Parliamentary questions
22 January 2010
E-0147/10
WRITTEN QUESTION by Alexander Alvaro (ALDE) to the Commission

Subject: Anti-Counterfeiting Trade Agreement (ACTA)

1. It was reported that 38 different nations have participated in discussions about the text of the proposed Anti-Counterfeiting Trade Agreement (ACTA). Why should that text be withheld from the public?

2. If there is consensus to make the proposed ACTA public, how promptly can it be made public? And had the Chairperson and Coordinators of the responsible INTA committee full access to the documents?

3. Can an approximate timeline for the negotiation of the proposed ACTA be given?

4. Will the proposed ACTA address issues other than counterfeiting? If so, why?

5. Will the proposed ACTA make changes to substantive intellectual property law, or will it be limited to harmonising enforcement measures? If the former, why?

6. If the proposed ACTA make changes to substantive intellectual property law, why is this initiative being discussed in secret, instead of at the World Intellectual Property Organisation (WIPO)?

7. Will the proposed ACTA impose obligations with respect to the Internet, and if so, why?

8. Some commentators have claimed that the proposed agreement requires a so-called ‘Three Strikes’ approach, whereby Internet services or Internet access providers must terminate the access of Internet users accused of having violated copyright law. Can it be stated authoritatively that the agreement will not require or recommend a ‘Three Strikes’ requirement being implemented by Internet services and/or Internet access providers?

9. Certain US officials have claimed that the agreement will impose no new obligations upon the United States Government. Is it the case that the US Government would undertake no responsibilities as a result of this instrument, and if so, what benefit would accrue to the Commission by entering into such an agreement with the United States of America?

Here is the full text of the question, Mr Josefsson is publishing it in a proprietary Microsoft Word format (which is used by EU bureaucrats) on his website, but not in a plain text or html, so here it is:

EUROPEAN PARLIAMENT
FORM FOR TABLING PARLIAMENTARY QUESTIONS
To the: COUNCIL , COMMISSION

ORAL QUESTIONS

Oral Question with debate (Rule 115)

Question Time (Rule 116)

WRITTEN QUESTIONS

Written Question (Rule 117)

Priority Written Question (Rule 117 (4))

AUTHOR(S): Carl SCHLYTER, Eva LICHTENBERGER, Christian ENGSTRÖM, Niccolò RINALDI, Daniel CASPARY, Syed KAMALL, David MARTIN, Helmut SCHOLZ, Bernd LANGE, Robert STURDY

SUBJECT: Anti-Counterfeiting Trade Agreement (ACTA)

TEXT:

The plurilateral negotiations on an Anti-Counterfeiting Trade Agreement (ACTA) are being conducted under a premise of confidentiality agreed upon by participants on a request by the US Government.

At a hearing on 12 January 2010, Commissioner-designate Karel De Gucht said that he will respect the confidentiality agreement among ACTA participants.

In preliminary discussions with Parliament on a new Inter-Institutional Framework Agreement, the Commission agreed on 27 January that it is committed to a reinforced association with Parliament through immediate and full information of the Parliament at every stage of negotiations on international agreements (including the definition of the negotiation directives), in particular on trade matters and other negotiations involving the consent procedure, to give full effect to Article 218 TFEU of Parliament, while respecting each institution's role and safe compliance with new procedures and rules for the respect of the necessary confidentiality.

- How will the Commission honour its commitment to a reinforced association with Parliament with regard to the ACTA negotiations?

- When will the Commission grant Parliament access to all documents relating to ACTA, in particular the ACTA negotiation mandate by the Council, the minutes of ACTA negotiation meetings, the draft chapters of ACTA, and the comments of ACTA participants on the draft chapters?

- Given that the Spanish EU Presidency aspires to an ACTA agreement within the first half of 2010, and given that many Parliamentarians see ACTA as an early example of EP's new role under the Lisbon TFEU, would Commission think that full access to ACTA documents should be given to Parliament prior to the coming into effect of the new Framework Agreement?

Signature(s): Date: 03.02.2010

EN

Let's see if the European Parliament have to go to the ECJ to get the documents, and test the Lisbon Treaty, but there is a high chance that the Commission and the Council will say that the Lisbon Treaty does not apply here, or they won't give full transcripts of the meetings, neither access to the documents.

