SlideShare uma empresa Scribd logo

20120822 schubert alpbach_final

ISPA - Internet Service Providers Austria
ISPA - Internet Service Providers Austria

Presentation held by ISPA secretary general M. Schubert at European Forum Alpbach 2012

Tecnologia
1 de 29
Baixar para ler offline
„between a rock and a hard place“ Maximilian Schubert 21.08.2012, EFA 2012 - Alpbach
Overview About ISPA Implementation Data Retention Directive Official Requests for Information by LEA Outlook & Future Challenges
About ISPA • Founded 1997 • Approximately 200 members from the fields of access, hosting, content, services etc. – 75 % purely Austrian companies – 25 % are part of international organizations – Two thirds of members have up to 25 employees – 50% more than € 1 Mio. annual turnover – Customer structure 60% mainly business customers 10% mainly private customers 30% both
ISPA’s mission statement „ISPA is the Austrian association of Internet Service Providers, representing approximately 200 ISPs. ISPA is the major voice of the Austrian Internet industry. Our goal is to shape the economic and legal framework supporting optimal growth of the Internet and Internet services. We regard the use of the Internet as an important cultural skill and acknowledge the resulting socio- political responsibilities.”
Stopline.at - an International Success Story - ISPA founded Stopline.at, the Austrian internet hotline for • Child Pornography – § 207 a StGB (Austrian Penalty Act) • National Socialist (‘Nazi’) Offences – VerbotsG, Abzeichengesetz Reports are handled anonymously, no feedback is provided. “Deletion instead of blocking & filtering”
Stopline - workflow
Number of illegal content found remains relatively stable 6000 5000 4000 3000 2000 1000 0 2009 2010 2011 2006 2007 2008 2003 2004 2005 2000 2001 2002 1999 Potentially illegal reports Incoming reports
Some numbers More than 21.000 reports since 1998; continuous increase, most likely due to increased awareness. ● Approx. 16% of all reports refer to obviously illegal content ● Approx. 95% of valid reports refer to child pornography ● Approx. 5% of valid reports refer to national socialist offences In 2011 in only one case illegal content was found to be hosted by an Austrian ISP.
Overview About ISPA Implementation Data Retention Directive Official Requests for Information by LEA Outlook & Future Challenges
Timeframe for the implementation 2006 2007 2008 2009 2010 2011 2012 t 2006 Feb 2009 Dec 2011 Enactment of Assignment of a Publication of DR-Directive Human Rights Institute first tech. spec. 2007 Nov 2009 May 2011 1st April 2012 Failure of the 1st Draft of revised Enactment of commencement implementation Telecommunications national acts of retention duty Act (TKG) July 2010 30th of March 2012 ECJ: Infringement Enactment of decree for of EU law reimbursement of costs late March 2012 planned go-live of the data exchange interface (“Durchlaufstelle”; DLS)
Data Retention in Austria - Factsheet • Retention of traffic data, no content data (Access-IP, mobile communication, Email) • Retention for a maximum period of six month • Access to retained data only for criminal offences • Exceptions for small ISPs and certain technologies (approx. EUR 300.000 yearly turnover, public ISPs, NAT/PAT) • Data remains with the IPS, exchange interface (DLS) and use of CSV-Files to prevent data mining • No “ex ante” safeguards for lawyers, doctors, etc.
ISPA actively participated in the implementation ISPA helped to scope an interface (DLS) which facilitates the secure and transparent exchange of information (CSV-File), while providing a high level of security and transparency. DLS could provide information on the total number of requests for information!
Data Retention in Austria - Summary - The Good • Legal definition of “dynamic”-IP-Adr • High degree of security through DLS The Bad • Very incoherent legal framework & numerous delays The Ugly • No requirements for judicial decree & no minimum sentence required for most important cases (e.g. IP-Adr.) • Incomplete statistics
Overview About ISPA Implementation Data Retention Directive Official Requests for Information by LEA Outlook & Future Challenges
Cooperation with LEA: continuous improvement • Numerous and lengthy legal disputes concerning “dynamic IP-addresses” within last couple of years. • Reference by the Austrian Supreme Court (OGH) to the European Court of Justice on this matter • Clarification through adaption of the Austrian Telecommunications Act §92 Par 3 Z 16 TKG  ISPA position paper and sample answers provide guidance for ISPs and LEAs.
