European Data Protection Supervisor Slams ACTA on Privacy Grounds

The European Data Protection Supervisor has issued a new opinion on the Anti-Counterfeiting Trade Agreement, expressing serious concerns about the impact of the agreement on privacy and data protection (a prior opinion was released in 2010). The EDPS states:

Many of the measures that could be implemented in the context of Articles 27(3) and 27(4) of ACTA would involve a form of monitoring of individuals’ use of the Internet, whether by detecting actual IP rights infringements or by trying to prevent any future infringements. In many cases, the monitoring would be carried out by right holders or right holders’ associations and third parties acting on their behalf, although they often seek to delegate such task to ISPs.

The opinion continues:

A targeted form of monitoring by right holders would be legitimate if the processing is carried out in the context of specific, current or forthcoming judicial proceedings, to establish, make or defend legal claims. However, the generalised monitoring followed by the storage of data on a general scale for the purpose of enforcing claims, such as the scanning of the Internet as such, or all the activity in P2P networks, would go beyond what is legitimate. Such general monitoring is especially intrusive to individuals’ rights and freedoms when it is not well defined and there is no limitation to it, in scope, in time, and in terms of persons concerned. As a consequence, the indiscriminate or widespread monitoring of Internet user’ behaviour in relation to trivial, small-scale not for profit infringement would be disproportionate and in violation of Article 8 ECHR, Articles 7 and 8 of the Charter of Fundamental Rights, and the Data protection Directive.

The opinion engages in detailed analysis of specific provisions, noting the lack of clarity on the scope of enforcement, the problems of vagueness with respect to “competent authorities” entrusted with injunction power, that voluntary cooperation agreements may require conduct in violation of EU law, and the absence of sufficient limitations and safeguards on monitoring practices. The EDPS statement is a must-read for European politicians currently considering ACTA and should be assessed by privacy authorities – including Canadian Privacy Commissioner Jennifer Stoddart – to assess the impact of ACTA within their national laws.

One Comment

  1. pat donovan says:

    oh good
    the region one censorship zone just got another knock. Good.

    Now to privitize the cloud… and other freebies.