Telecoms-Package Compromise-Amendments ITRE-IMCO 7th-July

From La Quadrature du Net
Jump to navigationJump to search

Last Version - July 2nd -[edit]

"Final" version of the compromise amendements

analysis of the amendements

Following analysis of the previous amendements. Most do not change, the modifications made on the others do not change the analysis.

Amendment H1, Harbour[edit]

Allows national regulation authorities and the Commission to fix standards which restrict the run of « lawful applications » and « lawful services » and access and distribution of « lawful content » How a computer or an ISP can determine what is lawful and unlawful ? => Paves the way to filtering and to surveillance computing (know as treacherous computing).

Article 1 – point 13 xx amending Directive 2002/22/EC Article 22 – paragraph 3

A national regulatory authority may issue guidelines
setting minimum quality of service requirements, and, if
appropriate, take other measures, in order to prevent degradation
of services and slowing of traffic over networks, and to ensure
that the ability of users to access or distribute lawful content or
to run lawful applications and services of their choice is not
unreasonably restricted. Those guidelines or measures shall take due
account of any standards issued under article 17 of Directive
2002/121EC (Framework directive).

The Commission may having examined such guidelines or measures and
consulted [XXX], adopt technical implementing measures in that
regards if it considers that the guidelines or measures may create
barrier to the internal market. Theses measures designed to amend
non-essential elements of this directive by supplementing it, shall
be adopted in accordance with the regulatory procedure with
scrutinity referred to in article 37(2).


  1. Treacherous computing is an expression used to avoid the use of Trusted Computing because so called technologies are designed to take off the right of users to control their computer (and by the way their personal data), not to secure them. One goal is producers can remote control the use of their content because they do not trust users.
  2. Free Software is not compatible with standards used to try to restrict the run of a « lawful application » : Free Software can be studied and modified by the user himself to check the security of the software or to create a new lawful application as Free Soffware authors grant the right to do so to every user. And technologies used to check if an application is lawful consider user modified software as unlawful. So beside pushing dangerous technologies for privacy, this amendment mays create by itself a barrier in the internal market even if an ISO standard of treacherous computing emerges like the following (
  3. Please study this amendment from a strategic point of view and follow the reference to article 37(2) io unterstand why it is also a troyan horse from democratic point of view

Amendement K1, Kamal[edit]

Trusted computing, open the door to mandatory TPM, when linked with H1 and K2, attributed to BSA.

Article 2 – point 5 a (new) amending Directive 2002/58/EC Article 14 – paragraph 1

1. In implementing the provisions of this Directive, Member States
shall ensure, subject to paragraphs 2 and 3, that no mandatory
requirements for specific technical features, including, without
limitation, for the purpose of detecting,intercepting or preventing
infringement of intellectual property rights by users, are
imposed on terminal or other electronic communication equipment which
could impede the placing of equipment on the market and the free
circulation of such equipment in and between Member States.

For information paragraphs 2 and 3 mentionned in this paragraph 1 can be read as follow:

2. Where provisions of this Directive can be implemented only by
requiring specific technical features in electronic communications
networks, Member States shall inform the Commission in accordance
with the procedure provided for by Directive 98/34/EC of the European
Parliament and of the Council of 22 June 1998 laying down a procedure
for the provision of information in the field of technical standards
and regulations and of rules on information society services(9).
3. Where required, measures may be adopted to ensure that terminal
equipment is constructed in a way that is compatible with the right
of users to protect and control the use of their personal data, in
accordance with Directive 1999/5/EC and Council Decision 87/95/EEC of
22 December 1986 on standardisation in the field of information
technology and communications(10).


