Massive, indiscriminate and systematic surveillance of Europeans is illegal and can’t be justified by the fight against terrorism, the Article 29 Working Party (WP29) said in an opinion (http://bit.ly/1hGOj6l) Friday. The group, whose members are national data protection authorities, recommended several actions to ensure that privacy rights are enforced. EU governments should ensure more transparency and control over the surveillance activities of their intelligence services, including a right for people to be informed and given adequate safeguards when their personal data are collected and transferred, WP29 said. To prevent such spying from happening again, there should be effective and independent oversight of security agencies, “which implies a genuine involvement of the data protection authorities,” it said. EU institutions must finalize negotiations on the data protection revamp package, and approve an enforceable international agreement that gives individuals strong guarantees in the context of surveillance activities, it said. Approval of the opinion coincided with the European Court of Justice decision Tuesday to overturn the data retention directive (CD April 9 p11), WP29 said. The organization plans to hold a conference on surveillance later this year to discuss how to better inform people of the consequences of using e-communications and how to protect themselves, it said. WP29 also responded to a Nov. 27 European Commission statement on the workings of the safe harbor agreement for data transfers to the U.S. Given current circumstances, it said, the agreement’s ability to adequately protect EU citizens is “questionable.” If the revision process now under way in the EC doesn’t “lead to a positive outcome, the Safe Harbor agreement should be suspended,” a WP29 news release said.

The international community should agree on new standards of behavior and “secure-by-default” communications processes, former National Security Agency (NSA) contractor Edward Snowden told lawmakers at a webcast Council of Europe (CoE) Parliamentary Assembly hearing on mass surveillance Tuesday. Speaking from Moscow via video link, Snowden said his earlier testimony before the European Parliament established, among other things, that: (1) The U.S. government has confirmed that its dragnet surveillance hasn’t been effective in preventing terrorism and has no basis in law. (2) The NSA has a directorate that has worked to deliberately subvert European countries’ privacy laws for mass snooping. (3) Reports are accurate of intelligence agencies using blanket surveillance not for antiterrorism activities but to spy on organizations such as the U.N. Children’s Fund and human rights groups. (4) The U.K. Government Communications Headquarters (GCHQ) collected, on a massive scale, images from webcams without any individual suspicions of wrongdoing even after it determined the information had no law enforcement uses. Some of the information was “intensely private,” Snowden said. Asked whether the NSA, GCHQ and others engage in sophisticated data-mining of the information they scoop up, Snowden said yes. The agencies use algorithms to find unknown persons of interest not suspected of wrongdoing, he said. The NSA “XKeyscore” framework permits creation of “fingerprints” that can be used to create a unique signature for an individual or group, but this is just the “smallest part” of its capability, he said. Metadata and content can both be accessed via any algorithm that analysts can put in place, Snowden said. The algorithms give analysts the ability to learn about such things as people’s sexual orientation, personal interests or computer network, he said. U.S. government claims that such searches aren’t carried out aren’t true because Snowden has personally done them with the government’s approval, he said. The algorithms allow for searches without any warrant, creating a de facto policy of “guilt by association,” he said. Systems such as XKeyscore allow the NSA to track entire populations of people who share a particular trait such as religious affiliation or gun ownership, he said. While the agency isn’t engaged in actively compiling lists of homosexuals in order to send them to camps, its activities nevertheless implicate human rights, he said. International standards are needed to guard against routine abuse of the technology, he said. The most cost-effective means to guard against the systemic violations is “pervasive encryption,” Snowden said. Hansjörg Geiger, former head of the German Federal Intelligence Service, urged rapid action to remedy the breaches of law. He proposed international agreements under the U.N. or CoE but said that because they will take many years, intelligence services now need a code of conduct that stops their unfettered spying and limits it to strictly necessary purposes. The code could be brokered by the EU or NATO, and should at the least contain four simple rules, Geiger said. They should bar economic espionage; forbid any intelligence activity on the territory of another country without its permission; allow access to data only for clearly defined purposes such as preventing terrorism; and outlaw efforts to force telecom and Internet companies to give complete access to their databanks to security services.

