Revue de presse

The press review RSS feed

The press review catalogues press articles related to la Quadrature's issues, compiled by its volunteers.
See also our French press review.

[TheIntercept] Spy Chief Complains That Edward Snowden Sped Up Spread of Encryption by 7 Years

Screenshot

The director of national intelligence on Monday blamed NSA whistleblower Edward Snowden for advancing the development of user-friendly, widely available strong encryption“As a result of the Snowden revelations, the onset of commercial encryption has accelerated by seven years,” James Clapper said during a breakfast for journalists hosted by the Christian Science Monitor. [...]

Technologists have been tirelessly working to strengthen encryption for decades, not just the past few years. But Snowden’s revelations about the pervasiveness of mass surveillance clearly accelerated its more widespread availability. And technologists say the threat of law enforcement “going dark” has been overhyped. For instance, there are almost always ways to hack around encryption, even if you can’t break it. [...]

https://theintercept.com/2016/04/25/spy-chief-complains-that-edward-snow...

[ArsTechnica] Anti-innovation: EU excludes open source from new tech standards

Screenshot

As part of its Digital Single Market strategy, the European Commission has unveiled "plans to help European industry, SMEs, researchers and public authorities make the most of new technologies." In order to "boost innovation," the Commission wants to accelerate the creation of new standards for five buzzconcepts: 5G, cloud computing, internet of things, data technologies, and cybersecurity. [...]

"Open" is generally used in the documents to denote "open standards," as in the quotation above. But the European Commission is surprisingly coy about what exactly that phrase means in this context. It is only on the penultimate page of the ICT Standardisation Priorities document that we finally read the following key piece of information: "ICT standardisation requires a balanced IPR [intellectual property rights] policy, based on FRAND licensing terms."

It's no surprise that the Commission was trying to keep that particular detail quiet, because FRAND licensing—the acronym stands for "fair, reasonable, and non-discriminatory"—is incompatible with open source, which will therefore find itself excluded from much of the EU's grand new Digital Single Market strategy. That's hardly a "balanced IPR policy." [...]

That de facto exclusion of open source from this major new EU initiative is shocking, but not entirely unexpected. The European Commission has been steadily moving to marginalise open source for over a decade. [...]

http://arstechnica.co.uk/tech-policy/2016/04/anti-innovation-eu-excludes...

[ArsTechnica] Fair use prevails as Supreme Court rejects Google Books copyright case

Screenshot

The Supreme Court on Monday declined to hear a challenge from the Authors Guild and other writers claiming Google's scanning of their books amounts to wanton copyright infringement and not fair use. The guild urged the high court to review a lower court decision in favor of Google that the writers said amounted to an "unprecedented judicial expansion of the fair-use doctrine."

At issue is a June decision by the 2nd US Circuit Court of Appeals that essentially said it's legal to scan books if you don't own the copyright. The Authors' Guild originally sued Google, saying that serving up search results from scanned books infringes on publishers' copyrights even though the search giant shows only restricted snippets of the work. The writers also claimed that Google's book search snippets provide an illegal free substitute for their work and that Google Books infringes their "derivative rights" in revenue they could gain from a "licensed search" market. [...]

http://arstechnica.com/tech-policy/2016/04/fair-use-prevails-as-supreme-...

[ArsTechnica] Privacy Shield doesn’t do enough to curtail US surveillance, say EU data watchdogs

Exceptions in the proposed EU-US Privacy Shield framework that would allow the US to carry out mass surveillance of EU citizens are "not acceptable," the Article 29 Working Party of EU data protection authorities said today in a press conference.

The Chairman of the group, Isabelle Falque-Pierrotin, explained that the Article 29 Working Party would look with "great interest" on the forthcoming ruling by the Court of Justice of the European Union (CJEU) on whether mass surveillance of EU citizens could be legal. If the CJEU finds that the surveillance carried out by GCHQ is unlawful, it would have a big impact on the national security exceptions included in Privacy Shield. [...]

Since Safe Harbour was struck down by the CJEU largely because of concerns about mass surveillance, there is a real possibility that Privacy Shield will suffer the same fate unless the the Article 29 Working Party's concerns are adequately addressed. That would lead to even greater uncertainty for transatlantic data flows—something the European Commission and US companies will be keen to avoid.

http://arstechnica.co.uk/tech-policy/2016/04/privacy-shield-us-surveilla...

[NYtimes] FCC Advances Privacy Proposal for U.S. Internet Users

WASHINGTON — The U.S. Federal Communications Commission on Thursday advanced a proposal to ensure the privacy of broadband Internet users by barring providers from collecting user data without consent. [...]

Broadband providers currently collect consumer data without consent and some use that data for targeted advertising, which has drawn criticism from privacy advocates. [...]

Advocacy group Free Press praised the FCC for moving ahead and said the commission must consider other issues in setting rules including "pay-for-privacy, deep-packet inspection, upselling services, competition and data security." [...]

http://www.nytimes.com/reuters/2016/03/31/technology/31reuters-fcc-priva...

[CNet] How the government plans to protect your privacy from ISPs (FAQ)

The [Federal Communications Commission] voted this week on a proposal for rules that will govern how broadband and wireless providers handle your personal online data. [...]

