Lobbying by European Digital Rights

European Digital Rights

EDRi

European Digital Rights is a network of NGOs defending digital rights and freedoms in Europe.

Focus Areas

2024-2025

2022-2024

2017-2022

Links

Website Transparency Register Profile

ID: 16311905144-06

Lobbying Activity

Meeting with Birgit Sippel (Member of the European Parliament) and Zalando SE and

4 Dec 2025 · Digital Omnibus & Privacy: From Simplification to Smart Regulation Policy Breakfast

Meeting with Markéta Gregorová (Member of the European Parliament, Shadow rapporteur)

1 Dec 2025 · ChatControl meeting

Meeting with Ana Vasconcelos (Member of the European Parliament, Shadow rapporteur) and DIGITALEUROPE and

20 Nov 2025 · Omnibus IV

Meeting with Hannes Heide (Member of the European Parliament) and Future of Privacy Forum

12 Nov 2025 · Exchange of view on digital policy

Meeting with Benjamin Boegel (Cabinet of Executive Vice-President Henna Virkkunen), Werner Stengg (Cabinet of Executive Vice-President Henna Virkkunen)

6 Nov 2025 · Upcoming digital omnibus

Meeting with Michael Mcnamara (Member of the European Parliament)

6 Nov 2025 · Return regulation

Meeting with Elio Di Rupo (Member of the European Parliament)

5 Nov 2025 · Protection des mineurs en ligne

Meeting with Eero Heinäluoma (Member of the European Parliament)

4 Nov 2025 · Protection of young people online

Meeting with David Cormand (Member of the European Parliament)

4 Nov 2025 · Omnibus numérique, IA

Meeting with Tom Vandendriessche (Member of the European Parliament, Shadow rapporteur)

29 Oct 2025 · EU Digital rights

Meeting with Marina Kaljurand (Member of the European Parliament)

16 Oct 2025 · Age verification

Meeting with Maria Zafra Saura (Cabinet of Commissioner Michael McGrath)

15 Oct 2025 · Data protection and privacy

European Digital Rights urges EU to halt deregulation of digital protections

14 Oct 2025

Topic — The consultation concerns simplification of EU digital laws including data rules, AI Act, and ePrivacy.

Message — EDRi opposes the Digital Omnibus, calling it a deregulation push that would undermine democratically-agreed digital protections before they are fully implemented or evaluated. They demand the Commission focus on enforcement and guidance instead of reopening laws.1 2 3 4

Why — This would preserve their organizational mission to defend digital rights and maintain strong privacy protections they have advocated for.5 6

Impact — 500 million EU citizens would lose privacy, data protection, equality and security protections against corporate and state surveillance.7 8

Read full response

Meeting with Veronika Cifrová Ostrihoňová (Member of the European Parliament, Shadow rapporteur for opinion)

14 Oct 2025 · protection of children online

Meeting with Leoluca Orlando (Member of the European Parliament)

14 Oct 2025 · Spyware

Meeting with Alexandra Geese (Member of the European Parliament) and Stichting Open Future and Superrr Lab SL gGmbH

30 Sept 2025 · Event: Privacy Camp

Meeting with Birgit Sippel (Member of the European Parliament)

30 Sept 2025 · Privacy Camp

Meeting with Michalis Hadjipantela (Member of the European Parliament)

29 Sept 2025 · Meeting regarding CSAR

Meeting with Henna Virkkunen (Executive Vice-President) and

22 Sept 2025 · Exchange on various files with EVP Virkkunen

Meeting with Olivier Micol (Head of Unit Justice and Consumers)

18 Sept 2025 · GDPR simplification

Meeting with Emma Rafowicz (Member of the European Parliament)

17 Sept 2025 · Spyware policy

Meeting with Leila Chaibi (Member of the European Parliament, Shadow rapporteur)

17 Sept 2025 · Protection mineurs en ligne

Meeting with Birgit Sippel (Member of the European Parliament)

16 Sept 2025 · Child Sexual Abuse Material Regulation

Meeting with Sandro Ruotolo (Member of the European Parliament)

3 Sept 2025 · Spyware regulation

EDRi demands moratorium on digital-only essential public services

1 Sept 2025

Topic — Consultation on the Action Plan to implement the European Pillar of Social Rights.

