The National Security Agency’s surveillance “has been excessive,” said German Interior Minister Thomas de Maizière during the opening panel session of a security conference in Munich on Friday. Countering the assertion of U.S. House Intelligence Committee Chairman Mike Rogers, R-Mich., that some media reports on NSA surveillance are factually incorrect, de Maizière said an easy way to end dependency on ex-NSA contractor Edward Snowden for such information would be if U.S. government officials would share information with German colleagues directly. De Maizière also said during the session, which was packed with heads of state, ministers and security experts, that he was not expecting too much from a no-spy agreement. Countering allegations by Rogers that the U.S., too, was a target of broad espionage activities, de Maizière said that “we don’t spy on the government.” Rogers rejected allegations NSA could be involved in industry espionage. “If they do it, they go to jail,” he said. The lawmaker warned Europe against losing sight of what is the real threat. “We work through it as a family,” he said with regard to the loss in trust. “But the Chinese are on your networks, the Russians are on your networks. The Iranians are and the North Koreans are buying capacity to get on.” Rogers warned against commingling the negotiations of the Transatlantic Trade and Investment Partnership (TTIP) Agreement with spying revelations. Elmar Brok, member of the European Parliament, warned if the U.S. would not move, for example, with regard to the long-debated data protection framework agreement, TTIP was doomed to fail in the European Parliament. Representatives of Microsoft, Huawei and others called for better defenses, but also global standards. The security conference was to have ended Sunday, with U.S. Secretary of State John Kerry on Saturday to have talked about a so-called transatlantic renaissance.

Europe needs a new data protection compact, said EU Justice, Fundamental Rights and Citizenship Commissioner Viviane Reding Tuesday. From a citizen’s perspective, the issues of data collection by companies and government surveillance are connected, Reding said at the Center for European Policy Studies in Brussels. Surveillance involves companies whose services people use daily, through which governments build back doors and weaken encryption, she said. Concerns about snooping drive consumers away from digital services. From citizens’ perspectives, the underlying issue is the same in both cases, she said. “Data should not be processed simply because algorithms are refined.” Europe is responding to the revelations of U.S. spying by pressuring the U.S. to make the safe harbor agreement for transfer of Europeans’ personal data to the U.S. stronger, she said. It’s also pushing for a strong EU-U.S. data protection pact in the law enforcement arena and to ensure that European concerns are addressed in the reform of U.S surveillance programs, she said. But Reding warned that if the EU wants to be credible in its efforts to rebuild trust in the digital economy, it must clean up its own act. EU lawmakers want a strong data protection regulation now, but governments haven’t agreed on anything other than finishing data protection reform in a “timely” manner, at the latest by year’s end, she said. “This is a lowest and slowest common denominator approach” when high standards and protection levels, and speedy completion of the work, are needed, she said. She also criticized some EU members for failing to serve as an example on privacy for other parts of the world. Reding singled out the U.K.’s Tempora surveillance program, saying national security is up to each individual administration, but “if I come across a single email, a single piece of evidence” that Tempora isn’t used strictly for national security, “I will launch infringement proceedings.” Other bad examples are the lack of independence of Germany’s federal data protection commissioner, and Europe’s faulty data retention law, which allows information to be held for too long and to be too easily accessed, she said. Reding outlined data protection principles to govern the way the public and private sector process personal information: (1) Quick approval of the data protection reform package, which should apply to the public and private sectors alike. (2) Public debate on laws setting out data protection rules or affecting privacy. (3) Restricting data collection in surveillance to what’s proportionate to the goals of the spying. (4) Clear laws that are updated for technological change. (5) Invoking national security needs for data collection sparingly. (6) Oversight by judicial authorities. Reding also sent a message to the U.S. saying “data protection rules should apply irrespective of the nationality of the person concerned.”

