Monday, 30 April 2012

Israeli Court rules websites should not be blocked

An Israeli Court has ruled that blocking illegal gambling websites should not be allowed. The Tel Aviv District Court ruled on 12 April that Israeli police do not have the right to order internet service providers (ISPs) to block access to offshore gambling websites.

Judge Michal Rubinstein ruled that current legislation should allow Israeli citizens to fully access ‘information of any type via the internet’, saying: “Even if the information on a site is wholly negative and serves no positive social role, it is still information and is covered by laws dealing with freedom of expression.”

Rubinstein added: “Clearly, gambling not approved by the state is a negative social phenomenon but that in itself is not a reason to restrict that information. By blocking the gambling sites, the freedom of Israelis to access information was damaged since they could not access the site to get the information stored there.”

The Israel Internet Association started the case against the Israeli Police, in August 2011, after law enforcement officials issued an order requiring Israeli ISPs to block access to a number of foreign-based gambling sites.

Rimon Levy, a Member of the Board of Directors at the Israel Internet Association (ISOC), said that the organisation was “very pleased” with the decision. “Our aim is to prevent restriction of access to information and undue damage to freedom of expression and speech", Levy said.

In case the police had pursued the owners of the gambling websites, the ISOC would have had no problem and would not have filed any petitions, but “[in this case] the police decided to take on the roles of investigator, prosecutor and judge", Levy explained. “The idea that the police would decide what is protected speech is simply chilling.”

Michiel Willems © 2012 CP Publishing Ltd. London, UK. Picture flag:

Friday, 27 April 2012

London Olympics “not immune” to match fixing

Olympic Stadium in East London
LONDON - With less than hundred days to go before the London 2012 Olympic Games commence, organisers, gambling businesses and sports federations are stepping up efforts to stem match fixing and suspicious betting patterns ahead of the Olympic Games, which kick off on 27 July in East London.

On 23 April, James Cook, Corporate Affairs Officer at the UK Gambling Commission, confirmed that “we are in the final stages of agreeing a Memorandum of Understanding with ARJEL”, the French regulatory body on match fixing. ARJEL and the GCwant to reach a co-operation and information sharing agreement ahead of the Olympics, which will address “co-operation and information sharing across all issues of common interest, including protecting the integrity of sports betting”, Cook said.

Andrew Danson, a Senior Associate at K&L Gates in London, welcomed the Memorandum since “the International Olympic Committee and the London Organising Committee of the Olympic Games are right to be concerned”.

"International intelligence sharing and co-operation amongst all organisations is vital”, commented Tom Burrows, Solicitor at Paris Smith in Southampton. “The International Olympic Committee and the London Organising Committee of the Olympic Games are not equipped to deal with the reach of these criminal elements alone.”

Sporting heroes or criminals?
To assume that the Olympics are “immune to sporting fraud is one of the biggest risks”, added Mike Morgan, a Senior Associate at Squire Sanders in London.

The co-operation between the Gambling Commissionand the French comes only weeks after the London Organising Committee of the Olympic Games met with leading UK gambling and gaming businesses to address the threat of illegal gambling activities during the Olympics. On 20 March, Paquerette Girard Zappelli, the IOC’s Head of Ethics, Nick Tofiluk, of the UK Gambling Commission, and Kendrah Potts, the lead lawyer on betting and doping at the London Organising Committee, met with representatives from the UK gambling and gaming industry in central London.

Burrows welcomed the meeting since he thinks that operators “should be an equal partner with the sports bodies, regulators and police in preventing corruption as it is in their interest to have a ‘clean’ sport”.

Match fixing regularly makes headlines
But “a lot still needs to and can be done”, thinks Morgan. “The fight against fraud is still in its infancy and the efforts made by sports, public authorities and betting companies are not as harmonised as they could be.” Morgan adds that “the betting industry should take a serious look at the level of sport on which bets can be placed. Athletes and officials on low salaries are among the most vulnerable to approaches from fixers”.

Danson stresses more “international police engagement is needed to conduct undercover operations and detailed analysis of phone records and financial transactions.”

Last January, it was announced that the International Olympic Committee, the UK Gambling Commission, the Metropolitan Police, the Border Agency and a number of gambling operators have started to meet on a daily basis, to analyse and discuss suspicious betting patterns. They will continue to so during the Olympic Games, to evaluate whether any athletes are intentionally underperforming for personal gain.

