Big Brother EU

I’m hoping I’m not totally alienating the those who subscribe to my feed and expect entries about Web technologies in English and have been receiving entries related to the Finnish EUCD implementation in Finnish. But this stuff is related to the Internet.

On Tuesday 2005-11-22, I went to a public discussion event titled “Big Brother EU” and held in the auditorium of the Tapiola high-school. The speakers were Heidi Hautala (the presidential candidate for the Greens and a Member of the Parliament) and Jyrki J.J. Kasvi (a Member of the Parliament also from the Greens). The moderator was Matti Kuronen. Ykä encouraged me to blog about it, so here goes. (It is debatable whether I have a blog, but at least this is a Blogish Note. :-)

Both Hautala and Kasvi came straight from the Parliament. The Parliament had been discussing the huge stock options awarded to the leadership of the state-owned oil company Fortum. Kasvi explained that the Greens did not support canceling the stock options, because that would require a retroactive law and retroactive laws have no place in a state governed by law. Kasvi pointed out that the last time a retroactive law was passed is considered a shameful episode in the Finnish legal history. (The last time was when after the war the Soviet Union pressured Finland to pass a law in order to convict those “guilty of the war”.) He also said that letting the bad contract stand is important in order to maintain the credibility of the state when making contracts. Since we were in Espoo, he pointed out to that the majority of those receiving the stock options will be paying their taxes, which are significant, to Espoo, so in a way the municipality of Espoo is getting a lot of money from the state indirectly.

We still waited to get to the topical discussion, because a class of the adult evening high-school from the same building was expected to come in to listen as part of their civic studies. While waiting to get on the topic, income transfers were discussed briefly. Hautala spoke about reforming the current confusing mixed bag of benefits into a base income for citizens, which would eliminate incentive traps. A person is in an incentive trap when it makes financial sense not to accept a job, because accepting the job would stop the unemployment benefits and make the person worse off. A member of the audience pointed out that using the term citizen’s salary tends to make a lot of people freak out. Hautala advised her not to use that term.

The civic studies class came in and the event got on topic.

Kasvi introduced the subject area by stating that without freedom of speech and protection for privacy there is no democracy. He said that the freedom of speech was written in the Finnish Constitution and the time when there was rioting in Finland and news about the first extermination camps in World was spreading from Finland to abroad. (A member of the audience corrected that they were the first extermination camps in Europe, and Kasvi acknowledged that indeed the English-run camps in South Africa during the Boer War predated the Finnish ones. The terminology was not disputed and the discussion moved on.) The point was that the writers of the Constitution realized that suppressing speech did not calm society but instead was a cause of the unrest.

Kasvi then proceeded to the issue of data retention in the EU. It has been proposed that telecom operators would be required to store data on who is messaging with whom in order to purportedly combat terrorism. Collecting the data would be delegated to private corporations. Kasvi said this sort of thing should belong to a public offical (if done at all). He said that with the recent opposition to the amendments to the Copyright Act, those opposing the amendments had been accused of presenting dire scenarios based on speculation even though the Sony XCP debacle quickly demonstrated that it wasn’t mere speculation. Therefore, he stressed that he has examples that are real and not speculative. He said that in Colombia a drug cartel acquired communication traffic data and then the targeted those who had been communicating with the police. Kasvi said that instead of helping combatting organized crime the retention of communication traffic data gives new targets and opportunities for criminal organizations.

Hautala said that the atmosphere changed significantly on September 11th 2001. She said that security should not subdue freedom of speech and privacy. She pointed out that since September 11th the United States has not criticized the war in Chechnya, because it does not want its own actions to be likewise criticized. Hautala said that there is a need to show that something is being done.

Kasvi said that the content of the communications would not be logged and the cost of the data retention would be 40 million euros in Finland. (Overall? In some period of time? I can’t remember if it was said. Update: Tuomas Venhola says it was per year according to his recollection.)

Hautala said that the decision-making no longer happens in the Parliament.

Kasvi said that the data retention initiative is about showing people that something is being done but the scheme doesn’t work for the stated purpose. With reference to September 11th he mentioned that since September 11th Echelon has no longer been mentioned in the EU although before September 11th there were even suggestions of imposing sanctions on to the United States because of Echelon.

Hautala mentioned an initiative to unify criminal records all the EU countries. She said that we cannot trust the level of privacy protection in all the other EU countries. There would be too many people who would have access to the criminal records. She mentioned that the data transferred in relation to the arrangements related to the Schengen accord already is seen as too many access points by too many people and may include information such as sexual orientation.

