Telecoms-Package Compromise-Amendments ITRE-IMCO 7th-July

Last Version - July 2nd -
"Final" version of the compromise amendements

analysis of the amendements

Following analysis of the previous amendements. Most do not change, the modifications made on the others do not change the analysis.

Amendment H1, Harbour
'Allows national regulation authorities and the Commission to fix standards which restrict the run of « lawful applications » and « lawful services » and access and distribution of « lawful content » How a computer or an ISP can determine what is lawful and unlawful ? => Paves the way to filtering and to surveillance computing (know as treacherous computing).'

Article 1 – point 13 xx amending Directive 2002/22/EC Article 22 – paragraph 3 A national regulatory authority may issue guidelines setting minimum quality of service requirements, and, if appropriate, take other measures, in order to prevent degradation of services and slowing of traffic over networks, and to ensure that the ability of users to access or distribute lawful content or to run lawful applications and services of their choice is not '''unreasonably restricted. Those guidelines or measures shall take due''' account of any standards issued under article 17 of Directive 2002/121EC (Framework directive). The Commission may having examined such guidelines or measures and consulted [XXX], adopt technical implementing measures in that regards if it considers that the guidelines or measures may create barrier to the internal market. Theses measures designed to amend non-essential elements of this directive by supplementing it, shall be adopted in accordance with the regulatory procedure with scrutinity referred to in article 37(2).

NB:


 * 1) Treacherous computing is an expression used to avoid the use of Trusted Computing because so called technologies are designed to take off the right of users to control their computer (and by the way their personal data), not to secure them. One goal is producers can remote control the use of their content because they do not trust users.
 * 2) Free Software is not compatible with standards used to try to restrict the run of a « lawful application » : Free Software can be studied and modified by the user himself to check the security of the software or to create a new lawful application as Free Soffware authors grant the right to do so to every user. And technologies used to check if an application is lawful consider user modified software as unlawful. So beside pushing dangerous technologies for privacy, this amendment mays create by itself a barrier in the internal market even if an ISO standard of treacherous computing emerges like the following (http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=50970).
 * 3) Please study this amendment from a strategic point of view and follow the reference to article 37(2)  io unterstand why it is also a troyan horse from democratic point of view

Amendement K1, Kamal
Trusted computing, open the door to mandatory TPM, when linked with H1 and K2, attributed to BSA.

Article 2 – point 5 a (new) amending Directive 2002/58/EC Article 14 – paragraph 1 1. In implementing the provisions of this Directive, Member States shall ensure, subject to paragraphs 2 and 3, that no mandatory requirements for specific technical features, including, without limitation, for the purpose of detecting,intercepting or preventing infringement of intellectual property rights by users, are imposed on terminal or other electronic communication equipment which could impede the placing of equipment on the market and the free circulation of such equipment in and between Member States.

For information paragraphs 2 and 3 mentionned in this paragraph 1 can be read as follow:

2. Where provisions of this Directive can be implemented only by requiring specific technical features in electronic communications networks, Member States shall inform the Commission in accordance with the procedure provided for by Directive 98/34/EC of the European Parliament and of the Council of 22 June 1998 laying down a procedure for the provision of information in the field of technical standards and regulations and of rules on information society services(9). 3. Where required, measures may be adopted to ensure that terminal equipment is constructed in a way that is compatible with the right of users to protect and control the use of their personal data, in accordance with Directive 1999/5/EC and Council Decision 87/95/EEC of 22 December 1986 on standardisation in the field of information technology and communications(10).

NB:


 * 1) This amendment opens the door to implementation of intrusive technologies that could become mandatory by Members States' decision as far as these technologies do not impair internal market.
 * 2) First, this amendment states that some technical measures aiming exist, whose purpose is to detect, intercept or prevent infringements of intellectual property rights (including infringements to copyright, trademarks right, and patents right). Yet, to detect, intercept and prevent such criminal infringements, users' uses and electronic communications must be monitored with hardwares and softwares that are actually finks taking the place of a judge (who usually is the only one who can tell what is lawful and what is not).
 * 3) Second, this amendment doesn't prevent from creating mandatory measures, with the only provision that they don't harm freedom to market and competitivity inside the Internal Market.
 * 4) Finally, reference to paragraph 3, supposedly protecting from any risk that privacy would be harmed, is voided by the next amendment (Amendment K2 below).