Danson is convinced that a number of sports governing bodies “need to catch up” with their anti-corruption measures. “Too many do not yet have proper education programmes, anti-corruption rules, investigatory bodies or enforcement procedures. After all, there is no doping test for corruption.” 

Michiel Willems © 2012 CP Publishing Ltd. London, UK. Pictures: / /

Wednesday, 25 April 2012

Growing threat of online fraud in banking industry as EU moves to create crime agency

Cybercrime has become the second most commonly reported economic crime affecting the banking and financial services industry, professional services firm PriceWaterhouseCoopers has concluded in a global economic crime survey. The report comes just weeks after the European Commission announced the creation of a European Cybercrime Centre.

“Cybercrime accounts for a much greater proportion of economic crime in the financial services sector than in other industries”, according to John Tracey, Partner at PriceWaterhouseCoopers. “Some of the developing technologies such as using ‘apps’ to access banking services and mobile phones to make payments are likely to increase, rather than decrease, these risks.”

According to PriceWaterhouseCoopers’ study – the largest online crime survey in a decade – online fraud and other online crime activities accounted for 38% of economic crime incidents in the banking sector compared to 16% for other industries. PriceWaterhouseCoopers analysed 3,877 responses in 78 countries around the world.

Tracey explains criminals’ particular interest in banks, payment processors and financial services firms “given that this sector holds large volumes of the type of data cyber criminals are interested in and there is an established underground market for stolen and compromised data”, he said.

Europol's HQ in The Hague
The European Commission’s announcement, on 28 March, to open a European Cybercrime Centre (ECC) in 2013 is therefore not surprising, said Tracey, since “regulators are increasingly viewing cybercrime as a key area of focus”. 

The Cybercrime Centre, which will be established within EU law enforcement agency Europol, is to become ‘the focal point in the fight against cybercrime’, the European Commission said in a statement. ‘The centre will use information from the public domain, industry, the police and academia to assist investigators, prosecutors and judges to fight online identity theft, computer fraud, credit card scams, hijacking of web accounts and attacks on public or private IT systems’. 

According to the European Commission ‘around one million people are victims of computer crime every day’ and ‘a crackdown on cybercrime will help to increase confidence in online banking…and will save millions of euros’, the statement read.

Across the pond, computer giant Microsoft announced at the end of March it had joined a number of financial institutions in the fight against cybercrime. The group of companies ‘successfully executed a coordinated global action against some of the most notorious cybercrime operations that fuel online fraud and identity theft’, Microsoft wrote on its website. On 23 March, the US District Court for the Eastern District of New York allowed Microsoft and its financial partners to conduct a coordinated seizure of command and control servers running one of the most well known viruses, Zeus. 

Michiel Willems © 2012 CP Publishing Ltd. Pictures: / /

Monday, 16 April 2012

Let's go Dutch: Pay-by-face

A company in the Netherlands has developed a new application that allows consumers to make payments using only their face. Dutch online and mobile transactions firm Adyen has launched a ‘pay-by-face’ app. 
The Face-ID app requires users to scan their face using their smartphone camera, followed by recognition technology that can make a match. The user’s payment and card details are linked to the facial image in a merchant’s database. To confirm the face has been identified correctly, customers have to give a ‘thumbs up’ sign so the payment can be processed.

Face recognition technology
Pieter van der Does, CEO of Adyen, said: "This app has revolutionised existing payment ecosystems and sent initiatives like near field communication, e-wallets, EMV technology [Chip and PIN] and contactless payments back to the stone age. This app gives payments a face."

“With Face-ID making payments become easier than ever”, said Dina-Perla Marciano, of Axicom, an Amsterdam-based agency specialised in technology and life sciences. 

Michiel Willems © 2012 CP Publishing Ltd. Picture:

Predatory pricing

The holiday review website Trip Advisor has joined a growing number of internet companies that are complaining to the European Commission (EC) about the US web giant Google. A group of 12 web companies - among them the popular travel firm Expedia - accuse Google of abusing its dominant market position on the European search engine market, a claim that is currently being investigated by the EC. 

Google's wide range of products
The companies say Google's methods are anti-competitive and unfair, since the US search engine offers its users two sorts of search results: unpaid results based on Google's algorithms and displayed in the main body of the page, and 'ads', also known as 'sponsored links', which are being paid for and which are displayed on the right side of the page. 

The essence of the investigation is whether Google is using its search engine to direct users to its own services and to reduce the visibility of competing websites and services, whether the company's system of generating unpaid results unfavorably affects the ranking of other websites, in particular those who offer services that are in direct competition with some of Google's products. For example, Expedia claims Google's flight search services ­ which were launched in September 2011 - exclude any links to online travel agencies. 