2. For the purposes of this section 'goods infringing an intellectual property right' means goods infringing any of the intellectual property rights covered by TRIPS (note 3)

Note that Canada and Singapore wants to restrict the scope to copyright and trademark infringements only, which might be a good thing to avoid harsh sanctions for patent infringement:

[Comment (SG, CAN): Scope of IPR should be confined to copyrights (and related rights) and trademarks.]

[…]

[Comment (SG): Provision is acceptable if IPR in Section 1 covers only copyrights (and related rights) and trademarks, otherwise, footnote 1 is unacceptable. Also, delete phrase "which may be presumed to be the amount of damages referred to in clause (i)" in (ii)]

The EU and US are also fighting over damages, which is a heated topic in the pseudo patent reform right now in discussion in the US Senate:

[Option US (note 1): In the case of patent infringement, damages adequate to compensate for the infringement shall not be less than a reasonable royalty.]

[Comment (EU, CAN): Delete Option US footnote]

The European Commission is also organising a stakeholder meeting in Brussels (Closing date for registration: 15 April 2009) on the 21 April (3.00pm to 5.30pm)

The Office of U.S. Trade Representative Releases Summary of Anti-Counterfeiting Trade Agreement (ACTA) Negotiations

04/06/2009

WASHINGTON, D.C. - The Office of the U.S. Trade Representative (USTR) today released a detailed summary of the current state of the Anti-Counterfeiting Trade Agreement (ACTA) negotiations. The summary, which all of the ACTA negotiating partners drafted, sets out the specific topics under discussion in the negotiations, and reflects the Obama Administration's commitment to transparency. The summary is being shared with stakeholders for review and comment.

"I am grateful to our partners in the ACTA negotiations for working with us in a joint effort to prepare this summary," said U.S. Trade Representative Ron Kirk. "We look forward to taking more steps to engage with the public in our efforts to make trade work for American families."

The objective of the ACTA negotiations is to negotiate a new, state-of-the art agreement to combat counterfeiting and piracy. The United States has been working with several trading partners, including Australia, Canada, the European Union and its 27 member states, Japan, Mexico, Morocco, New Zealand, Singapore, South Korea, and Switzerland, to negotiate the agreement. When it is finalized, the ACTA is intended to assist in the efforts of governments around the world to more effectively combat the proliferation of counterfeit and pirated goods, which undermines legitimate trade and the sustainable development of the world economy, and in some cases contributes to organized crime and exposes American families to dangerous fake products.

Background

Negotiations on the ACTA began in June 2008. In preparation for those negotiations and since then USTR has reached out to the public for its views and to exchange information on several occasions. The release today of a summary of the ACTA is the most comprehensive joint effort to date of all of the participants in the negotiation to provide information on the ACTA to the public. The summary can be found on the USTR website at www.ustr.gov. Members of the public with questions about the summary or the status of the negotiations should contact Kira Alvarez, Chief Negotiator and Deputy Assistant U.S. Trade Representative for Intellectual Property Enforcement at (202) 395-4510.

Proposal amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks

New Recital 14b

Article 16

Article 22 Quality of service

Let's have a look who is the author of the Microsoft Word document:

zoobab@warsaw /home/zoobab [16]$ strings Desktop/Industry\ Coalition\ proposed\ amendments\ to\ the\ USD\ directive.doc | tail -n 21
Proposal amending Directive 2002/22/EC on universal service and users
rights relating to electronic communications networks
User
Normal.dot
User
Microsoft Office Word
AT&T
Proposal amending Directive 2002/22/EC on universal service and users
rights relating to electronic communications networks
Title
Microsoft Office Word Document
MSWordDoc
Word.Document.8
ons networks
Title
Microsoft Office Word Document
MSWordDoc
Word.Document.8
AT&T
Proposal amending Directive 2002/22/EC on universal service and users
rights relating to electronic communicati
zoobab@warsaw /home/zoobab [17]$

Laws are made by lobbyists, and this is not unstoppable. What you need is counter lobbying by consumers and civil society, but Brussels provide a too high barrier of entry for that to happen. At the end, 500 million of EU citizens will pay for the damages of bad EU directives written by lobbyists of american corporations.

