EDRi-gram 17.10, 22 May 2019

Started by rmstock, May 22, 2019, 12:49:42 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

rmstock

May 22, 2019, 12:49:42 PM
======================================================================
EDRi-gram 17.10, 22 May 2019
fortnightly newsletter about digital civil rights in Europe
Read online: https://edri.org/edri-gram/17-10/
=======================================================================
Contents
=======================================================================

1. Facebook lies to Dutch Parliament about election manipulation
2. Why should we vote in the EU elections?
3. Pseudo-counter-terrorism at the cost of human rights?
4. ePrivacy: Private data retention through the back door
5. Google-Huawei case highlights the importance of free software
6. Passenger surveillance brought before courts in Germany and Austria
7. Hey Google, where does the path lead?
8. A collective journey towards a strengthened network
9. Recommended Action
10. Recommended Reading
11. Agenda
12. About

=======================================================================
1. Facebook lies to Dutch Parliament about election manipulation
=======================================================================

On 15 May 2019, Facebook's Head of Public Policy for the Netherlands
spoke at a round table in the House of Representatives about data and
democracy. The Facebook employee reassured members of parliament that
Facebook has implemented measures to prevent election manipulation. He
stated: "You can now only advertise political messages in a country, if
you're a resident of that country." Nothing seems to be further from the
truth.

Dutch EDRi member Bits of Freedom wanted to know if it were possible to
target Dutch voters from a foreign country, using the type of post and
method of advertising that were employed in, among others, the "Leave"
campaign in the UK. From Germany, they logged in to a German Facebook
account, created a new page, and uploaded a well-known Dutch political
meme. They then paid to have it shown to Dutch voters and settled the
bill using a German bank account. Contrary to what Facebook led members
of parliament to believe, there was nothing that stood in their way of
doing so.

The other way around was just as easy. Facebook failed to stop Bits of
Freedom from targeting German voters interested in German political
parties Christian Democratic Union of Germany (CDU) and Alternative for
Germany (AfD) with a CDU/AfD meme, even though they were using a Dutch
Facebook account, had signed in from the Netherlands, and payed for the
ad with a Dutch bank account. Better yet, Facebook suggested to add to
their demographic, people with the additional interests "nationalism"
and "military". Thanks, Facebook!

We're not dealing with a company that occasionally messes up. Facebook
has time and time again exhibited a complete disregard for our
democracy, freedom of expression, and privacy. Therefore, Bits of
Freedom called on the House of Representatives to take action. On 20
May, on the Dutch current affairs television program "Nieuwsuur", Labour
Party (PvdA) leader Lodewijk Asscher responded: "Facebook promises to do
better, and time and time again their promises prove worthless. Facebook
says all the right things but in reality is a threat to democracy."
Liberal MP Kees Verhoeven (D66) added: "As far as I'm concerned, now is
the time we stop relying on self-regulation and trusting companies'
promises, and start regulating."

This article was first published at
https://www.bitsoffreedom.nl/2019/05/21/facebook-lies-to-dutch-parliament-about-election-manipulation/

Bits of Freedom
https://www.bitsoffreedom.nl/

Nieuwsuur: Facebook lies about political advertising (20.05.2019)
https://www.npostart.nl/nieuwsuur/20-05-2019/VPWON_1297109

Bits of Freedom
https://www.bitsoffreedom.nl/

Nieuwsuur: Facebook lies about political advertising (only in Dutch,
20.05.2019)
https://www.npostart.nl/nieuwsuur/20-05-2019/VPWON_1297109

Steps you can take to minimise the political ads you see online (19.05.2019)
https://privacyinternational.org/long-read/2913/steps-you-can-take-minimise-political-ads-you-see-online

(Contribution by Evelyn Austin, EDRi member Bits of Freedom, the
Netherlands)

=======================================================================
2. Why should we vote in the EU elections?
=======================================================================

What are your plans for the coming days? We have a suggestion: The
European elections will take place - and it's absolutely crucial to go
and vote!

In the past, the EU has often defended our digital rights and freedoms.
This was possible because the Members of the European Parliament (MEPs)
– who we, the EU citizens, elected to represent us in the EU
decision-making – are open to hearing our concerns.

So, what exactly has the EU done for our digital rights?

Privacy

The EU has possibly the best protection for citizens' personal data: the
General Data Protection Regulation (GDPR). This law was adopted thanks
to some very dedicated European parliamentarians, and it enhances
everyone's rights, regardless of nationality, gender, economic status
and so on. Since the GDPR came into effect, we now have for example the
right to access our personal data a company or an organisation holds on
us, the right to explanation and human intervention regarding automated
decisions, and the right to object to profiling measures.

