Etikett: Digitala

  • Europeiska Digitala Rättigheter och FRA

    Men tanke på debatten kring FRA-debatten i Sverige kanske det skulle vara av intresse för en del att läsa en europeisk bedömning av vad den svenska riksdagen skulle rösta igenom. Det är värt att notera att de digitala rättigheterna och kampen för dem gäller inte enbart Sverige.

    Även om vi som vanligt i Sverige stuckit huvudet i sanden och låtsas om att det är bara vi som berörs av vad som händer i Europa.

    ERDI biweekly newsletter about digital civil rights in Europe
    Number 6.13, 2 July 2008

    ============================================================
    8. ENDitorial: Sweden is listening to all internet and phone conversations
    ============================================================

    In Denmark we already have Data Retention in place and the rest of
    Europe will follow soon. That means that our own countries demand that
    Internet companies and phone companies log who we phone, email with,
    chat with, which websites we visit, etc. This is something that the
    IT-Political Associations of Denmark (IT-Pol) fights against.

    Sweden has now taken one more step towards the complete surveillance of
    its citizens as well as citizens of the rest of the world.

    The Swedish Parliament (Riksdagen) passed a law that instructs all
    telephone and Internet operators to deliver a copy of all phone and
    Internet communication crossing Swedish borders to the Swedish
    intelligence service FRA. FRA will then use a big spying network and one
    of the most powerful supercomputers in the world to investigate the
    content of this communication.

    For a phone or Internet customer inside or outside Sweden, it is for all
    practical purposes impossible to know if a phone call or Internet
    connection crosses the Swedish border. For example, Denmark is located
    next to Sweden, several big Swedish phone and Internet companies operate
    in Denmark, and there are many high capacity sea cables between Denmark
    and Sweden. Much of the traffic from Russia also passes Sweden and that
    is probably one of the motivations for the law.

    It is not possible to know beforehand whether e.g. an email or web-page
    viewing will go through Sweden and after all you can never be sure that your
    traffic did not go through Sweden. However in some cases you can tell
    if your traffic did go through Sweden. IT-Pol has investigated various
    uses of the Internet and has discovered that for example Internet
    traffic to the Ministry of Ecclesiastical Affairs goes through
    Sweden. That means that the Swedish FRA intelligence will listen to
    every email from Danes to a Danish priest. Computerworld Denmark wrote that
    communication from the Danish intelligence also passes through Sweden.

    IT-Pol believes that Internet users should not be subjected to such a
    massive and systematic surveillance and bugging. There are probably many
    intelligence organizations around the world that try to tap Internet
    traffic. But in our part of the world it is exceptional that a
    government require all operators to deliver a copy of internet users’
    private data to the intelligence service.

    IT-Pol has twice contacted the Swedish Parliament. The letters (in
    Danish) are available at itpol.dk.

    This law has caused massive public opposition in Sweden and the vote
    barely got passed in the Parliament.

    It is important that citizens, politicians, and organizations outside of
    Sweden also speak out and make it clear that this monitoring madness is
    not acceptable.

    Internet providers outside of Sweden can alleviate the effects of the
    Swedish monitoring by not sending Internet traffic through Sweden unless
    the recipient is in Sweden. Alternatively, they can encrypt all traffic
    going through Sweden. Tolstrup from the Telecommunication Industries
    Association in Denmark said in a statement to the Internet magazine
    ComOn that FRA can require Danish operators to hand over encryption
    keys. This is not obvious from the text of the FRA-law and IT-Pol is
    still investigating if this is really true. We have asked some members
    of the Swedish Parliament about it, but received no answer. If it is
    true, it is an even more serious attack on the freedom of the users of
    the Internet.

    Content providers inside and outside of Sweden can encrypt their
    content. On most webservers a simple change in the configuration will
    enable SSL-encryption so that users of the website are protected against
    the Swedish snooping, even if the content passes the Swedish border.

    Users can also protect their privacy, even against FRA. They can use
    encrypted IP telephony, they can use the TOR network to surf the Web, they
    can send and receive their e-mail encrypted, etc.

    IT-Pol has taken the initiative of the Polippix project, which provides a
    live CD, enabling users to take advantage of these technologies. Polippix is
    now an international project, translated into several languages and used in
    many countries including Denmark, Germany, France, Thailand and Sweden.