ISPA supports members and LEAs • formal requirements (e.g. request in writing) • substantial requirements (within 48hrs, continuing danger)
Requests for information under Austrian Law – legal environment • Requests for information can be based on different legal grounds - Telecommunications Act 2003 (TKG) - Security Police Act (SPG) - Criminal Procedure Act (StPO) - eCommerce Act (eCommG) - Federal Act Against Unfair Competition (UWG)
Overview About ISPA Implementation Data Retention Directive Official Requests for Information by LEA Outlook & Future Challenges
Future challenges for ISPs - Intermediary Liability - Directive 2000/31/EC 'Directive on electronic commerce' Article 14 Hosting 1. Where an information society service is provided that consists of the storage of information provided by a recipient of the service, Member States shall ensure that the service provider is not liable for the information stored at the request of a recipient of the service, on condition that: (a) the provider does not have actual knowledge of illegal activity or information and, as regards claims for damages, is not aware of facts or circumstances from which the illegal activity or information is apparent; or (b) the provider, upon obtaining such knowledge or awareness, acts expeditiously to remove or to disable access to the information.
Future challenges for ISPs - ACTA et al - Anti-Counterfeiting Trade Agreement - ACTA [3.12.2011] Art 27 ENFORCEMENT IN THE DIGITAL ENVIRONMENT 2. Further to paragraph 1, each Party’s enforcement procedures shall apply to infringement of copyright or related rights over digital networks, which may include the unlawful use of means of widespread distribution for infringing purposes. These procedures shall be implemented in a manner that avoids the creation of barriers to legitimate activity, including electronic commerce, and, consistent with that Party’s law, preserves fundamental principles such as freedom of expression, fair process, and privacy.1 1Forinstance, without prejudice to a Party’s law, adopting or maintaining a regime providing for limitations on the liability of, or on the remedies available against, online service providers while preserving the legitimate interests of right holder.
Future challenges for ISPs - Net Neutrality - Net Neutrality vs. Network Management
Future challenges for ISPs - Net Neutrality - Net Neutrality vs. Network Management
Future challenges for ISPs - Privacy -
Future challenges for ISPs ● Continuous improvement of awareness about the safe use of the Internet (e.g. Stopline.at, saferinternet.at) ● Efforts to reduce legal uncertainty as to the liability of ISPs for illegal conduct by their customers ● Contribution to the discussion on copyright and its enforcement
Contact details: Email: maximilian.schubert@ispa.at Phone: +43 1 409 55 76 Web: www.ispa.at
BACKUP BACK UP
BACKUP NAT/PAT
Explanation: NAT/PAT internal IP: 10.xxx.xx1 internal IP: 10.xxx.xx2 Ports Öffentliche POOLADRESSEN 10.xxx.xx7 Port_a IP_a_194.xxx.xxx.xxa 10.xxx.xx1 Port_b IP_b_194.xxx.xxx.xxb 10.xxx.xx2 Port_c IP_c_194.xxx.xxx.xxc 10.xxx.xx3 Port_xy IP_xy_194.xxx.xxx.xxd 10.xxx.xx4 PAT NAT internal IP: 10.xxx.xx3 Public IP 194.xxx.xxx.xxb Port a Internal IP: 10.xxx.xx5 Public IP 194.xxx.xxx.xxb Port b Ports differ Public IP 194.xxx.xxx.xxb Port c internal IP: 10.xxx.xx1 IP-Adr. identical
Explanation: NAT/PAT Even after the implementation of the data retention Directive in Austria ISPs are not under the obligation to store internal IP: 10.xxx.xx1 NAT (internal IP addresses) and PAT (Port) information, as such information also had not been stored before the implementation. internal IP: 10.xxx.xx2 Ports Öffentliche POOLADRESSEN 10.xxx.xx7 Port_a IP_a_194.xxx.xxx.xxa 10.xxx.xx1 Port_b IP_b_194.xxx.xxx.xxb 10.xxx.xx2 Port_c IP_c_194.xxx.xxx.xxc 10.xxx.xx3 Port_xy IP_xy_194.xxx.xxx.xxd 10.xxx.xx4 PAT NAT internal IP: 10.xxx.xx3 Requests must not be answered by the ISP, if the information Public IP 194.xxx.xxx.xxb Port a provided would identify a “larger number” of subscribers Internal IP: 10.xxx.xx5 Ports differ (“größere Anzahl” von TeilnehmerInnen). Public IP 194.xxx.xxx.xxb Port b Public IP 194.xxx.xxx.xxb Port c internal IP: 10.xxx.xx1 IP-Adr. identical