You can read more about your rights under the GDPR here:
https://edri.org/a-guide-individuals-rights-under-gdpr/

Net neutrality

Europe has become a global standard-setter in the defence of the open,
competitive and neutral internet. After a very long battle, and with the
support of half a million people that responded to a public
consultation, the principles that make the internet an open platform for
change, freedom, and prosperity are upheld in the EU.

In June 2015, negotiations between the three European Union institutions
led to new rules to safeguard net neutrality - the principle according
to which everyone can communicate with everyone on the internet without
discrimination. This principle was put at risk by the ambiguous,
unbalanced EU Commission proposal, which would have undermined the way
in which the internet functions. In 2016, the Body of European
Regulators for Electronic Communications (BEREC) was tasked with
publishing guidelines to provide a common approach to implementing the
Regulation in the EU Member States. In June 2016, BEREC published the
draft guidelines that confirm strong protections for net neutrality and
open internet.

ACTA

In 2012, the MEPs voted against an international trade agreement called
the Anti-Counterfeiting Trade Agreement (ACTA), which, if concluded,
would have likely resulted in online censorship. It would have had major
implications for freedom of expression, access to culture and privacy,
it will harm international trade and stifle innovation. Therefore,
people decided to demonstrate and there were protests against this draft
agreement in over 200 European cities calling for a rejection. In the
end, the Parliament listened to the concerns of the people and voted
against ACTA.

Protecting whisteblowers

Whistleblowers fight for transparency, democracy and the rule of law,
reporting unlawful or improper conduct that undermine the public
interest and our rights and freedoms. In 2017, the European Parliament
called on legislation to protect whistleblowers, making a clear
statement recognising the essential role of whistleblowers in our
society. This Resolution started the process of putting into place
effective protections for whistleblowers throughout the EU. In April
2019, the Parliament adopted the new Directive, which is still to be
approved by the EU Council.

Your vote matters for digital rights

In many occasions, the EU Parliamentarians have stood for our rights and
freedoms. It's important that also the new EU Parliament will be a
strong defender of our digital rights – because there are so many
important fights coming up.

The European elections are one of the rare occasions where we can take
our future and the future of Europe into our own hands. Your vote
matters. Please go and vote for digital rights on 23-27 May!

You can find more information about the elections online, for example at
https://www.european-elections.eu, https://www.thistimeimvoting.eu/ and
https://www.howtovote.eu/.

=======================================================================
3. Pseudo-counter-terrorism at the cost of human rights?
=======================================================================

The Prime Minister of New Zealand Jacinda Arden showed compassionate and
empathetic leadership in her response to the Christchurch terrorist
attack on a mosque in her country on 15 March 2019. On 16 May in Paris,
Arden and the French President Emmanuel Macron co-launched the
Christchurch Call to Action to Eliminate Terrorist and Violent Extremist
Content Online.

The day before, EDRi joined a meeting the New Zealand government held
with civil society and academics. The purpose of the meeting was to
present the call and to hear recommendations moving forward on the call
implementation and joint work to combat terrorism and white supremacy.

While the approach of the New Zealand government is sensible, and the
final text of the call to action does include human rights safeguards
for a free and open internet, the initiative is naïve as it relies on
questionable companies and governments' practices, inefficient in
combatting terrorism, and opens the door to serious human rights breaches.

A "sacrificed process"

In the words of Arden herself, civil society consultations were
"sacrificed" to allow for a swift process and for the call to be
launched, on the occasion of the Tech for Good  conference and the G7
Digital Ministers meeting. NGOs and other stakeholders such as
journalists, academics and the technical community did not get a chance
to submit contributions before the finalisation of the call. The rushed
timeline was an obstacle to any meaningful participation in the process.
The lack of anti-racism organisations or organisations from the Global
South in the consultative meeting in Paris is a major gap for an
initiative purporting to address "violent extremism" globally.

Failure to address social media business model

The call to action refrains from criticising and questioning the
business model of Google, Amazon, Facebook, and Apple in order to get
them to sign the initiative. However, as long as profit is made mainly
from behavioural advertising revenue which increases by showing
polarising, violent or illegal content, the entire system will continue
to promote such content and lead people to share it. Human nature and
all of its addictions are encouraged and amplified by opaque artificial
intelligence.

