[governance] FOURTH DRAFT statement on enhanced cooperation

Roland Perry roland at internetpolicyagency.com
Sun Nov 14 12:04:06 EST 2010 

In message <4CE003D4.1030409 at eff.org>, at 07:44:20 on Sun, 14 Nov 2010, 
Katitza Rodriguez <katitza at eff.org> writes
>Hi Roland,
>
>Sorry for not replied to your earlier email. I am happy to talk about 
>Re: OECD with you.

Let's do that. What you talk about below is CoE, however.

>On 11/14/10 12:59 AM, Roland Perry wrote:
>> In message <4CDB0DC0.9080204 at eff.org>, at 13:25:20 on Wed, 10 Nov 
>>2010, Katitza Rodriguez <katitza at eff.org> writes
>>> For example, it is dangerous to see the Budapest Convention exported 
>>>to other countries, as it has serious implications for citizen's 
>>>fundamental rights.
>>
>> Citizens also need the right not online safety.
>
>I do not understand the comment. Can you clarify, please?

Sorry, my fingers stumbled on the keyboard. I meant to say:

"Citizens also need the right *to* online safety."

Which means that we have to find a way to protect our online environment 
from criminals - but without those measure themselves being an 
imposition upon the freedoms of the public.

>>> Despite the serious concerns that the Budapest Convention / Council 
>>>of Europe itself contain, the harm to third countries outside Europe, 
>>>for instance, Latin America is dangerous.  While the EU for instance 
>>>has the Ecommerce Directive, The Data Protection Directive, the 
>>>E-Privacy Directive, Charter of Fundamental Rights, and other check 
>>>and balance in place etc, many countries lack of these regulatory frameworks
>>
>> It's my understanding that the Council of Europe (which is a human 
>>rights organisation, not a policing one) will only allow countries to 
>>sign up to the Budapest Convention, if they also agree to implement 
>>sufficient human rights safeguards as well.
>
>We need to see that in practice, Roland. The Council of Europe is a 
>democratic institution, and its principles are based in the respect of 
>the European Convention on Human Rights - which is a good HR text. They 
>promote democratic principles, human rights, and the rule of law, they 
>have different check and balances in place within the organization 
>including the European Court of Human Rights. Unfortunately, nothing is 
>perfect, and the Budapest Convention is definitely not one of its 
>brilliant outcomes. The text is so ambiguous that allows several 
>implementations. This should not be allowed when you are dealing with a 
>text that restrict citizens fundamentals rights. It is true that they 
>have agreed to implement sufficient human rights safeguards in "text", 
>but I am not sure if this will happen in "practice". We are observing.

It's good that the outcomes are being observed, and criticised, that way 
we can make things better in the future.

> Besides, I disagree with the emphasis put forward on the need of 
>collaboration between the law enforcement community and the business 
>sector.

That's because the networks are generally operated by the business 
sector. If they were operated by someone else, those others would be the 
people that law enforcement would be seeking help from.

>There is a need to strengten digital due process of law within the 
>cybercrime discussions. I would like to see a this kind of strategy 
>coming from the division who works on that area, and who are actually 
>working in the implementation of the Convention, at the national level. 
>It is finally what it is implemented at the national level, what matters.

I see the Budapest Convention as an expression of a basic level of law 
which should be implemented, nationally in each country for sure, but 
mindful that many of the enforcement problems are a result of the 
cross-border nature of the Internet.

>In addition, while there is an acknowledgment of the importance of 
>Convention 108,

(That's about Protection of Personal Data, for those not familiar with 
the document)

>I haven't see a truly effort to promote that Convention at the national 
>level. There might be a budget problem, too. We might need to see 
>analysis if the funding from some business sector reps. goes to promote 
>the Budapest Convention only, but not necessarily to the HR aspects.

I presume you mean "outside Europe", because the Data Protection regime 
there (which is also very reflective of the OECD's work) is very well 
deployed.

>We should also not forget that the group who drafted the Budapest 
>Convention met in secret for several years before the first draft was 
>released!

When that was going on, I was one of the "outsiders", wondering why they 
were doing this in apparent secrecy, and also concerned to influence 
some of it. It's one of the reasons why I redoubled my efforts to 
improve my "radar" and get involved in such things from an earlier 
stage. Of course, ten years is a lifetime on the Internet.

>And Parminder is right, this is also an European Institution that deals 
>with Treaties that might affect other countries.

It's an institution with its Headquarters in Europe, but its reach is 
further. As ever, participation is the key thing. At the last conference 
I went to, there was a sizeable contingent from Africa.

>However, taking into account the discussions on this area at some 
>national,  regional and international, and the erosion of the right to 
>privacy, another treaty might be even worst than this.

Do you mean a revised version might be worse for citizens? A good reason 
to get involved if a redrafting exercise does happen.

>By now, we need to fight the implementation of the Budapest Convention 
>at the national levels, and pressure the Council of Europe to adopt 
>recommendations that strengthens digital due process concerns and 
>citizens rights.

I can't agree that the Budapest Convention is worse than lawlessness. 
But each country can, of course, make its own decisions about what laws 
they want to have internally. That's more than we Europeans can - once 
it's been through Brussels, we have to accept it!

>Note apart:
>There is also opportunity for civil society to participate as an 
>observer status within the Council, EDRI and others participate as part 
>of the Media Division discussions. I haven't heard anything beside the 
>Octopus meeting on the cybercrime front. I have not done an analysis of 
>the budget / funding to see where the business sector funds goes, and 
>if its has an impact on the promotion of the Budapest Convention, and 
>no funding to promote and to respect of citizen's fundamental rights 
>and due process concerns.

I don't claim to understand in detail where their funding comes from, or 
how they apportion it to different projects. But I do know they are more 
worried about citizens' rights than you appear to think.
-- 
Roland Perry
http://www.internetpolicyagency.com
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.cpsr.org
To be removed from the list, send any message to:
     governance-unsubscribe at lists.cpsr.org

For all list information and functions, see:
     http://lists.cpsr.org/lists/info/governance

Translate this email: http://translate.google.com/translate_t

More information about the Governance mailing list