Amendment K2, Kamal
Allows compagnies to remote control electronic communications of the user without his consent, attributed to BSA.

Article 2 – point 4 a (new) amending Directive 2002/58/EC Article 6 – paragraph 6a (new) '''6a. Traffic data may be processed by any natural or legal person for''' the purpose of implementing technical measures to ensure the security of a public electronic communication service, a public or private electronic communications network, an information society service, or '''related terminal and electronic communication equipment. Such''' processing must be restricted to what is strictly necessary for the purposes of such security activity.

NB:

The concept of security is used by DRMS (Digital Restriction Management System) vendors and also in national laws implementing the directive 2001/29CE which forbid the circumvention of technical measures used to control copy of works (as DRM do). So when reading this amendment, the security of an electronic communication equipment must be unterstood also as the security by obscurity of DRM used to prevent, detect or intercept IP infrigments (in compliance with amendments H1 and K1).

Spekulaticve: "a public or private" network reads to me, as they also have the power to break into your "private" network. (LAN, VPN Connections...) And if electroniv communication equipment is your computer, they may check it out too ??? Opinions please.

Amendment H2, Harbour
Known part of three-strikes approach, introduces the concept of cooperation between ISP and producers under the authority of national regulation authorities, written by the French cinema lobby, SACD.

Article 1 – point 20 xx amending Directive 2002/22/EC Article 33 – paragraph 2a (new)

Without prejudice to national rules in conformity with community law promoting cultural and media policy objectives, such as cultural and linguistic diversity and media pluralism, national regulatory authorities and other relevant authorities shall also as far as appropriate promote cooperation between undertakings providing electronic communications networks and/or services and the sectors interested in the protection and promotion of lawful content in '''electronic communication networks and services. These co-operation''' mechanisms may also include coordination of the public interest information to be made available as set out in Article 21(4a) and Article 20(2).

NB:

La Quadrature du Net has evidence that this amendment was written by SACD: http://www.laquadrature.net/en/privacy-film-industry-pirates-european-law.

Amendement H3, Harbour
Known part of three-strikes approach, permits intimidation by email and mandates that  ISPs costs are paid for by the national regulator, (as is the case for the French draft law on three-strikes approach).

Article 1 – point 12 xx amending Directive 2002/22/EC Article 21 – paragraph 4a (new) Members state shall ensure that national regulatory authorities oblige the undertakings referred in paragraph 4 to distribute public interest information to existing and new subscribers when '''appropriate. Such information shall be produced by the relevant''' public authorities in a standardised format and may inter alia cover the following topics : (a) illegal uses of electronic communications services, particularly where it may prejudice respect for the rights and freedoms of others, including infringement of copyright and related rights ; (b) the most common illegal uses of electronic communications services, including copyright infrigement, and their consequences; and (c) means of protection against risks to personal security, privacy and personal data in using electronic communications services. Significant additional costs incurred by an undertaking in complying with these obligations shall be reinbursed by the national regulatory authority.

NB:

This amendment forces Internet Access Providers (ISPs) to send notice messages to users when unlawful uses have been detected. The issue is that it doesn't tell who is the sender (private enterprises, national regulatory authorities, judicial authority?).

The difference between point (a) and point (b) should be noted: the first one aims at individual uses (informations on intercepted or detected allegedly infringements) whereas the second one is general (informations on most common cases of unlawful uses of Internet access).

Point (c) is about informations on traffic data processing means without permission for Internet access security reasons, authorized by Commission through amendment H1, K1, and K2.

This is the exact description of informations that French government is eager to send to users in the so-called three-strikes approach in order that users install filtering and monitoring means.