    IT-Political Association of Denmark
    http://www.itpol.dk/presentation-of-it-pol

    TOR Project
    http://www.torproject.org

    Polippix
    http://www.polippix.org

    ’Yes’ to surveillance law (18.06.2008)
    http://www.thelocal.se/12534/20080618/

    EDRi-gram: ENDitorial: A new ”NSA FRAnchise” set up in Sweden? (4.06.2008)
    http://www.edri.org/edrigram/number6.11/nsa-fra-sweden

    (Contribution by Niels Elgaard Larsen – Chairman, IT-Political Association
    of Denmark)

    ============================================================
    9. Recommended Action
    ============================================================

    The Commission has opened a public consultation by 31 July 2008 on age
    verification, cross media rating & classification and online social
    networking

    The purpose of the public consultation is to gather the knowledge and views
    of all relevant stakeholders (including public bodies, child safety and
    consumer organisations, industry). The gathered information will be fed into
    this year’s Safer Internet Forum 2008, which will be dedicated to the above
    mentioned topics.
    http://ec.europa.eu/information_society/activities/sip/public_consultation/index_en.htm

    ============================================================
    10. Recommended Reading
    ============================================================

    Article 29 Working Party – Opinion 2/2007 on information to passengers about
    the transfer of PNR data to US authorities, Adopted on 15 February 2007 and
    revised and updated on 24 June 2008
    http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2008/wp151_en.pdf

    Kieran Poynter’s Review of information security at HM Revenue and Customs
    http://www.hm-treasury.gov.uk/media/0/1/poynter_review250608.pdf

    Independent Police Complaints Commission report into loss of data at HMRC
    http://www.ipcc.gov.uk/final_hmrc_report_25062008.pdf

    Sir Gus O’Donnell’s report on Data Handling Procedures in government
    http://www.cabinetoffice.gov.uk/~/media/assets/www.cabinetoffice.gov.uk/csia/dhr/dhr080625%20pdf.ashx

    Sir Edmund Burton’s report into the Loss of MOD Personal Data
    http://www.mod.uk/NR/rdonlyres/3E756D20-E762-4FC1-BAB0-08C68FDC2383/0/burton_review_rpt20080430.pdf

    ============================================================
    11. Agenda
    ============================================================

    7-8 July 2008, London, UK
    Developing New Models Of Content Delivery Online & Innovative Strategies For
    Effectively Tackling Copyright Infringement
    http://www.isp-content-regulation.com/conference.agenda.asp

    7-9 July 2008, Cambridge, UK
    Privacy Laws & Business 21st Annual International Conference
    http://www.privacylaws.com/templates/AnnualConferences.aspx?id=641

    19-20 July 2008, Stockholm, Sweden
    International Association for Media and Communication Research
    pre-conference – Civil Rights in Mediatized Societies: Which data privacy
    against whom and how ?
    http://www.iamcr.org/content/view/301/1/

    23-25 July 2008, Leuven, Belgium
    The 8th Privacy Enhancing Technologies Symposium (PETS 2008)
    http://petsymposium.org/2008/

    8-10 September 2008, Geneva, Switzerland
    The third annual Access to Knowledge Conference (A2K3)
    http://isp.law.yale.edu/

    22 September 2008, Istanbul, Turkey
    Workshop on Applications of Private and Anonymous Communications
    http://www.alpaca-workshop.org/

    24-28 September 2008, Athens, Greece
    World Summit on the Knowledge Society
    http://www.open-knowledge-society.org/summit.htm

    ============================================================
    12. About
    ============================================================

    EDRI-gram is a biweekly newsletter about digital civil rights in Europe.
    Currently EDRI has 28 members based or with offices in 17 different
    countries in Europe. European Digital Rights takes an active interest in
    developments in the EU accession countries and wants to share knowledge and
    awareness through the EDRI-grams.

    All contributions, suggestions for content, corrections or agenda-tips are
    most welcome. Errors are corrected as soon as possible and visibly on the
    EDRI website.

    Except where otherwise noted, this newsletter is licensed under the
    Creative Commons Attribution 2.0 License. See the full text at
    http://creativecommons.org/licenses/by/2.0/

    Newsletter editor: Bogdan Manolea

    Information about EDRI and its members:

    Home

    European Digital Rights needs your help in upholding digital rights in the
    EU. If you wish to help us promote digital rights, please consider making a
    private donation.
    http://www.edri.org/about/sponsoring