Human rights concerns

As state authorities are unable to call out the big tech for larger
issues, the Christchurch call places emphasis on content removal and
filtering of broadly and ill-defined content. "Terrorist and violent
extremist" content can be left to the appreciation of law enforcement
authorities and companies, which opens risks of arbitrariness against
legitimate dissent from groups at risk of racism, human rights
defenders, civil society organisations or political activists. Solutions
such as upload filters or rapid removals of content can be turned into
censorship and are error-prone, as the European Commission acknowledges,
by stating that "biases and inherent errors and discrimination can lead
to erroneous decisions". Invaluable and unique evidence of human rights
abuses committed by groups or governments can also disappear, as
examples from the war in Syria show. UN Special Rapporteur on human
rights and counter-terrorism estimates that around 67% of people
affected by counter-terrorism or security policies are human rights
defenders.

Handing over policing powers and regulating freedom of expression to the
private sector, with no accountability or possibility of redress, is
highly problematic for the rule of law. Companies' terms of services do
not replace laws when it comes to assessing what is legal and what is
not. In addition to this problem, there should be redress mechanisms to
review whether in fact only illegal terrorist content has been removed −
otherwise human rights will be at risk in countries that do not have the
same respect for the rule of law than New Zealand.

Algorithms used to prevent uploading or delete content are not
transparent, and do not allow for accountability or redress mechanisms.
Therefore unaccountable removal of content and incentives for
over-removal of content must be explicitly rejected. Likewise, law
enforcement authorities must be held accountable by being obliged to
submit transparency reports regarding the requests to remove content,
including the number of investigations and criminal cases opened as a
result of these requests. There are many initiatives addressing the
broad range of "harmful online content" such as the upcoming G7 Biarritz
Summit, France and the UK's online harms/platform duties proposals and
the EU Regulation on Terrorist Content Online. The overall impact of
initiatives that risk limiting freedom of expression needs to be
evaluated based on evidence. This is currently not the case.

Broader societal efforts are needed to effectively combat terrorism  -
online and offline. These include education, social inclusion,
questioning the impact of austerity, accountability for politicians
using hate speech and stigmatising rhetoric, and real community involvement.

What the YouTube and Facebook statistics aren't telling us (24.04.219)
https://edri.org/what-the-youtube-and-facebook-statistics-arent-telling-us/

Commission working document - Impact assessment accompanying the
Proposal for a Regulation of the European Parliament and of the Council
on preventing the dissemination of terrorist content online (12.09.2018)
https://ec.europa.eu/commission/sites/beta-political/files/soteu2018-preventing-terrorist-content-online-swd-408_en.pdf

Report of the Special Rapporteur on the promotion and protection of
human rights and fundamental freedoms while countering terrorism on the
role of measures to address terrorism and violent extremism on closing
civic space and violating the rights of civil society actors and human
rights defenders (18.02.2019)
https://www.ohchr.org/Documents/Issues/Terrorism/SR/A_HRC_40_52_EN.pdf

(Contribution by Claire Fernandez, EDRi)

=======================================================================
4. ePrivacy: Private data retention through the back door
=======================================================================

Blanket data retention has been prohibited in several court decisions by
the European Court of Justice (ECJ) and the German Federal
Constitutional Court (BVerfG). In spite of this, some of the EU Member
States want to reintroduce it for the use by law enforcement authorities
– through a back door in the ePrivacy Regulation.

The ePrivacy Regulation

The ePrivacy Regulation, which is currently under negotiation, is aimed
at ensuring privacy and confidentiality of communications in the
electronic communications, by complementing and particularising the
matters covered in the General Data Protection Regulation (GDPR).
Confidentiality of communications is currently covered by the ePrivacy
Directive dating back to 2002. A review of this piece of legislation is
long overdue, but Member States keep delaying the process and therefore
not updating necessary protections for online privacy in the EU.

Ever since 2017, the EU Ministers of Justice and Interior have been
"deliberating" the Tele2 verdict by the European Court of Justice. The
Court had declared the blanket retention of telecommunications metadata
inadmissible. Yet the EU Member States are unwilling to accept this
ruling. During an informal discussion in Valetta on 26 and 27 January
2017, the Justice and Interior Ministers expressed their wish for "a
common reflection process at EU level on data retention in light of the
recent judgments of the Court of Justice of the European Union" (Ref. EU
Council 6713/17) to implement EU-wide data retention. This process was
set in motion in March 2019 by the Presidency of the Council of the
European Union. A sub-group of the Council's Working Party on
Information Exchange and Data Protection (DAPIX) was put in charge. From
the very beginning, this reflection process has mainly served the
purpose of finding opportunities to implement yet another instance of
data retention on the EU level. This has been proven by documents
published by EDRi member Statewatch.

