[wilhelmtux-discussion]
Free Software in Bulgaria, Swiss ISPs to store mail logs (ERDRI-Gram)
Robert Ribnitz
ribnitz at linuxbourg.ch
Don Apr 10 12:28:16 CEST 2003
----- Forwarded message from EDRI-gram newsletter <edrigram at edri.org> -----
Envelope-to: ribnitz at linuxbourg.ch
Delivery-date: Wed, 09 Apr 2003 20:01:45 +0200
To: edri-news at edri.org
From: EDRI-gram newsletter <edrigram at edri.org>
X-MIME-Autoconverted: from quoted-printable to 8bit by quintessenz.at id
h39HXSSd003855
X-Mailman-Approved-At: Wed, 09 Apr 2003 19:38:25 +0200
X-BeenThere: edri-news at edri.org
X-Mailman-Version: 2.1.1
List-Id: <edri-news.edri.org>
List-Help: <mailto:edri-news-request at edri.org?subject=help>
List-Post: <mailto:edri-news at edri.org>
List-Subscribe: <http://www.edri.org/cgi-bin/mailman/listinfo/edri-news>,
<mailto:edri-news-request at edri.org?subject=subscribe>
List-Archive: <http://quizzebox.quintessenz.at/pipermail/edri-news>
List-Unsubscribe: <http://www.edri.org/cgi-bin/mailman/listinfo/edri-news>,
<mailto:edri-news-request at edri.org?subject=unsubscribe>
X-MIME-Autoconverted: from 8bit to quoted-printable by quintessenz.at id h39HcQSe003945
Subject: EDRI-gram - Number 6, 9 April 2003
X-Spam-Status: No, hits=0.9 required=5.0
tests=MSG_ID_ADDED_BY_MTA_3,US_DOLLARS_3
version=2.53
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.53 (1.174.2.15-2003-03-30-exp)
X-SA-Exim-Scanned: Yes
==================================================================
EDRI-gram
bi-weekly newsletter about digital civil rights in Europe
Number 6, 9 April 2003
==================================================================
Contents
==================================================================
1. Stupid security measures in Europe
2. Draft law promotes free software in Bulgaria
3. New content restrictions in Germany
4. Swiss providers to keep email records for 6 months
5. Danish committee on citizens IT-rights
6. Austria looses court case about surveillance costs
7. Recommended reading: privacy policy
8. Agenda
9. About
==================================================================
1. STUPID SECURITY MEASURES IN EUROPE
==================================================================
During last weeks CFP conference (Computer Freedom Privacy) in New York,
Simon Davies from UK EDRi-member Privacy International announced the
winners of the Stupid Security Awards. The jury received some 5.000
nominations from 35 different countries. Though most of the winners are
American, Europe also produced some very noteworthy stupid security
measures. UK mobile phone company T-Mobile won a Most Annoyingly Stupid
Award 'for pointless and idiotic financial security measure'. T-Mobile
won't let anyone pay more than fifty pounds a month from a bank account,
for unspecified 'security' reasons. Runner-Up for the Most Egregiously
Stupid Award was Moscow Mayor Yury Luzhkov for the "Propiska" Identity
Papers, while UK Heathrow Airport was selected the runner-up for the Most
Inexplicably Stupid Award.
In Moscow both foreigners and citizens of Russia need a special permission
to be in Moscow, a propiska-paper. According to the nomination, propiska
was already invented in 1932 by Stalin, but reintroduced in 2002 as a
measure against terrorism. The usual price is USD 1-3 for Russians and USD
10 and more for others. To obtain it officially seems virtually impossible.
"You need to fill out a lot of applications, collect many signatures and
permissions. According to different sources you are responsible to get a
registration in 3 or 10 days after arriving to Moscow. This is even
theoretically impossible because registration department (pasportnyi stol)
works only 2-3 hours a week and you have to wait hours and hours in a huge
line. In addition, any official may refuse you without any explanation."
A passenger on Heathrow Airport was found to carry a box with loose leaf
Chinese tea. Unfortunately, it was of a well known variety known as
Gunpowder Tea, and had this printed on the packaging. It was decided that
the tea was allowed, but the evil word "Gunpowder" was not. Consequently
the security staff then rummaged around and found a plastic bag into which
they decanted the fragrant tea leaves, and confiscated the cardboard
packaging.
Other European stupid security measures include:
- The refusal of UK railways company Railtrack to provide litter bins on
stations (a bomb could be hidden in there).
- Irish budget Airline Ryan Air accepting international student cards as
photographic ID but refusing military ID-cards.
- The Danish Ferry-Company requiring fingerprint scans to board a boat from
the island Bornholm to mainland Denmark.
