Belgian Government Wants To Add Encryption Backdoors To Its Already-Terrible Data Retention Law

from the it-can-always-get-worse dept

Earlier this year, a data retention law passed by the Belgian government was overturned by the country's Constitutional Court. The law mandated retention of metadata on all calls and texts by residents for one year, just in case the government ever decided it wanted access to it. Acting on guidance from the EU Court on laws mandating indiscriminate data retention elsewhere in the Union, the Constitutional Court struck the law down, finding it was neither justified nor legal under CJEU precedent or under Belgium's own Constitution.

[T]he Constitutional Court finds that the Data Retention Act aims at broader objectives than safeguarding national security, combating serious crime and preventing serious threats to public security and that the interference is thus not limited to what is strictly necessary. In addition, the Constitutional Court points out that such requirement to retain traffic and location data should be the exception, not the rule, must set out clear and precise rules regarding the scope and application of such measure, whereby certain minimum requirements should be implemented, and should ensure that the interference is limited to what is strictly necessary.

That prompted an immediate rewrite and a hasty propulsion of the law through the legislative process. This ruling was handed down in April. By May 10th, the government had another legislative proposal ready to go. Then it expanded it, adding encrypted messaging services to the list of entities obliged to collect and retain communications metadata.

But the demands go even further than metadata. Either incapable or unwilling to understand how end-to-end encryption works, legislators want a form of encryption that can be stripped away whenever the government wants access to communications. This is from an open letter sent to the Belgian government by 81 organizations and cybersecurity experts.

The Draft law on the collection and storage of identification, traffic and location data in the electronic communications sector and their access by the authorities, or “the Data Retention Legislation,” would require operators of encrypted systems to enable law enforcement to be able to access on request content produced by specific users after a specified date in the future. That is, they would have to be able to “turn off” encryption for specific users.

If you can't see where this is going, you might be a Belgian legislator.

There is no way to simply “turn off” encryption; providers would need to create a new delivery system and send targeted users into that separate delivery system. Not only would this require significant technical changes, but it would thereby break the promises of confidentiality and privacy of end-to-end encrypted communications services.

It's a backdoor. Backdoors don't work. Or rather, they do, but then the encryption doesn't work. Legislators and those pressuring legislators to mandate encryption backdoors don't like to use that term, so they dance around it. In the US, they call it technical assistance or whatever the opposite of "warrant-proof encryption" is. In Belgium, they stuff it into a bill that originally targeted phone service providers and call it "data retention."

It's unclear how the legislature thinks this version will be found constitutional by the courts, unless it's relying on the addition of some minimal targeting requirements to change it from a bulk data collection the government can access at any time to a slightly smaller bulk data collection the government can access at any time -- one that now includes metadata collected by encrypted communications platforms which will have to backdoor their own encryption to comply with demands for data.

If this is allowed to become law, everyone's communications will be less secure, not just those belonging to people the state wants to surveil or lock up.

Undermining encryption by introducing backdoors to encrypted communications would leave Belgium exposed to attacks, including its journalists, doctors, lawyers, public sector employees, and other citizens, as well as businesses and institutions, including governments.

If that's an acceptable tradeoff for the government, the bill will become law. But it will have to survive another legal challenge once it goes live. And from what's seen here, it looks like more of the stuff that was already struck down by the court, only with bonus encryption backdoors. If Belgian legislators aren't willing to protect their constituents, hopefully the courts will pick up the slack.

Filed Under: backdoors, belgium, data retention, encryption, surveillance

Some EU Nations Still Haven't Implemented The 2013 Marrakesh Treaty For The Blind

from the copyright-trumps-compassion dept

The annals of copyright are littered with acts of extraordinary stupidity and selfishness on the part of the publishers, recording industry and film studios. But few can match the refusal by the publishing industry to make it easier for the blind to gain access to reading material that would otherwise be blocked by copyright laws. Indeed, the fact that it took so long for what came to be known as the Marrakesh Treaty to be adopted is a shameful testimony to the publishing industry's belief that copyright maximalism is more important than the rights of the visually impaired. As James Love, Director of Knowledge Ecology International (KEI), wrote in 2013, when the treaty was finally adopted:

It difficult to comprehend why this treaty generated so much opposition from publishers and patent holders, and why it took five years to achieve this result. As we celebrate and savor this moment, we should thank all of those who resisted the constant calls to lower expectations and accept an outcome far less important than what was achieved today.

