- Before we get to that, it must first be noted that ever since the sad demise of section 28 of the Local Government Act 1988 which prohibited the "promotion of homosexuality", the topic of homosexuality in a school environment is largely determined by the rules governing sex education. In particular, section 403 (1) of the Education Act 1996 provides that any kind of sex education must encourage pupils to have due regard to "moral considerations and the value of family life". Section 403(1A) then states that the Secretary of State must issue guidance on the matter and that that guidance must make sure, among other things, that pupils are protected "from teaching and materials which are "inappropriate having regard to their religious and cultural background". The practical result of this can be seen in classrooms all over the country where teachers are finding it difficult to even mention the possibility of LGB lives for fear that some rabid parent may rant them out to the head teacher as exposing the little dear to culturally and religiously inappropriate propaganda.
- Ignoring for the moment the ludicrousness of the notion that homosexuality is something that would benefit from a sleek advertising campaign (as people said in the context of the section 28 debate, "If we could turn people gay, don't you think there'd be more of us?"), this has dire consequences for children that are actually LGB themselves or that are at least wondering about whether or not them may be. Studies have found that pupils identifying as LGB are more likely to experience feelings of depression and suicide by several orders of magnitude. Rather than this being "innate' to the misfortune of identifying as LGB - as the churches would have us believe - research has shown quite clearly that these feelings are much less likely to developed where LGB pupils are allowed to operate in an open and supportive environment.
- At the same time, the complete and utter lack of positive LGB role models in schools and the refusal of schools to depict LGB as a valid identity leads to feelings of isolation and makes it more difficult for LGB students to come to terms with their own sexuality. According to a study supported by Stonewall, seven in ten pupils say that this affects their school work and 60% report that there is no adult in their lives in whom they feel comfortable confiding about their sexuality.
- This atmosphere of ignorance, neglect and barely disguised intolerance also leads to increased incidences of homophobic bullying. Again, the Stonewall study found that 65% of LGB students has experienced homophobic bullying - ranging from name-calling to physical assault - rising to 75% in faith schools. Students report that even where they report the bullying to teachers and other educators, in many cases nothing is done. Indeed, teachers are often the perpetrators when it comes to making homophobic remarks about their pupils with another study finding that 43% of secondary school teachers have overheard homophobic comments being made by colleagues and 30% describing how colleagues in their school have themselves been responsible for homophobic bullying.
- Against this backdrop consider Michael Gove's recent announcement that the Equality Act does not extend to schools and that faith schools therefore have a right to distribute what can only be described as homophobic material.
Thursday, 26 April 2012
Friday, 20 April 2012
Despite her various extracurricular activities - some of which find an outlet on this blog - it cannot be disputed that Matron is first and foremost a lawyer. This means that sometimes, when a particularly complex legal issue comes along, she can't help abusing blogger's privilege for a proper, in-depth legal analysis. So this post comes with the health warning that it is likely to put anyone in deep slumber who isn't similarly freakishly endowed with what Tom Hanks, in the movie Philadelphia, vomit-inducingly called "a love for the law".
Having given those who come out in bumps at this thought the opportunity to google something more interesting, let us have a look at an extremely interesting decision by the EU's Court of Justice that was published yesterday*. The case of Bonnier Audio and others v Perfect Communication Sweden AB concerned claims by several Swedish publishing companies against a Swedish ISP, ePhone, for disclosure of the name and address of ePhone users who were suspected of illegal filesharing. As is common in these cases, the publishers had collected the users’ IP addresses by monitoring activity on certain filesharing sites and required ePhone to disclose the users’ identity so that they could bring infringement proceedings against them. In the UK, such claims for information disclosure would be made through a legal instrument called a Norwich Pharmacal Order, in Sweden, this is permitted on the basis of section 53(c) of the Swedish Copyright Law.