The EC received the first complaints about Google in February 2010, when the small French search engine and the UK-based website Foundem contacted the EC. A number of other web businesses followed and in November 2011 the EC decided to investigate the claims. In the US, Google is under a similar investigation; a Senate subcommittee and the Federal Trade Commission are looking into whether the web giant is abusing its market position. 

It is expected that EU Commissioner Joaquin Almunia will make a decision within weeks over whether to formally charge Google. Almunia will undoubtedly look at a recent court ruling in France. On 30 January, a French court ordered Google to pay damages of €500,000 for abuse of its dominant position, compensating for losses caused by Google's policy of providing companies access to Google Maps, its online mapping service, for free. 

Joaquin Almunia
Both the European Union and French competition law prohibit a company that holds a dominant position on a relevant market from abusing that position. Prohibited abuses include offering products at a price that is below their cost of production (known as 'predatory pricing'), unless this can be objectively justified. It is not unlikely that Almunia will follow the French arguments and will partly base his decision on the 'predatory pricing' principle. After all, Google is offering many of its products free of charge and it is estimated that the company controls 90% of Europe's search traffic. Since the latest French ruling, it is not surprising many smaller web companies are eagerly awaiting the EC's decision, especially because they remember what happened to computer giant Microsoft, which faced similar charges, in March 2004: the EU ordered Microsoft to pay £381 million, the largest fine ever handed out by the EU to one single company. So far. 
Michiel Willems © 2012 CP Publishing Ltd. Pictures:FlatClassroom / / 


Friday, 13 April 2012

Thursday, 12 April 2012

Businesses to be made liable for attacks under new EU proposals

Companies could be made liable for cyber attacks under new proposals approved by the Civil Liberties Committee of the European Parliament. The Committee voted in favour of proposals that make activities relating to cyber attacks a criminal offence. 

Under the proposals, companies should appoint 'legal persons' within their organisations and in a statement the European Parliament said that these 'legal persons would be liable for offences committed for their benefit, whether deliberately or through a lack of supervision', which means if a business benefits from a cyber attack, even if the act is committed by someone outside the company, people within the corporation could be made liable.
The statement added further that EU Member States will be required to 'ensure that their networks of national contact points are available round the clock' and that they have to 'respond to urgent requests within a maximum of eight hours' in order to prevent cyber-attacks spreading across borders. "We are dealing here with serious criminal attacks," said Monika Hohlmeier, Member of the European Parliament. "No car manufacturer may send a car without a seatbelt onto the streets. And if this happens, the company will be held liable for any damage. These rules must also apply in the virtual world," she said. 

Individuals would face at least two years in jail if served with the maximum penalty. Three years can be given to anyone who uses another person's 'electronic identity' in order to commit an attack that causes 'prejudice to the rightful identity owner'. 

Michiel Willems © 2012 CP Publishing Ltd. Pictures: Software News Daily.

Tuesday, 10 April 2012

UK Government presses ahead with controversial monitoring law despite concerns

GCHQ in Cheltenham
LONDON - The UK Government is pressing ahead with a widely criticised law that would allow the British intelligence agency GCHQ to monitor all calls, internet use and email traffic within the UK without a warrant, despite fierce criticism from privacy groups, the telecoms industry and the legal sector.  

Although Nick Clegg, the Deputy Prime Minister, promised the government will not "ram legislation through Parliament", a draft law will be included in the Queen's Speech next month. Simon Alford, Press Officer at the Home Office, confirmed on 5 April: "We will legislate as soon as parliamentary time allows." 

"The UK Government will need to take account of privacy when drafting this new law", said Kathryn Wynn, a Senior Associate at Pinsent Masons in London, adding that "such a law would most likely be incompatible with EU legislation". Simon Briskman, a Partner at the London firm Field Fisher Waterhouse, believes "the plans may overstep the mark. One would hope that legal review, public debate and parliamentary scrutiny would help to reach a position which will equip the security services to lawfully run monitoring in real time, while ensuring protection for the citizen as international law requires."

On 2 April, the Government announced the drafting of the new law. Although the legislation would not give GCHQ permission to access the content of emails, messages or calls without a warrant, it would enable the intelligence agency to detect which websites someone has visited, who has been in contact with who, how often and for how long. Although Briskman understands that "monitoring is a powerful tool for the intelligence community", he does think the Government needs "to balance privacy versus state security through a system of checks and measures". 