Software and services that run on the internet would have to ask for permission of the regulators.
[…]
Benjamin Henrion, FFII representative in Brussels, rings the alarm bell: "Tomorrow, popular software applications like Skype or even Firefox might be declared illegal in Europe if they are not certified by an administrative authority. This is compromising the whole open development of the internet as we know it today. Once the Soviet Union required the registration of all typewriters and printing devices with the authorities."

The European Data Protection Supervisor is confirming the fears with "guidelines to be imposed upon software and hardware products":

55. The EDPS believes that it does not make sense for Article 14, which is focused on standardisation for the purposes of enhancing data protection and privacy, to be expanded to include standardization for other, completely unrelated topics.

56. Second, by including in Article 14(1) the reference to standardisation for purposes of detecting, intercepting, or preventing infringements of intellectual property rights, this Article recognises that Member States can impose standards in this area as well (not only for privacy purposes as stated in Article 14.3), provided that such standards ensure the free circulation of such equipment in and between Member States.

57. In this context, there is a question as to whether it is appropriate for Member States to require information technologies to meet certain standards, i.e. to incorporate certain features, to detect, intercept, or prevent infringements of intellectual property rights by users. Such measures, referred to as DRM, have a significant impact on the privacy of individuals insofar as they facilitate the monitoring of an individual's activities with respect to a particular copyrighted material. For example, it would enable the copyright holder to know which pages an individual views, copies, or transfers. A comparable example in the offline word would be if someone were able to monitor which pages of a magazine an individual views. If these measures were to be adopted, they should integrate data protection and privacy safeguards.

58. For the reasons outlined above, the adoption of any Amendment allowing for such measures should be preceded by a thorough exploration of the issues at stake in the right forum, including public consultation with the relevant stakeholders, which has not taken place at this stage. Taking this into account, the EDPS does not believe that it is appropriate at this stage to adopt such measures.

59. The EDPS notes another amendment, Amendment 81, which modifies Article 22(3) of Directive 2002/22/EC. This Amendment has a similar effect as Amendment 134 analysed above. Amendment 81 which appears in italics below recognises that "a national regulatory authority may issue guidelines setting minimum quality of service requirements, and, if appropriate, take other measures, in order to prevent degradation of service and slowing of traffic over networks, "and to ensure that the ability of users to access or distribute lawful content or to run lawful applications and services of their choice is not unreasonably restricted."

60. The Amendment allows national authorities to issue guidelines to be imposed upon software and hardware products to enable the access or distribution of lawful content or applications. In other words, measures designed to prevent the access and distribution of unlawful content, including intellectual property, referred to above as DRM.

61. As is the case with Amendment 134, Amendment 81 also makes use of a provision of Directive 2002/22/EC related to a completely unrelated topic - the degradation of the service. The Amendment is focused on distribution of unlawful content, including intellectual property and is unrelated to degradation of service. As it was said above, in the light of the importance of the measures proposed and their direct impact on the privacy of individuals, the EDPS advises against adoption of this Amendment prior to engaging in an in-depth, thorough analysis of its effects.

60. The Amendment allows national authorities to issue guidelines to be imposed upon software and hardware products to enable the access or distribution of lawful content or applications. In other words, measures designed to prevent the access and distribution of unlawful content, including intellectual property, referred to above as DRM.

V. CONCLUSION

62. The EDPS is concerned about some ad hoc amendments contained in the IMCO Report which, if adopted, would result in weakening personal data and privacy protections of individuals using the Internet. He is concerned with Amendments 9, 30, 76, 81,112 130, 134 of the IMCO Report related to the processing of traffic data and the protection of intellectual property rights.

FFII has been involved in the OOXML standardisation discussion, and according to Wikipedia, there are proposals to standardize the TPM stack inside ISO:

Some efforts exists have the Trusted computing specifications standardized by ISO. This was active for a first part in October 2007 and member states of the ISO/DIS JTC1 are expected to send their opinion to ISO by July 24 2008.