Instead of complying with the clear rulings by the European Court of
Justice (Tele 2 and Digital Rights Ireland), the responsible ministers
are doing everything they can to "resurrect" data retention, potentially
using ePrivacy as a basis for a new era of data retention. In a working
document (WK 11127/17), the Presidency of the EU Council in 2017
concluded in addition to a specific data retention legislation it would
be desirable to also collect citizens' communications data (metadata) in
ePrivacy to avoid so companies can use it for commercial purposes. The
logic behind being, probably, to circumvent CJEU case law by not
imposing an obligation on companies but having the data available when
law enforcement needs it thanks to ePrivacy.

Private data retention

In plain words, this means: If the courts will not allow mass data
retention, service providers will simply be given incentives to do so by
their own choice. That is why the ePrivacy Regulation is being watered
down by Member States in order to give the service providers manifold
permissions to store data for a wide variety of reasons (see Article 6
of the draft ePrivacy Regulation). Those responsible are relying on the
assumption that the providers' appetite for data will be sufficient even
without an explicit obligation to retain data.

The immediate problem with this type of private data retention is the
fact that it weakens the protection of all users' personal data against
data hungry corporations whose main interest is making profit. What's
even worse is that, once again, a governmental function is being
outsourced to private corporations. These corporations are not subject
to democratic scrutiny, and they are given ever more power over the
countries concerned.

In Germany, the hurdles for criminal investigators to get access to data
are already very low. The e-mail provider Posteo, for example, had to
pay a fine because they were unable to provide the criminal
investigators the IP addresses from which a certain e-mail account had
been accessed. Posteo simply hadn't stored those data; they were erased
as soon as they were received. The Court declared the fine to be
justified. This decision could easily lead to a situation where private
companies prefer to err on the side of caution and store even more data,
just to avoid such fines.

The draft ePrivacy Regulation as proposed by the European Commission in
2017 placed relatively strict duties on service providers regarding data
protection. For example, they were obliged to either erase or anonymise
all data that was no longer needed. This is diametrically opposed to the
goal of private data retention, and the DAPIX task force noticed it,
too. As the Presidency of the EU Council statedservice providers will be
given the freedom to use and store data in order to prevent "fraudulent
use or abuse". And these data could then be picked up by law enforcement
doing criminal investigation.

No data retention through the back door!

EDRi member Digitalcourage wanted to know how the German government
argued with respect to the data retention issue, and submitted a request
for the disclosure of documents related to it. Unfortunately, the
request was largely denied by the Council of the European Union, long
after the legal deadline was missed. The secretariat declared that a
disclosure would be a threat to public safety – the risk to the
relationship of trust between the Member States and Eurojust, the EU
agency dealing with judicial co-operation in criminal matters among
agencies of the Member States, would be too severe. Furthermore, such a
disclosure would threaten ongoing criminal investigation or judicial
procedures. No further details were given. Digitalcourage lodged an
appeal against this dismissal, but in addition to being asked for
patience, they haven't received an answer from the European Commission.
Several requests pursuant to the Freedom of Information Act have also
been submitted to German ministries.

It is unbelievable to imagine policy makers contemplating existing and
potential new surveillance laws that would clearly be illegal. However,
this is exacly what the DAPIX task force is doing, and they are doing it
behind closed doors. The changes they propose can be found in the
current draft ePrivacy Regulation. Digitalcourage will continue to
request documents from the EU and the German government. As soon as the
trilogue negotiations between EU Council, Commission and Parliament
begin, the concerns will be voiced our concerns and a demand: No data
retention through the back door!

This article was first published at
https://digitalcourage.de/blog/2019/eprivacy-private-data-retention-through-the-back-door

Digitalcourage
https://digitalcourage.de/en

ePrivacy: Private data retention through the back door (in German,
18.04.2019)
https://digitalcourage.de/blog/2019/eprivacy-private-vorratsdatenspeicherung-durch-hintertuer

(Contribution by EDRi member Digitalcourage, Germany)

=======================================================================
5. Google-Huawei case highlights the importance of free software
=======================================================================

Google denies the Chinese IT giant Huawei access to Google's proprietary
components of the Android mobile operating system, which threatens IT
security. This highlights the importance of free software for technology
users, public bodies, and businesses.

Following the US administration's decision to effectively ban American
companies from doing trade with the Chinese company Huawei, Google
suspended all business with the company. This affects all software which
is not covered under free software licences. In practice, Huawei's
upcoming and potentially also current phones will no longer get support
and updates for the Android operating system. They will also not have
access to the proprietary Google apps and services like Gmail and Google
Play. Especially the latter will put Huawei users at risk, because
without access to the default app store on most Android phones they will
miss important security updates for the apps installed through it.

Google offers only a base version of Android under a free software
licence, but bundles it together with proprietary apps and services. The
non-free components of most stock Android devices have numerous
downsides for users, as EDRi member Free Software Foundation Europe
(FSFE) has documented since 2012. The current case demonstrates that
even tech giants like Huawei face similar dependencies and vendor
lock-in effects as any individual users if they rely on proprietary
software.

