Issue link: https://maltatoday.uberflip.com/i/604914
maltatoday, SUNDAY, 22 NOVEMBER 2015 17 Inside the EP Inside the EP In the wake of the Paris attacks, nothing could be more contentious than the controversial – although arguably important – political statement by the European Parliament on radicalisation and recruitment of EU citizens by terrorist organisations. An estimated 5,000 European citizens have joined terrorist organisations fighting in Iraq and Syria. With the issue of foreign fighters posing challenges for governments across the EU, a report on preventing the radicalisation and recruitment of Europeans by terrorist organisations was adopted by the civil liberties committee on 19 October. Rapporteur Rachida Dati (EPP, France) (pictured) says that there are hotbeds of radicalised Europeans across the EU, and due to the Schengen area EU citizens may travel freely. "Over the past two years, terrorist attacks carried out by radicalised European citizens have taken place in a number of countries… we face a threat which impacts on all of us, and this is why a truly European response is needed. This need not mean fewer competences for member states but simply more coordination and collaboration." Dati's report calls on the EU to push its own counter-arguments against those of online terrorists, prosecute internet giants to push them to delete illegal content, segregate radicalised inmates in prisons, engage in dialogue with the various religious communities, prevent radicalisation through education and tackling terrorism-funding channels by guaranteeing greater transparency on external financial flows. The internet is in fact one of the primary channels of radicalisation. "The biggest problem with the internet is the publishing and proliferation of illegal content. The internet giants must accept their responsibility. Should they refuse to cooperate or show themselves willing, I propose that they face criminal charges," Dati says. EDRI (European Digital Rights) – an association of civil and human rights organisations from across Europe who monitor data retention, copyright, crybercrime and net neutrality issues – says MEPs should however fix certain areas related to the role of ISPs and their responsibility when dealing with illegal content, companies' involvement in counter- terrorist narratives, and the EU Passenger Name Records (PNR) Directive. Currently, hosting providers must act expeditiously to delete or disable access to illegal content online. However, the current Draft Resolution asks for companies to be held criminally liable if they fail to act, even if only in response to an "administrative request" and not a court order. EDRI says that there is no evidence to suggest that there are companies active in Europe whose failure to act to address illegal terrorist content could be considered a criminal act in its own right. "The criminalisation of internet companies to address a problem that does not exist brings no benefits, but supporting this measure, even in principle, sets a terrible international precedent." EDRI also says it is dangerous that the draft resolution calls on member states to manipulate online speech as a mechanism for preventing radicalisation and hate speech. "This risks being counterproductive, contrary to democracy, and its values and has worrying echoes of state-sponsored 'troll armies' in jurisdictions with weak democratic values," EDRI said. But the success of the Dati resolution, as EDRI suggests, "will be sending a clear and legally tenable message: Europe will remain united and will not renounce democracy or citizens' fundamental rights and freedoms." Maltese MEPs Therese Comodini Cachia and Roberta Metsola (EPP) (pictured) have expressed their resolve with respect to the need to uphold individual rights, in a debate organised by the European Parliament Office in Malta. "The challenge for the EU is to find the right balance between ensuring privacy online and security of citizens; to ensure that social media are not used as a platform for hate propaganda and for terrorists to communicate online," Metsola said. "We need to target the criminals without infringing the rights of the vast majority of citizens unnecessarily." Comodini Cachia echoed this sentiment, stressing that "when as a consequence of terrorism we are forced to give up some of our rights, it is definitely worrying." "Our ancestors worked hard to achieve the rights we enjoy today and the past shows us where the balance lies, especially through human rights case law." Referring to the requirement that all data is to be treated without any discrimination or interference, Comodini Cachia said that the discussion was now moving from 'net neutrality' to 'zero rating', which means ensuring free access to certain services. "The internet is to be considered a common good that is available to all – from big cities to rural areas." Metsola also stressed the importance of digital awareness: "What was termed as 'the right to be forgotten' would apply only within the EU territory. We do not have a guarantee that it would be deleted elsewhere in the world. Education and awareness on how to navigate the online environment remain key." A crucial 'battleground' in European security Responding to the online threat of terrorism • The Dati Report Is the 'right to be forgotten' bad news for our own rights? THE central area of debate on the details of Europe's data protection package of reforms is the tug-of-war between advocates for data protection, against companies and govern- ment authorities who want to overcome privacy laws. Critics of the GDPR will certainly say that in the MEPs' determination to protect the personal information of users online, the 'right to be forgotten' seems to have been taken on wholesale, without stopping to consider the rights of publishers exercising their own human right of free expression as well as the right of their audiences to receive such information. Even for newspapers, this is a time-bomb that could mean a lot of online reporting being removed and censored by a non-stop stream of demands from people and those in power, to remove online content. The right of erasure has already become a reality with Google providing the service of removing search engine links. In fact the first sign of how this might pose a problem for free speech online came from the 2014 judgment of the European Court of Justice, Google Spain v. Mario Costeja González— the so-called Right to Be Forgotten case. The decision created an ambiguous respon- sibility upon search engines to censor the internet, even it was truthful information that had been lawfully published. Critics said that the problem with the GD- PR is that it doubles down on Google Spain. Here's how the Electronic Frontier Foun- dation's senior policy analyst Jeremy Mal- colm puts it. Firstly, search engines and other internet intermediaries must block the content im- mediately without notice to the user who uploaded that content – this is something different from the current process, which gives search engines some time to consider the legitimacy of the request. "After reviewing the (also vague) criteria that balance the privacy claim with other legitimate interests and public interest con- siderations such as freedom of expression, and possibly consulting with the user who uploaded the content if doubt remains, the intermediary either permanently erases the content (which, for search engines, means removing their link to it) or reinstates it." And if it does erase the information, it is not required to notify the uploading user of having done so, but is required to notify any downstream publishers or recipients of the same content, and disclose any information that it has about the uploading user to the person who requested its removal. "Think about that for a moment. You place a comment on a website which mentions a few (truthful) facts about another person. Under the GDPR, that person can now de- mand the instant removal of your comment from the host of the website, while that host determines whether it might be okay to still publish it," Malcolm says. "If the host's decision goes against you (and you won't always be notified, so good luck spotting the pre-emptive deletion in time to plead your case to Google or Facebook or your ISP), your com- ment will be erased. If that comment was syndicated, by RSS or some other mecha- nism, your deleting host is now obliged to let anyone else know that they should also remove the content. "Finally, according to the existing lan- guage, while the host is dissuaded from telling you about any of this procedure, they are compelled to hand over personal information about you to the original complainant. So this part of EU's data pro- tection law would ac- tually release personal information!" Then there are the penalties. If the host fails to remove content that a data protection authority later deter- mines should have been removed in the first place, it may become liable to penalties of €100 million or up to 5% of its global turno- ver. No doubt: it means the intermediary will take information down if there is even a re- mote possibility that the information has indeed become "irrelevant". "These GDPR removals won't just be used for the limited purpose they were intended for. Instead, it will be abused to censor au- thors and invade the privacy of speakers. A GDPR without fixes will damage the reputation of data protection law as ef- fectively as the Digital Millennium Cop- yright Act permanently tarnished the intent and purpose of copyright law," says Malcolm. Critics will also charge that the right to be forgotten goes contrary to implied rights in the Manila Principles on Intermediary Liability, be- cause they impose an obliga- tion on the intermediary to remove content prior to any order by an independent and impartial judicial authority. The GDPR does not even set out detailed minimum re- quirements for requests for erasure of content. And with the lack of due proc- ess for the user who uploaded the content, this could set the stage for mistaken over-blocking, with little transparency or accountabil- ity built into this process.