The concerned documents are referred to as

* ISO/IEC DIS 11889-1 Trusted Platform Module — Part 1: Overview
* ISO/IEC DIS 11889-2 Trusted Platform Module — Part 2: Design principles
* ISO/IEC DIS 11889-3 Trusted Platform Module — Part 3: Structures
* ISO/IEC DIS 11889-4 - Trusted Platform Module — Part 4: Commands

Which means that it would be easier for National Regulatory Authorities to mandate such standard to connect to the Internet.

It is time to contact your MEP and ask them to reject this amendment 81. EDPS has also some concerns about the Harbour's IMCO report on amendments 9, 30, 76, 81,112 130, 134.

Tony Bunyan, of the NGO Statewatch, expressed astonishment that documents relating to negotiations between the European Union and the United States could not be accessed. "The situation is getting ridiculous. We have growing problems to access documents from third countries at the Council", he said, adding that these were mainly US documents on negotiations with the EU on the area of Freedom, Security and Justice. It often seemed that the Council was hiding US documents not because the content was controversial in itself but rather in order to conceal the major influence that the US government has on EU legislation, he suggested. "It's as if the United States were the 28th Member State of the Union".

Recently we were able to publish the road map for transatlantic patent harmonisation via a 1049/2001 document access request. However the transatlantic trade talks within the transatlantic economic council are totally intransparent, even for council working groups access to what happened there may be very difficult.

At another recent hearing Swedish Commissioner Wallström was present, although the proposal seems to belong into the sphere of Commissioner Kallas. One of the insightful changes proposed by the Commission is that they give people from third nations a right to access to documents although the EU treaties only provide for a right for European citizens. I wonder why the Commission is so keen to hand our rights to persons from third nations. And Article 255 EC refers to the right of access to documents, without permitting the institutions to exclude certain categories of document from this right. The Commission however wants to restrict it to mere legislative ones. Art 255 provides the scope of the regulation is restricted to certain bodies of the Union but a ratified Lisbon treaty would provide some progress here.

Treaty establishing the European Community (Nice consolidated version)
Article 255

1. Any citizen of the Union, and any natural or legal person residing or having its registered office in a Member State, shall have a right of access to European Parliament, Council and Commission documents, subject to the principles and the conditions to be defined in accordance with paragraphs 2 and 3.

2. General principles and limits on grounds of public or private interest governing this right of access to documents shall be determined by the Council, acting in accordance with the procedure referred to in Article 251 within two years of the entry into force of the Treaty of Amsterdam.

3. Each institution referred to above shall elaborate in its own Rules of Procedure specific provisions regarding access to its documents.

Brussels, 04 July 2008 — Amendments to the European Telecommunications directive being rushed through the European Parliament propose a "Soviet internet" where software publishers and internet service providers watch traffic and data for Hollywood. Software and services that run on the internet would have to ask for permission of the regulators.

Some amendments to the European Telecommunications directive propose allowing administrative authorities in each Member State to define which are the authorised software applications for the internet. Parts of the directive should be implemented by the member states through requiring specific "technical features" in electronic communications networks. Live-analysis and filtering compose a pre-requisite for a "Soviet style" censorship environment.

Several committees suggested massive changes to an over complex Commission proposal. The committee process was hijacked by vested interests. All amendments of at times questionable quality lack a legal impact analysis and sufficient examination. Immature propositions risk to create an administrative burden and stifle internet innovation. Overloaded and confused by hundreds of amendments the lobby sets MEPs under pressure to agree on a poor compromise before the summer break. All amendments need more thoughtful review so that a mature text may be presented to the plenary and MEPs fully understand what they cast their vote on in the committee.

Benjamin Henrion, FFII representative in Brussels, rings the alarm bell: "Tomorrow, popular software applications like Skype or even Firefox might be declared illegal in Europe if they are not certified by an administrative authority. This is compromising the whole open development of the internet as we know it today. Once the Soviet Union required the registration of all typewriters and printing devices with the authorities."

Privacy expert Ricardo Cristof Remmert-Fontes comments: "In Germany Deutsche Telekom is under fierce criticism for alleged spying on citizens and journalists. In Europe the amendments want to make spying a natural obligation for communications providers. The planned infrastructure of live-analysis and filtering can be used for mass-surveillance and censorship."