The following lessons can be drawn from this case:

1) Users should favour free software operating systems and applications
on their computing devices. With proprietary software, they are on the
receiving end only, and vendors may deny them access to crucial security
updates. Free software enables control of technology, and the more
important that technology becomes in our daily lives, the more relevant
free software becomes for users. For Android, the FSFE helps users to
regain more control with its Free Your Android initiative.

2) Governments and especially the European Union should invest more
resources in free software to gain independence from large enterprises
and other states. The current case highlights the lack of influence the
EU has on outside technology providers. Instead of waiting for a future
European IT monopolist to enter the stage, the EU and its members states
should invest in free software development and focus on supporting local
free software organisations as well as businesses. This would
effectively foster the inner-European market and enable independence for
European citizens and the EU economy. This step is essential for
avoiding exposing European infrastructure to shutdowns controlled by
external factors.

3) Companies should use as much free software as possible in their
supply chains. Proprietary software makes a company dependent on its
vendor and this vendor's government. The current case shows that the US
was able to force Google to stop delivery of its proprietary products –
but could not stop delivery of the free software components of Android.
Had Huawei invested more resources in free software apps and services,
the US strategy would not have hit them as hard. Although the current
events are linked to the scrutiny the Chinese company is under right
now, it is obvious that this could happen to any other company based in
any other country as well.

The earlier allegations against Huawei already showed that code for all
critical infrastructure should be published under a free software
licence. The latest episode of the Huawei affair illustrates that the
same applies to apps and services. Just days before the European
elections, this should be a wake-up call for the next constituent
Parliament to ask the European Commission for European Directives that
foster independence of European technical infrastructure and that build
on free software, starting with the demand to release publicly funded
software as public code.

Free Software Foundation Europe (FSFE)
https://fsfe.org/

Three conclusions to draw from Google denying Huawei access to software
(20.05.2019)
https://fsfe.org/news/2019/news-20190520-01.en.html

Free Your Android!
https://freeyourandroid.org

Public Money, Public Code
https://publiccode.eu

Huawei case demonstrates importance of Free Software for security
(05.02.2019)
https://fsfe.org/news/2019/news-20190205-01.en.html

(Contribution by EDRi member Free Software Foundation Europe – FSFE, Europe)

=======================================================================
6. Passenger surveillance brought before courts in Germany and Austria
=======================================================================

EDRi members Gesellschaft für Freiheitsrechte (GFF, Society for Civil
Rights) and Epicenter.works have taken legal action against the mass
retention and processing of Passenger Name Records (PNR) before German
and Austrian courts and authorities. The European PNR Directive
(Directive 2016/681) requires airlines to automatically transfer their
passengers' data to state authorities. There, the data are stored and
automatically compared with pre-determined "criteria" that describe, for
example, the flight behavior of known criminals. The data will also be
distributed to other authorities and even non-EU member countries.

The EU Member States have been, since May 2018, obliged by the European
PNR Directive to have adopted legislation for the retention of passenger
data from airlines. For each passenger who takes a flight, a record is
created. It contains at least 19 data items, including data such as the
date of birth, details of accompanying persons,  payment information,
and the IP address used for online check-in. Together with information
on the flight time and duration, booking class and baggage details, PNR
data provides a detailed picture of the trip and the passenger.

PNR data is stored centrally at the respective Passenger Information
Unit (PIU). These PIUs are usually located at national police
authorities. The data can then be accessed by numerous other authorities
and even transmitted to other countries. In addition, an automated
comparison of the data records with pre-determined  "criteria" is
conducted.

This is a way of identifying new suspects in the mass of previously
unsuspicious passengers – and a new level of dragnet action by
collecting data from all citizens to "catch a few fish". Thus, each
individual, whether previously suspected of a crime or not, can thus be
subjected to stigmatising investigations, just for coincidentally having
similar flight patterns to past offenders.

GFF and epicenter.works argue that the PNR Directive in its current form
violates the Charter of Fundamental Rights of the European Union, in
particular the right to respect for private and family life (Article 7),
as well as the right to the protection of personal data (Article 8). The
Court of Justice of the European Union (CJEU) already took a similar
view in its 2017 Opinion on the draft PNR agreement between the EU and
Canada.

Since it isn't possible to appeal the case against the PNR Directive
directly before the CJEU, GFF and epicenter.works have brought legal
actions before courts and authorities, civil and administrative courts,
as well as the data protection authorities (DPAs) in Germany and
Austria. The complaints lodged argue that the storage and processing of
data by the police authorities violates the Charter of Fundamental
Rights. Due to the case's evident implications of EU law and the CJEU's
aforementioned opinion, it is expected that national courts will
eventually refer the question to the CJEU.