Message — The group demands a "moratorium on the digitalisation of essential services" and a "guarantee" of physical alternatives. They argue the EU must ensure access through "physical counters, telephone services and the post."1 2

Why — This would prevent "digital poverty" from excluding marginalized groups from accessing their basic rights.3 4

Impact — EU institutions and governments would fail to meet "digitisation targets" for 100% online services.5

Read full response

Response to New EU Agenda for Preventing and Countering Terrorism and Violent Extremism

15 Aug 2025

We thank the European Commission for the opportunity to share our views and concerns with regards to the renewed EU Agenda for preventing and countering terrorism and violent extremism, as well as to make a set of recommendations regarding the initiatives mentioned in the call for evidence falling within our scope of work, i.e. the protection of human rights in the digital environment. The absence of comments on certain parts of the Agenda shall not be interpreted as an endorsement. 1. Counter-terrorism and -radicalisation policies disproportionately interfere with online freedoms The Commissions call for evidence refers to the proliferation of terrorist and violent extremist content (websites, videos, photographs, articles), its impacts on online radicalisation and envisions the new EU agenda to counter terrorist and extremist ideologies online through regulatory frameworks, multi-stakeholder cooperation and enforcement, as well as crisis response and protocols. Such approach raises multiple concerns, such as the lack of evidence supporting the proposed measures, the use of broad and vague terms, the risk of political instrumentalisation and the excessive reliance on private online intermediaries and error-prone detection technologies. 2. The risks posed by surveillance measures in counter-terrorism policies EDRi is greatly concerned by the expansion of surveillance powers and capabilities of law enforcement authorities both at EU and national levels in the last decade, justified partly by the fight against terrorism. In particular, exceptional powers, granted by counterterrorism laws or adopted in a state of emergency, have been subsequently normalised (i.e. Frances administrative controls) or repurposed for other perceived threats to security such as increasing asylum applications (e.g. Hungary or Austria). In addition, we observe the recurring pretext of safeguarding national security used by Member States to circumvent or ignore fundamental protections provided by EU law. Although the call for evidence indicates that the new Agenda aims to provide sufficient protection without imposing undue constraints on fundamental rights and personal freedoms, we are extremely concerned that it would in fact reinforce this worrying trend in all EU States, with disastrous consequences for fundamental rights and democratic principles. We are particularly concerned by: the political instrumentalisation of counter-terrorism surveillance and the use of disproportionate surveillance methods, the mass surveillance of travellers (PNR Directive) and the mass surveillance of financial transactions. In our contribution attached we developed these concerns and make recommendations to ensure the effective protection and respect of fundamental rights.

Read full response

Response to Proposal for a new Regulation on the European Union Agency for Law Enforcement Cooperation (Europol)