The Office of the U.S. Trade Representative (USTR) outlined nontariff barriers that U.S. telecom service and equipment suppliers face (CD March 6 p16) when exporting goods and services. USTR will target efforts to address trade barriers including a European Union proposal to create a Europe-only cloud computing network, Turkey’s blocking Internet-enabled services, restrictions on the provision of VoIP services in China and India and other barriers in other countries, said the office in a Friday news release (http://1.usa.gov/1e5RMR5). “Barriers to trade in telecommunications-related goods and services disproportionately affect U.S. suppliers, given our strong competitive position in these sectors,” said USTR Michael Froman.

Governments must keep invasive snooping technologies out of the hands of dictators and oppressive regimes, said the Coalition Against Unlawful Surveillance Exports (CAUSE) Friday. The new alliance has as members Amnesty International, Digitale Gesellschaft, Human Rights Watch, International Federation for Human Rights, New America Foundation’s Open Technology Institute, Privacy International and Reporters without Borders. The new group wants to hold administrations and private companies accountable for abuses linked to the $5 billion global trade in communication spying technologies, it said. Those technologies enable regimes to crush dissent and criticism, chill free speech and destroy fundamental rights, said Amnesty International Advocacy Coordinator Ara Marcen Naval. CAUSE members are alarmed by the virtually unregulated trade in spying equipment, and want governments to take immediate action to stop it, they said in an open letter on their website (http://xrl.us/bqtwz6).

Spectrum purchased in Canada’s 700 MHz auction means subscribers will be able to more easily stream hockey game telecasts on their devices, Rogers said Thursday in a news release. Rogers bought two 12 MHz blocks of spectrum covering almost all of Canada, the carrier said. “We went into this auction with a clear plan to win the best spectrum for our customers,” said CEO Guy Laurence. “There is clear demand for the ultimate video experience and it will be a big part of how we bring the NHL to hockey fans."

The Application Developers Alliance is expanding to Europe, it said in a Thursday news release announcing its European board (http://bit.ly/QIaX9i). Apps Alliance is an industry association with more than 30,000 individual app developer members and roughly 170 member companies, including AT&T, CBS Interactive, Google and Intel. “The Alliance will host workshops and programming, participate in meetups, conferences, and more in Europe, and actively advocate for developers on European policy issues,” it said. The European board will include employees from Google, Intel and Yahoo.

EU lawmakers approved net neutrality protections and an end to mobile roaming fees Thursday, as expected (CD April 3 p13). By a 534-25 vote on the European Commission-proposed “connected continent” package, members of the European Parliament barred Internet access providers from blocking or slowing selected services for economic or other reasons. They also approved language banning mobile data, voice and text roaming charges as of Dec. 15, 2015. Members of the European Parliament (MEPs) wanted clear rules to stop Internet access providers from promoting some services at the expense of others, Parliament said. Under the language approved, providers would still be able to offer specialized services of higher quality, such as VOD, as long as that doesn’t affect the availability or quality of access services offered to other companies or service suppliers, it said. Amendments also shortened the EC’s list of cases in which access providers could still be entitled to block or slow the Internet. MEPs want those practices to be permitted only to enforce a court order, safeguard network security or prevent temporary network congestion, Parliament said. All Internet traffic must be treated equally, without discrimination, restriction or interference, regardless of the sender, recipient, type, content, device, service or application, it said. The Netherlands enshrined net neutrality into law in 2012, noted MEP Marietje Schaake, of the Alliance of Liberals and Democrats for Europe, the amendments of which she said helped close loopholes in the text. “The public value of an open internet can not be underestimated,” she said in a news release. Digital rights activists were overjoyed, telcos dismayed. The net neutrality vote “established the EU as the major global force to protect the freedom of the open internet,” said European Digital Rights Executive Director Joe McNamee in a news release. By amending the text with cross-party amendments, MEPs “took a historic step” to protect net neutrality and the Internet commons in the EU, said French citizens’ advocacy group La Quadrature du Net. BEUC-The European Consumer Organisation said MEPs heard consumers “loud and clear” in tackling roaming fees, the “hydra of EU regulation,” and building a net neutrality buffer against granting control over Internet traffic speeds and access to “Europe’s handful of network operators.” The telecom and digital technology sectors said the net neutrality provisions could reduce consumer choice and hurt competitiveness. Amendments mandating the complete separation of specialized services and requiring that they not have any influence on capacity available for other Internet services are concerning, said the European Telecommunications Network Operators’ Association. The text approved would place far-reaching restrictions on traffic management, making efficient network management nearly impossible, it said. The European Parliament’s stance on net neutrality is too specific about how networks should function, and it will quickly become obsolete as innovation drives the technology forward, said DigitalEurope. The question now is whether operators feel they can work within the scope of the regulation to offer the services they plan to, but a last-minute lobbying effort to remove some of the wording of what constitutes such services suggest not, said Ovum analyst Matthew Howett. “The fear exists around whether even basic (and generally accepted) forms of traffic management will be permissible” under the EC’s vision for an open Internet, he said. The telecom package now needs approval from EU members. The EC expects final agreement by year’s end, said Digital Agenda Commissioner Neelie Kroes.