The basic funding for the project is provided by the Digital Freedom Fund.

Gesellschaft für Freiheitsrechte (GFF, Society for Civil Rights)
https://freiheitsrechte.org/english/

Epicenter.works
https://epicenter.works

No PNR campaign
https://nopnr.eu

Directive 2016/681 (PNR Directive)
https://eur-lex.europa.eu/legal-content/EN/TXT/HTML/?uri=CELEX:32016L0681&from=DE


CJEU Opinion on the Draft PNR agreement between Canada and the European
Union
http://curia.europa.eu/juris/document/document.jsf?docid=193216&text=&dir=&doclang=EN&part=1&occ=first&mode=DOC&pageIndex=0&cid=7992604

(Contribution by EDRi member Gesellschaft für Freiheitsrechte, Germany)

=======================================================================
7. Hey Google, where does the path lead?
=======================================================================

If you do not know the directions to a certain place, you use a digital
device to find your way. With our noses glued to the screen, we blindly
follow the instructions of Google Maps, or its competitor. But do you
know which way you are being led?

Mobility is a social issue

Mobility is an ongoing debate in the Netherlands. Amsterdam is at a loss
on how to deal with the large cars on the narrow canals, and smaller
municipalities such as Hoogeveen is constructing a beltway to offset the
Hollandscheveld area. Governors want to direct the traffic on the roads
and as a result, they deliberately send us either right or left.

If all is well, all societal interest are weighed in on that decision.
If one finds that the fragile village centre should be offset, the road
signs in the berm direct the drivers around it. If the local authorities
want to prevent cars from rushing past an elementary school, the cars
are being routed through a different path.

Being led by commercial interests

However, we are not only being led by societal interests. More and more,
we use navigation systems to move from place A to place B. Those systems
are being developed by an increasingly smaller group of companies, of
which Google seems to be the frontrunner. Nowadays, hardly anyone
navigates using a map and the traffic signs on the side of the road. We
only listen to the instructions from the computer on the dashboard.

In this way, a commercial enterprise determines which route we take -
and it has other interests than the local authorities. It wants to
service its customers in the best possible way. But who are these
customers? For some companies, that's the road users, but for others -
often those where the navigation is free for the users -  the customers
that really matter are the invisible advertisers.

Too much of a short cut

And even that is too limited of course. Because which consideration the
developer of the navigation system really takes is rarely transparent.
When asking Google for a route from the Westerpark to the Oosterpark in
Amsterdam, it leads you around the canal belt, instead of through it.
That doesn't seem to be the shortest route for someone on a bicycle.

Why would that be? Maybe Google's algorithm is optimised for the
straight street patterns of San Francisco and it's unable to work with
the erratic nature of the Amsterdam canals. Maybe it's the fastest route
available. Or maybe it's a very conscious design choice so that the
step-by-step description of the route does not become too long. Another
possibility is that the residents of the canal belt are sick of the
daily flood of cycling tourists and have asked Google, or maybe paid for
it, to keep the tourists out of the canal belt. We simply don't know.

Being misled

Incidentally, the latter-mentioned reason is less far-fetched than you
would think at first. When you are in Los Angeles, you can't miss the
letters of the Hollywood Sign. A lot of tourists want to take a picture
with it. Those living on the hill underneath the monumental letters are
sick of it. They have, sometimes illegally, placed signs on the side of
the road that state that the huge letters are not accessible through
their street.

With the rise of digital maps that action became less and less
successful. Pressurised by a municipal councillor, Google and Garmin, a
tech company specialising in GPS technology, adjusted their maps so that
tourists are not being led to the actual letters, but to a vantage point
with a view of the letters. Both mapmakers changed their service under
pressure of an effectively lobbied councillor.

Serving a different interest

It's very rarely transparent which interests companies are taking into
consideration. We don't know which decisions those companies take and on
which underlying data and rules they are based. We don't know by whom
they are being influenced. We can easily assume that the interests of
such companies are not always compatible with public interests. This has
a major impact on the local situation. If a company like Google listens
to retailers, but not residents, the latter will be disadvantaged. The
number of cars in and around the shopping streets is growing - which
sucks, if you happen to live there. And even more so, if the local
authorities do try to route the cars differently.

Again, this is another good example of how the designer of a technology
impacts the freedom of the user of the technology. It also impacts
society as a whole: we lose the autonomy to shape our living environment
with a locally elected administration.

Moreover, this story is not only about the calculated route, but also
about the entire interface of the software. The Belgian scientist Tias
Guns described that very aptly: "There is, for example, an option to
avoid highways, but an option to avoid local roads is not included." As
a driver, try and spare the local neighbourhood then.