31 Jul 2025

European Digital Rights (EDRi) is submitting the following contribution based on the input of members of the Resist Europol coalition. We thank the European Commission for the opportunity to express our shared concerns with regards to the plans to revise the Europol Regulation, which may include a further expansion of Europols powers. The reinforcement of the agencys surveillance infrastructure is particularly worrying in a context of increased criminalisation of social movements, solidarity and activism and the deployment of ever more intrusive and punitive technologies in the justice and law enforcement fields. From this perspective, it is deeply alarming that the Commissions problem definition in the call for evidence is so clearly biased towards to views of law enforcement. The objectives seem to solely focus on increasing Europols data collection, areas of competence and surveillance capacities.There are many issues in European law enforcement for which an EU action would be urgently needed in order to guarantee justice, accountability and safety. To mention just a few: eradicating police violence, prohibiting discrimination against members of racialised, poor and other marginalised communities, addressing structural racism, etc. None of these problems are mentioned in the Commissions problem definition even though they are major threats in the everyday life of millions of Europeans. Europol is not immune to criticism, as its activities rely on the data received from Member States and third countries law enforcement authorities, carrying the legacy of their racist policing practices. A revision of Europols mandate could actually be an opportunity to tackle Europols role in perpetuating discriminatory policing, police brutality and criminalisation. In response to the Commissions consultation call, we would like to share the following recommendations: 1. In order to ensure a timely and informed public debate on the future of Europol, the evaluation for the current Europol Regulation must be carried out before further revisions can be considered; 2. The Commission must add as a primary objective of its evaluation a fundamental rights impact assessment and flesh out its plan to carry it out; 3. In order to produce a proper and complete fundamental rights impact assessment in both the evaluation and the impact assessment of a new legislative framework, the scope cannot be limited to suspects, but should encompass, at a very minimum, all individuals whose data is processed by Europol and thus, their fundamental rights interfered with. In addition, such assessment cannot be restricted to privacy and data protection rights only, but must include a wider range of fundamental rights affected by Europols activities; 4. Any potential future mandate must be respect limits set out in the Treaties. The objective of transforming Europol into a truly operational agency likely clashes with them and must therefore not be pursued. 5. The list of crimes for which Europol is competent should not be expanded as it risks involving Europols surveillance infrastructure in the criminalisation of public protest or increasing its policing of online speech. In particular, Europols Internet Referral Units (IRU) activities must be brought in line with the Charter Fundamental Rights or cease as soon as possible; 6. Europols data mining practices should be stopped by repealing the 2022 amendments allowing almost unrestricted data-driven policing. The data collection and processing by Europol must be limited to what is necessary; 7. Data exchanges with third countries must respect EU primary and secondary law. Cooperation with countries with systematic rule of law issues and human rights violations must be halted urgently; 8. The absolute priority for the Commission should be to improve the oversight, transparency and accountability of Europol.

Read full response

Meeting with Maria Zafra Saura (Cabinet of Commissioner Michael McGrath)

25 Jul 2025 · Data protection and privacy

Meeting with Alex Agius Saliba (Member of the European Parliament, Shadow rapporteur)

9 Jul 2025 · Protection of Minors online and CSAM regulation

Response to Mid-term review of the Charter strategy

8 Jul 2025

EDRi is the biggest European network defending rights and freedoms online. The EDRi network is a dynamic and resilient collective of 50+ NGOs, as well as experts, advocates and academics working to defend and advance digital rights across Europe and beyond. Together, we build a movement of organisations and individuals pushing for robust and enforced laws, informing and mobilising people and promoting a healthy and accountable technology market. Whilst EDRi welcomes the intention of the Commission to strengthen the application of the Charter and to ensure that the Charter of Fundamental Rights is upheld in every EU country, our work reveals that several actions undertaken the Commission in 2025 and in its previous mandate have run directly counter to this objective, and numerous Member States remain non-compliant with numerous fundamental rights. Some of the issues or areas that we believe are of key concern for the protection and fulfilment of digital fundamental rights include (non-exhaustively): Data Retention After the annulment of the Data Retention Directive 2006/24 by the Court of Justice (CJEU) in April 2014, Member States did not repeal their national data retention laws transposing the Directive. In a number of judgments about national data retention laws and their non-conformity with EU law, the Court has consistently held that laws requiring general and indiscriminate retention of all traffic data and location data for the purpose of combating (serious) crime are not compatible with the ePrivacy Directive interpreted in light of the Charter. Several Member States have amended their national data retention laws since 2014 with the objective to accommodate the CJEU case law. However, according the legal analysis done by EDRi and members of the EDRi network1 and Eurojust,2 for most Member States the retention requirements still exceed what it permitted by EU law. While putting political pressure on the CJEU to permit more data retention, Member States ignore the Courts rulings and maintain national data retention laws that clearly violate the fundamental rights to privacy, data protection and freedom of expression. The Commission has repeatedly refused to start infringement proceedings against Member States with illegal data retention laws.3 It is thus not an exaggeration to say that data retention has become a systemic rule of law crisis in the European Union.4 Due to space limitations, the remaining explanations and analyses are in the attached feedback document, covering, inter alia, the following laws / policy areas / breaches: - Child Sexual Abuse Regulation - The protection of encryption - EU Migration policies - "Simplification" (deregulation) - Resourcing of independent enforcement and oversight bodies, authorities and entities - Resilient civil society - Techno-charged persecution of LGBTQI+ communities in Hungary - Biometric mass surveillance in France Footnotes: 1 - https://privacyinternational.org/report/5267/pis-briefing-national-data-retention-laws 2 - https://www.eurojust.europa.eu/publication/effect-court-justice-european-union-case-law-national-data-retention-regimes-judicial-cooperation 3 - https://edri.org/our-work/european-commission-will-monitor-existing-eu-data-retention-laws/ 4 - https://edri.org/our-work/europes-data-retention-saga-and-its-risks-for-digital-rights/

Read full response

European Digital Rights rejects EU mass surveillance data retention plans

18 Jun 2025

Topic — EU consultation on rules for service providers to retain metadata for criminal investigations.