Recomendados

Combating Network Congestion
Combating Network CongestionCombating Network Congestion
Combating Network Congestion
Green Packet
 
Gambardella 06.12.11
Gambardella 06.12.11Gambardella 06.12.11
Gambardella 06.12.11
leonid-mt-mt
 
Getting the Deal Through: Telecoms and Media, Ireland 2017
Getting the Deal Through: Telecoms and Media, Ireland 2017 Getting the Deal Through: Telecoms and Media, Ireland 2017
Getting the Deal Through: Telecoms and Media, Ireland 2017
Matheson Law Firm
 
Privacy Act, Spam Act and "the Cloud" seminar (May 2014)
Privacy Act, Spam Act and "the Cloud" seminar (May 2014)Privacy Act, Spam Act and "the Cloud" seminar (May 2014)
Privacy Act, Spam Act and "the Cloud" seminar (May 2014)
Tom Meagher
 
CEN ISSS Public Workshop Lindsberger Tg 1[1]
CEN ISSS Public Workshop Lindsberger Tg 1[1]CEN ISSS Public Workshop Lindsberger Tg 1[1]
CEN ISSS Public Workshop Lindsberger Tg 1[1]
guest642d13
 
Telework In The European Union
Telework In The European UnionTelework In The European Union
Telework In The European Union
guest499e380
 
Regulating and Implementing Network Neutrality
Regulating and Implementing Network NeutralityRegulating and Implementing Network Neutrality
Regulating and Implementing Network Neutrality
Chris Marsden
 
The infrastructural challenge - The case for laws and regulations
The infrastructural challenge - The case for laws and regulationsThe infrastructural challenge - The case for laws and regulations
The infrastructural challenge - The case for laws and regulations
EmilioGarciaGarcia
 

Recomendados

Combating Network Congestion
Combating Network CongestionCombating Network Congestion
Combating Network Congestion
Green Packet
 
Gambardella 06.12.11
Gambardella 06.12.11Gambardella 06.12.11
Gambardella 06.12.11
leonid-mt-mt
 
Getting the Deal Through: Telecoms and Media, Ireland 2017
Getting the Deal Through: Telecoms and Media, Ireland 2017 Getting the Deal Through: Telecoms and Media, Ireland 2017
Getting the Deal Through: Telecoms and Media, Ireland 2017
Matheson Law Firm
 
Privacy Act, Spam Act and "the Cloud" seminar (May 2014)
Privacy Act, Spam Act and "the Cloud" seminar (May 2014)Privacy Act, Spam Act and "the Cloud" seminar (May 2014)
Privacy Act, Spam Act and "the Cloud" seminar (May 2014)
Tom Meagher
 
CEN ISSS Public Workshop Lindsberger Tg 1[1]
CEN ISSS Public Workshop Lindsberger Tg 1[1]CEN ISSS Public Workshop Lindsberger Tg 1[1]
CEN ISSS Public Workshop Lindsberger Tg 1[1]
guest642d13
 
Telework In The European Union
Telework In The European UnionTelework In The European Union
Telework In The European Union
guest499e380
 
Regulating and Implementing Network Neutrality
Regulating and Implementing Network NeutralityRegulating and Implementing Network Neutrality
Regulating and Implementing Network Neutrality
Chris Marsden
 
The infrastructural challenge - The case for laws and regulations
The infrastructural challenge - The case for laws and regulationsThe infrastructural challenge - The case for laws and regulations
The infrastructural challenge - The case for laws and regulations
EmilioGarciaGarcia
 
Sydney 22 March: EU neutrality
Sydney 22 March: EU neutralitySydney 22 March: EU neutrality
Sydney 22 March: EU neutrality
Chris Marsden
 
Developments in the TMT Sector - Current trends & emerging legal issues
Developments in the TMT Sector - Current trends & emerging legal issuesDevelopments in the TMT Sector - Current trends & emerging legal issues
Developments in the TMT Sector - Current trends & emerging legal issues
Martyn Taylor
 