FFII President Alberto Barrionuevo adds: "The agenda to establish a Chinese internet wall in Europe is set by few ultra-copyright lobbyists. I don't agree to justify their intentions to spy us with the protection of copyright. It sets a precedent for market control: regulating large parts of internet communication, provider contracts, software development and thus internet businesses. The proposed environment is threatening all European businesses which need protection from business espionage, and be able to use secure virtual private networks (VPNs) over the internet."

The FFII therefore asks the Members of the European Parliament to take more time and reconsider thoughtfully the Telecommunications proposal as prepared for voting. Over 300 amendments and fundamental concerns on different issues, such as free speech, censorship, net neutrality and trade secrets should be reviewed with greater care. The debate on the European Telecommunications directives requires more reflection, if it should lead to a reliable and solid legal base.

Background Information

An Article 2 Compromis Amendment that changes Directive 2002/58/EC Article 14 says on paragraph 2:

"Where provisions of this Directive can be implemented only by requiring specific technical features in electronic communications networks, Member States shall inform the Commission in accordance with the procedure provided for by Directive 98/34/EC of the European Parliament and of the Council of 22 June 1998 laying down a procedure for the provision of information in the field of technical standards and regulations and of rules on information society services."

Links

• ITRE-IMCO compromise amendments: http://www.laquadrature.net/files/amendements-compromis_ITRE-IMCO_7juil/
• Permanent link to this press release: http://press.ffii.org/Press_releases/european-parliament-rushes-towards-soviet-internet

Contact

Benjamin Henrion
FFII Brussels
+32-2-414 84 03
+32-484-566109
gro.iiff|noirnehb#gro.iiff|noirnehb
(French/English)

About the FFII

The FFII is a not-for-profit association active in over fifty countries, dedicated to the development of information goods for the public benefit, based on copyright, free competition, and open standards. More than 850 members, 3,500 companies and 100,000 supporters have entrusted the FFII to act as their voice in public policy questions concerning exclusion rights (intellectual property) in data processing.

A large majority of respondents (84%) think that the education system, and in particular the
school curricula does not focus enough on entrepreneurship. They therefore consider it
important to intervene in the education system with more systematic measures. Generally
speaking, curricula are considered to be important but the crucial element for encouraging an
entrepreneurial mindset is a closer link between the SME community (including all types of
companies and SME stakeholders) and schools. Firstly, it is essential to change teachers'
negative attitudes about entrepreneurship by bringing them closer to the real world of SMEs.
Practical training/seminars for pupils should be organised at every educational level, starting
at an early stage with the involvement of all types of local SMEs. Basic economic principles
with a special focus on difficulties and constraints linked to creating and running an enterprise
should be included in school curricula and not limited to specific studies. Mini and virtual
companies are also mentioned as useful tools for developing entrepreneurial attitudes
especially among younger pupils (i.e. in primary schools).

I wonder whether real entrepreneurs consider it compatible with the role of government to build public opinions. I don't think the problem is the goal, its the means. How can reasonable people buy into the notion to change people? Have the Verheugen apparatchik and European business functionaries forgotten basic principles of European liberalism? Or are they too blind to see?

WRITTEN QUESTION E-1797/08
by Saïd El Khadraoui (PSE)
to the Commission

Subject: Creative commons

Article 8(2) of Directive 92/100/EEC1, which concerns broadcasting and communication to the public, reads:

'Member States shall provide a right in order to ensure that a single equitable remuneration is paid by the user, if a phonogram published for commercial purposes, or a reproduction of such phonogram, is used for broadcasting by wireless means or for any communication to the public, and to ensure that this remuneration is shared between the relevant performers and phonogram producers. (…)'

Taking this as a basis, the Belgian legislature has introduced compulsory equitable remuneration (the 'dwanglicentie' [compulsory licence]). This means that every artist and producer has to seek remuneration for his music. As in the case of authors, however, there are artists and producers who wish to make their music available free of charge as creative commons.

1. Is the term 'provide a right' which is used in Article 8 sufficiently defined for it also to be regarded as a duty?

2. Can Member States take measures to leave the option open that the equitable remuneration does not have to be collected if the rights-holders voluntarily choose to waive their right to remuneration?

Protection of the intellectual property of written or spoken word journalism in the print media, the Internet, and radio and television broadcasts

The pictures taken by photojournalists are protected under the EU Copyright Directive (2001/29/EC(1)) and are unreservedly recognised as their work. In addition, there is a legal requirement for photojournalists’ names to be indicated with their pictures.