In reality, in many cases, ISPs will willingly hand over the data once a court order is made as they have nothing to gain from opposing it other than incurring unnecessary legal costs. However, in this case, ePhone challenged the order on grounds arising under the 2006 Data Retention Directive.
ePhone argued that the Directive specifically prohibits the disclosure of retained communications data (because that is what this information is) to anyone for purposes other than the prevention, detection, investigation and prosecution of serious crime. In particular, Article 4 of the Data Retention Directive requires member states to ensure that data retained in accordance with the Directive are provided only to the competent national authorities (mainly security and law enforcement agencies) in specific cases and in accordance with national law.
However, this defence was ultimately unsuccessful and instead, the Swedish court of first instance granted the publishers’ application. Both, ePhone and the publishers appealed the case at various stages in the proceedings until the Swedish Supreme Court decided to make a reference to the ECJ. In particular it asked the ECJ for guidance on two questions:
1. Does the Data Retention Directive preclude the application of a national provision (in this case section 53(c)) under which ISPs may be ordered to disclose communiations data about their users to rightsholders for the purpose of IP enforcement?
2. Does it matter that the member state in question has not yet implemented the Data Retention Directive?
In brief, the ECJ ruled that (a) the Data Retention Directive (2006/24/EC) does not prevent member states from enacting such laws and that (b) it was irrelevant to the main proceedings that Sweden had not yet transposed the Data Retention Directive.
On first reading, Matron was extremely disappointed by this decision, which seemed a step back after rather encouraging recent rulings on ISPs’ role in the monitoring and filtering of online activity, for example in SABAM v Netlog. On second reading, Matron began to wonder whether the court could in fact have decided in any other way. But on third and most recent reading, questions are beginning to crop up, of which Matron wondered whether they should have been answered, even if they weren’t asked.
Lets tackle it step by step:
1. The thing that can be ascertained most clearly is that the ECJ is not going to depart from its 2008 decision in Promusicae any time soon. In that case, it had ruled that while Community law does not require member states to oblige internet service providers to disclose details of suspected file-sharers to enable a copyright owner to bring civil proceedings, it does also not prevent them from doing so, provided that the law in question allows the national courts to strike a fair balance between the IP rights of rightsholders and the privacy rights of individuals. In the Bonnier case, the ECJ examined the Swedish law and found that section 53(3) fulfilled the Promusicae requirements.
2. The ECJ’s ruling that the Data Retention Directive would not have precluded member states from adopting section 53(c) (or from permitting rightsholders to use it to obtain communications data from ISPs) even if the Directive had been implemented in Sweden was probably – technically – also correct. Even the Advocate General, who in his own opinion on the Bonnier case has taken a much wider view of the issues in question, had come to that conclusion. The Data Retention Directive clearly only envisaged disclosure of communications data to public authorities so that it could be argued, as the ECJ did, that the disclosure to private entities does not come within its remit.
3. This means that the ECJ’s ruling, at least in this respect, cannot be blamed on the quality of its interpretation of the law, but on the quality of the law itself. Maybe, just maybe, lawmakers should have asked themselves whether or not a provision should have been included in the Data Retention Directive that would have limited access to the retained data to access by law enforcement agencies solely for the purposes of law enforcement. But the truth, of course, is that campaigners DID in fact ask for such a provision at the time, but that they were widely ignored, with the then UK Home Secretary, Charles Clarke, admitting openly in Parliament that he saw no reason why such data, once retained, should not be available to rightsholders for IP enforcement purposes. Going forward this means that member states are still free to adopt similar laws – mainly on the basis of Article 8 of the 2004 IP Enforcement Directive – without having to fear that the ECJ will use the Data Retention Directive to strike them down.
4. The question the ECJ has not answered is whether this means that the ECJ has now given card blanche to rightsholders to make applications for the disclosure of any kind of data held by ISPs, including data that are in existence solely because the ISP is required to retain them by EU or national laws (rather than because they need them for their own business purposes). This is a question of “landgrabs” where the mere existence of a data pool generates unwholesome desires in third parties, who would enthusiastically like to get their mittens on that data, if only they could find a legal way to do so. This is a point that has exercised Matron for several years now and where she has come to the firm conclusion that the only way to protect personal data from those “landgrabs” is by making sure that the data pools do not come into existence at in the first place. In her opinion, any arguments – including arguments put forward by members of the tech community – that data protection law should only concern itself with regulating the use of personal data and not its collection, fall at that initial hurdle. "Build it and they will come", as they say, and anyone who argues otherwise is highly likely to be unpleasantly surprised a few years down the line.