Net neutrality 9/11 2016 LSE
Net neutrality 9/11 2016 LSENet neutrality 9/11 2016 LSE
Net neutrality 9/11 2016 LSE
Chris Marsden
 
(Pre-) history of European Network Neutrality and Human Rights
(Pre-) history of European Network Neutrality and Human Rights(Pre-) history of European Network Neutrality and Human Rights
(Pre-) history of European Network Neutrality and Human Rights
Chris Marsden
 
Presentatie Giorgos Rossides, Europese Commissie
Presentatie Giorgos Rossides, Europese CommissiePresentatie Giorgos Rossides, Europese Commissie
Presentatie Giorgos Rossides, Europese Commissie
Europadialoog
 
EU Data Protection Regulation Skyhigh Networks
EU Data Protection Regulation Skyhigh NetworksEU Data Protection Regulation Skyhigh Networks
EU Data Protection Regulation Skyhigh Networks
Alberto Peñaranda Echevarría
 
Marsden Kingston: Net Neutrality: Past, Evidence, Present, Future
Marsden Kingston: Net Neutrality: Past, Evidence, Present, FutureMarsden Kingston: Net Neutrality: Past, Evidence, Present, Future
Marsden Kingston: Net Neutrality: Past, Evidence, Present, Future
Chris Marsden
 
Net neutrality 2021
Net neutrality 2021Net neutrality 2021
Net neutrality 2021
Chris Marsden
 
CTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders JohansonCTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders Johanson
segughana
 
Challenges on OTT´s regulation
Challenges on OTT´s regulationChallenges on OTT´s regulation
Challenges on OTT´s regulation
Luis Alberto Padilla Galicia
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesing
segughana
 
EU Data Protection Regulation 26 June 2012
EU Data Protection Regulation 26 June 2012EU Data Protection Regulation 26 June 2012
EU Data Protection Regulation 26 June 2012
Chris Marsden
 
New appraoch in mobile telecom operators analysis rg - presentation
New appraoch in mobile telecom operators analysis rg - presentationNew appraoch in mobile telecom operators analysis rg - presentation
New appraoch in mobile telecom operators analysis rg - presentation
Igor Jurčić
 
SPOCS Presentation EEMA Conference London June 2010
SPOCS Presentation EEMA Conference London June 2010SPOCS Presentation EEMA Conference London June 2010
SPOCS Presentation EEMA Conference London June 2010
Dinand Tinholt
 
Using eID for business startup in Europe
Using eID for business startup in EuropeUsing eID for business startup in Europe
Using eID for business startup in Europe
Dinand Tinholt
 
The National Security Framework of Spain
The National Security Framework of SpainThe National Security Framework of Spain
The National Security Framework of Spain
Miguel A. Amutio
 
Net Neutrality at United Nations Internet Governance Forum 2013
Net Neutrality at United Nations Internet Governance Forum 2013Net Neutrality at United Nations Internet Governance Forum 2013
Net Neutrality at United Nations Internet Governance Forum 2013
Chris Marsden
 
European Legal and Privacy Update with FEDMA
European Legal and Privacy Update with FEDMAEuropean Legal and Privacy Update with FEDMA
European Legal and Privacy Update with FEDMA
Rachel Aldighieri
 
Wireless Network Optimization (2010)
Wireless Network Optimization (2010)Wireless Network Optimization (2010)
Wireless Network Optimization (2010)
Marc Jadoul
 
WCIT12 myth busting presentation
WCIT12 myth busting presentationWCIT12 myth busting presentation
WCIT12 myth busting presentation
ITU
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
apidays
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

Mais conteúdo relacionado

Semelhante a 20120822 schubert alpbach_final

(Pre-) history of European Network Neutrality and Human Rights
(Pre-) history of European Network Neutrality and Human Rights(Pre-) history of European Network Neutrality and Human Rights
(Pre-) history of European Network Neutrality and Human Rights
Chris Marsden
 
Presentatie Giorgos Rossides, Europese Commissie
Presentatie Giorgos Rossides, Europese CommissiePresentatie Giorgos Rossides, Europese Commissie
Presentatie Giorgos Rossides, Europese Commissie
Europadialoog
 
CTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders JohansonCTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders Johanson
segughana
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesing
segughana
 
The National Security Framework of Spain
The National Security Framework of SpainThe National Security Framework of Spain
The National Security Framework of Spain
Miguel A. Amutio
 