The platform as a "dead end"

Adding to that – ironically – is that the major platforms are not always
reachable.  Where do you have to turn to if you want Google Maps to
route less traffic through your street? Or, actually more, if you are a
retailer? On a local level, this is different. There is a counter at the
city hall where you can go, and there is a city council where you can
put traffic problems on the agenda. This, by itself, is already very
difficult to coordinate. The Chief Technology Officer of the city
Amsterdam recently told in an interview about the use of artificial
intelligence in the local authority:

"In some areas, residents have a larger capability to complain. Think of
the city centre or the 'Oud-Zuid' area both more affluent areas and home
to a large number of lawyers. It's general knowledge that in those areas
a complaint is made far easier than, for example, the less affluent area
of Amsterdam "Noord".  This is not difficult for trained operators. They
can handle experienced grumblers, and can judge for themselves whether
the complaint is valid. A computer can not."

Another issue is that some digital mapmakers are so large - and will
continue to grow - that they can afford to listen selectively.

Who determines the path?

So, who decides how our public space is being used? Is that a local city
council or a commercial enterprise? This makes quite a difference. In
the first case, citizens can participate, decisions are made
democratically, and there is a certain amount of transparency. In the
second case, you have no information on why you were led left or right,
or why shopping streets have become desolate overnight. Most likely the
rule is: whoever pays, gets to decide. The growing power of commercial
enterprises in the issue of mobility is threatening to put local
administrations - and with that us, the citizens and small companies -
out of play.

Bits of Freedom
https://www.bitsoffreedom.nl/

Hey Google, which way are we being led? (15.05.2019)
https://www.bitsoffreedom.nl/2019/05/15/hey-google-which-way-we-being-led/

Hey Google, which way are we being led? (in Dutch, 15.05.2019)
https://www.bitsoffreedom.nl/2019/04/15/hey-google-waarheen-leidt-de-weg/

Why people keep trying to erase the Hollywood sign from Google Maps
(21.11.2014)
https://gizmodo.com/why-people-keep-trying-to-erase-the-hollywood-sign-from-1658084644

(Contribution by Rejo Zenger, EDRi member Bits of Freedom, the
Netherlands; translation from Dutch to English by Bits of Freedom
volunteers Alex Leering and Amber Balhuizen)

=======================================================================
8. A collective journey towards a strengthened network
=======================================================================

On 6 and 7 April, European Digital Rights (EDRi) network held its
General Assembly in London. EDRi members elected three new Board members
and a new President, Anna Fielder, a long-standing privacy expert, who
succeeds Andreas Krisch – EDRi President of ten years who lead the
network through years of achievements and milestones.

This General Assembly also marked the kick off of our strategic planning
process that will lead to the adoption of EDRi's strategy for the next
five years in 2020. This is the beginning of a year-long journey of
consultations and reflection to develop a new plan for continuing to
efficiently work together as the leading European network of NGOs,
successfully defending human rights in the digital environment.

We are committed to a transparent and inclusive process to strengthen
the network's theory of change. Looking back at our past achievements,
we will be looking at long-standing and emerging topics, tactics and
network and organisational development. At the heart of the strategy, we
will put efforts to strengthen a network of organisations, and to equip
individuals working for these organisations to deal with raising
challenges, and to feel safe and empowered to be actors of change.

A new digital deal

In a changing environment, EDRi must adjust to stay relevant and offer
redress to people affected by human rights violations online.

EDRi's recent achievements on data protection, privacy and freedom of
expression make our network more relevant than ever. Since our last
strategy was adopted in 2015, there is not a day without data
exploitations being uncovered, States attempting to curb freedom of
expression online, and digitalisation increasing opportunities and risks
for people. While more actors embrace this change, only a few continue
to prioritise human rights as their key concern.

The weight of corporate lobby makes it hard for civil society
organisations to have a meaningful contribution. "Alone you go faster,
but together you go further," says an African proverb. New connections
with the broader human rights movement are needed to make our voice
heard, while EDRi's expertise and unique perspective remains intact and
essential.

What we will do?

As a network of NGOs, we will look at some of the following questions to
add strategic guidance, whether in our collective or individual work:
- What have we learned since the last strategy in terms of organisation
and work areas and how does this inform our strategic process?
- How can we better define EDRi's vision and mission?
- What is the future of digital rights in Europe?
- What are the changes we want to see happening in the field of digital
rights in Europe to ensure protection of human rights in the digital
envirdonment for all?
- Who should we work with inside and outside the "digital rights bubble"?
- How is the change most likely to happen? What are some methods and
decision-making processes we need to get there?
- What kind of resources do we need in order to achieve our goals?

