Researchers at the University of Cambridge Computer Lab are trying a new Internet architecture they say will replace today’s system with a model similar to peer-to-peer file-sharing “but on a massive scale,” the university said Wednesday. The prototype, developed as part of an EU-funded project called “Pursuit,” will overhaul the existing structure of the Net’s Internet Protocol (IP) layer, through which isolated networks are connected, it said. That could enable “a more socially-minded and intelligent system” that lets users obtain information without needing direct access to servers where content is initially stored, it said, and could make the Internet faster, more efficient and more able to withstand rapidly escalating levels of global user demand. The new architecture has implications for net neutrality, said Dirk Trossen, senior researcher at the Computer Lab and Pursuit’s technical manager, in an interview. In addition, because it will likely replace the Internet Protocol, it will do away with the need for IPv4 or IPv6 addresses, he said. On today’s Internet, communications are directed to a particular IP address atop which various activities and applications ride, Trossen said. Pursuit focuses on the “stuff” users want to have or do, which would have labels much like IP addresses, he said. Someone who wants to view a particular video, for example, would ask the network to find the video, not to take her to a specific location, he said. Someone seeking a video on YouTube doesn’t care if it comes from a company server in Oregon or from the laptop of someone in the next room who’s watching it, he said. Individual computers would be able to copy and republish content on receipt, providing other users with the option to access data, or fragments of data, from a range of locations rather than the source itself, the university said. “Essentially, the model would enable all online content to be shared in a manner emulating the ‘peer-to-peer’ approach taken by some file-sharing sites, but on an unprecedented, internet-wide scale,” it said in a news release. This would be similar to BitTorrent in how applications operate, but with some differences, Trossen said. In today’s system, many content providers use BitTorrent to distribute legal content, he said. Similarly, a criminal who gets hold of decrypted content can also republish it there, he said. But with Pursuit, a criminal who republishes legal content won’t see any gain from it because the content will have been protected by its owner, he said. This issue is more about encryption than the Pursuit network, because the architecture doesn’t deal with content protection, he said. Pursuit would make it harder to block traffic, changing the concept of net neutrality, Trossen said. Net neutrality today is a regulatory issue and an “arms race” by ISPs to determine what users are doing with the “shredded” bits and pieces of information crossing their networks, he said. In the Pursuit architecture, because every piece of information can be explicitly labeled and located, ISPs could differentiate prices, service quality and other aspects at a very fine-grained level, he said. They could set prices for certain classes of information, but in a more transparent way, he said. It’s “difficult to say who might oppose Pursuit, Trossen said. That data won’t go back to servers means Tier 1 service providers, who provide connectivity to large networks, and some other economic players might not be happy, he said. Operators understand that the networks need renewal, but to enable Pursuit they will have to give customers new broadband routers and other equipment, he said. That will help device manufacturers sell new products, he said. Pursuit holds advantages for Google and other search engines, Trossen said. It won’t make searches passé because the search function runs at a different level, but search engines often give users stale or broken links because the Internet is based on the idea of having to go to a location, he said. If the server for that location has moved, the search will return an error message, which is bad for search engines, he said. The Internet Engineering Task Force’s research arm has set up a working group to identify elements of Pursuit that can be standardized, Trossen said. He predicted the shift to the new architecture will be driven not by core network providers but by information-rich industries sitting on massive amounts of data they have trouble communicating. For the retail sector, for instance, to have a network that allows it to uniquely identify each information item and send it is “extremely appealing,” he said. Moreover, the industry is powerful, and as customers of network operators, retailers can create requirements for solutions that look like Pursuit, he said. Pursuit is distinct from the Internet of Things in its focus on information rather than objects, he said.
Dugie Standeford
Dugie Standeford, European Correspondent, Communications Daily and Privacy Daily, is a former lawyer. She joined Warren Communications News in 2000 to report on internet policy and regulation. In 2003 she moved to the U.K. and since then has covered European telecommunications issues. She previously covered the U.S. Occupational Safety and Health Administration and intellectual property law matters. She has a degree in psychology from Duke University and a law degree from the University of Tulsa College of Law.
