RETROSPECT is the monthly newsletter of the Internet & Jurisdiction Project, a global multi-stakholder dialogue process that addresses the tension between the cross-border nature of the Internet and the patchwork of national jurisdictions. It informs the participants of the ongoing dialogue process on the latest trends around the world. The cases were crowd-ranked by the Internet & Jurisdiction Observatory network of over 20 selected international experts. More information about the Internet & Jurisdiction Process is available at www.internetjurisdiction.net/
- French prosecutor opens preliminary probe into US Prism scheme
- XKeyscore, US emails and traffic interception: new revelations about the NSA’s Internet surveillance
- German Supreme Court: Filehoster RapidShare needs to monitor incoming links
- Twitter to be sued over anti-gay hashtag in French jurisdiction
- Facebook releases first transparency report
- Browser tracking: Google argues British privacy case should be filed in Californian jurisdiction
- Twitter introduces report abuse button, publishes new transparency report
- Delhi High Court: Facebook Inc and Google Inc are bound by rules of Indian jurisdiction
- Disclosure of FISA court requests: Microsoft and Google plan to sue the US government
- National email services: German ISPs introduce domestic servers and routing
- Vietnam orders foreign websites to have local servers, might ban free communication services
- Viral spread: Indian court reconfirms 36 hours takedown requirement
- US court rules that the circumvention of IP blocks on public sites violates US law
- Payment intermediary Paysafecard bans VPN providers
- Delhi High Court asks Google, Facebook about procedures to handle requests and child protection
- US Sponsored Stories Facebook settlement triggers Terms of Service changes for global users
- Citing Safe Harbor regime, Irish DPA decides not to investigate Apple, Facebook over Prism
- India to foster data sovereignty after Prism revelations
- Pakistan might unblock YouTube in its jurisdiction, tests URL blocking mechanism
- Proceedings against 13 US-based websites for public order distortions in Indian jurisdiction on hold
1. French prosecutor opens preliminary probe into US Prism scheme
Following a complaint submitted by the French NGOs International Federation for Human Rights and French Human Rights League in July 2013, the Parisian prosecutor’s office ordered French law enforcement to investigate if the US National Security Agency’s (NSA) Prism surveillance scheme violated laws in the French jurisdiction by intercepting communications on its territory. In detail, the probe focuses on “fraudulent access and maintenance of and automated data processing system,” the “illicit collection of data of a personal nature,” “attacks on privacy,” and “violations of the secrecy of correspondence”. Since the complaint is filed “against X” it targets both the role of the US companies Google, Microsoft, Apple, Yahoo, Paltalk, YouTube, AOL and Skype, as well as the one of the US intelligence agencies NSA and FBI. The preliminary investigation could be transformed into a formal one, if sufficient evidence can be gathered.
Reuters: French prosecutor investigates U.S. Prism spying scheme
The Local: France ‘opens probe’ into US spy program Prism
ZDNet: France investigates role of Internet companies in Prism
2. XKeyscore, US emails and traffic interception: new revelations about the NSA’s Internet surveillance
The existence of the big data and data analytics NSA software XKeyscore was revealed that allows agents to access, without prior court authorization, in real time vast amounts of information on online interactions of targets. In an official release, the NSA claims that it only “touches” 1.6 percent of the 1.826 petabytes of data the circulate daily on the global Internet. The Washington Post reports that the NSA can intercept 75 percent of all US traffic. This includes both domestic and cross-border traffic routed through networks on US soil. The surveillance system is carried out in conjunction with US telecommunication companies. Sources told the Washington Post that the program potentially intercepts communications between US citizens as well. An officially released US Foreign Intelligence Court ruling, published on August 21, 2013, reveals that in 2011 the NSA collected also domestic emails.
Washington Post: New details show broader NSA surveillance reach
Guardian: NSA illegally collected thousands of emails before Fisa court halted program
PCMag: The tech behind the NSA’s XKeyscore
3. German Supreme Court: Filehoster RapidShare needs to monitor incoming links
On August 16, 2013, the German Supreme Court confirmed a previous March 2012 ruling by the Higher Regional Court of Hamburg, which obliges the Swiss file hosting service RapidShare to monitor external websites for incoming links to potential copyright infringing materials uploaded by its users. It was reconfirmed that RapidShare does not have the obligation to monitor preemptively user uploads. However, the court affirmed that RapidShare needs to make infringing files that were detected via third party sites inaccessible. In case the measures are not efficient enough to curb piracy on its service, the court furthermore noted that Rapidshare could limit anonymous uploads.