Is the Commission considering in principle a modification to the Copyright Directive? If so, when? Can it be assumed that a proposal for modification of the Copyright Directive would introduce protection of the intellectual property of written or spoken word journalists? Could such journalists be de facto recognised as authors? Are efforts being made to harmonise the different legal systems in Continental Europe (droit d’auteur) and the Anglo-Saxon area (copyright) and to place all media, in particular new media, on an equal footing with the old media (print, film, photography, fine art, radio and television) where copyright is concerned? If so, what would be the consequences?

McCreevy finds the term of protection sufficient and ignores the call for the controversial broadcast protection

E-0816/08EN
Answer given by Mr McCreevy
on behalf of the Commission
(13.3.2008)
The EU Directive on the term of protection provides that photographs enjoy copyright protection. Since the 1886 Berne Convention this has naturally also applied to written and spoken word journalism. Given the protection of photographs under European copyright law, their term of protection runs for the life of the photographer plus 70 years. Lifetime plus 70 years is the highest possible level of protection and exceeds the level set by the Berne Convention by 20 years. In view of this distinctive and internationally unique level of protection, the Commission does not consider it necessary in this case to amend the Directive on the term of protection.

WRITTEN QUESTION E-0852/08
by Jules Maaten (ALDE) and Karin Riis-Jørgensen (ALDE)
to the Commission

Subject: Internet censorship and the European Global Online Freedom Act

Follow-up questions to answers (E-5794/07) given by the European Commission on internet censorship:

1. Is the European Commission willing to develop a European Global Online Freedom Act?

2. Is the European Commission willing to invest 20 million euros in technologies able to develop and distribute anti-censorship tools and services which could help internet users breach electronic firewalls set up by China, Iran and other closed societies?

"It is about punishing mafia-style criminals, not about jailing kids who download music from the Internet," said Italian Socialist Nicole Zingaretti, who led the bill through the EU assembly.

Now Mr Zingaretti seems to return his view on the aim of the directive with this question to the Council on the timetable to adopt this directive:

Parliamentary questions
5 February 2008
P-0541/08
WRITTEN QUESTION by Nicola Zingaretti (PSE) to the Council

Subject: Criminal measures to enforce intellectual property rights

On 25 April 2007 Parliament adopted the report on the amended proposal for a directive of the European Parliament and of the Council on criminal measures aimed at ensuring the enforcement of intellectual property rights (COM(2006)0168 — C6-0233/2005 — 2005/0127(COD)).

On 23 October 2007 the Court of Justice published its ruling in Case C‑440/05, in which it found that the Community legislator may impose effective, proportional and dissuasive criminal penalties on Member States in order to guarantee the full effectiveness of the rules it lays down.

Given the need for urgent action by the EU in response to the increasingly systematic violation of copyright by some Internet users, can the Council provide a time frame for discussion of the directive of the European Parliament and of the Council on criminal measures aimed at ensuring the enforcement of intellectual property rights?

The criminal sanctions directive might send internet downloaders in jail. The directive has passed the European Parliament in the complete ignorance of the majority of internet users. The rapporteur finally admits that this directive is all about sending filesharers to jail.

There is a need to alert the press about this masquerade. Most directives are adopted here in Brussels without even a press article. If a Minister would propose this in Belgium, everybody would know the day after. But the European press seems to be absent in the corridors of Brussels.

WRITTEN QUESTION E-0125/08
by Alexander Alvaro (ALDE) and Marco Cappato (ALDE)
to the Commission

Subject: Transposition of Directive 2006/24/EC on data retention

Directive 2006/24/EC[1] of the European Parliament and of the Council of 15
March 2006 on the retention of data generated or processed in connection
with the provision of publicly available electronic communications services
or of public communications networks and amending Directive 2002/58/EC
stated that Member States had to transpose it no later than 15 September
2007. Member States also had a possibility to postpone the application of
the Directive to the retention of communications data relating to Internet
access, Internet telephony and Internet e-mail until 15 March 2009, by
notifying the Council and the Commission by way of a declaration. The
Commission has already sent letters of formal notice in November to some
Member States which did not transpose the directive in time.