5. So how should the ECJ have addressed this question in the context of Bonnier and has it really made such a fist of it? Well, yes and no. And yes again. At first glance, the court does not seem consider at all the purpose for which the requested data was initially retained as a factor in its decision on whether or not member states should have the right to grant rightsholders access to that data. This could suggest that it does not care and that the right it has granted to member states is wide-ranging.
6. On the other hand, as the German civil society organisation AK Vorrat points out on its blog (in German), the ECJ has made it clear in its decision, that it “is starting from the premiss that the data at issue in the main proceedings have been retained in accordance with national legislation, in compliance with the conditions laid down in Article 15(1) of Directive 2002/58”, and that “this is a matter which it is for the national court to ascertain”.
7. This list is enumerative, meaning that any national laws granting rightsholders access to communications data must comply not only with the conditions laid down in Article 15(1) of the E-Privacy Directive (which includes the right to derogate from the general requirement to erase communications data when they are no longer required by ISPs for their own business purpose – this is the derogation on which the Data Retention Directive was based), they must also comply with other national laws! And EU member states must, of course, have national laws in place that implement the 1995 Data Protection Directive. In order to determine whether national laws that allow rightsholders access to retained communications data comply with the EU legal framework, we must therefore examine whether those laws comply with the provisions of the Data Protection Directive.
8. The way Matron sees it, a core principle of the Data Protection Directive is that the processing of personal data is only permitted for “specified, explicit and legitimate purposes” and that it must not be “further processed” in a way “incompatible with the original purpose” (Article 6(1)(b), Data Protection Directive). This “purpose restriction principle” applies to all forms of processing except where the further processing is for “historical, statistical or scientific purposes”. Member states are only permitted to impose restrictions on this general rule in very limited cases when such a restriction constitutes a “necessary measures to safeguard” an important public interest (national security, defence and public security, to name but a few, see Article 13, Data Protection Directive). The protection and enforcement of IP rights is specifically not included in that list of public interests, so it is difficult to see how a member state can justify adopting a law that allows the “further processing” by ISPs or rightsholders of data for IP enforcement purposes, when that data was originally collected by ISPs for purposes of billing and traffic management.
9. Some may argue that Article 7(c) of the Data Protection Directive permits a data controller to process data if such processing is necessary for "compliance with a legal obligation to which the controller is subject". This, they say, leaves the door open for member states to adopt all kinds of laws that legitimise “futher processing”. However, as the Article 29 Working Party has pointed out on several occasions, ontologically, Article 7 is merely setting out the conditions on which the first data protection principle (to process data fairly and lawfully, see Article 6(1)(a), Data Protection Directive) is met. That principle and the purpose restriction principle contained in Article 6(1)(b) stand side by side. One does not override the other. A legal obligation referred to in Article 7(c) should therefore merely legitimise the first instance of processing, i.e. the collection of the communications data by the ISP, but not any “further processing” by him or any third party.
10. This is an unpopular interpretation of Articles 6 and 7, and indeed the recently proposed Data Protection Regulation that is designed to replace the Data Protection Directive includes a provision that would permit member states to legitimise “further processing” through national laws (see Article 5(4) of that draft Regulation). However, it is almost impossible to say at this stage whether Article 5(4), which would effectively remove the purpose restriction principle from the EU data protection framework, will make it into the final version of the Regulation given that it is strenuously opposed by the EDPS, the Article 29 Working Party and many privacy advocates. In addition, for the time being courts would still have to decide cases on the basis of existing law.