Wynn is convinced the proposals are "an attempt to strengthen access rights already available to the police and intelligence under the Regulation of Investigatory Powers Act (RIPA) and the Data Retention Regulations". She explained that "internet service providers and carriers are already required to give GCHQ access to information on request. This legislation means it could be demanded in real time, rather than simply asking for historic data."

Briskman adds: "Given that RIPA has been abused, tightened up and varied at various stages in the last decade, it would be right to consider thoroughly the potential civil liberties issues."

Michiel Willems © 2012, CP Publishing Ltd. London, UK. Pictures: ZDNet/

Thursday, 5 April 2012

Guilty by association?

The UK Court of Appeal has ruled that the hugely controversial UK Digital Economy Act is compatible with European Union legislation. The British internet service providers British Telecom (BT) and Talk Talk lost an appeal about those stipulations of the Digital Economy Act that force providers to actively combat copyright infringements. The two internet service providers had argued certain elements of the law are in conflict with EU laws.

The latest ruling clearly shuts another door for BT and Talk Talk and should be seen as a victory for the entertainment and music industry, and those in favour of tackling internet piracy robustly. The judgment could also have political implications. It might force the current UK Government to make a decision: does it fully support the hugely unpopular Digital Economy Act? 

The Liberal Democrats, part of the current Coalition Government, have always fiercely opposed the Digital Economy Act, which was introduced under the previous (Labour) Government. So far, the Cameron cabinet has held back, to see which approach the courts would take, but now the legal options for businesses to challenge the DEA have become fairly limited, it is likely that the Government will soon have to speak out and has to make clear whether it stands by this piece of legislation.

One the most criticised aspects of the Act is that, under the Digital Economy Act, ISPs are forced to send warning letters to users who have allegedly downloaded illegal files. If warnings are ignored, ISPs will potentially cut users off. With the latest ruling, the prospect of providers sending letters has come one step closer. According to one of our editorial board members "first notifications could be arriving in subscriber's inboxes in just over a year".

Many industry experts also think that under the Act internet users are ‘presumed guilty by association’, since the Act will force users to take greater responsibility for monitoring activity in their own homes. After all, the data that will be collected by providers – to establish a list of infringers – is linked to IP addresses, not to individuals. So the latest ruling means it has become more likely that parents, couples, housemates and others who share a computer will have to watch each other closely: who is downloading illegal content?

Michiel Willems © 2012, CP Publishing Ltd. London, UK. Picture: BT/Talk Talk.

Wednesday, 4 April 2012

The Time has come

Facebook's announcement at the end of 2011 that all of its 800 million users will be forced to use its new Timeline concept within the next few months has caused a lot of controversy since the new year began. Timeline's look-and-feel is Facebook's most radical change since the social network was launched in February 2004.

Much of the controversy has focussed on the new concept's privacy settings. While probably many advertisers and employers will welcome the change, many users might not fully realise what they are signing up to. I wonder whether millions of people will click the down-arrow next to 'activity log' once they have enabled Timeline and the click 'view as' button, viewing their profile as other friends see it, or as the public would do.

Jubilant advertisers cannot wait for the profile pictures and other information that will soon become visible to the public. It is a safe bet to say that millions of teenagers who cannot be bothered to clear out old cover photos and provide just a bit too much information will end up in thousands of databases in the US and around the world. And if you were an employer, would you not take a look at an applicant's profile to see whether his CV matches his education and employment history on Facebook? And to see what he has been up to in 2008 or 2010? Also, since millions of Facebook users like to connect to as many people as possible, how to keep track of who is looking at a certain post or event. Is it your good friend next door, a colleague or a vague acquaintance?

Although the options are there, is it realistic to expect that many users will overlook to categorise all their contacts into different 'lists' to juggle the different people in one's social life. 

And do not forget all the products, services and brands you 'like'. Do not be surprised if you suddenly pop up in an ad for Starbucks or H&M. Facebook's terms and conditions allow them to use your image in ads for products you like; after all, that is how the company makes most of its money.

Although Facebook has managed, so far, to stay within the boundaries of (US) privacy and consumer rights legislation while replacing its Wall for the Timeline feature, many experts say the company's terms, conditions and settings have become too complex to understand. As one advertising lawyer put it: 'It's Time for my clients to sign on, and for my kids to sign off.'

Michiel Willems © 2012 CP Publishing Ltd. Pictures: (top) and (above).