, 25-28.09.2007)
http://www.privacyconference2007.gc.ca

Michael Chertoff's blog on his speech in Montreal (28.09.2007)
http://www.dhs.gov/journal/leadership/2007/09/global-approach.html

Civil Society Privacy Workshop: 'Privacy Rights in a World Under
Surveillance' (25.09.2007)
http://www.thepublicvoice.org/events/montreal07

Data Protection Commissioners' Francophonie conference: 'The
protection of personal data, an absolute necessity to democracy and
development' (in French only, 24.09.2007)
http://www.cai.gouv.qc.ca/CCPDF

Meryem Marzouki's talk at DP Commissioner's Francophonie conference:
'Protecting Personal Data in a Virtual World: French and European
Perspectives' (French and English, 24.09.2007)
http://www-polytic.lip6.fr/article.php3?id_article=190

(Contribution by Meryem Marzouki, EDRI member IRIS - France)

============================================================
11. Agenda
============================================================

12-13 October 2007, Brussles, Belgium
Reinventing data protection
http://www.vub.ac.be/iPAVUB/

12 October 2007, Bielefeld, Germany
FoeBuD organises the 8th German Big Brother Awards and celebrates a
great gala. The winners will be chosen from more than 500 proposals.
http://www.bigbrotherawards.de/

12 October 2007, Bielefeld, Germany
DVD (Deutsche Vereinigung für Datenschutz e.V.) held their congress
"Datenschutztag 2007" to celebrate 30 years of German Data Protection Act
and also the 30 year jubilee of DVD e.V.
Registration at: tagung2007@datenschutzverein.de
http://www.datenschutzverein.de

13-14 October 2007, Bielefeld, Germany
FIfF (Forum InformatikerInnen für Frieden und gesellschaftliche
Verantwortung e.V.) holds their 23rd annual congress also in Bielefeld.
This year's motto is "Datensammelwut" (data acquisitiveness)
Registration at: 2007@fiff.de
http://fiff.hbxt.de/23-jahrestagung-des-fiff

25 October 2007, Vienna, Austria
quintessenz, VIBE!AT and LUGA organise the 8th Big Brother Awards.
The gala will take place at the Rabenhof Theatre.
http://www.bigbrotherawards.at

27-28 October 2007, Sofia, Bulgaria
Openfest - 5th annual conference for FOSS and free knowledge share
http://openfest.org/

29-30 October 2007, Geneva, Switzerland
WIPO - International Conference on IP and the Creative Industries
http://www.wipo.int/meetings/en/2007/ip_ind_ge/program.html

11 November 2007, Rio de Janeiro, Brazil
GigaNet'07 - Global Internet Governance Academic Network 2nd Annual
Symposium
http://www.igloo.org/giganet

12-15 November 2007, Rio de Janeiro, Brazil
The Government of Brazil will host the second Internet Governance Forum
meeting.
http://www.intgovforum.org/
http://cgi.br/igf/

4-5 December 2007, Rome, Italy
First QualiPSo Conference - Fostering trust and quality of Open Source
Software systems
http://www.qualipso.org/index.php?option=com_content&task=view&id=63&Ite...

5-7 December 2007, Pisa, Italy
Second DELOS Conference on Digital Libraries
http://www.delos.info/index.php?option=com_content&task=view&id=606&Item...

17 January 2008, London, UK
Nanontechnology for security and the crime prevention III
http://www.nano.org.uk/events/ionevents.htm#security

============================================================
12. About
============================================================

EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
Currently EDRI has 28 members based or with offices in 17 different
countries in Europe. European Digital Rights takes an active interest in
developments in the EU accession countries and wants to share knowledge and
awareness through the EDRI-grams.

All contributions, suggestions for content, corrections or agenda-tips are
most welcome. Errors are corrected as soon as possible and visibly on the
EDRI website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 2.0 License. See the full text at
http://creativecommons.org/licenses/by/2.0/

Newsletter editor: Bogdan Manolea

Information about EDRI and its members:
http://www.edri.org/

European Digital Rights needs your help in upholding digital rights in the
EU. If you wish to help us promote digital rights, please consider making a
private donation.
http://www.edri.org/about/sponsoring

- EDRI-gram subscription information

subscribe by e-mail
To: edri-news-request@edri.org
Subject: subscribe

You will receive an automated e-mail asking to confirm your request.

unsubscribe by e-mail
To: edri-news-request@edri.org
Subject: unsubscribe

- EDRI-gram in Macedonian

EDRI-gram is also available partly in Macedonian, with delay. Translations
are provided by Metamorphosis
http://www.metamorphosis.org.mk/edrigram-mk.php

- EDRI-gram in German

EDRI-gram is also available in German, with delay. Translations are provided
Andreas Krisch from the EDRI-member VIBE!AT - Austrian Association for
Internet Users
http://www.unwatched.org/

- Newsletter archive

Back issues are available at:
http://www.edri.org/edrigram

- Help
Please ask if you have any problems with subscribing or
unsubscribing.

News

Outrageous disaster: Ogg/Vorbis spec taken out of HTML-5

Edrigram: Newsletter of European Digital Rights Initiative

Research Journals launched on Next Layer Website