11. On an objective reading of the Data Protection Directive, it therefore seems to Matron that any member state trying to adopt a law that mandates the disclosure (i.e. further processing) for the purpose of IP enforcement of communications data initially collected for billing purposes would fail to implement the Data Protection Directive correctly and would (or at least should) have to expect a legal challenge before the ECJ on that basis.
12. As for the question of whether the ECJ should have made this clear, well, in the court’s defence, this wasn’t the question the national court had asked. Already, it is obvious from the decision that the ECJ had to do a certain amount of reinterpretation of the original reference to get to the heart of the question that, in its view, the national court actually wanted to have answered. Maybe the judges felt that there was only so much they could do in this context – particularly in light of the fact that the court already receives a fair amount of stick for allegedly answering questions it isn’t asked. Judges are political animal too, after all.
13. However - and this is where the Advocate General’s opinion is much more useful than the ECJ’s decision – the court could probably have made it clearer that the national courts will have to consider the framework put in place by the Data Protection Directive when deciding whether or not section 53(c) is compatible with EU law. This is a massive oversight and may very well lead to the Swedish courts skirting this issue entirely when the case comes back to them for review. If that happens, it is impossible to say how long we would have to wait for another suitable case that would allow the ECJ to clarify the situation.
One can only hope that ePhone’s lawyers will make sure that this doesn’t happen.
* It should be stressed that this is Matron's reading of the decision and than she actively welcomes dissent on this. The judgement is a complicated piece and more may need to be said.
To start with the good stuff, Matron spent the afternoon at the excellent “Scrambling for Safety” conference hosted by the LSE and organised by the Open Rights Group, fipr and Privacy International to kick-start a nationwide campaign against the UK government’s latest surveillance brainchild, the Communications Capabilities Development Programme. And an excellent conference it was too despite that fact that much of the preaching was done to a very receptive choir. This was not the organisers’ fault – Matron was reliably informed that enourmous energies had been expended trying to get people from different backgrounds and with different views to speak on the subject.
But when even a senior cop (Sir Chris Fox QPM, first President of the Association of Chief Police Officer) condemns the proposals as unworkable and unnecessary, when the guys from the Home Office prefer to pull up the draw bridge, and when the Labour Party (possibly acutely aware of the embarrassing fact that the proposals are a carbon copy of the Interception Modernisation Programme they themselves proposed in 2009) fails to respond to the invitation, who else is there to speak out on behalf of a project that could cost the country billions, violate the fundamental rights of millions of citizens and have no beneficial effect whatsever? The people who are likely to make a mint from flogging the technology – first to the UK, then to other “benevolent” regimes? Well, yeah, now there’s a conversation that is likely to happen in the spirit of openness and full and frank disclosure. Not!
But leaving that aside, Matron has nothing to add to her own recent post on the CCDP and fellow blogger Paul Bernal has already expertly summarised the SfS2012 conference. The conference was the start of a campaign that, Matron still feels, at a political level in the UK is ultimately winnable. So please concerned people of all ages and political pursuasions, join the fight, support one of the groups mentioned above by giving your time, expertise or even just money and help prevent this from happening.
Come fly with me (well, maybe not…)
The second thing that happened yesterday was less enjoyable. Matron is speaking, of course, about the European Parliament's decision to approve the international agreement between the EU and the US on the collection and transfer to the US Department for Homeland Security of the passenger names records of all citizens boarding a plane to the US from an EU member state. This agreement has been controversial for years and much more information than Matron could ever provide in this short space can be found on the website of European Digital Rights (EDRi). However, a few words on the procedural aspects of this decision.
Matron can’t say that the result of the EP’s vote has come as a surprise to her. With regard to matters of privacy and surveillance a pattern has been emerging here for some time where the EP – seemingly more concerned about its own role in the legislative process than the issues at stake – makes an almighty fuss about privacy and safeguards and the impossibility of it all until someone lets it onto the playing field to kick the ball around for a bit, after which it quietly returns to the bench with a content smile and lets those who really run the show get on with it.
