«Echaríamos a todo gobierno que nos pidiera los datos que le damos a Facebook»

Me entrevistaron para El Correo de Andalucía. Podéis ver la entrevista haciendo click en la imagen.

Diego Naranjo trabaja desde Bruselas para defender los derechos de la ciudadanía europea. / EL CORREO
Mesa redonda en el Parlamento Europeo en septiembre de 2016
Featured post

Time to take our ePrivacy back

(A version of this article was originally published at https://blog.mailfence.com/time-take-eprivacy-back/)

We are already living in the future. Humans attacking robots, fridges leaking your passwords, mattresses that can tell you if your partner is cheating on you , dolls that can be used to listen to your children and “social networks” that experiment with your moods. How should the “real future” look like? That is the debate we are having right now.

After the adoption of the General Data Protection Regulation (GDPR), the EU will benefit from a (semi) harmonised set of rules to regulate how personal data can be used. But what about your right to privacy and the confidentiality of your communications? Will they be protected? Although the GDPR covers a wide range of uses of your personal data, another piece of legislation (called ePrivacy) regulates specific aspects of electronic communications.

The updated ePrivacy Regulation will deal with new aspects such as the Internet of Things, communication via messengers like WhatsApp, Signal, Facebook Messenger etc, tracking walls (the current status being “accept advertising, malware and viruses or you won’t be able to read the news”) and who can read your emails or access your devices. Should your email provider read your email to show personalised advertising? Should WhatsApp use your contact list to suggest new friends on Facebook? Should newspapers know what you read and which other websites you visit? That is the debate we are having now.

Unfortunately, the discussion has been dominated by the tracking and advertising industry based on a series of myths and on misleading data that has created a feeling that the digital media industry will be killed . However, as the Eurobarometer survey has shown, “72% of European citizens stated that it is very important that the confidentiality of their e-mails and online instant messaging is guaranteed”. By not having strong privacy laws we are being controlled by a duopoly of advertisers who will benefit from the millions of Europeans who can access the internet. On the other hand, by ensuring that ePrivacy goes beyond what the current legislation does and covers current gaps we can set higher standards for the EU, and indirectly for the rest of the world and take our ePrivacy back.

Read more:

Use Signal for all your communications, also on your desktop

One key advice I give to everyone who has a minimum interest in protecting their privacy is using Signal as a messaging app alternative (or in addition to) other messaging apps such as WhatsApp. You can use Signal as your general SMS and messaging app. If your contact does not have Signal installed, you will be sending un-encrypted SMS to them. If your contact has installed Signal, you will be sending by default encrypted messages. Note that if you are not using data on your mobile you will only be able to receive (and send) unencrypted SMS until you connect to data again.

Regarding differences between different apps out there, it is worth having a look at the EFF score card (currently under re-evaluation). In the EU at least, one of the most used apps is WhatsApp. Although Whatsapp uses (now) the same protocol than Signal to encrypt communications from one device to the other (end-to-end encryption), WhatsApp still does logs and uses the metadata (who you talk to, who are your contacts…) for purposes you might not want Facebook (who owns WhatsApp) to use them.

Signal has been recommended by Edward Snowden, famous whistle-blower that uncovered the NSA massive surveillance system. See this recommendations here:

You can install Signal for Android from Google Play or from other app stores for other operative systems. Once you install it, you might want to install the desktop application for your convenience of use when working on your laptop. Find below some instructions for the installation:

For Linux users: follow these instructions below:

1- Anywhere on your desktop, press CTRL+T to open the terminal

2- Write:

In case you do not have curl installed  yet:


sudo apt install curl

And then copy and paste the following text:

curl -s https://updates.signal.org/desktop/apt/keys.asc | sudo apt-key add -
echo "deb [arch=amd64] https://updates.signal.org/desktop/apt xenial main" | sudo tee -a /etc/apt/sources.list.d/signal-xenial.list
sudo apt update && sudo apt install signal-desktop
/opt/Signal/signal-desktop --import

3- Enter your password as required

4- Go to your Signal app, go to Preferences, then go to Linked Devices, de-link all other previous connections you may have, and then press “+” and scan the QR code.

5- Ready to go!

For other operative systems (Windows, Apple):

1.If you never had installed Signal in your Windows/Apple device:

Just go here and dowload the application for your device: https://signal.org/download/

2. If you already had it installed in the first place:

– Go to the current Signal app in Chrome/Chromium:

– Click in the preferences and select something like “move to standalone Signal app”.

– You’ll see links to download the corresponding file for your OS.