The new rules prohibit broadband providers from sharing your information, such as your name, location or online activity, with third parties without your consent. It's meant to provide the same kind of protection offered to telephone customers.

The rules would also require broadband and wireless providers to disclose in plain language how consumer data is collected, how it's shared with third parties and how it's used by outside firms. The plan also calls for broadband companies to strengthen security practices for customer data. [...]

The rules only cover broadband and wireless service providers. But online companies, such as Facebook or Google, or device makers, such as Apple, are excluded from the rules. That means these companies are still able to collect data about your location and Internet surfing habits and sell it to advertisers or other third parties. [...]

The vote on Thursday was just the beginning of the process. The FCC opened up its proposal for public comment. Then there will be another period to comment on the comments. And finally, the agency will draft its final rules, which the agency will vote on. The whole process could take six months or longer. [...]

http://www.cnet.com/news/how-the-fcc-plans-to-protect-your-privacy-from-...

[ArsTechnica] Brussels terror attacks: Why ramping up online surveillance isn't the answer

Two days after the attacks, EU ministers met in Brussels at an emergency justice and home affairs council, and predictably demanded more access to our Internet histories, more powers to track people, and more ways to break into our private communications.

The European People's Party has reportedly said it wants personal data on everyone who takes a train to be stored. Meanwhile, a so-called Passenger Name Record is in the works for all airline passengers.

And, even before the terrorist attacks, Belgium officials were mulling the expansion of the country's data collecting and storing laws. Never mind that the European Court of Justice, and the Belgian Constitutional Court have ruled that data retention is illegal. My adopted country also plans new surveillance legislation that would allow intelligence agencies more freedom to eavesdrop on cross-border communications [...]

I am not opposed to proportionate and specific surveillance. My opposition, on principle, is to mass unjustified collection of personal information "just in case." Just in case of what? In case we're all closet terrorists?

Predictably, Europol Director Rob Wainwright blamed encryption. He told POLITICO. “Encrypted communication via the Internet, and smartphones are a part of the problems investigators face in these instances. We have to find a more constructive legislative solution for this problem of encryption.”

Since when is encryption a problem? [...] Using crypto tools doesn’t mean you are a terrorist. Weakening encryption will just create vulnerabilities that will be exploited by the very criminals and terrorists we want to stop. [...]

http://arstechnica.co.uk/tech-policy/2016/04/brussels-terror-attacks-sur...

[WashingtonPost] Mass surveillance silences minority opinions, according to study

A new study shows that knowledge of government surveillance causes people to self-censor their dissenting opinions online. The research offers a sobering look at the oft-touted "democratizing" effect of social media and Internet access that bolsters minority opinion. [...]

This research illustrates the silencing effect of participants’ dissenting opinions in the wake of widespread knowledge of government surveillance, as revealed by whistleblower Edward Snowden in 2013. [...]

“It concerns me that surveillance seems to be enabling a culture of self-censorship because it further disenfranchises minority groups. And it is difficult to protect and extend the rights of these vulnerable populations when their voices aren't part of the discussion. Democracy thrives on a diversity of ideas, and self-censorship starves it,” [Elizabeth Stoycheff, lead researcher of the study and assistant professor at Wayne State University] said. “Shifting this discussion so Americans understand that civil liberties are just as fundamental to the country's long-term well-being as thwarting very rare terrorist attacks is a necessary move.” [...]

[This article has been translated in French here]

https://www.washingtonpost.com/news/the-switch/wp/2016/03/28/mass-survei...

[CSMonitor] With or without evidence, terrorism fuels combustible encryption debate

The encryption issue has become indelibly linked to the broader debate in Europe, the US, and South America over how to balance individual liberties with matters of national security and law enforcement. [...] In France, the amendment that lawmakers will debate is part of the omnibus Digital Republic bill that passed the lower house of France’s parliament earlier this year. [...]

If passed, it's unclear how French courts will interpret the amendment, according to Philippe Aigrain, a French security expert and cofounder of the advocacy group La Quadrature du Net. He worries it will scare companies operating in France off of providing strong encryption altogether. [...]

“It is remarkable that at every new bombing or attack, there are claims that the authors used encryption even when all evidence is contrary, such as was the case in the Nov. 13 attacks in Paris, where the terrorists exchanged unencrypted [texts],” said Philippe Aigrain, [...].

http://www.csmonitor.com/World/Passcode/2016/0328/With-or-without-eviden...

[Computing] GCHQ admits £1bn spend on cyber security 'hasn’t worked'

GCHQ is losing the cyber security war, according to director of cyber security at CESG (Communications-Electronics Security Group) Alex Dewedney, who admitted that, despite a £1bn spend over the past five years, "the bottom line is it hasn't worked". [...]

"We can't just pass information on threats to businesses and tell them to go and deal with it themselves," said Dewedney, who added that 90 per cent of UK enterprises suffered cyber security breaches last year.

Dewedney also criticised the UK government for "not... spending money on fixing legacy IT issues" that have left a situation that, he said, "is killing us". [...]

The problem is "not so much a money issue as it is a human resources issue", he said.

http://www.computing.co.uk/ctg/news/2449902/gchq-admits-gbp1bn-spend-on-...

Syndiquer le contenu