A proposed EU-U.S. trade deal could be “easily” derailed by privacy and data protection issues, EU Justice Commissioner Viviane Reding said Tuesday at a Washington conference organized by the Peterson Institute, Johns Hopkins School of Advanced International Studies and the EU delegation that is in the U.S. for talks on the issues. “I warn against bringing data protection to the [Transatlantic Trade and Investment Partnership] trade talks” because it’s a non-negotiable, fundamental right, she said in written remarks. U.S. companies and the government are pressing to use the TTIP to undermine European efforts to change data protection rules, said European Consumers’ Organisation (BEUC) Senior Legal Officer Kostas Rossoglou in an interview. He spoke Tuesday at a Brussels Trans Atlantic Consumer Dialogue (TACD) event on whether the TTIP can bring benefits to the people. The TACD called for the EU and U.S. to negotiate common data privacy standards but to do so outside of TTIP talks.
Allegations the U.S. monitored e-communications of millions of French citizens and tapped the phone calls of German Chancellor Angela Merkel led to strong words at news conferences Friday from French President François Hollande and Merkel after the first day of a Council of Europe meeting in Brussels. Government leaders had a “comprehensive” debate on privacy, in which they informed each other about possible U.S. eavesdropping and voiced concern about what that means for Europeans, said Merkel. The EU-U.S. partnership needs mutual trust and respect, she said. France and Germany decided to take the lead in negotiating a framework for the cooperation of their respective intelligence services with the U.S., she said. Asked whether she expects an apology from the U.S. for allegedly tapping her mobile phone, Merkel said the most important thing at this point is to find a path for the future. European “trust has been severely shaken” and must be rebuilt, she said. There are some behaviors and practices “that cannot be accepted,” said Hollande. He called for a code of good conduct for European intelligence services, and for French and German discussions with the U.S. to arrive at the truth about what happened and a common future path by year’s end. European governments are aware that intelligence and security services must be fully involved with each other to deal with security threats, but fundamental rights must also be safeguarded, he said. France has already asked the U.S. for access to the documents some media organizations have seen, he said. In their conclusions (http://bit.ly/1gLz2qJ), all council members cited the “deep concerns” possible intelligence issues have raised among European citizens. They “underlined the close relationship between Europe and the USA and the value of that partnership,” but said the relationship “must be based on respect and trust, including as concerns the work and cooperation of secret services.” Council members stressed that intelligence gathering is vital to the fight against terrorism, but that “a lack of trust could prejudice the necessary cooperation in the field of intelligence gathering.” They also called for “rapid and constructive progress” in the existing EU-U.S. Working group on the related issue of data protection. In his statement after the first session of the council powwow, European Commission President José Manuel Barroso said, “The revelations over recent months and days have shaken trust in privacy and data security.” The EU will keep pushing for adoption of proposed data protection legislation, he said. On the meeting’s main topic, the digital economy, innovation and services, the council cited an “urgent need for an integrated single digital and telecoms markets” that benefits consumers and companies. As part of its growth strategy, Europe must boost digital, data-driven innovation across all sectors, it said. The conclusions called for investing in the digital economy by accelerating deployment of new technologies such as 4G and maintaining technology neutrality. Legislative measures to reduce the cost of broadband rollout should be adopted rapidly, it said. Europe also needs to be at the forefront of big data and cloud computing, council members said. They urged that a strong network of national digital coordinators be created to encourage cloud, big data and open data development. Officials also want to promote a consumer- and business-friendly digital single market. “No efforts should be spared to accelerate work on the pending legislative proposals,” particularly on e-identification and trust services, e-invoicing and payment services, the Council said. Timely adoption of data protection reform and the cybersecurity directive is essential to complete the digital single market by 2015, it said. Officials also pushed for concrete steps to address the growing lack of digital skills and for more investment in research and innovation. The European Telecommunications Network Operators’ Association said Friday it “fully shares the sense of urgency” conveyed by the council’s call to accelerate key initiatives of the digital agenda, and appreciated governments’ vision in seeking an EU strategy on cloud computing and big data.