TorrentFreak: Supreme Court orders RapidShare to police the Internet
Music Week: GEMA hails “landmark” court ruling against RapidShare in Germany
TechWeek Europe: RapidShare is legal, but must check incoming links
4. Twitter to be sued over anti-gay hashtag in French jurisdiction
On August 10-11, 2013, the anti-gay hashtags #LesGaysDoiventDispaîratreCar (“gays must die because”) and #BrulonsLesGaysSurDu (“let’s burn gays on”) were a trending topic on Twitter in the French jurisdiction. The French branch of the gay rights advocacy group IDAHO filed a lawsuit against Twitter arguing that “These illicit tweets on Twitter’s site characterize the offense of public incitement to discrimination, to hatred or national, racial or religious violence”. Furthermore the group claims that Twitter failed to react appropriately to alters and allowed the development of a “homophobic atmosphere” on its platform. The French ministers for women’s rights and digital economy condemned the incitement to discrimination, which is against French law.
France 24: Complaint filed over anti-gay posts on French Twitter
RudeB aguette: Twitter in hot water again in France – this time, for Homophobic Hashtags
IB Times: Twitter removes ‘let’s burn gays’ hashtag following complaint
5. Facebook releases first transparency report
On August 27, 2013, Facebook released for the first time a transparency report titled “Global Requests Report“. Between the first six months of 2013, the social network received around 26.000 requests on 38.000 users (or accounts) from 74 countries. The requests issued in the US jurisdiction cover over 50 percent of all concerned users or accounts. It rests unclear to what extent the number of US requests includes demands under section 702 of the FISA Amendments Act for data of non-US citizens, as well as the percentage of requests going back to demands by third countries through Mutual Legal Assistance Treaties. The US issued 11.000-12.000 requests (79% compliance), followed by 3.254 requests from India (50% compliance), 1.975 requests from the UK (68% compliance) and 1.886 requests from Germany (37% compliance).
GigaOM: Facebook publishes first Transparency Report: exceeds Google with 11,000 US government requests
Washington Post: Facebook report: 74 countries sought data on 38,000 users
The Guardian: Facebook reveals governments asked for data on 38,000 users in 2013
6. Browser tracking: Google argues British privacy case should be filed in Californian jurisdiction
A group of over 100 British users of Apple’s browser Safari filed a lawsuit against Google’s search engine to claim damages for privacy violations under British law. The consumers argue that Google bypassed privacy settings of Safari and installed tracking cookies without their consent. In September 2012, the illicit tracking resulted in a $22.5m penalty payment to settle charges by the US Federal Trade Commission. According to reports, Google argues in a submission to the UK High Court that it has no jurisdiction over the case, since Google’s search services for British consumers are provided by Google Inc. incorporated in California.
7. Twitter introduces report abuse button, publishes new transparency report
Following headline news about the viral spread of hate speech on its microblogging platform, as seen in the French and British jurisdictions, Twitter has introduced a report button to flag abusive content. The new feature was rolled out throughout August 2013 and is supplemented by an enlargement of Twitter’s review team. According to a new transparency report covering the first six months of 2013, Twitter received 1.157 requests from 71 governments.
8. Delhi High Court: Facebook Inc and Google Inc are bound by rules of Indian jurisdiction
On August 24, 2013, the Delhi High Court asked Facebook Inc and Google Inc, both incorporated in the US jurisdiction, to indicate their grievance officers to respond to Indian requests. The court gave the two platforms, as well as other intermediaries a two weeks deadline to comply with this requirement stipulated by the Indian Information Technology Rules: “Just because you are a foreign company, you cannot flout the law. Like us, you are bound by the rule of law of this country”, the court said.
9. Disclosure of FISA court requests: Microsoft and Google plan to sue the US government
Microsoft and Google announced plans on August 30, 2013 to collaboratively file a lawsuit against the US government to disclose requests for user data they received from the Foreign Intelligence Surveillance Court. The two companies try since June 2013 to publish ”aggregate information” related to the quantity of received FISA requests with the authorization of the Department of Justice. The US Director of National Intelligence published on August, 29 2013 a Tumblr post to announce the annual publication of official transparency reports.
10. National email services: German ISPs introduce domestic servers and routing
In response to the wide reaching surveillance capacities of the US NSA’s Prism program, the German ISPs Deutsche Telekom and United Internet launched a “E-Mail made in Germany” service. It will automatically encrypt emails via SSL, channel the traffic between the email services of the two ISPs through domestic cables and store data on German territory. German Justice minister Leutheusser-Schnarrenberger said Germans are increasingly switching to national services after the NSA revelations.