Of course, this damning judgement does not apply to ALL MEPs, and Matron must particularly commend the work of , and the stance taken by, Sophie In’t Veld (ALDE, NL), who was the rapporteur for the LIBE committee which had recommended that the agreement should be rejected and who reportedly withdrew her name from the report after the vote.
However, the EP’s role in these matters is becoming almost as much of a trigger for privacy campaigners’ frustration as the inevitable outcomes of the various legislative proposals, almost all of which promote what Bruce Schneier calls the false dichotomy of privacy v security. MEPs should therefore ask themselves whether they are doing their own reputation any favours in the long run, if they never grasp the opportunity to stand up – and be seen to stand up – against the whimseys of their political paymasters.
The EP’s powers in the legislative process were increased in the Lisbon Treaty specifically with the aim of ensuring democratic controll and accountabilty. It is currently quite blantantly not fulfilling that role in many, many cases.
Bonnier Audio v Perfect Communication Sweden AB
Speaking of EU institutions that “could do better”: before she swanned off to her conference yesterday, Matron had the dubitable pleasure of having to write up the ECJ’s decision in Bonnier Audio v Sweden.
This decision was expected to provide some clarity on whether IP rightsholders should be allowed to demand the disclosure from ISPs of data identifying those ISPs' users for the purpose of bringing claims for illegal filesharing against those users. The best (and briefest) answer to this question may very well be that the ECJ - unhelpfully - has left many questions unanswered. However, Matron has made a stab at a fuller account of the judgement in a separate post for those with a masochistic interest in the lengthy and complicated analysis of ECJ judgements.
The end is nigh?
So what to make of this day? Is there a clear direction discernible of whither we are headed in the area of information privacy? Is it all doom and gloom? Is the end of civilisation as we know it imminent?
Well, the best one can probably say for all these developments is that they show that legislators, law enforcement agencies, security services, rightsholders and online providers are not allowed to ride roughshot over individuals' rights without there being at least a great deal of opposition, albeit that this opposition comes from a fairly small number of people. However, as SfS panellist, David Davies MP pointed out during his panel yesterday, that small number of people is endowed with a disproportionate amount of skill, knowledge and expertise as well as the willingness to put it to good use. We are also quite stubborn.
So maybe things are not as bad as they sometimes feel and maybe that move to the Outer Hebrides can be put off for a little while longer. As any good lawyer would say, it all depends. On a bad day, the temptation to do nothing and watch reruns of the Big Bang Theory instead is amost irrisistable. On a good day, Matron tries to remember the words of her favourite philospher, Albus Dumbledore, when asked whether opposition to Lord Voldemort would necessarily be in vain:
"[W]hile you may only have delayed his return to power, it will merely take someone else who is prepared to fight what seems a losing battle next time – and if he is delayed again, and again, why, he may never return to power."
And on that note, good night and good luck, fellow conspirators!
Tuesday, 17 April 2012
While Matron could go on about the way in which our current government seems to be obsessed with re-enacting the 80s (Royal Wedding, check; riots in the streets, check; sending visible "goodwill" in the form of aircraft carriers to small islands near South America, check), or about the horror she feels when mint green dungarees are staring her in the face from the pages of the Observer off a Sunday morning, her most recent deja vu actually stems from something closer to her own heart. Namely, the outrage caused a few weeks ago by the governments “new” proposals for extending the police and security service’ powers to carry out surveillance of electronic communications.
Snappily dubbed the Communications Capabilities Development Programme (CCDP), it proposes – in a nutshell – the expansion of existing requirements for the retention of, and access to, communications data to data generated by social media services and others. As well informed observers and privacy obsessives of any kind quickly noted, there are uncanny similarities between this project and Labour’s doomed “Interception Modernisation Programme” which had to be dumped in 2009 in the face of mounting opposition, mounting costs and an increased understanding even by politicians that the technical difficulties that developers would have to overcome would not be would not be conquered any time soon. However, what the security services want, the security services eventually get, so Matron knows very few people who were really surprised when this particular ball was fetched from its hiding place in the long grass and kicked back into play.