Even once the treaty was agreed, the publishing industry continued to fight against making it easier for the visually impaired to enjoy better access to books. In 2016, Techdirt reported that the Association of American Publishers was still lobbying to water down the US ratification package. Fortunately, as an international treaty, the Marrakesh Treaty came into force around the world anyway, despite the US foot-dragging.

Thanks to heavy lobbying by the region's publishers, the EU has been just as bad. It only formally ratified the Marrakesh Treaty in October of this year. As an article on the IPKat blog explains, the EU has the authority to sign and ratify treaties on behalf of the EU Member States, but it then requires the treaty to be implemented in national law:

In this case, the EU asked that national legislators reform their domestic copyright law by transposing the 2017/1564 Directive of 13 September 2017. The Directive requires that all necessary national measures be implemented by 12 October 2018. Not all member states complied by this deadline, whereby the EU Commission introduced infringement procedures against them for non-compliance. The list of the non-compliant countries is as follows:

Belgium, Cyprus, Czech Republic, Germany, Estonia, Greece, Finland, France, Italy, Lithuania, Luxembourg, Latvia, Poland, Portugal, Romania, Slovenia, UK

The IPKat post points out that some of the countries listed there, such as the UK and France, have in fact introduced exceptions to copyright to enable the making of accessible copies to the visually impaired. It's still a bit of mystery why they are on the list:

At the moment, the Commission has not published details regarding the claimed non-compliance by the countries listed. We cannot assume that the non-compliance proceedings were launched because the countries failed to introduce the exceptions in full, because countries can also be sanctioned if the scope of the exception implemented is too broad, so much so that it is disproportionately harmful to the interest of rightsholders. So we will have to wait and see what part of the implementation was deemed not up to scratch by the Commission.

As that indicates, it's possible that some of the countries mentioned are being criticized for non-compliance because they were too generous to the visually impaired. If it turns out that industry lobbyists are behind this, it would be yet another astonishing demonstration of selfishness from publishers whose behavior in connection with the Marrakesh Treaty has been nothing short of disgusting.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: belgium, blind, copyright, eu, finland, france, germany, greece, italy, marrakesh treaty, poland, publishers, uk

Pompous 'International Grand Committee' Signs Useless But Equally Pompous 'Declaration On Principles Of Law Governing The Internet'

from the they're-really-going-all-in-on-this dept

So just a few weeks after a bunch of countries (and companies and organizations) signed onto a weird and mostly empty Paris Call for Trust and Safety in Cyberspace, a group of nine countries -- Argentina, Belgium, Brazil, Canada, France, Ireland, Latvia, Singapore and the UK, have declared themselves the "International Grand Committee on Disinformation and Fake News" and signed onto a Principles of the Law Governing the Internet. If that list of countries sound familiar, that's because it's the same list of countries that put on that grandstanding inquisition of Facebook that produced fake news in its own way, by falsely claiming that Facebook had discovered Russians extracting 3 billion data points via its API back in 2014 (it wasn't Russia, it was Pinterest; it wasn't 3 billion, it was 6 million; it wasn't abuse of the API, but using it correctly).

The Declaration makes some grand pronouncements:

Noting that:— the world in which the traditional institutions of democratic government operate is changing at an unprecedented pace; it is an urgent and critical priority for legislatures and governments to ensure that the fundamental rights and safeguards of their citizens are not violated or undermined by the unchecked march of technology; the democratic world order is suffering a crisis of trust from the growth of disinformation, the proliferation of online aggression and hate speech, concerted attacks on our common democratic values of tolerance and respect for the views of others, and the widespread misuse of data belonging to citizens to enable these attempts to sabotage open and democratic processes, including elections.

Affirming that:— representative democracy is too important and too hard-won to be left undefended from online harms, in particular aggressive campaigns of disinformation launched from one country against citizens in another, and the co-ordinated activity of fake accounts using data-targeting methods to try manipulate the information that people see on social media.