ITU Secretary-General Hamadoun Touré urged delegates at the World Telecommunication Development Conference Sunday to develop a plan for the ITU’s development sector that will ensure wider broadband deployment, which he said in a prepared version of the speech would help countries “quickly accelerate sustainable social and economic progress” (http://bit.ly/1fghUXL). The WTDC, scheduled to run through April 10 in Dubai, will also include proposals on cybersecurity, spam, emergency disaster relief and telecom access equality. U.S. Coordinator for International Communications and Information Policy Daniel Sepulveda is leading the U.S. delegation, which includes more than 60 federal government and private sector representatives, the State Department said. It said the U.S. views the WTDC as “an opportunity to create priorities and programs that address developing countries’ information and communication technology needs in an effort to close the global digital divide” (http://1.usa.gov/1rZwicv).

Europeans face a “geographic lottery” on broadband prices, speed and range of choices, said the European Commission Tuesday in a news release (http://bit.ly/1iwVPEN). Four studies found no pattern or coherence in EU broadband markets, said the EC. Consumers are also baffled by the varying information operators provide, which limits their ability to choose the right services for them, it said. Prices for the most common broadband connections can be as much as four times higher in some EU countries, even when purchasing power is taken into account, the EC said. Sixty-six percent of people don’t know what Internet speed they've signed up for, and on average, they get only 75 percent of the speed they subscribe to, it said. Successive waves of telecom sector reform have helped change the way services are delivered in the EU, but the industry still runs largely on the basis of 28 national markets, the EC said. The European Parliament votes next week on EC plans for a connected continent, which will give consumers more transparency, rights and services, it said. The EC has a new portal for broadband-related information (http://bit.ly/1iwW7ve).

Europe needs its own trusted cloud, said the European Cloud Partnership steering board in a Friday policy paper (http://bit.ly/1oF6LTh). Cloud computing has the potential to help European citizens, businesses and public administrations save money, boost efficiency, improve security and speed innovation, it said. The cloud’s expected cumulative economic effect in 2010-2015 in the five largest European economies is around 763 billion euros ($1 trillion), and with the right policies in place, the cloud could generate around 1 trillion euros in GDP by 2020, it said. But Europe lags behind other regions in cloud computing take-up because of the recent revelations about intelligence services’ surveillance, a lack of regulatory consistency and technologically conservative policies, it said. The group proposed two categories of actions to spur cloud computing services in Europe: (1) A flexible common framework of best practices at the legal, technical and operational level. Cloud providers could then adopt the framework voluntarily to show their services comply with it and buyers of cloud services could more easily check whether an offering complies with their requirements of their use case. (2) Systematic consensus-building by all stakeholders via public consultations, workshops, coordination groups and so on. This would arrive at a common understanding on issues such as risk management, security requirements, privacy needs, enforcement methods, procurement practices and the need, if any, for legislative reform. The European Commission wants feedback on the policy proposal by May 2 (http://bit.ly/1diB2G1).