– Go to your Signal app, go to Preferences, then go to Linked Devices, de-link all other previous connections you may have, and then press “+” and scan the QR code.

– Ready to go!

Ce jour-là en 2011 (texte à la Willy Ronis)

General strike. Athens 2015
Author Diego Naranjo – Creative Commons license CC BY

Ce jour-là, je participais à la énième grève générale à Athènes, où j’habitais pendant  mon Master en 2011. Cette année avait été celle de plusieurs protestations dans toute l’Europe à cause de la crise financière, des plans d’austérité pour les citoyens et des plans de sauvetage des banques. J’avais l’habitude de participer aux manifestations en tous genres et j’ai pris un bon nombre de photos en couleurs et en noir et blanc. Cette photo-là, je l’ai prise juste après un des lancements de gaz par la police, tradition asphyxiante qui arrivait chaque fois en réponse aux jets de pierres des groupuscules de jeunes cagoulés. Au moment où j’ai poussé sur le déclencheur, nous profitions d’une précieuse accalmie où tous ceux qui ne portaient pas de masques et n’avaient pas pris de protecteur gastrique (anti-acide, efficace contre les effets du gaz lacrymogène) récupéraient en buvant de l’eau. Du coup, j’ai vu cette femme qui avait un air de résignation stoïque. Comme on m’avait déjà pris pour un policier en civil et que j’étais trop près d’elle, j’ai fait semblant de rien et j’ai tenu mon appareil en bas, sans regarder le viseur. J’ai eu la chance de capter le moment où elle a craché de l’eau pour se rincer la gorge de l’acide du gaz. Cette photo me plaît non seulement parce qu’elle reflète la gravité du moment mais aussi parce que la femme regarde dans la direction opposée aux autres piétons derrière elle. Et puis, il y a aussi ce bâtiment vétuste qu’on peut voir derrière eux et qui règne sur la place Syntagma (Constitution) d’Athènes, ce n’est autre que celui du Ministère des Finances. En outre, le calme confronté à ce que je percevais comme des moments de tension, décrit aussi la situation générale de la Grèce pendant ce printemps particulièrement agité.

Random 2017

General Public License not allowed in Lisbon
Trädtopp recording session – Drum kit
Trädtopp recording session
Trädtopp recording session
Estonia’s unique sport

Latvian food
Stairway to Italy

Six states raise concerns about legality of Copyright Directive

Published originally at: https://edri.org/six-states-raise-concerns-about-legality-of-copyright-directive/

According to a new leak, a number of EU Member States share our serious concerns about the proposal for mass surveillance and censorship of uploads to the internet in Europe, included in the European Commission’s proposal for a new copyright Directive. Those Member States seem unwilling to build a censorship machine forcing EU countries to adopt Google’s current practices. They highlight that such practices should not be implemented without making sure of the consequences for fundamental rights and for the rule of law.

Source of the image: http://copybuzz.com/analysis/eu-countries-question-legality-attack-fundamental-rights/

The leaked document contains a list of questions posed to the internal legal service of the Council of the EU, signed by six EU Member States: Belgium, the Czech Republic, Finland, Hungary, Ireland and the Netherlands. From the questions, it appears that those Member States feel that the proposals for the upload filter are so grave that their legality is in serious doubt. They have asked the Council legal service to evaluate if the proposal is legal, in light of the proactive monitoring of content being demanded. Following the rulings (Scarlet/Sabam, Netlog/Sabam) of the Court of Justice of the European Union (CJEU) that such proactive filtering are a disproportionate breach of freedom of expression and information, freedom to conduct a business and to the protection of personal data, the Member States want a neutral evaluation.

They also ask if these measures are “justified and proportionate”, in order to verify if they would be in line with the Charter of Fundamental Rights of the European Union. These Member States also ask if the fact that one article of the proposed copyright Directive could fundamentally change the scope of the liability principles for internet providers in the e-commerce Directive. Those principles are crucial for freedom of expression in Europe, because they prevent internet companies from being excessively incentivised to restrict users’ communications.

The six Member States also raised crucial questions about the argument that searching for specific files (within all internet traffic) is a “general” monitoring obligation (see Question 3). This doubt appears very valid, bearing in mind that the e-Commerce Directive (recital 47) explicitly states that exceptions to the prohibition of general monitoring obligations would only be possible when searching for data in “a specific case”. Are millions of searches “a specific case”?

Finally, they also ask whether the wording “communication to the public” is being mixed up with the expression “providing access” when, as these Member States recall, “(t)he CJEU has never considered that is (sic) was sufficient for a service to be ‘providing access’ in order to establish that it is communicating to the public.”