Believing that:— it is incumbent on us to create a system of global internet governance that can serve to protect the fundamental rights and freedoms of generations to come, based on established codes of conduct for agencies working for nation states, and govern the major international tech platforms which have created the systems that serve online content to billions of users around the world.

Okay. So what does it all mean? Well, here are the details of the "declaration":

i. The internet is global and law relating to it must derive from globally agreed principles;
ii. The deliberate spreading of disinformation and division is a credible threat to the continuation and growth of democracy and a civilising global dialogue;
iii. Global technology firms must recognise their great power and demonstrate their readiness to accept their great responsibility as holders of influence;
iv. Social Media companies should be held liable if they fail to comply with a judicial, statutory or regulatory order to remove harmful and misleading content from their platforms, and should be regulated to ensure they comply with this requirement;
v. Technology companies must demonstrate their accountability to users by making themselves fully answerable to national legislatures and other organs of representative democracy.

Of course, in the context of the committee who created this Declaration having now been revealed to have created "fake news" itself, this kind comes off pretty... weak. But also, the whole thing is kind of meaningless. The companies do recognize their "power" and have been trying to deal with this issue. Yes, perhaps they didn't grasp the severity of the issue in the past, but they certainly have more recently. But simple declarations and pronouncements don't really do anything useful in "solving" those issues. That's because much of it is a human nature issue, and expecting tech companies to "take responsibility" for human nature is... well... nonsense.

Filed Under: argentina, belgium, brazil, canada, content moderation, disinformation, fake news, france, internet regulation, ireland, latvia, prais call, singapore, uk
Companies: facebook

All That On-Off Excitement About CETA Last Year? It's Happening Again

from the mostly-about-corporate-sovereignty,-of-course dept

Remember last year when CETA, the Comprehensive Economic and Trade Agreement between Canada and the EU, was on, then off, then on again, then off again, and finally on again? After that, CETA was ratified by the European Union, and now needs to be approved by all Member States' parliaments before it is definitively in force. Well, guess what? One of those parliaments -- in the French-speaking Belgian region of Wallonia, which has already derailed CETA before -- could be about to block it again. As an article originally in The Globe and Mail reports:

The trade deal between Canada and the European Union is facing a new challenge from the Belgium region of Wallonia which is threatening to block final ratification of the agreement. Wallonia First Minister Paul Magnette said in an interview that his government will not support the CETA trade deal when it comes up for ratification unless changes are made to how disputes are resolved. Mr. Magnette also said his government is challenging the legality of the dispute resolution mechanism in the European Court of Justice, which could take at least two years to rule.

Yet again, the problem is mainly the corporate sovereignty chapter, which is emerging as a real trade deal killer (hint to governments: why not drop it?). But it's not just Wallonia that might stymie CETA. According to a post from the Council of Canadians, the final ratification of CETA also faces challenges in the Netherlands, France, Germany, Italy and Bulgaria. If one or more of those do halt the deal, another question arises:

If the full ratification of CETA is blocked, will the provisional application be undone? Council of Canadians trade campaigner Sujata Dey comments, "The German constitutional court has already ruled that provisional application can be undone. And in the country statements adopted by the European Council (the EU institution comprised of the heads of state or government of the member states, which sets the EU's overall political direction and priorities) many countries reiterated their right to undo provisional application."

It seems that as far as CETA is concerned, it ain't over until, well, it's completely over.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: belgium, ceta, corporate sovereignty, eu, isds, trade agreements, wallonia

Belgium Wants EU Nations To Collect And Store Personal Data Of Train, Bus And Boat Passengers

from the what-next?-bicycles? dept

It's become pretty common for the authorities to collect personal information about passengers from airlines, supposedly to ensure security. It's a sensitive area, though, as shown by the many years of fraught US-EU negotiations that were required in order to come up with a legal framework for transferring this data to the US when EU citizens were involved. However, not all EU countries are so concerned about that privacy thing. Belgium, for example, thinks that the current approach doesn't go far enough, and that it should be extended to include all forms of mass transport. As this EurActiv article notes, the Belgian parliament has already voted to bring in a national system for trains, buses and boats by May 2018, and the country is calling for the rest of the EU to follow suit:

In response to a number of terror attacks, Belgium wants greater control over who travels on its trains, buses and boats and will present its plans at the next meeting of EU interior ministers at the end of January.

