Do We Really Want The UN In Charge Of Cybersecurity Standards?

from the answer:-no dept

We've been talking quite a bit about the upcoming efforts by the International Telecommunication Union (ITU) to expand its ability to govern the internet, and numerous proposals are being submitted by various telcos along those lines. The folks over at CDT are ably demonstrating why this is dangerous in a number of ways, starting with why the ITU is the exact wrong place to be dealing with cybersecurity issues, even though many of the proposals deal with cybersecurity. Take, for example, the proposal of African Member States, which suggests that the ITU can be a central force in "harmonizing" data retention laws and rules. As CDT notes, this seems to assume that the only issue with data retention laws are that they are different in different countries. But that ignores the fact that many people question whether or not such laws even make sense in the first place:

This reference to data retention well illustrates the problems with involving the ITU in issues related to cybercrime and cybersecurity. Not only do national laws on data retention vary greatly, but there is ongoing controversy about whether governments should impose data retention mandates at all. In addition, where data retention is required, there are many different views on the legal standards under which governments should be able to gain access to retained data – whether access should require a court order, for example. Such questions are crucial to adopting a data retention law, but are far outside the expertise of the ITU. Other concerns arise from the fact that data retained by a service provider may, absent specific legal and procedural safeguards, be subject to access by the government to investigate any crime, may be accessed by intelligence agencies, and may be shared with other governments to assist their investigations. In addition, the more data that companies are required to retain, and the longer the retention period, the greater the risk that personal information could be breached, leaked, or otherwise abused.

Elsewhere, the report highlights how many of the proposals on "cybersecurity" seem more likely to set up rules and laws that help repressive regimes crack down on critics and dissidents. And that, of course, highlights the real problem here. There is nothing in the ITU that involves actually determining what's best for the public and for individuals' rights. Instead, the proposals are from big (often state-supported) telcos and governments themselves. The CDT paper correctly argues that a group like the ITU simply isn't as quick or as flexible as any reasonable body dealing with the rapidly changing, always dynamic world of cybersecurity. But it goes even further than that. An effective look at cybersecurity requires recognizing that governments and telcos often have views that are not at all in the best interests of citizens -- and handing off all discussions on "cybersecurity" regulations to such a body seems ripe for abuse in ways that may help governments or telcos, but at the expense of the public and their ability to speak out.

Filed Under: cybersecurity, data retention, flexibility, itu, regulation, security, telcos, un, wcit

Dutch Government: Make European Copyright Exceptions More Flexible

from the didn't-see-that-coming dept

Well, here's a turn-up for the books. At a time when the European Commission is insisting that the copyright ratchet should be tightened up a few notches by bringing in ACTA, with its perilously vague terms that potentially criminalize even low-level acts of online sharing, here's the Dutch government planning to go in the opposite direction:

The Dutch government wants to change copyright law so new media users can continue to do "creative remixes" of protected content. [It] will no longer wait for the European Commission to find a compromise.

The Dutch government made that clear at a conference it had organized, entitled "Towards Flexible Copyright," where one of the speakers was Bernt Hugenholtz of the Dutch state committee on copyright law. On the subject of YouTube, he said:

"Many of the videos we find there are creative remixes of material protected under copyright. They're mostly for laughs or political commentary, or they're simply absurd. If we applied the law today strictly, we would not be allowed to do these things."

Also speaking at the conference, Netherland's Deputy Justice Minister Fred Teeven said he was exploring "a more flexible system of copyright exceptions that would also work in a European context." One solution would be to replace the limited set of European exceptions to copyright, which are laid down by law and allow no flexibility, with a system more akin to US fair use, which gives courts a certain leeway to determine what exactly is permissible.

Of course, that's an eminently sensible thing to do, not least because it wouldn't require a radical overhaul of European copyright, just some tinkering at the edges. Despite that, the idea is likely to meet stiff resistance -- and not just from the industry dinosaurs that reflexively resist any change that might reverse the copyright ratchet by even a few degrees.

At a time when the European Commission is hell-bent on getting ACTA ratified by the European Parliament, it won't take kindly to national governments going their own way on exceptions. That's particularly the case since the Commission is also drafting a new directive specifically designed to harmonize EU copyright law.

The Dutch government will be well aware of all those countervailing pressures, which makes this unexpected move all the more bold. Let's hope it inspires other EU countries to lend their weight to this much-needed initiative to make European copyright laws fit for the digital age.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Filed Under: copyright, exceptions, flexibility, government, netherlands