Can the Commission illustrate which Member States transposed the directive,
which did not, which were sent a letter of formal notice, which replied,
with which justifications for the delay, and when will it send out reasoned
opinions and to which Member States? Could the Commission illustrate which
Member States have used the exception related to the Internet

[1] OJ L 105, 13.4.2006, p. 54.

What is this "exception related to the Internet?"

Another question about the creation by the European Commission of a Platform for Electronic Data Retention:

WRITTEN QUESTION E-0124/08
by Alexander Alvaro (ALDE) and Marco Cappato (ALDE)
to the Commission

Subject: Platform for Electronic Data Retention

The Commission has listed in its 2008 Forwarding Programme a ‘Draft
Commission Decision to establish a Platform for Electronic Data Retention
in order to ensure that the data are available for the purpose of the
investigation, detection and prosecution of serious crime’ to be adopted in
January 2008.

Could the Commission illustrate such a proposal, explain who will be
invited to take part in this Platform, what will be its aims, tasks and
powers, and if its work will be transparent? Will the Commission adopt the
proposal in January and when will the Platform then be established?

If this platform is like the ICT Task Force efforts created by the Commission, you can expect closed rooms meetings in Brussels.

The National Security Agency (NSA) stepped in to help Microsoft develop a configuration of (Microsoft VISTA) that would meet U.S. Department of Defense (DoD) requirements, said NSA spokesman Ken White.

European governments are now aware that strategic dependencies on software are as crucial as dependencies on oil supply from third countries. France even wants to challenge google and develops its own French search engine: Quaero. European Windows Operating System dependencies are increasingly felt as a security risk by national governments which evaluate alternative Desktop solutions, esp. Linux distributions. In the late 90th of the last century Lotus Notes made headlines in Sweden as it was supposed to include a secret NSA backdoor. Swedish government staff used Notes for office management and communication.

Unlike Open Source products such as Linux where NSA contributed code to shape security (SELinux) VISTA is closed source. Nobody except Microsoft can verify the original source code of VISTA for secret backdoors. The source code is transformed by Microsoft into the VISTA product in "binary code" which you or your government can obtain. In the past Microsoft responded to growing concerns by governmental European IT security agencies and EU multinationals with its "shared source" initiative. For selected customers source code is provided under non-disclosure agreements for inspections. However no customer builds his binaries from these 'shared sources'. The customer cannot be 100% sure that the shared source provided by Microsoft really corresponds to the product. Backdoors usually relate to hidden encryption keys shipped with the product, not algorithms. That results in a trust problem which is associated with the closed source model.

Do EU customers trust a company whose products are co-developed by a foreign Secret Service? Media coverage was very negative, in particular in Germany. It does not really matter what NSA actually did. The involvement raises suspicion and national or corporate security risks need to get assessed. Corporate spying is still a huge problem for European governments and policy makers.

The existance of the NSA was secret for a long period of time ("No such agency"). Critics point out that prior to 1974 the US President Nixon had no knowledge about its existance. About the activities and operations of the agency is little known. Secrecy and intrasparency are without doubt an inherent part of intelligence. For a politically less accountable and monitored agency we have to assume great organisational inefficiency of intelligence services. Secrecy and intransparency lead to public suspicion. Legends about the activities are generated which are very difficult to get calmed down. Secret Intelligence leads to felt insecurity risks by the supposed targets of activities and higher counter-intelligence security efforts. Earlier concerns about NSA surveillance for business spying in Europe were followed up by an examination by the European Parliament and much paranoia voiced through European data protection specialists.

Former US Intelligence Director James K. Woolsey wrote an angry undiplomatic response article for the Wallstreet Journal.

What is the recent flap regarding Echelon and U.S. spying on European industries all about? We'll begin with some candor from the American side. Yes, my continental European friends, we have spied on you. And it's true that we use computers to sort through data by using keywords. Have you stopped to ask yourselves what we're looking for? …That's right, my continental friends, we have spied on you because you bribe. Your companies' products are often more costly, less technically advanced or both, than your American competitors'. As a result you bribe a lot. So complicit are your governments that in several European countries bribes still are tax-deductible.