On the note of sharing data with other EU countries Kasvi said that the data retention initiative includes a requirement to share the data with other EU countries. He said this would be a problem for example if the intelligence bureaus of other countries which engage in industrial espionage for the benefit of the local industry requested data on for example the communications of the leadership of Nokia.

Kasvi said that a science fiction author (whose name escapes me Update: David Brin according to a reader) has been pondering the issue of the ubiquitous availability of cheap surveillance equipment and its effects on society. He has concluded that the best way to address the issue is to make surveillance equipment totally unregulated and operable by anyone so that people can watch the watchers. Kasvi said that he hasn’t come up with a better solution is so far.

He went on to point out that surveillance equipment is indeed often misused. He told a story about going on a cable installation gig when he was younger. The installations to place in an office that has surveillance cameras in public parks. The people there showed the installation guys some of the videos they had captured from the parks using the night vision-capable cameras. Kasvi said the videos would qualify as hard-core [pornography], and the videos were detailed enough for the persons involved to be recognizable.

I asked whether the EU data retention initiative involved logging all IP packets. Kasvi said it doesn’t, because doing so was deemed too expensive. Email, SMS and phonecalls would be logged. (What about HTTP? It was not mentioned.) He reiterated that getting around the system is so easy that it won’t work against terrorists. He pointed out that the logging for example does not apply to organizational subscribers but only to individual ISP and telco customers!

I asked whether creating new application-level protocols would be allowed without the protocol designer cooperating with the surveillance authorities. Kasvi replied that coming up with new protocols would not be banned but would be unnecessary, because he could himself write software to hide messages in images on the Web, so obviously the terrorists would be able to so as well. (It was pretty cool to talk to politicians who understood the questions and used steganography as an example to make a point.)

A member of the audience tried to steer the discussion off topic by asking a more general presidential campaign question from Hautala. In reference to the usual Finnish debate about the role of the president in external and in internal matters Hautala asked rhetorically where in these matters should the line between external and internal policy be drawn.

I asked whether crypto that really keeps data private (ie. that really works) should be allowed even though this necessarily means keeping the data private from the police as well. Here the reply went besides the question. (I don’t know if it was intentional. I did not press for a focused answer.) Kasvi talked about encypting patient records and said that the use of a passepartout should always be documented.

Going a bit off topic the law initiative by Hautala and Kasvi banning rootkit-style DRM and affirming the consumer’s right to make three copies of a work was briefly introduced. It was discussed more after the main event.

(I think banning rootkit-style DRM is good and it’s a problem if there is not already a general ban on such malware. I’d go further with banning DRM because of the anti-competitive effects of unnaturally strong links between complementary products. The main worry I have is that codifying three copies in law sets a too low number for the allowed copies. Think about a mirroring RAID plus a backup disk and then a portable player. Besides, a fundamental problem with copyright is that the law is invoked on copying even if the copy is just an implementation detail within the control sphere of one person.)

A member from the audience (during the main event or after – I can’t remember) pointed out that Rosa Meriläinen (also a Green Member of the Parliament) has blogged about having gone to Gramex’s (a copyright lobby group of record producers and musicians) party to be praised about the recent amendments to the Copyright Act. (Side note: When talking about politics, the top gripe I hear people having about the Greens is that they appreciate Kasvi, Soininvaara, Hautala and the late Matti Wuori but that they don’t want the boost the likes of Meriläinen. The second gripe is the nuclear energy policy.)

Hautala talked about the history of the Finnish public information (about the work of officials) access principle and how it got copied to the EU level. She mentioned that there was this guy who made a document request about the documents on the meaning of the directive that the minister of culture had referred to in the parliamentary reading of the recent bill to amend the Copyright Act. The reply was that there were no special document besides the directive itself and its rationale. I said I was the guy.

I asked who is behind the data retention initiative and who is actually making the decision. At least with the amendment of the Copyright Act it was pretty clear that the real decision was made in WIPO (with non-elected officials like Jukka Liedes representing Finland), then codified as a directive by the Comission and finally handed to rubber-stamping by the Finnish Parliament. Hautala said Belgium had a role and the initiative originates from the EU, but the exact structure is unclear and discussions go on behind closed doors. She said that taking along elected representatives when non-elected officials go to treaty negotiations is good.

Kasvi said the data retention initiative has been shot down many times but it pops up again and again like a zombie.

Kasvi wrapped up the event by saying that the terrorists are winning by inducing us to destroy our basic values [of freedom and privacy] ourselves. He finished with the famous Benjamin Franklin quote that those who give up liberty in exchange for security deserve neither.

After the main event, I had the chance to give an extensive braindump about my views on copyright with two politicians listening. Which was nice.