Next steps on our journey

Based on a first survey on members and observers, we held a fruitful
workshop with the participants of our General Assembly. An advisory
group of members and Board members has been established to provide
expert input, and we are currently processing the data collected to
date. At the end of May, the Brussels office staff and Board will meet
for a day to further work on the draft strategy, which will be followed
by a consultation inside the membership and with external advisors. The
second half of the year will be dedicated to formal reviews on the draft
strategy.

We would like to thank our members based in the UK Open Rights Group,
Article 19 and Privacy International for hosting the General Assembly in
London as well as FabRiders and Aspirations for the skillful
facilitation and invaluable advice. We welcome an ongoing dialogue with
you on how we can aspire for a strategy that provides value for EDRi
members, observers, and the broader movement. If you want to contribute
to this collective reflection, please get in touch!

=======================================================================
9. Recommended Action
=======================================================================

Vacancy: Join our Brussels team as Head of Policy!
We are looking for an experienced, strategic and dedicated Head of
Policy to join our team in Brussels, for a full-time, permanent
position. You're still on time to send us your application - deadline
extended until 16 June!
https://edri.org/edri-is-looking-for-a-new-head-of-policy/

Help exposing micro-targeted political ads in the EU elections!
You can help improve transparency and restore civility in elections by
installing the Who Targets Me browser extension! This extension records
every political ad served to you on Facebook, including the data they
used to target you. Not a Facebook user? Not a problem. You can still
help by encouraging Facebook users you know to use Who Targets Me.
https://whotargets.me/en/

=======================================================================
10. Recommended Reading
=======================================================================

Video: Is your vote for sale? Political advertisers think so
https://privacyinternational.org/video/2937/video-your-vote-sale-political-advertisers-think-so

Steps you can take to minimise the political ads you see online (19.05.2019)
https://privacyinternational.org/long-read/2913/steps-you-can-take-minimise-political-ads-you-see-online

San Francisco bans facial recognition technology (14.05.2019)
https://www.nytimes.com/2019/05/14/us/facial-recognition-ban-san-francisco.html

=======================================================================
11. Agenda
=======================================================================

23.05.2019, Brussels, Belgium
npbbxl 5.2: Net politics meet-up
https://npbx.wordpress.com/

08.06.2019, Bielefeld, Germany
German Big Brother Awards 2019
https://bigbrotherawards.de/en

11.06.2019, Tunis, Tunisia
RightsCon Tunis 2019
https://www.rightscon.org/

31.07.2019, Toronto, Canada
Citizen Lab Summer Institute on Monitoring Internet Openness and Rights
https://citizenlab.ca/summerinstitute/2019.html

21.08.2019, Mildenberg, Germany
CCCamp 2019
https://events.ccc.de/

13.09.2019, Berlin, Germany
Netzpolitik-Conference
https://netzpolitik.org/

08.11.2019, Brussels, Belgium
Freedom not Fear 2019
https://www.freedomnotfear.org/

============================================================
12. About
============================================================

EDRi-gram is a fortnightly newsletter about digital civil rights by
European Digital Rights (EDRi), an association of civil and human rights
organisations from across Europe. EDRi takes an active interest in
developments in the EU accession countries and wants to share knowledge
and awareness through the EDRi-gram.

All contributions, suggestions for content, corrections or agenda-tips
are most welcome. Errors are corrected as soon as possible and are
visible on the EDRi website.

Except where otherwise noted, this newsletter is licensed under the
Creative Commons Attribution 3.0 License. See the full text at
http://creativecommons.org/licenses/by/3.0/

Newsletter editor: Heini Jarvinen - edrigram@edri.org

Information about EDRi and its members: http://www.edri.org/

European Digital Rights needs your help in upholding digital rights in
the EU. If you wish to help us promote digital rights, please consider
making a private donation.
https://edri.org/donate/

- EDRi-gram subscription information
subscribe by e-mail
To: edri-news-request@mailman.edri.org
Subject: subscribe
You will receive an automated e-mail asking to confirm your request.
Unsubscribe by e-mail
To: edri-news-request@mailman.edri.org
Subject: unsubscribe

- Newsletter archive
Back issues are available at:
http://www.edri.org/newsletters/

- Help
Please ask edrigram@edri.org if you have any problems with subscribing
or unsubscribing.

``I hope that the fair, and, I may say certain prospects of success will not induce us to relax.''
-- Lieutenant General George Washington, commander-in-chief to
   Major General Israel Putnam,
   Head-Quarters, Valley Forge, 5 May, 1778
Print
Go Up Pages1
User actions