As those who know Matron in the flesh are aware, when stories like these break, she tends to express a desire to move to a wood cabin in the Outer Hebrides, armed only with a sawn-off shotgun and a box full of beans. It was therefore not without a certain irony that the sofa in the holiday cottage where she watched the news reports about the CCDP had a view of the Western Isles. Alas, holidays end, and it’s still bl**dy cold up there in Northern Scotland, so until it warms up a bit, Matron has opted for adding her two cents’ worth.
There is very little to be said about the CCDP that has not already been said on ORG’s most excellent wiki on the subject. Others, like Paul Bernal, have analysed the likely attitudes of the UK political parties to renewed endeavours to push through this massive expansion of surveillance. Within a UK context, both sides are busy preparing for yet another big fight and the sound of sharpening knives on Matron’s Twitter feed is almost palpable.
Matron has no idea whether this (Coalition) government stands any realistic chance of getting a law adopted that managed to defeat the previous government while it had a substantial majority. She has to admit that she is not quite so pessimistic about this as Paul Bernal, who thinks that all three parties have good reasons to vote this through. Agreed, it will take a good hard fight to prevent it, long nights spent burning the midnight oil, hours of fruitless discussions and the likely disillusionment of yet another generation of campaigners for a free and open internet. However, the crux of the matter lies in the level of attention that this proposal currently attracts. And on that count, at least, the opponents have a slight advantage as tech and law journalists seem to choose to give this matter prominence. This may even be one of the increasingly rare cases where good journalism (rather than the kind that works off the press release) prevails.
However, what if we win this? Then what? Will that stop the government – and more importantly the security services – from craving the “precious”? Will it heck. And this is where Matron thinks that we could all do with revisiting history in an attempt to prevent its repeat. In particular, the CCDP should by no means be seen solely as a UK legislative project but should be put in context of developments currently going on at European level.
Connecting the dots
As many readers will be aware, the UK government is not the only actor currently on stage pensively staring at a skull. The DG Home of the European Commission is at this very moment engaged in an impact assessment of whether or not changes should be made to the EU Data Retention Directive and what, if any, those changes should be.
The Directive was pushed through the EU legislative process – almost as an emergency measure – in late 2005 on the basis of shortcuts, backroom deals and a blatant disregard for both popular opinion and fundamental human rights. Since then, the Directive and the national laws trying to implement it have encountered numerous hurdles in the form of constitutional court judgements questioning their compatibility with the right to privacy, national parliaments refusing to transpose all or part of the Directive and a more or less obstructive tech industry. What was meant to be adopted as a harmonising measure has led to some of the most fractured legal environment ever and one that is now actively threatening to impact on the online industry.
Matron has commented on these developments several times already, but with the CCDP now on the horizon, more needs to be said:
First, the timing of the publication of the CCDP proposals (the official "official announcement" is still expected for the Queen's Speech in May) is unlikely to be a coincidence. If, as rumour still has it, the EU Commission is going to adopt a proposal for a revised Data Retention Directive as early as September of this year, the CCDP could, and should, be seen as the UK both drawing a line in the sand early and setting out their shopping list.
As many others will remember, last time round, the Labour government - having already legislated for wide-ranging access provisions in the Regulation of Investigatory Powers Act 2000 - battled to get a mandatory communications data retention requirement adopted in the UK against considerable resistance by ISPs, the Lords and the media for almost four years before they quietly policy-laundered the whole shebang in Brussels.
The advantages of this approach are clear: the British media is notoriously focused on what is going on in Westminster and almost pathologically averse to reporting anything that happens in Brussels unless it is about something like the bad Europeans dictating the shape of “our” bananas. This may therefore well happen again.
Choice of options
Secondly, the Commission has allegedly already commissioned a study as part of its impact assessment for a revised DR Directive. Among the options said to be under consideration for a revised Directive is the option of "expanding the collection of communications data". This does not bode well. Although most of us will be hoping that the review will give effect to the various constitutional court decisions across the EU that criticised the current Directive, it is always dangerous to untie a legislative bundle. Stuff happens!