Circumventing technological protection measures (TPMs) in game consoles may be legal in certain circumstances, the European Court of Justice (ECJ) ruled Thursday (http://bit.ly/1f8Xrn7). The case, Nintendo v. PC Box, involved the sale by PC Box of “mod chips” and “game copies” through a website managed by it and hosted by 9Net, the court said. Nintendo installs TPMs on its portable DS model and fixed Wii consoles to prevent illegal copying of videogames; and games lacking the encrypted code can’t be launched on either of the equipment types marketed by Nintendo, it said. The TPMs also prevent the use on Nintendo consoles of programs, games and multimedia content not from Nintendo, it said. PC Box markets original Nintendo consoles along with additional software that consist of applications from independent manufacturers, the use of which requires the installation of PC Box equipment that circumvents and deactivates the consoles’ TPM, it said. Nintendo sued PC Box and 9Net in Italy, where PC Box contended that Nintendo’s real reason for installing TPMs is to prevent use of independent software that isn’t an illegal copy of videogames but is intended to enable MP3 files, movies and videos to be read on the consoles in order to make full use of the devices, the court said. The Italian court referred the case to the EU high court to clarify Nintendo’s legal protection under the EU directive on the harmonization of certain aspects of copyright in the information society. Copyright protection against unauthorized acts “must respect the principle of proportionality,” and shouldn’t prohibit devices or activities that have a “commercially significant purpose or use other than to circumvent the technical protection,” the ECJ said. The scope of legal protection of TPMs shouldn’t be gauged according to how use of a console is defined by the copyright holder, but by examining its purpose for the circumvention of TPMs, taking account of the use that third parties actually make of them, the court said. It’s up to the Italian court to determine whether other effective TPMs would cause less interference with third parties’ use of the consoles while still offering comparable protection of Nintendo’s rights, it said. Among other things, the national court could consider the costs of different types of technical measures, and whether PC Box’s equipment is used more often to run unlawful copies of Nintendo games or for non-infringing purposes, it said. The decision “may have an important effect in the development of copyright legislation in Europe,” said independent telecom consultant Innocenzo Genna on his radiobruxelleslibera blog (http://bit.ly/LYufoE). Although the ruling deals with a very specific case, the court gave “an important signal” to the EU institutions that will be revising EU copyright law in coming years, he said. The decision shows that “not everything is piracy,” and that copyright protection shouldn’t be allowed to undermine innovation and business development, he said.

A proposal by the U.K. Office of Communications to quadruple annual license fees for 900 MHz and 1800 MHz spectrum will jeopardize operators’ efforts to upgrade for 4G services, said GSM Association Chief Regulatory Officer Tom Phillips Thursday in a press release (http://xrl.us/bqhfxz). The association was responding to an Ofcom consultation that closed Jan. 16 (http://xrl.us/bqhfxi). GSMA research shows Europe lags significantly behind the U.S. in rolling out next-generation wireless infrastructure, he said. Raising the fees from £24.8 million (around $41 million) to more than £138 million for the 900 MHz band, and from around £40 million to £170 million for 1800 MHz, could slow buildout, potentially putting British businesses at an international disadvantage and denying consumers access to the latest mobile services, he said.

Twelve businesses agreed to settle FTC complaints they falsely claimed they were compliant with the U.S.-EU safe harbor agreement, said an FTC release Tuesday (http://1.usa.gov/KDG81F). Companies certified under the safe harbor agreement can transfer consumer data from the European Union to the U.S. in compliance with EU data security laws, said the FTC. “Enforcement of the U.S.-EU Safe Harbor Framework is a Commission priority,” said FTC Chairwoman Edith Ramirez in a statement. The companies involved span a number of industries, including peer-to-peer product maker BitTorrent Inc., Internet backbone provider Level 3, encrypted email and file transfer service DataMotion and mobile app designer Apperian. “These 12 cases help ensure the integrity of the Safe Harbor Framework and send the signal to companies that they cannot falsely claim participation in the program,” Ramirez said. Under the settlement, the companies can no longer misrepresent their participation “in any privacy or data security program sponsored by the government or any other self-regulatory or standard-setting organization,” the FTC said. The FTC commissioners voted 4-0 in favor of accepting the consent agreements, which will be open to public comments until Feb. 20.

Germany must take the lead in pushing through reform of EU data protection rules, said outgoing European Data Protection Supervisor Peter Hustinx. Germany claims a special responsibility and role in the privacy arena, and the new German government can tackle the subject with enough drive and energy to lead Europe to a higher level of data protection, he said in a speech this week in Bonn. Revised data protection rules will define clearer responsibilities for organizations and more consistency and uniformity in privacy across online and traditional markets, so it’s essential that progress on the reform package is made before political and economic interests restrict basic rights, he said. Hustinx also called for an EU-level framework for net neutrality, saying the Internet is a key means of cross-border economic and social exchange. However, he said, the European Commission’s “connected continent” proposal for a regulation on e-communications will unduly limit Internet freedom because it gives almost unlimited rights to providers to manage traffic. Moreover, the large-scale monitoring and restriction of users’ Internet communications made possible in the proposal breach EU data protection legislation and the EU Charter of Fundamental Rights, he said. Users in democratic societies should be certain their rights to privacy and confidentiality of their communications, and protection of the personal information, are respected, he said.

The German Parliament opposition parties asked the German government to support suspension of several agreements with the U.S. on data transfers and to pass a resolution to invite former NSA contractor Edward Snowden to testify before a parliamentary inquiry expected to start next month. “This house can pass a resolution to bring Edward Snowden to Berlin to give us the information the NSA is not giving to us,” said Green Party member Hans-Christian Stroebele in the debate. Snowden is the only person willing and able to testify, he said. Stroebele, a member of the parliamentary control committee overseeing the German intelligence services, met Snowden at a surprise visit in Moscow late last year and has been promoting the invitation. Jan Korte, vice chairman of the Left Party, requested the suspension of the Terrorist Finance Tracking Program, Passenger Name Records and the Safe Harbor Agreement. “Diplomats caught in spying on our government in here in Germany should become ‘persona non grata,'” Korte said. Members of the ruling coalition of Conservatives and Social Democrats acknowledged the failure of the U.S. administration to provide adequate information requested by the German government with regard to the spy affair, which also targeted Chancellor Angela Merkel. “Responses provided so far are highly unsatisfactory,” said the parliamentary state secretary from the Ministry of the Interior. Negotiations on the no-spy-agreement are continuing, he said.