The Council legal service will have to analyse thoroughly these questions before it can take a position on the subject, but right now it seems they will only deliberate orally during the next working group on 11-12 September. It is clear that the European Commission should have, but apparently did not, carry out a neutral assessment of these questions before launching its proposal for the copyright Directive. Therefore, it is welcome that the six EU Member States have invested time and resources in diligently raising fundamental questions on illegality, legal uncertainty and outright chaos that the upload filters suggested in Article 13 of the proposed Directive would bring. It is crucial to clarify what they would mean for human rights in the online environment, for European innovation and for Europe’s credibility in defending online freedoms in its foreign policy. The EU Presidency, Members of the European Parliament (MEPs) supporting the censorship machine, and some Member States (such as France, Spain, and Germany) should take note of the serious questions posed to the Council and re-think their positions on this debate.

More info:

Leaked document: Questions from Member States to the Council legal services on the Censorship Machine

EU countries question legality & attack on fundamental rights

No, you can’t enjoy the music you paid for, says EU Parliament Committee (05.07.2017)

Proposed Copyright Directive – Commissioner confirms it is illegal (28.06.2017)

EU Copyright Directive – privatised censorship and filtering of free speech (10.11.2016)

Copyright reform: Document pool

(Contribution by Diego Naranjo, EDRi)

Taller de Activismo Digital – Sevilla, 1 de Junio 2017

(Publicado en: http://madafrica.es/ataya/2017/06/06/derechos-digitales/ )

Diego Naranjo , miembro de Derechos Digitales Europeos (European Digital Rights, EDRi) dirigió el talller sobre Derechos Digitales organizado por MadAfrica en el Nuevo Ateneo Tierra y Libertad. El taller se dividió en dos partes: una general para centrar la atención en los asuntos generales resultados con los derechos digitales, y una segunda parte práctica con consejos de autodefensa en internet.

Durante la primera parte, Diego presentó cómo la defensa de los derechos digitales no es más que la defensa de los derechos humano en internet. En un mundo donde los colectivos sociales se organizan y se comunican cada vez más usando la mediación de la tecnología, es necesario saber cómo funciona la tecnología y cómo usarla adecuadamente. Diego comenzó la charla con un vídeo de una asociación danesa de protección de los consumidores en el que, bajo el método de cámara oculta, se muestra cómo reaccionarías si en tu panadería te pidieran tanta información íntima como una app cualquiera. Luego contó la influencia de redes sociales en la creación de perfiles (con 300 “me gusta” Facebook te conoce mejor que nadie) y cómo se utilizan los ataques terroristas para lanzar políticas de vigilancia sobre todos los ciudadanos.

Durante la segunda parte, Diego compartió con nosotros una serie de consejos generales y específicos para todos, que puedes ver en esta presentación online. Diego insistió en que la cuestión no era volverse paranoico y coger miedo a la tecnología, sino empoderarse y dar pequeños pasos para alcanzar una mejor protección de nuestra privacidad. Así, recomendó el uso de la app de mensajería Signal frente a Whatsapp o Telegram, recomendó el uso de redes virtuales privadas (VPNs), uso de Firefox como navegador seguro (añadiéndole extensiones como https everywhere, privady badger o ublock) y  uso de TOR para una navegación totalmente anónima. Diego comentó la importancia de usar un gestor de claves como KeePassX para poder tener claves fuertes y diferentes en todas las plataformas y servicos online pero a la vez sólo tener que recordar una clave nada más. Finalmente, Diego recomendó el cifrado de teléfonos y ordenadores y mantener los equipos actualizados.

Las preguntas del público se refirieron a cómo afrontar demandas de claves en puestos fronterizos y posibilidades legales para negarse, cómo reaccionar frente a abusos con nuestros datos y preguntas generales sobre aspectos prácticos comentados durante la charla. La presentación completa se puede descargar aquí.

Para acabar, Diego se mostró dispuesto a responder por email (diego [punto] naranjo [arroba] edri [punto] org) a cualquier pregunta relativa a la charla, propuso algunas películas sobre derechos digitales (Citizen Four (Laura Poitras), Snowden (Oliver Stone)….) y agradeció la invitación al evento por la importancia de los derechos digitales en nuestras vidas.

Puedes seguir a Diego en Twitter en @DNBSevilla y ver sus presentaciones aquí: www.diegonaranjo.eu.

Blog at WordPress.com.

Up ↑