  1. This amendment opens the door to implementation of intrusive technologies that could become mandatory by Members States' decision as far as these technologies do not impair internal market.
  2. First, this amendment states that some technical measures aiming exist, whose purpose is to detect, intercept or prevent infringements of intellectual property rights (including infringements to copyright, trademarks right, and patents right). Yet, to detect, intercept and prevent such criminal infringements, users' uses and electronic communications must be monitored with hardwares and softwares that are actually finks taking the place of a judge (who usually is the only one who can tell what is lawful and what is not).
  3. Second, this amendment doesn't prevent from creating mandatory measures, with the only provision that they don't harm freedom to market and competitivity inside the Internal Market.
  4. Finally, reference to paragraph 3, supposedly protecting from any risk that privacy would be harmed, is voided by the next amendment (Amendment K2 below).

Amendment K2, Kamal[edit]

Allows compagnies to remote control electronic communications of the user without his consent, attributed to BSA.

Article 2 – point 4 a (new) amending Directive 2002/58/EC Article 6 – paragraph 6a (new)

6a. Traffic data may be processed by any natural or legal person for
the purpose of implementing technical measures to ensure the security
of a public electronic communication service, a public or private
electronic communications network, an information society service, or
related terminal and electronic communication equipment. Such
processing must be restricted to what is strictly necessary for the
purposes of such security activity.


The concept of security is used by DRMS (Digital Restriction Management System) vendors and also in national laws implementing the directive 2001/29CE which forbid the circumvention of technical measures used to control copy of works (as DRM do). So when reading this amendment, the security of an electronic communication equipment must be unterstood also as the security by obscurity of DRM used to prevent, detect or intercept IP infrigments (in compliance with amendments H1 and K1).

Spekulaticve: "a public or private" network reads to me, as they also have the power to break into your "private" network. (LAN, VPN Connections...) And if electroniv communication equipment is your computer, they may check it out too ??? Opinions please.

Amendment H2, Harbour[edit]

Known part of three-strikes approach, introduces the concept of cooperation between ISP and producers under the authority of national regulation authorities, written by the French cinema lobby, SACD.

Article 1 – point 20 xx amending Directive 2002/22/EC Article 33 – paragraph 2a (new)
Without prejudice to national rules in conformity with community law
promoting cultural and media policy objectives, such as cultural and
linguistic diversity and media pluralism, national regulatory
authorities and other relevant authorities shall also as far as
appropriate promote cooperation between undertakings providing
electronic communications networks and/or services and the sectors
interested in the protection and promotion of lawful content in
electronic communication networks and services. These co-operation
mechanisms may also include coordination of the public interest
information to be made available as set out in Article 21(4a) and
Article 20(2).


La Quadrature du Net has evidence that this amendment was written by SACD:

Amendement H3, Harbour[edit]

Known part of three-strikes approach, permits intimidation by email and mandates that ISPs costs are paid for by the national regulator, (as is the case for the French draft law on three-strikes approach).

Article 1 – point 12 xx amending Directive 2002/22/EC Article 21 – paragraph 4a (new)
Members state shall ensure that national regulatory authorities
oblige the undertakings referred in paragraph 4 to distribute public
interest information to existing and new subscribers when
appropriate. Such information shall be produced by the relevant
public authorities in a standardised format and may inter alia cover
the following topics :

(a) illegal uses of electronic communications services, particularly
where it may prejudice respect for the rights and freedoms of others,
including infringement of copyright and related rights ;

(b) the most common illegal uses of electronic communications
services, including copyright infrigement, and their consequences; and

(c) means of protection against risks to personal security, privacy
and personal data in using electronic communications services.

Significant additional costs incurred by an undertaking in complying
with these obligations shall be reinbursed by the national regulatory


This amendment forces Internet Access Providers (ISPs) to send notice messages to users when unlawful uses have been detected. The issue is that it doesn't tell who is the sender (private enterprises, national regulatory authorities, judicial authority?).

The difference between point (a) and point (b) should be noted: the first one aims at individual uses (informations on intercepted or detected allegedly infringements) whereas the second one is general (informations on most common cases of unlawful uses of Internet access).

Point (c) is about informations on traffic data processing means without permission for Internet access security reasons, authorized by Commission through amendment H1, K1, and K2.

This is the exact description of informations that French government is eager to send to users in the so-called three-strikes approach in order that users install filtering and monitoring means.