Wireless Network Optimization (2010)
Wireless Network Optimization (2010)Wireless Network Optimization (2010)
Wireless Network Optimization (2010)
Marc Jadoul
 

Semelhante a 20120822 schubert alpbach_final (20)

Sydney 22 March: EU neutrality
Sydney 22 March: EU neutralitySydney 22 March: EU neutrality
Sydney 22 March: EU neutrality
 
Developments in the TMT Sector - Current trends & emerging legal issues
Developments in the TMT Sector - Current trends & emerging legal issuesDevelopments in the TMT Sector - Current trends & emerging legal issues
Developments in the TMT Sector - Current trends & emerging legal issues
 
Net neutrality 9/11 2016 LSE
Net neutrality 9/11 2016 LSENet neutrality 9/11 2016 LSE
Net neutrality 9/11 2016 LSE
 
(Pre-) history of European Network Neutrality and Human Rights
(Pre-) history of European Network Neutrality and Human Rights(Pre-) history of European Network Neutrality and Human Rights
(Pre-) history of European Network Neutrality and Human Rights
 
Presentatie Giorgos Rossides, Europese Commissie
Presentatie Giorgos Rossides, Europese CommissiePresentatie Giorgos Rossides, Europese Commissie
Presentatie Giorgos Rossides, Europese Commissie
 
EU Data Protection Regulation Skyhigh Networks
EU Data Protection Regulation Skyhigh NetworksEU Data Protection Regulation Skyhigh Networks
EU Data Protection Regulation Skyhigh Networks
 
Marsden Kingston: Net Neutrality: Past, Evidence, Present, Future
Marsden Kingston: Net Neutrality: Past, Evidence, Present, FutureMarsden Kingston: Net Neutrality: Past, Evidence, Present, Future
Marsden Kingston: Net Neutrality: Past, Evidence, Present, Future
 
Net neutrality 2021
Net neutrality 2021Net neutrality 2021
Net neutrality 2021
 
CTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders JohansonCTO-CyberSecurityForum-2010-Anders Johanson
CTO-CyberSecurityForum-2010-Anders Johanson
 
Challenges on OTT´s regulation
Challenges on OTT´s regulationChallenges on OTT´s regulation
Challenges on OTT´s regulation
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesing
 
EU Data Protection Regulation 26 June 2012
EU Data Protection Regulation 26 June 2012EU Data Protection Regulation 26 June 2012
EU Data Protection Regulation 26 June 2012
 
New appraoch in mobile telecom operators analysis rg - presentation
New appraoch in mobile telecom operators analysis rg - presentationNew appraoch in mobile telecom operators analysis rg - presentation
New appraoch in mobile telecom operators analysis rg - presentation
 
SPOCS Presentation EEMA Conference London June 2010
SPOCS Presentation EEMA Conference London June 2010SPOCS Presentation EEMA Conference London June 2010
SPOCS Presentation EEMA Conference London June 2010
 
Using eID for business startup in Europe
Using eID for business startup in EuropeUsing eID for business startup in Europe
Using eID for business startup in Europe
 
The National Security Framework of Spain
The National Security Framework of SpainThe National Security Framework of Spain
The National Security Framework of Spain
 
Net Neutrality at United Nations Internet Governance Forum 2013
Net Neutrality at United Nations Internet Governance Forum 2013Net Neutrality at United Nations Internet Governance Forum 2013
Net Neutrality at United Nations Internet Governance Forum 2013
 
European Legal and Privacy Update with FEDMA
European Legal and Privacy Update with FEDMAEuropean Legal and Privacy Update with FEDMA
European Legal and Privacy Update with FEDMA
 
Wireless Network Optimization (2010)
Wireless Network Optimization (2010)Wireless Network Optimization (2010)
Wireless Network Optimization (2010)
 
WCIT12 myth busting presentation
WCIT12 myth busting presentationWCIT12 myth busting presentation
WCIT12 myth busting presentation
 

Último

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Último (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

