CoE Legislature Urges Tougher Safeguards Against Mass Surveillance, Internet Right of Access
A global initiative is “urgently needed” to boost user protection and security online, said a report for the Council of Europe Parliamentary Assembly (PACE) approved Wednesday in Strasbourg. CoE members must enact and enforce “powerful laws” that ensure data is moved, stored and intercepted only in ways that are compatible with the European Convention on Human Rights (ECHR), and all new devices and services should automatically include encryption, filtering, virus protection and authentication tools, said the report by Axel Fischer, of the European People’s Party (EPP) and Germany. Providers of cloud services or Wi-Fi hotspots “should face special oversight,” and ISPs must be more up-front about their policies, it said. It urged the ITU to set technical standards. The assembly also green-lighted a report by Jaana Pelkonen, of the EPP and Finland, urging governments to make Internet access a universal service requirement and adopt strict net neutrality rules.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
The 47-member CoE identifies itself as Europe’s leading human rights organization, and all members have signed on to the ECHR. The Committee of Ministers is the decision-making body, but the CoE also has a legislative arm with members from the parliaments of CoE countries, its website said.
Fischer’s report brings together lessons learned from Tuesday’s video conference with ex-NSA contractor Edward Snowden and others (CD April 9 p20) on the need for an “ethical code” for all secret services involved in surveillance, said Arcadio Díaz Tejera, of the Socialists and Spain, during the webcast debate. Internet services are only successful if they can rely on user confidence, which has been shaken by Snowden’s disclosures, data-mining, hacking and other events, Fischer said. His report lists conditions that must be met to guarantee user protection, he said. One is that European users must be able to rely on governments to protect their private lives. Encryption and other protections must be standard, relieving individuals from the task of dealing with firewalls and other forms of security.
A second guarantee would be to improve online consumer rights, Fischer said. ISPs must have a high level of transparency and tell consumers how they protect themselves, he said. People must have recourse to courts when all else fails in computer-related disputes, he said. His report urged the European Internet Services Providers Association (EuroISPA) to draw up a common code of conduct based on delineated principles of user protection and security online, and the ITU to create global technical standards on the integrity, security and secrecy of online and mobile communications. It asked the Committee of Ministers to support and coordinate a pan-European approach to globalizing ICANN and the Internet Assigned Numbers Authority functions. EuroISPA didn’t comment.
Internet Access Rights
The Internet should be available to all, and governments must recognize that as a right, and lay out universal service requirements providers must comply with, Pelkonen said in a separate report. It said Web access should be “affordable and secure, subject only to legitimate restrictions laid down by law, and data traffic should be treated without discrimination on a basis of strict ‘net neutrality.'”
The question of whether there’s a right to Internet access is “an unbeaten track which must be explored,” Pelkonen said during the debate. If the Internet is essential for accessing public services and safeguarding human rights, governments must ensure access for all, she said. But administrations shouldn’t be completely responsible for providing the Internet as a universal service, and public-private partnerships are the way forward, she said. Pelkonen’s resolution urged the U.N. and EU to cooperate more closely with the CoE to define universally and put in place at European level the right to online access. It asked EuroISPA to develop “quality benchmarks” to achieve that access.
PACE adopted several amendments to both reports, and their final text will be at http://bit.ly/1ejKqd1. One recommended action by the Committee of Ministers regards the revelations of massive online government surveillance, Fischer told us afterward. On whether CoE governments already engaged in mass surveillance will be likely to approve his resolution and recommendations, he said the documents were adopted by a very large majority. The advantage of a democratic vote “is that everyone should be able to accept them,” including those CoE members allegedly collaborating in spying and those “which did not hesitate to block websites,” he said. Those actions possibly violate the ECHR, which is the legal yardstick applied to all CoE countries and on which his report rests, he said.
On the recommendation that the ITU set technical standards for secure communications, Fischer told us: “Many stakeholders are afraid of the ITU,” but it has been and is dealing with technical standards for telecom and the Internet. It’s “important to embrace and guide this process,” he said. Any standards will have to be compatible with the legal principles in the ECHR, Budapest Convention of Cybercrime and other agreements that have also been adopted by non-EU nations including the U.S., he said.
All resolutions of the Parliamentary Assembly “should be seen as political messages and reminders of the human rights implications of current issues to our governments and our voters,” Pelkonen told us later. Net neutrality is partly controversial because ISPs could produce revenue by giving higher data speeds to commercial customers, but last week the European Parliament passed a regulation that requires net neutrality, so the PACE resolution actually reflects a widely accepted stance in Europe, she said.
Strictly speaking, Pelkonen’s resolution doesn’t establish universal service requirements but refers to already existing ones under standards set by the U.N. and EU, she said. With trust in the Internet and its services lost due to recent attacks on data privacy and user rights, it’s in the interest of all users that trust be regained, which requires that a minimum level of accessibility and integrity of Internet services is ensured, she said.