11. Vietnam orders foreign websites to have local servers, might ban free communication services
A new decree in the Vietnamese jurisdiction will require foreign websites to establish local servers. Moreover, the law stipulates that blogs or social networking sites should only be used to “to provide and exchange personal information” and forbids the publication of online content that harms national security or opposes the government. The government also announced the introduction of new policies to deal with free Internet based communication platforms, which curb revenues of traditional ISPs. This might result in a potential ban of chat apps like Viber or Whatsapp in its jurisdiction.
12. Viral spread: Indian court reconfirms 36 hours takedown requirement
On August 26, 2013 the Indian Supreme Court ruled that the requirement to take down objectionable content in the Indian jurisdiction within 36 hours after reception of complaints does not violate free expression rights. The website mouthshut.com that hosts user generated content tried to challenge this obligation of the Information Technology Rules for intermediaries.
13. US court rules that the circumvention of IP blocks on public sites violates US law
A US judge ruled on August 15, 2013 that the changing of IP addresses or use of proxy servers to access publicly accessible websites violates the US Computer Fraud and Abuse Act (CFAA) and constitutes an access without authorization. The company 3tabs has been bypassing IP blocks of Craiglist to hide its identity and scrap data from the platform. The case is similar to the one of Aaron Swartz.
14. Payment intermediary Paysafecard bans VPN providers
The payment intermediary Paysafecard, which is based on prepaid coupons, announced that it stopped to work with VPN providers. According to the specialized news outlet Torrentfreak, it is the “first payment method to confirm a VPN ban”.
15. Delhi High Court asks Google, Facebook about procedures to handle requests and child protection
On August 2, 2013, the Delhi High Court questioned the platforms Google and Facebook how they deal with complaints requests. The court reacts to a public interest litigation that seeks to examine the mechanisms of the two platforms to protect children from online abuses. Under Indian law, children below 18 are not allowed to enter into a contract to open accounts on social networks.
16. US Sponsored Stories Facebook settlement triggers Terms of Service changes for global users
Following a class action that was filed in the US jurisdiction in April 2011 on privacy violations through Facebook’s Sponsored Stories advertisement program, the US District Court for the Northern District of California approved a settlement on August 26, 2013. Facebook will pay 15 dollar to each of the 150 million members of the class action and is required to change its global Terms of Service provisions to educate consumers better. Proposals for changes to its Statement of Rights and Responsibilities and Data Use Policies were published on August 29, 2013.
17. Citing Safe Harbor regime, Irish DPA decides not to investigate Apple, Facebook over Prism
The Irish Office of the Data Protection Commissioner announced that it will not open a probe the headquarters of Apple and Facebook, located in its jurisdiction, over the sharing of personal data of EU citizens with the US NSA as part of the Prism surveillance scheme. The Austrian student group europe-v-facebook filed two complaints for violation of EU and Irish data protection law in Ireland on June 23, 2013. The Irish DPA argued that since the two companies are part of the US-EU Safe Harbor regime “and as this provides for US law enforcement access, there is nothing to investigate”.
18. India to foster data sovereignty after Prism revelations
The Indian Communications and Telecommunications Minister Kapil Sibal qualified the violation of Indian privacy laws by the US NSA Prism scheme as “unacceptable” and announced that the “[g]overnment is promoting Indian players in the IT field to develop and offer internet services by having their servers located in India, in order to protect the interests and secrecy of communication of India citizens”.
19. Pakistan might unblock YouTube in its jurisdiction, tests URL blocking mechanism
The Pakistani Minister for Information Technology Anusha Rehman Khan announced plans to re-open YouTube in Pakistan’s jurisdiction, after the platform was blocked in September 2012 due to the “Innocence of Muslims” video. As a prerequisite, the government implements a new URL filter mechanism administered by Pakistan Telecommunications Authority to selectively block URLs to avoid the blocking of entire platforms due to granular content.
20. Proceedings against 13 US-based websites for public order distortions in Indian jurisdiction on hold
On August 12, 2013 a Delhi court stayed the proceedings against 13 websites including Facebook, Orkut, YoutTube, Google, Microsoft and Yahoo for public order distortions, since US authorities did not “execute” an Indian assistance demand to serve the summons in the US jurisdiction. The court will nevertheless proceed with the pre-charge evidence recording on September 28, 2013.
– See more at: http://www.internetjurisdiction.net/observatory/retrospect/2013-august/#sthash.wL8nq3HZ.dpuf