20120822 schubert alpbach_final

  • 1. „between a rock and a hard place“ Maximilian Schubert 21.08.2012, EFA 2012 - Alpbach
  • 2. Overview About ISPA Implementation Data Retention Directive Official Requests for Information by LEA Outlook & Future Challenges
  • 3. About ISPA • Founded 1997 • Approximately 200 members from the fields of access, hosting, content, services etc. – 75 % purely Austrian companies – 25 % are part of international organizations – Two thirds of members have up to 25 employees – 50% more than € 1 Mio. annual turnover – Customer structure 60% mainly business customers 10% mainly private customers 30% both
  • 4. ISPA’s mission statement „ISPA is the Austrian association of Internet Service Providers, representing approximately 200 ISPs. ISPA is the major voice of the Austrian Internet industry. Our goal is to shape the economic and legal framework supporting optimal growth of the Internet and Internet services. We regard the use of the Internet as an important cultural skill and acknowledge the resulting socio- political responsibilities.”
  • 5. Stopline.at - an International Success Story - ISPA founded Stopline.at, the Austrian internet hotline for • Child Pornography – § 207 a StGB (Austrian Penalty Act) • National Socialist (‘Nazi’) Offences – VerbotsG, Abzeichengesetz Reports are handled anonymously, no feedback is provided. “Deletion instead of blocking & filtering”
  • 7. Number of illegal content found remains relatively stable 6000 5000 4000 3000 2000 1000 0 2009 2010 2011 2006 2007 2008 2003 2004 2005 2000 2001 2002 1999 Potentially illegal reports Incoming reports
  • 8. Some numbers More than 21.000 reports since 1998; continuous increase, most likely due to increased awareness. ● Approx. 16% of all reports refer to obviously illegal content ● Approx. 95% of valid reports refer to child pornography ● Approx. 5% of valid reports refer to national socialist offences In 2011 in only one case illegal content was found to be hosted by an Austrian ISP.
  • 9. Overview About ISPA Implementation Data Retention Directive Official Requests for Information by LEA Outlook & Future Challenges
  • 10. Timeframe for the implementation 2006 2007 2008 2009 2010 2011 2012 t 2006 Feb 2009 Dec 2011 Enactment of Assignment of a Publication of DR-Directive Human Rights Institute first tech. spec. 2007 Nov 2009 May 2011 1st April 2012 Failure of the 1st Draft of revised Enactment of commencement implementation Telecommunications national acts of retention duty Act (TKG) July 2010 30th of March 2012 ECJ: Infringement Enactment of decree for of EU law reimbursement of costs late March 2012 planned go-live of the data exchange interface (“Durchlaufstelle”; DLS)
  • 11. Data Retention in Austria - Factsheet • Retention of traffic data, no content data (Access-IP, mobile communication, Email) • Retention for a maximum period of six month • Access to retained data only for criminal offences • Exceptions for small ISPs and certain technologies (approx. EUR 300.000 yearly turnover, public ISPs, NAT/PAT) • Data remains with the IPS, exchange interface (DLS) and use of CSV-Files to prevent data mining • No “ex ante” safeguards for lawyers, doctors, etc.
  • 12. ISPA actively participated in the implementation ISPA helped to scope an interface (DLS) which facilitates the secure and transparent exchange of information (CSV-File), while providing a high level of security and transparency. DLS could provide information on the total number of requests for information!
  • 13. Data Retention in Austria - Summary - The Good • Legal definition of “dynamic”-IP-Adr • High degree of security through DLS The Bad • Very incoherent legal framework & numerous delays The Ugly • No requirements for judicial decree & no minimum sentence required for most important cases (e.g. IP-Adr.) • Incomplete statistics
  • 14. Overview About ISPA Implementation Data Retention Directive Official Requests for Information by LEA Outlook & Future Challenges
  • 15. Cooperation with LEA: continuous improvement • Numerous and lengthy legal disputes concerning “dynamic IP-addresses” within last couple of years. • Reference by the Austrian Supreme Court (OGH) to the European Court of Justice on this matter • Clarification through adaption of the Austrian Telecommunications Act §92 Par 3 Z 16 TKG  ISPA position paper and sample answers provide guidance for ISPs and LEAs.