However, there's a problem. Last year, the EU finally passed the EU Passenger Name Record (EUPNR) directive:

The EU PNR directive will oblige airlines to hand EU countries their passengers' data in order to help the authorities to fight terrorism and serious crime. It would require more systematic collection, use and retention of PNR data on air passengers, and would therefore have an impact on the rights to privacy and data protection.

Despite data protection safeguards that were included, resistance to bringing in this directive was fierce from many quarters. EurActiv says:

According to EU diplomats, the decision on air traffic passenger data was already a "big step" and that measure only applies to travellers going to or from third party destinations.

Against that background, asking the EU to extend the PNR scheme to include trains, buses and boats may be going too far, so to speak. Nonetheless, it's a bad idea that's now out there, and all-too likely to spread.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: belgium, eu, personal data, terrorism, travel

Belgian Court Fines Microsoft For Failing To Comply With Its Impossible Order

from the we-said-JUMP dept

You can't always get what you want. But if you try sometime, you just might fine... a company for being unable to deliver on the impossible.

Belgium has fined Skype €30,000 for failing to comply with a court request to intercept users' communications, something Skype claims was technically impossible at the time of the request.

According to Het Belang van Limburg, a Dutch-language newspaper in Belgium, the fine was delivered by the court in Mechelen because Skype had failed, in September 2012, to deliver up anything more than metadata in response to an investigation into a criminal organisation.

The court, failing to understand anything but its power to order people around, demanded that Skype turn over communications. Skype turned over the only thing it could actually obtain, explaining that its architecture didn't support the interception of calls. No dice. That only made the court angry.

The court was no more happy to have pointed out to it that Microsoft didn't actually fall under its jurisdiction. It maintains no data centers in Belgium, nor does it have anyone employed there. Microsoft suggested the court work with governments of countries where it actually maintains a presence and utilize their mutual assistance treaties.

None of these facts appear to have mattered. The court says Microsoft should be able to do the impossible because the law is the law.

Het Belang van Limburg quoted prosecutor Tim Hoogenbemt as saying: "Skype offers services in our country, so it needs to know the laws. And therefore know that the court may ask interception measures."

Sometimes the law isn't the law, though. Microsoft pointed out the law doesn't actually apply to it since it's a software provider, rather than a service provider.

And sometimes the law is an ass. The fine is still in place despite arguments of impossibility, illegality, and "not applicable" to the contrary. It may not stick. Microsoft is appealing the decision.

This isn't the first time Belgian courts have overreached. Back in 2009, Belgian officials blew off perfectly workable mutual assistance treaties, demanding user information directly from Yahoo's US headquarters. Yahoo, like Microsoft, pointed out that it has no data centers or employees in Belgium. Instead of rethinking its approach, the government took the company to criminal court. That court, like this one, decided to fine the company for doing the exact thing it was supposed to be doing: protecting its users' privacy.

And that's not the limit of Belgian exceptionalism. A "royal decree" from the Belgian government (which bypasses the Parliamentary approval process needed for actual legislation) forces ISPs to collect and store tons of info on their subscribers, including how many emails are sent, VoIP use (hello, Skype!), call metadata, etc. -- just in case law enforcement might need it. When it was pointed out this decree violated the EU's privacy directive, the government shrugged and called the agreement it signed "obsolete."

Given these decisions, it's not even useful advice to suggest just not doing business in Belgium. It quite obviously doesn't matter to the courts where the data or communications they're seeking are actually located.