The EU should suspend the Terrorist Finance Tracking Program in response to the U.S. National Security Agency’s alleged tapping of EU citizens’ banking data held by the Society for Worldwide Interbank Financial Telecommunications (SWIFT) system, the European Parliament said Wednesday. It approved a nonbinding resolution backed by the Socialists and Democrats, Alliance of Liberals and Democrats for Europe, and Greens/European Free Alliance. A resolution from the center-right European People’s Party that urged caution on suspending the TFTP (CD Oct 18 p9) wasn’t successful. Privacy International (PI), meanwhile, asked the U.S. Treasury, NSA and European privacy chiefs to address concerns that the TFTP is failing to protect Europeans’ personal data or to give them redress for violations.
Rules giving people more control over their personal data while making cross-Europe data flows easier won approval Monday night from the European Parliament Civil Liberties, Justice and Home Affairs Committee, said that LIBE committee. That was as expected (WID Oct 22 p2) OR (CD Oct 22 p7). European Parliament members (MEPs) responded to mass surveillance reports with a provision requiring that if a non-EU country asks a company such as a search engine, social network or cloud provider to disclose personal information processed in the EU, the company must seek authorization from the national data protection authority before transferring any data, LIBE said. The company also must inform the data subject of any such request, it said. The language is a response to mass spying activities unveiled in June, it said. The compromise text also sets penalties of up to 100 million euros ($137 million) or up to 5 percent of a company’s annual global turnover, whichever is greater, the committee said. Individuals would have the right to have personal data “erased” upon request, and organizations processing personal information must obtain clear permission from the data subject, it said. MEPs also clarified that the execution of a contract or the provision of a service can’t be made conditional upon consent to processing personal data that isn’t strictly necessary for the completion of the contract or service. The text also provides that profiling to analyze or predict people’s work performance, location, health or behavior is allowed only subject to their consent, when provided by law or when needed to carry out a contract, LIBE said. The data protection package contains two draft laws, the general regulation covering most personal data processing in the EU, and a directive covering personal data processed for law enforcement. LIBE also authorized Parliament to start negotiations with national governments, which will begin as soon as the Council agrees on its own position, LIBE said. Parliament wants to reach agreement on data protection before the May European elections, it said. The vote ensures European data protection rules are “up to the challenges of the digital age,” said the official reporter for the general data protection regulation, Jan Philipp Albrecht, of the Greens/European Free Alliance and Germany. Albrecht hopes the Council, which meets Thursday and Friday to discuss digital matters, will send a message to national governments to adopt data protection revisions before the elections, he said at a news conference Tuesday. The LIBE vote “is a strong signal for Europe,” said Digital Agenda Commissioner Neelie Kroes. It paves the way for a uniform, strong data protection law that will cut business costs and boost protection of citizens, she said. “The European Parliament has proven that excessive lobbying can be counter-productive” by not only defending but also strengthening people’s right to be forgotten, she said in an EC memo. European Data Protection Supervisor Peter Hustinx applauded LIBE’s action and urged the EU institutions to complete data protection as soon as possible. But the schism between rights activists and industry over some of the provisions continued in reactions to LIBE’s action. The Industry Coalition for Data Protection (ICDP) said the draft needs “considerable improvements.” The coalition, with members including DigitalEurope, the European Internet Services Providers’ Association, Business Software Alliance and TechAmerica Europe, urged lawmakers and governments to make several changes, including: (1) Using a risk-based approach that recognizes concepts such as context and risk in the definition of personal data, data processing and appropriate penalties. (2) Maintaining clear roles and duties in the data processing value chains. (3) Guaranteeing a free flow of data across international borders to give European companies access to fast-growing markets outside the EU. (4) Putting in place a meaningful one-stop-shop mechanism to make it easier for businesses and consumers to apply the new privacy rules. (5) Limiting the requirement for explicit consent to genuinely at-risk situations. European Digital Rights Executive Director Joe McNamee said that “if allowed to stand, this vote would launch an ‘open season’ for online companies to quietly collect our data, create profiles and sell our personalities to the highest bidder.”