  • 16. ISPA supports members and LEAs • formal requirements (e.g. request in writing) • substantial requirements (within 48hrs, continuing danger)
  • 17. Requests for information under Austrian Law – legal environment • Requests for information can be based on different legal grounds - Telecommunications Act 2003 (TKG) - Security Police Act (SPG) - Criminal Procedure Act (StPO) - eCommerce Act (eCommG) - Federal Act Against Unfair Competition (UWG)
  • 18. Overview About ISPA Implementation Data Retention Directive Official Requests for Information by LEA Outlook & Future Challenges
  • 19. Future challenges for ISPs - Intermediary Liability - Directive 2000/31/EC 'Directive on electronic commerce' Article 14 Hosting 1. Where an information society service is provided that consists of the storage of information provided by a recipient of the service, Member States shall ensure that the service provider is not liable for the information stored at the request of a recipient of the service, on condition that: (a) the provider does not have actual knowledge of illegal activity or information and, as regards claims for damages, is not aware of facts or circumstances from which the illegal activity or information is apparent; or (b) the provider, upon obtaining such knowledge or awareness, acts expeditiously to remove or to disable access to the information.
  • 20. Future challenges for ISPs - ACTA et al - Anti-Counterfeiting Trade Agreement - ACTA [3.12.2011] Art 27 ENFORCEMENT IN THE DIGITAL ENVIRONMENT 2. Further to paragraph 1, each Party’s enforcement procedures shall apply to infringement of copyright or related rights over digital networks, which may include the unlawful use of means of widespread distribution for infringing purposes. These procedures shall be implemented in a manner that avoids the creation of barriers to legitimate activity, including electronic commerce, and, consistent with that Party’s law, preserves fundamental principles such as freedom of expression, fair process, and privacy.1 1Forinstance, without prejudice to a Party’s law, adopting or maintaining a regime providing for limitations on the liability of, or on the remedies available against, online service providers while preserving the legitimate interests of right holder.
  • 21. Future challenges for ISPs - Net Neutrality - Net Neutrality vs. Network Management
  • 22. Future challenges for ISPs - Net Neutrality - Net Neutrality vs. Network Management
  • 23. Future challenges for ISPs - Privacy -
  • 24. Future challenges for ISPs ● Continuous improvement of awareness about the safe use of the Internet (e.g. Stopline.at, saferinternet.at) ● Efforts to reduce legal uncertainty as to the liability of ISPs for illegal conduct by their customers ● Contribution to the discussion on copyright and its enforcement
  • 25. Contact details: Email: maximilian.schubert@ispa.at Phone: +43 1 409 55 76 Web: www.ispa.at
  • 26. BACKUP BACK UP
  • 27. BACKUP NAT/PAT
  • 28. Explanation: NAT/PAT internal IP: 10.xxx.xx1 internal IP: 10.xxx.xx2 Ports Öffentliche POOLADRESSEN 10.xxx.xx7 Port_a IP_a_194.xxx.xxx.xxa 10.xxx.xx1 Port_b IP_b_194.xxx.xxx.xxb 10.xxx.xx2 Port_c IP_c_194.xxx.xxx.xxc 10.xxx.xx3 Port_xy IP_xy_194.xxx.xxx.xxd 10.xxx.xx4 PAT NAT internal IP: 10.xxx.xx3 Public IP 194.xxx.xxx.xxb Port a Internal IP: 10.xxx.xx5 Public IP 194.xxx.xxx.xxb Port b Ports differ Public IP 194.xxx.xxx.xxb Port c internal IP: 10.xxx.xx1 IP-Adr. identical
  • 29. Explanation: NAT/PAT Even after the implementation of the data retention Directive in Austria ISPs are not under the obligation to store internal IP: 10.xxx.xx1 NAT (internal IP addresses) and PAT (Port) information, as such information also had not been stored before the implementation. internal IP: 10.xxx.xx2 Ports Öffentliche POOLADRESSEN 10.xxx.xx7 Port_a IP_a_194.xxx.xxx.xxa 10.xxx.xx1 Port_b IP_b_194.xxx.xxx.xxb 10.xxx.xx2 Port_c IP_c_194.xxx.xxx.xxc 10.xxx.xx3 Port_xy IP_xy_194.xxx.xxx.xxd 10.xxx.xx4 PAT NAT internal IP: 10.xxx.xx3 Requests must not be answered by the ISP, if the information Public IP 194.xxx.xxx.xxb Port a provided would identify a “larger number” of subscribers Internal IP: 10.xxx.xx5 Ports differ (“größere Anzahl” von TeilnehmerInnen). Public IP 194.xxx.xxx.xxb Port b Public IP 194.xxx.xxx.xxb Port c internal IP: 10.xxx.xx1 IP-Adr. identical