Filed Under: belgium, intercept, phone calls, skype, warrant
Companies: microsoft, skype

EU-Canada Trade Deal Dodges Belgian Veto For Now, But Faces Multiple Legal Challenges

from the just-buying-some-time dept

A few days ago we described how the Belgian region of Wallonia was holding up the official signing of the EU-Canada trade deal, CETA, in part because of the corporate sovereignty chapter it contains. Not surprisingly, given the high-profile embarrassment this caused -- Canada's prime minister, Justin Trudeau, was forced to cancel his planned trip to Europe at the last minute -- the Walloon politicians have been under intense pressure to change their minds in return for some concessions. This they have now done, and a document has been published spelling out the nature of the deal they have obtained (currently only available in French and Dutch). The Council of Canadians suggests that the EU has not solved the problem, just bought some time:

The proposed compromise would give any region of Belgium the right to walk out during any part of the ratification process [which is still required, even after CETA has been signed]. Four Belgian Parliaments (the Walloon region, the French community, the German community, and the Francophone community commission of the Brussels Capital region) have made it clear that they will never ratify the Investment Court System (ICS) -- the provision that allows foreign investors to sue governments -- in its current form.

Wallonia's minister-president, Paul Magnette, came away with something else, too:

Magnette had also raised objections to the proposed court system for settling disputes between foreign investors and governments.

One concession he won means Belgium would be able to go to the European court of justice to determine whether the new investor-state special tribunals are compatible with EU law.

That's potentially big. Back in 2015, lawyers from the environmental group ClientEarth carried out an analysis of the corporate sovereignty approach -- both the older investor-state dispute settlement (ISDS) and the re-branded ICS -- and found that:

ISDS mechanisms would set up an arbitration system outside of, but binding on, the EU judicial system. Such mechanisms would introduce an additional judicial relief within the EU legal order that is independent of the EU courts. It would, in effect, be a system that would enable foreign investors to sideline the EU courts and resort to claims that are not available to domestic investors.

EU law, and settled case-law of the European Court of Justice (ECJ), suggest that such a system of external judicial control may be incompatible with the EU legal order because it would (1) undermine the autonomy of the EU legal order and the powers of the EU courts in particular and (2) negatively affect the completion of the internal market, and more specifically the EU competition rules.

Of course, some will dismiss that as simply the biased opinion of an activist organization. It's harder to ignore the views of 100 law professors from across Europe, who agree with ClientEarth, or the warning of the UN rights expert, Alfred de Zayas, not to sign the "flawed" CETA treaty, as he calls it. And "biased" certainly won't be something anyone could ever say about an ISDS ruling from the Court of Justice of the European Union (CJEU), the EU's highest court, which will be definitive once it is handed down. It will also apply to any trade deal that includes corporate sovereignty, such as TAFTA/TTIP, which is why Magnette's last-minute haggling turns out to be so important. One hint of how the CJEU might view matters is provided by the following:

ClientEarth recently launched a lawsuit against the Commission, because it refused to disclose official analysis of whether ISDS and ICS are legal. The Commission said sharing the legal reflections would undermine its negotiating position in trade agreements.

It's hard to see how an analysis that found ISDS and ICS were legal would weaken the EU's negotiating position. And it would surely be in the European Commission's interest to convince everyone that corporate sovereignty is, indeed, legal by releasing analyses supporting that view. So the fact the EU refuses to release them would naturally suggest that there is a problem somewhere, which presumably the CJEU will reveal when it comes to examine the issue.

Although the most important, the referral to the CJEU is not the only legal challenge that CETA is facing. There's one in Canada, too:

Canada's longest-serving member of the Queen’s privy Council, the Honourable Paul Hellyer, P.C., along with two co-plaintiffs, Ann Emmett and George Crowell, both prominent members of the Committee on Monetary and Economic Reform ("COMER"), launched a constitutional challenge against the much-maligned Canada-Europe Trade Agreement ("CETA"), at the Federal Court of Canada today.

Here's what they hope to obtain:

In addition to seeking several declarations, to clarify the Constitutional authority of the Executive branch of government to do this, the Plaintiff's also seek interim injunctions to prevent the federal government from signing, ratifying and implementing the CETA.

Finally, it's worth noting that there is also a constitutional challenge to CETA in Germany. On that front, the following happened a couple of weeks ago:

In its judgment pronounced today, the Second Senate of the Federal Constitutional Court rejected several applications for a preliminary injunction directed against the approval by the German representative in the Council of the European Union of the signing, the concluding and the provisional application of the Comprehensive Economic and Trade Agreement (CETA), which the Council of the European Union is expected to decide upon on 18 October 2016.