This makes it even more important that we finally get an ECJ decision on the Irish High Court reference which raises the human rights implications of the existing DR laws. Fortunately, it seems as if the High Court has now finally come out of its hiatus and made the reference in January. But given the ECJ timetable, this may yet be too late.
Political will and power
Thirdly, the hard core of opposition to the DR Directive, both within and outwith the political classes, currently comes from Germany, which is also - as we are frequently reminded - the EU's biggest economy and the member state (bar possibly Austria) with the biggest privacy chip on their shoulder. It is therefore likely that the German position on this – in the European Parliament and the Council – will be of the utmost importance when this is going to be decided.
Much of the political resistance rests on the shoulders of Justice Minister Leutheuser-Schnarrenberger, a declared opponent of DR who was one of the claimants in the by now famous German constitutional court challenge before her party joined the German coalition government, but who, to her credit, has continued to man the barricades after she was appointed to her current job. Alas, she is a Liberal Democrat MP and although Matron has not lived in the country for years, from what her German friends tell her, the German Lib Dem's chances of getting enough votes to even get back into the Bundestag come the next German election (October 2013) are as slim, if not slimmer, as those of their British counterparts. Word on the street has it, they may even go the way of the dodo.
While one should never pay too much homage to the power of one single person to change the ways of the world, one should also not underestimate the problems their absence can cause. Once Leutheuser-Schnarrenberger is gone, German political resistance to DR is likely mellow considerably. There is, of course, that constitutional court decision, but that will not protect us against the collection of new traffic data, it will merely provide an upper limit for retention periods and access safeguards - in Germany, not the UK!
Similarly, if the speed with which the last DR Directive was pushed through is anything to go by, the final discussions/negotiations of a revised Directive may actually coincide with both the looming end of Commissioner Malstroem's period in office and the next European Parliament elections (summer/autumn 2014).
That is never a good thing as it tends to lead to "fire sales" in the corridors of power in Brussels. We've seen this with the Telecoms Package (where, oddly enough, it worked partly in our favour) and Commission employees Matron spoke to in Brussels in January already voiced this as a concern with regard to the new Data Protection Regulation which may face a similar challenge. So this is something that we need to bear in mind from a campaigning point of view.
Overall, it is therefore most important to remember that regardless of any political wrangling that we will have to go through in the UK (and it goes without saying that we should oppose this harebrained threat to civil liberty strenuously), we should bear in mind that with a reasonably vigilant British press, the House of Lords, loud-mouthed voters and stubborn, cost-averse ISPs, the government's chances of getting anything substantial past the UK Parliament are infinitely slimmer than their chances of "outsourcing" this to the EU in what may well turn out to be a parallel legislative process.
What is more, from a political point of view, the latter is a win-win. If loose here, but are successful in Brussels, they can then come back to Westminster with hangdog eyes and say, "So sorry, chaps, but we have to implement this now, Brussels told us so".
This may make Matron sound like a cynical and disillusioned old hag, but her guess would be that there is a plan to this effect somewhere in a drawer in Whitehall, even if it is marked "Plan B". The Home Office and the security services are used to playing the long game. The fact that those involved in the pushback will be roughly the same people (at civil society level) who are also going to be engaged in fighting on several other fronts (including trying to get a decent version of the Data Protection Regulation adopted) at roughly the same time, is not helping matters either. Most human brains only have so much capacity.
So nipping this in the bud over here would be great, but it won't be enough. We need more brains, we need a wider horizon and we need to build alliances in the EU on this and quickly. For that we need individuals in the UK (including lawyers, techies, journalists, campaigners) willing to spend some time and to get their head around rather complicated technologies, legal frameworks, lobbying strategies and political tactics.
On Thursday, 19 April, the good folks at Privacy International, ORG, fipr and the LSE are organising a workshop called “Scrambling for Safety” where many of these issues will be discussed. The line-up is stellar and the need to cooperate is clear. If you are at all interested in becoming involved please register here or follow it on Twitter (#sfs2012).
Matron may even see you there.