A compromise package for reform of Europe’s data protection rules set for a vote this week in the European Parliament Civil Liberties, Justice and Home Affairs (LIBE) Committee could either boost safeguards for online users or threaten the very existence of some Internet business models, stakeholders said. LIBE members were scheduled Monday to debate the parliamentary report by Jan Philipp Albrecht of the Greens/European Free Alliance and Germany, but it was unclear whether the vote would take place Monday after our deadline or Thursday, said Morrison Foerster data protection and e-commerce attorney Karin Retzer in an interview. Efforts to update data protection law have likely been given a shot in the arm by the revelations of massive U.S. and U.K. telephone and Internet spying, said Retzer and European Consumer Organisation (BEUC) Director General Monique Goyens. Digital rights activists said some of the amendments are good, but others are a threat to privacy.
The EU-U.S. Terrorist Finance Tracking Program (TFTP) should be suspended, terminated or replaced by a different agreement because of allegations the National Security Agency accessed personal banking data held in the Society for Worldwide Interbank Financial Telecommunication (SWIFT) database in Europe, said European Parliament members (MEPs) in dueling motions for resolutions filed Wednesday. The resolutions split along the same party lines as last week’s debate in the Civil Liberties, Justice and Home Affairs (LIBE) Committee (CD Oct 11 p7). They will be voted on next week, MEP Claude Moraes, of the Socialists and Democrats (S&D) and U.K., told us Thursday. However, he said, lawmakers genuinely don’t know which version will be adopted; and whichever is approved will be “merely symbolic” because Parliament lacks the power to take action on the TFTP. Meanwhile, Parliament’s probe of U.S. spying comes to Washington this month.
Massive U.S. and U.K. phone and Internet spying breaches those countries’ legal obligations under the 1966 International Covenant on Civil and Political Rights (ICCPR), Martin Scheinin, European University Institute professor of international law and human rights, told the European Parliament Civil Liberties, Justice and Home Affairs (LIBE) Committee Monday. Programs such as the National Security Agency’s Prism and the U.K.’s Tempora also violate the European Convention on Human Rights, said Douwe Korff, London Metropolitan University professor of international law. U.K. surveillance is being challenged in the European Court of Human Rights (ECHR) by, among others, Big Brother Watch and the Open Rights Group. Meanwhile, the European Commission said Tuesday that the Prism revelations shouldn’t be used to create a “Fortress Europe” approach to cloud computing.
European Parliament members (MEPs) are grappling with whether to recommend suspension of the EU-U.S. Terrorist Finance Tracking Program (TFTP) over allegations the National Security Agency accesses personal banking data held in the Society for Worldwide Interbank Financial Telecommunication (SWIFT) database in Europe. In what one lawmaker termed a “truculent” plenary debate in Strasbourg Wednesday, which was webcast, MEPs said the situation needs further investigation but argued over whether the agreement should be suspended or even terminated now. Home Affairs Commissioner Cecilia Malmström said that although the U.S. has assured her that the TFTP hasn’t been breached, she’s pressing officials for all the evidence as soon as possible.
EU Digital Agenda Commissioner Neelie Kroes Tuesday continued to lobby for quick approval of her proposal for a single European telecom market (CD Sept 12 p7) but faced nearly universal push-back from speakers at a Brussels conference hosted by the Financial Times and European Telecommunications Network Operators’ Association (ETNO) in Brussels and via webcast. Kroes urged the telecom sector not to cherry-pick the legislative package but to accept the “sweet” with the “sour.” Despite her plea, panelists drawn from the public and private sector disagreed with various parts of the measure, with many saying it doesn’t go far enough. Moreover, there was huge disagreement among speakers about what’s wrong with the sector and what’s needed to fix it.