However, that's not as bad as it might seem at first sight. First, Germany's constitutional court imposed some quite stringent constraints on the German government. The most important of these is that the official signing of CETA will not cause the entire text to be applied provisionally, as the European Commission had originally hoped. Instead, some parts must wait until all 28 member states ratify the deal through votes in their national parliaments. That's going to take quite a while -- perhaps years -- and there's no guarantee that every country will ultimately ratify CETA. The corporate sovereignty provisions are one of the elements that will not come into force until after full ratification, something also agreed with Magnette. This means it's quite likely that the CJEU will hand down its verdict on the legality or otherwise of ICS before that, possibly killing it forever.

The other important point about the German constitutional court's decision is that it only rejected a request for a preliminary injunction, which it deemed unnecessary. The German court's full consideration of whether CETA is constitutional or not continues. The European Commission may have postponed the Wallonian problem but there are plenty of others on both sides of the Atlantic that could still stop CETA, and definitively.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: belgium, canada, ceta, cjeu, corporate sovereignty, eu, eu law, human rights, ics, isds

Corporate Sovereignty Helps To Bring EU-Canada Trade Deal To Brink Of Collapse

from the politically-toxic dept

The trade deal between the EU and Canada, known as CETA -- the Comprehensive Economic and Trade Agreement -- is remarkable for the fact that it has still not been signed and ratified, even though its completion was "celebrated" over two years ago. That's partly because of growing resistance to the inclusion of a corporate sovereignty chapter -- also known as investor-state dispute settlement (ISDS). In an attempt to head that off, the European Commission persuaded Canada to swap out vanilla ISDS for a new, "improved" version called the Investor Court System (ICS). As Techdirt noted before, this is really just putting lipstick on the pig, and doesn't change the fact that companies are being given unique privileges to sue a country for alleged harm to their investments using special tribunals, as well as in national courts.

CETA has faced other problems, notably from Bulgaria, Romania and Belgium. The first two said they wouldn't sign because of Canada's refusal to lift visa requirements for their citizens. That blackmail seems to have paid off. The Sofia Globe reports that Canada has agreed to remove the visa requirements from December 2017, and Bulgaria and Romania now say that they will sign CETA.

That leaves Belgium, or more precisely, the French-speaking Belgian region of Wallonia, which, as we noted back in April, was not happy with CETA. A couple of weeks ago, the Walloon parliament confirmed that it would refuse to give its permission for the central government to sign CETA in its name (original in French). Because of the way the Belgian political system works, that meant that Belgium would not be able to sign CETA on October 27, as the European Commission had originally hoped.

That, in its turn, meant that the European Union as a whole would not be able to sign CETA on that day. That's because back in July, European Commission president Jean-Claude Juncker agreed to treat CETA as a so-called "mixed agreement," a deal that must be ratified by all of the EU member states' national assemblies, as well as by the bloc. If Belgium can't do that because of Wallonia, CETA is blocked.

As you might imagine, the Walloons have come under intense pressure to change their mind, from just about the entire EU and Canadian political establishment. Last Friday, Wallonia's Minister-President Paul Magnette told the regional parliament that he still refused to allow Belgium to sign, despite that pressure. As well as being worried about the impact of Canada's agricultural products on Walloon farmers, Magnette singled out corporate sovereignty as a particular worry for him and his colleagues.

The fact that CETA's ISDS/ICS remains the most problematic area can be seen from a fascinating CETA document (pdf) that was recently leaked. It's called the "Joint Interpretative Declaration on the Comprehensive Economic and Trade Agreement (CETA) between Canada and the European Union and its Member States," and is an attempt to offer additional guarantees that are enough to convince Magnette and other CETA skeptics to allow its signing and ratification:

This interpretative declaration aims to provide a clear and unambiguous statement of what Canada and the European Union and its Member States agreed in a number of CETA provisions that have been the object of public debate and concerns. This includes, in particular, the impact of CETA on the ability of governments to regulate in the public interest, as well as the provisions on investment protection and dispute resolution, and on sustainable development, labour rights and environmental protection.