European National Security Agencies and customers of the US software products need to find ways to gain trust in the software technology. NSA Backdoors would seriously undermine the trust in that plattform. In 1999 Microsoft was asked for explanaitions about an electronic key named "NSAkey" that was found in a consumer product. IT Security specialist Andrew Fernandes found that key in the Microsoft Crypto API. That case lead to increased awareness on the European national level. Microsoft denied the accusation.

Microsoft said the key is labeled "NSA key" because NSA is the technical review authority for U.S. export controls, and the key ensures compliance with U.S. export laws. The company reiterated that Microsoft has not shared this key with the NSA or any other company or agency.

It surprises European observers that following the 1999 public scandal Microsoft continued to have relations with NSA and now openly admits intelligence service involvement. Given how damaging and undesirable the involvement is for Microsoft's markets that continuity could be an indication that NSA activities are indeed obligations imposed on the company. Concerns even grow higher when we consider the recent announcement of Microsoft to enter the telecommunications market.

With EU governments considering to adopt alternative software solution we have to stress: Redmond, you have a problem. It will be a challenging task to develop a VISTA trust model.

We pro-regulators were making an assumption that history has shown to be completely false: That something as complex as an OS has to be built by a commercial entity. Only crazies imagined that volunteers outside the control of a corporation could successfully create a system over which no one had exclusive command. We knew those crazies. They worked on something called Linux.

Americans don't understand ordo policy? No, Lawrence Lessig explores a rhetorical pattern and adapts to language. However, the widespread use of the 'regulation' accusation in the USA demonstrates how poisoned the debate actually is and that indeed many never studied ordo policy. And as part of a rhetorical pattern Lessig declares ordo policy (antitrust, ..) obsolete by alternatives which emerged through free collaboration. Thereby he misses the essence of policy actions which aim to provide, to safeguard market order. Laissez-faire is naive ordo policy. Given that the main purpose of law is ordo, it sounds strange that a lawyer advocates laissez-faire.

Think of a mafia boss who is killed by an opponent organisation. Sure, his power was challenged by a CaponeIII. The purpose of legal order is to ensure that no one kills his 'market opponents'. Should police be considered "regulation"? Ordo is the core of justified governmental policy. In the case that the CaponeIII organisation lobbies for 'free exercise of power' and takes governments captive it also creates a sort of "order", yet no ordo-liberal one. An order that could heavily backfire. Not because CaponeIII underestimated the strength of the public and media (he failed to bribe) but because his own bullet is loaded.

Liberal ordo policy aims to establish market order where open competition may take place.

Social Media.biz blog responds with an insightful comment:

[Lessig's communication pattern] ought to enhance his libertarian credentials …, but the fact is that he was not wrong. Even many of us — this editor included — who drew a paycheck from Uncle Bill at the time were aghast at Microsoft's heavy-handed monopolistic tactics to destroy its competitors.

Of course it is never wrong to put emphasis on market order. And antitrust cases against Microsoft are a excellent advocacy issues. Because fights against Microsoft are always big news. Media hates the company. Microsoft conspiracy theories sell well. A natural flamebait, good for scholars like Lessig who need more public attention. The most funny thing of the rogue company blame game is to watch hired lobbyists play the rogue game. It is never wrong to fight with that company on the other side, it is good for your cause. Ballmer was right when he told "I have 4 words for you: I love this company". Activists just feel the same.

Both sides of the lobby struggle are great because they both help to carry the same message (okay: regime change ended the great US antitrust party, an exeption). Maybe the software producer will finally comply to EU orders. (Who cares about compliance when a monopolist gets into suicidal non-compliance games which are sooo entertaining.). And when they will finally comply, US market players will benefit from EU antitrust sanctions as well. No Linux needed here. No Google needed here.

We Europeans expect to have further fun with a company which fails to respect EU authorities and offends officials. They help us to spread our message. Activists have nothing to lose by proactive action. These are political fights which are worth to get into. Just watch CompTIA's Initiative for Software Choice. A riddiculous attempt to prevent free software regulation. They were succesful in Spain recently but its pure defense. Useful punchbag.

Why fight the war? Because we can. Just for fun. Nothing wrong about that. And Lawrence Lessig would remember that 'Just for Fun' was a Linux principle. It is not wrong to have fun.