The U.S. Supreme Court’s granting of cert for the Aereo case is a “positive” for broadcasters because they initially asked the court to take up the case and it brings the matter closer to being resolved, said Wells Fargo analyst Marci Ryvicker in an email to investors. If broadcasters win, the high court proceeding will end with either Aereo’s being forced to shut down or its being allowed to remain in operation while paying broadcasters for content, she said. If Aereo has to pay broadcasters, “there will likely be wide-ranging implications regarding the definition of MVPDs [multichannel video programming distributors], which could end up including over-the-top technologies/players,” Ryvicker said. An Aereo win would not be “a fundamental risk” because most retransmission and program carriage agreements are already in place and have long terms, she said. Sports leagues would likely move their content to cable only and broadcasters could program their channels to give the best content to retrans paying MVPDs while sending lower quality content over the airwaves, hurting Aereo’s longevity, Ryvicker said. Since the Supreme Court case concerns only the broadcasters’ preliminary injunction against Aereo, it’s not the final word in the matter, Ryvicker said. As the case proceeds at the district court level, “there will likely be greater discovery and tests of Aereo’s technology,” Ryvicker said.

The Greek EU Presidency must help speed efforts to create a smarter Europe, said the European Telecommunications Network Operators’ Association Tuesday in an open letter to Infrastructure, Transport and Networks Minister Michalis Chrisochoidis (http://bit.ly/1cjNQVm). Greece will carry out the mid-term review of the digital agenda during its term, which runs until the end of June, and ETNO will work with the presidency to ensure that it sets an ambitious agenda for unleashing investment and innovation on the continental and global levels, it said. In 2017, global Internet Protocol traffic will reach 1.4 zettabytes per year, and ETNO members are the “digital spine of Europe,” it said. The gigabyte equivalent of all movies ever made will cross Western Europe’s backbone IP networks every 21 minutes, it said. That means the future will be more connected and that trend should be embraced, it said. ETNO urged the presidency to carefully plan the review of current e-communication regulations to take stock of the evolving information and communication technologies landscape and the emergence of new services, and to go beyond amending network regulations of the past and consider how to ensure interoperability of so-called Internet Of Everything devices and EU-wide accessibility and portability of content.

European Parliament recommendations for dealing with U.S. mass surveillance can’t be allowed to simply “evaporate” when a new legislature is elected in May, member (MEP) Claude Moraes, of the Socialists and Democrats and the U.K., said Thursday. He presented the final version of his resolution (bit.ly/1e58zU1) on spying to general preliminary approval by the Civil Liberties, Justice and Home Affairs Committee (LIBE). The document recognized the magnitude of the revelations and their ongoing nature, and pushed for “forward planning” to ensure there are specific proposals on the table for follow-up in the next session. It called for a “European digital habeas corpus” to protect privacy based on seven actions: (1) Adopt the data protection revamp package this year. (2) Finalize the EU-U.S. umbrella agreement on data protection with provisions allowing redress for Europeans whose data has been transferred to the U.S. for law enforcement purposes. (3) Suspend the safe harbor agreement allowing data transfers to the U.S. pending a full review. (4) Suspend the Terrorist Finance Tracking Program until the umbrella agreement has been concluded and all problems raised by the parliamentary enquiry have been addressed. (5) Protect the rule of law and Europeans’ rights with a focus on threats to press freedom and better whistleblower safeguards. (6) Develop a European strategy for information technology independence. (7) Develop the EU as a reference player for democratic, neutral Internet governance. The report sets a proposed timetable for monitoring implementation to try to keep the findings high on the EU political agenda. “We want to look to the future,” Moraes said. The report is an “excellent, very comprehensive package” whose recommendations should be adopted as this Parliament’s legacy to the next, said MEP Sophie in ’t Veld, of the Alliance for Liberals and Democrats in Europe and the Netherlands. However, she said, the issue of enforcement is also important. Europe has good data protection rules in place which national authorities and the European Commission should be much stricter in enforcing, she said. The next parliament should be given the authority to conduct full enquiries, including subpoena power, she said. Moraes’ report is “one of the most important” in this legislative session, said MEP Cornelia Ernst, Group of the European United Left/Nordic Green Left and Germany. The question now is what parliament’s priorities will be, she said. Legislators must ask whether they have gotten to the heart of the matter and what happens next with the report, she said. Parliament needs stronger powers to be able to make a difference, she said. Proposed amendments from LIBE members are due Jan. 22.