The section on Investment Protection is by far the longest, reflecting the seriousness of the problems there. Here's a key paragraph:

CETA clarifies that governments may change their laws, regardless of whether this may negatively affect an investment or investor's expectations of profits. Furthermore, CETA clarifies that any compensation due to an investor will be based on an objective determination by the Tribunal and will not be greater than the loss suffered by the investor.

As that demonstrates, there is nothing new in the declaration. Nobody is claiming that CETA will stop governments changing their laws, just that the massive fines that can be imposed by supra-national tribunals are likely to discourage them from doing so. Similarly, claiming that those fines will be "based on an objective determination by the Tribunal and will not be greater than the loss suffered by the investor" simply confirms the untrammelled power of the tribunal to impose whatever fine it thinks is appropriate.

As of this weekend, Magnette was still holding out for more guarantees. He has said that he is not against CETA in principle, but does want improvements to it, which offers the European Commission a way out of this crisis that they will surely try to seize. If the interpretative declaration is changed sufficiently, Magnette may be willing to give permission to Belgium to sign.

However, there's another factor. In the face of the continuing problems on the EU side, the Canadians seem to be close to calling the whole thing off. As the Guardian reported:

A landmark trade deal between the European Union and Canada is in meltdown, after Canada's trade minister walked out of talks with the Belgian regional parliament that has been blocking the deal.

The Canadian trade minister, Chrystia Freeland, was on the verge of tears on Friday as she announced the "end and the failure" of talks with the Walloon government.

However the head of the European parliament said late on Friday he would hold emergency talks in a bid to save the deal.

As that indicates, EU politicians are still trying to patch things up, but it's unlikely that Canada will be willing to make yet more concessions to satisfy Magnette. For his part, he said on Sunday night that he was "disappointed" with the Commission's latest attempt to convince him to accept CETA's ISDS (original in French). In any case, it looks increasingly likely that CETA will not be signed on October 27, and that Canada's prime minister, Justin Trudeau, will not be traveling to Europe to do so, which would be a huge diplomatic embarrassment for the European Commission. Corporate sovereignty may not be the only reason CETA is falling apart, but it is certainly one of the main ones. The twists and turns of the Walloon saga confirm just how politically toxic it has become.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: belgium, canada, ceta, corporate sovereignty, eu, ics, isds

EU-Canada Trade Deal Still Struggling, As Romania And Belgium Say They Won't/Can't Ratify Treaty

from the it-ain't-over-yet dept

Alongside the better-known trade deals that aren't really trade deals, TPP and TAFTA/TTIP, the smaller one between the European Union and Canada, CETA, is still trapped in a strange kind of political limbo. It was "celebrated" way back in October 2014, and has been officially in the "legal scrubbing" phase where the text is tidied up and translated into all the relevant languages (lots of them for the EU). Cleverly, the EU has used this period to sneak in the "lipstick on a pig" version of corporate sovereignty in an attempt to head off revolts among EU nations worried about growing public resistance to the idea. But just when the European Commission thought it had everything nicely sewn up, this happens:

Romania will not ratify the Comprehensive Economic and Trade Agreement (CETA) between the EU and Canada which was concluded in 2014, as an angry reaction to the refusal by Ottawa to lift the visa requirement of its nationals, but also for the lack of EU solidarity for solving the issue.

As EurActiv explains, Romania is upset because Canada is requiring Romanian (and Bulgarian) citizens to obtain a visa before visiting Canada, whereas everyone else in the EU can get in without one. As a result:

A Romanian government official who asked not to be named said that Romania would "veto" the CETA ratification.

Normally the ratification of CETA should conclude by the end of 2016 or 2017. Romania however will not ratify the agreement, EurActiv was told.

If that were the only problem with ratifying CETA, it might be possible to resolve with some judicious arm-twisting by the European Commission. But it's not, because SputnikNews is reporting the following:

The government of the French-speaking Belgian region of Wallonia has refused to ratify the EU-Canada free trade agreement approved by the Belgian cabinet, the region's minister-president said.