- The French province of Pyrenees-Atlantiques allowing nightclubs and
disco's with sufficient camera-supervision (CCTV) to stay open 1 hour longer.
- A Scuba diving club in Devon (UK) requiring a full security check from
people interested in taking classes.
- An anonymous UK airline forbidding its pilots to carry nail clippers,
while allowing for a huge fire-axe in every cabin.
Selected nominations in 5 categories (08.04.2003)
http://www.privacyinternational.org/activities/stupidsecurity/
Details about Moscow Propiska
http://www.nelegal.net/articles/index.html
==================================================================
2. DRAFT LAW PROMOTES FREE SOFTWARE IN BULGARIA
==================================================================
A draft law, currently discussed in parliament in Bulgaria, will oblige all
governmental institutions to use free software and open formats with their
computer information systems within 2 years. The law addresses all state
bodies, mayors of municipalities and regions, higher schools, medical
establishments, non-profit legal entities as well as other bodies and
entities that receive governmental funding. A permit of exception from this
obligation can only be procured on a case-by-case basis, if no free
software is available for a specific purpose.
In the Bulgarian definition, free software must allow for:
- Unlimited use of the software for all purposes;
- Unlimited access to the source code;
- Comprehensive check of its mechanisms of operation;
- Use of internal mechanisms and of any arbitrary part of it, so that it
can be adapted to the needs of the user;
- Production and public distribution of its copies;
- Modification and free distribution of changes as well as of the newly
designed software under the same conditions as those of the original.
If adopted, the law would bring about a remarkable change of policy. Only a
year ago, Minister of the State Administration Dimitar Kalchev triumphantly
announced a new contract with Microsoft for the provision of software to
the state administration. In total, in 3 years Bulgaria would have to pay
USD 8,400,000 (EUR 7,862,245) to Microsoft.
Press release 'The contract with Microsoft is one of the most advantageous
contracts sealed in the country' (14.06.2002)
http://www.government.bg/English/Priorities/Administration/2002-06-14/671.html
A copy of the draft law is available through Veni Markovski <veni at veni.com>.
==================================================================
3. NEW CONTENT RESTRICTIONS IN GERMANY
==================================================================
In Germany, new content restrictions were introduced for the protection of
minors, extending current regulations and indexing schemes for film and
video to internet and games. Since 1 April all kinds of ego shooters and
electronic media "glorifying war" are banned. Furthermore, under the new
regulation, all computer games must carry labels with minimum age
requirements. The restrictions on computer games were speeded up after a
youngster killed 18 people in his school in the city of Erfurt a year ago.
The youngster was addicted to the game 'Doom', media reported.
Through the new additions on the Treaty on Human Rights & the Protection of
Minors in Broadcasting and Telecommunication Media a new central commission
decides on illegal and harmful media and Web content. Though the
implications are not yet clear, the extension to web pages might mean
filtering mechanisms will have to be introduced to prevent minors from
accessing indexed web pages.
Based on a German article in Heise (03.04.2003)
http://www.heise.de/newsticker/data/jk-03.04.03-002/default.shtml
Available in English through
http://www.computeruser.com/news/03/04/03/news5.html
==================================================================
4. SWISS PROVIDERS TO KEEP EMAIL RECORDS FOR 6 MONTHS
==================================================================
Since 1 April, new legislation went into force that obliges Swiss Internet
Service Providers (ISPs) to keep a 6 month email log file. That means they
will have to store time, size and addresses of all emails sent by their
customers (the SMTP envelope data). The authorities will be able to access
these stored data with a search warrant only. Access is limited to a number
of serious offences such as paedophilia and drug trafficking.
There is no general obligation to store the content of all emails, but
providers can be ordered to keep the specific correspondence of a suspect
(preservation) and forward it to a special new crime-investigating unit.
Internet service providers have resisted the new legislation, pointing at
the high costs of storage and selection software. However, the new
legislation hasn't fully satisfied law enforcement officers either. Before
this law was introduced, there were no restrictions on the type of data a
judge could order an ISP to hand-over. "The politicians weren't very
pragmatic," said Nicolas Cruchet, an investigating judge in canton Vaud.
"These restrictions undermine the value of the law."
Sunrise, Switzerland's second-biggest ISP, estimated that complying with
the legislation would cost the company around 1 million Swiss Francs
(673,000 Euro). Some smaller ISPs have threatened to pass the extra costs
on to their customers. Company and university servers are not covered by
the new rules; nor are cybercafes.
A confidential document about the technical requirements of wiretapping in
Switzerland (02.04.2002) can be found at:
http://cryptome.org/ch-ilets-regs.htm
Contribution by Felix Rauch, Swiss Internet User Group (SIUG).