Belgium may be a fairly small country, and Wallonia an even smaller part of it, but if the regional government doesn't agree, it would seem that Belgium can't ratify CETA, and without Belgium's OK, the whole CETA agreement might unravel. In truth, nobody really knows -- and that's why these unexpected developments are so worrying for the European Commission. It is uncharted legal territory for EU countries like Romania and Belgium to be unwilling or unable to ratify international trade agreements the Commission has negotiated. One thing is certain: CETA ain't over until it's really, absolutely, definitively over. Until then, grab the popcorn.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: belgium, canada, ceta, eu, international trade, ratification, romania, tpp, ttip

Not 'Going Dark': 15 Out Of 15 Most Recent EU Terrorists Were Known To The Authorities In Multiple Ways

from the sure,-mass-surveillance-doesn't-work,-but-think-of-the-money-we-are-saving dept

Important information about recent terrorist attacks in Europe continues to emerge. Here's the latest news from Brussels, as reported by the Guardian:

Plans and photographs of the home and office of Belgium's prime minister, Charles Michel, have been found on a computer abandoned near a terrorist hideout in Brussels, according to Belgian sources.

The laptop was found in a bin near a flat in the Schaerbeek district that had been a makeshift bomb factory for the terrorists who killed 32 people and injured at least 340 in last week's suicide bombings at Brussels airport and the city metro.

Not unnaturally, perhaps, most commentary has been about the fact that Belgium's prime minister was apparently being considered as a target. But there's something else in this story that's interesting, not least because it's not explicit. The Belgian sources for this story have revealed that "plans and a photograph" were found on a computer. Assuming the laptop did indeed belong to the terrorists, that means one of two things: either the system did not use encryption at all, or that it was possible to bypass the protection. In either case, it looks like this is yet another demonstration that things are not "going dark" when it comes to terrorism, despite continued claims to the contrary.

Given how details about the attackers are coming through very sporadically, it can be hard to see the bigger picture. To address that issue, the German journalist Sascha Lobo has pulled together all the information he could find about lethal terrorist attacks carried out by Islamists over the last two years in Europe. Specifically, these were the attack on the Jewish Museum in Brussels in May 2014; the Paris attack on Charlie Hebdo and a Jewish supermarket in 2015; the attack on a cultural center and synagogue in Copenhagen in 2015; the second attack in Paris in November last year; and the recent attacks in Brussels.

The results of his research appear in the German news magazine Der Spiegel, but fortunately he has produced a tabulated form (with references) that doesn't require any knowledge of the German language to grasp. A glance is enough to see that every single one of the 15 attackers who have been identified was known to the authorities, often for multiple reasons. Indeed, as Lobo writes, it's even worse than it seems at first sight:

All 15 identified attackers were on terror warning lists or "Islamist instigator" lists in at least one European country. In addition, most were on other lists, such as no-fly lists. All 15 had been classified as violence-prone. 14 had known contacts with other radical Islamists (one of them was apparently radicalized only via the Internet). Twelve had taken trips to the "Islamic State" in Syria, or to al-Qaida in Iraq or Yemen. Ten had criminal records, most of them for violent crimes.

This is not a terrifying world where things are "going dark" for the authorities. This is not a situation where strong crypto made it impossible to know who was doing what. This is a world of persistent failure by the intelligence agencies and police to use the information they already had at their disposal. This is a world that wants to shift the blame to evil encryption, rather than admit that mass surveillance doesn't work, and is the wrong approach. Lobo offers a plausible explanation why this is still happening, despite the manifest inability of blanket snooping to spot obvious connections and use them to stop attacks:

Comprehensive surveillance appears as seemingly inexpensive because it is a solution that scales thanks to technology: troubleshooting at the press of a button. Directly linked with the aim of saving more and more, just as with the State in general. But classic investigative work, which is proven to work, is expensive and labor intensive. This leads to a failure by the authorities because of a faith in technology that is driven by economics.

In other words, it's much cheaper to call for even more automated mass spying than to address the problem properly by bringing in more trained personnel to carry out targeted surveillance of people who are known threats.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Filed Under: belgium, brussels, encryption, going dark