==================================================================
5. DANISH COMMITTEE ON CITIZENS IT-RIGHTS
==================================================================
The Danish ministry of science and technology has mandated a committee on
citizens IT-rights. The committee has representatives from various
ministries, consumer organisations, the IT-business sector and civil
society. EDRi-member Digital Rights has participated in the committee since
it started its work in September 2002. The aim of the committee is to give
recommendations to areas where existing laws and practices in Denmark may
hinder citizen's enjoyment of their IT-rights. Areas under scrutiny
include: citizen's communication with the public sector, privacy and
registration, freedom of expression and access to information. The fiercest
debates within the committee were about data retention (obligatory in
Denmark for the period of 1 year), access to public information and ISP
self-regulation. The recommendations are expected to be finalised by
May/June 2003.
Information is available at (in Danish)
http://www.vtu.dk/
or through committee member Rikke Frank J?rgensen from Digital Rights
<rfj at digitalrights.dk>.
==================================================================
6. AUSTRIA LOOSES COURT CASE ABOUT SURVEILLANCE COSTS
==================================================================
Telecommunication companies in Austria have won an important court case
against the federal government. Though in general the wiretapping
provisions in the new Telecommunications Law were not deemed
unconstitutional, from 2004 onwards, government will have to reimburse
providers for the costs of procuring and maintaining surveillance equipment.
Full verdict in German (27.02.2003)
http://www.vfgh.gv.at/vfgh/presse/G37-16-02.pdf
==================================================================
7. RECOMMENDED READING: EPIC AND PI 2002 REPORT ON PRIVACY
==================================================================
Each year, Privacy International and the Electronic Privacy Information
Center review the state of privacy in over fifty countries around the
world. The survey examines a wide range of privacy issues including, data
protection, telephone tapping, genetic databases, ID systems and freedom of
information laws.
Specifically, the 2002 edition of Privacy and Human Rights examines the
impact of government proposals after 11 September 2001 on privacy and civil
liberties. The report documents many new anti-terrorism and security
measures and identifies key trends including increased communications
surveillance, weakening of data protection regimes, and increased profiling
and identification of individuals.
The book can be ordered via the EPIC bookstore for USD 25
http://www.epic.org/bookstore/phr2002/
==================================================================
8. AGENDA
==================================================================
6-7 May 2003 Padova, Italy - Information Society Visions and Governance
Contact for information: Claudia Padovani <claudia.padovani at unipd.it>.
8 May 2003, Brussels, Belgium - European Parliament hearing on Software
Patents
Small and medium enterprises are requested to register and attend
http://www.quintessenz.at/cgi-bin/index?funktion=view&id=000100002512
8-9 May 2003, Namur, Belgium - Collecting and Producing Electronic Evidence
in Cybercrime Cases
2-day workshop organised by the University of Namur
http://www.ctose.org/info/events/workshop-8-9-may-2003.html
30 June - 2 July 2003 St. Petersburg, Russia - Building the Information
Commonwealth
http://www.communities.org.ru/conference/
7-10 August 2003 Berlin, Germany - Chaos Computer Camp 2003
http://www.ccc.de/camp/
==================================================================
9. ABOUT
==================================================================
EDRI-gram is a bi-weekly newsletter from European Digital Rights, an
association of privacy and civil rights organisations in Europe. Currently
EDRI has 10 members from 7 European countries. EDRI takes an active
interest in developments in the EU accession countries and wants to share
knowledge and awareness through the EDRI-grams. All contributions,
suggestions for content or agenda-tips are most welcome.
Newsletter editor:
Sjoera Nas <edrigram at edri.org>
Information about EDRI and its members:
http://www.edri.org/
- EDRI-gram subscription information
subscribe/unsubscribe web interface
http://www.edri.org/cgi-bin/mailman/listinfo/edri-news/
subscribe by email
To: edri-news-request at edri.org
Subject: subscribe
You will receive an automated email asking to confirm your request.
- EDRI-gram in Spanish
EDRI-gram is also available in Spanish, usually 3 days after the English
edition. The contents are the same. Translations are provided by David
Casacuberta, secretary of the Spanish chapter of Computer Professionals for
Social Responsibility (CPSR).
To subscribe to the Spanish language EDRI-gram, please visit
http://www.edri.org/cgi-bin/mailman/listinfo/edri-grama/
or subscribe by email:
To: edri-grama-request at edri.org
Subject: subscribe
- Newsletter archive
Back issues are available at:
http://www.edri.org/cgi-bin/index?funktion=edrigram
- Help
Please ask info at edri.org if you have any problems with subscribing or
unsubscribing.
==================================================================
Publication of this newsletter is made possible by a grant from
the Open Society Institute (OSI).
==================================================================
----- End forwarded message -----