Message — EDRi opposes a new EU instrument forcing providers to massively retain user metadata. They recommend starting infringement procedures against Member States with illegal data retention laws. The organization rejects indiscriminate retention as there is no proven link to crime.1 2 3

Why — Preventing this proposal avoids a rule of law crisis and protects user privacy.4 5

Impact — Law enforcement agencies would face stricter limits on accessing private communication metadata.6

Read full response

Meeting with Egelyn Braun (Cabinet of Commissioner Michael McGrath)

17 Jun 2025 · Exchange of views on the forthcoming Digital Fairness Act

Meeting with Birgit Sippel (Member of the European Parliament)

20 May 2025 · Data protection, remedies and enforcement

Meeting with Alexandra Geese (Member of the European Parliament, Shadow rapporteur) and Bureau Européen des Unions de Consommateurs and

14 May 2025 · Event: Democratic Tech Alliance

Meeting with Birgit Sippel (Member of the European Parliament, Rapporteur) and Connect Europe and

14 May 2025 · Democratic Tech Alliance

Meeting with Olivier Micol (Head of Unit Justice and Consumers)

8 May 2025 · GDPR simplification in the context of the Small Mid-Caps Omnibus and Data Union Strategy

Meeting with Agata Gerba (Head of Unit Trade)

28 Apr 2025 · Discussion on the text of the negotiated outcome of the EU- Singapore Digital Trade Agreement (DTA) and the EU-Korea DTA

Meeting with Katarina Barley (Member of the European Parliament)

16 Apr 2025 · Digitalpolitik

Meeting with Vicent Marzà Ibáñez (Member of the European Parliament, Shadow rapporteur) and EUROPEAN TRADE UNION CONFEDERATION

25 Mar 2025 · EU-Singapore DTA

Meeting with Maria Zafra Saura (Cabinet of Commissioner Michael McGrath)

24 Mar 2025 · Data protection, GDPR procedural rules proposal, international data flows, simplification

Meeting with Werner Stengg (Cabinet of Executive Vice-President Henna Virkkunen)

20 Mar 2025 · Civil society and EU digital policy

Meeting with Prabhat Agarwal (Head of Unit Communications Networks, Content and Technology)

20 Feb 2025 · Perception of the Commission’s work on the Digital Services Act (DSA) among civil society organisations and Update on DSA enforcement activities and communication about the DSA

Meeting with Birgit Sippel (Member of the European Parliament) and Bureau Européen des Unions de Consommateurs and

19 Feb 2025 · Guidelines for banned AI use cases and the definition of AI (Staff-level)

Meeting with Lina Gálvez (Member of the European Parliament)

17 Feb 2025 · Digital Rights

Meeting with Rita Wezenbeek (Director Communications Networks, Content and Technology) and

11 Feb 2025 · Opening Session: DSA roundtable discussions on online advertising (Article 46 DSA)

Meeting with Olivier Micol (Head of Unit Justice and Consumers)

5 Feb 2025 · EDRi queried whether the GDPR would be part of the announced simplification omnibus, noting that it had heard that there could be an amendment to the exception for records of processing in Article 30(5) GDPR.

Meeting with Alexandra Geese (Member of the European Parliament)

3 Feb 2025 · Digital policies

Meeting with Birgit Sippel (Member of the European Parliament)

23 Jan 2025 · LIBE priorities

Meeting with Birgit Sippel (Member of the European Parliament) and epicenter.works - Plattform Grundrechtspolitik

21 Jan 2025 · UN Convention Cybercrime (UNCC)

Response to Digitalisation of travel documents and facilitation of travel

23 Dec 2024

EDRi is Europes biggest network of civil society organisations working together to ensure the protection of fundamental rights, as enshrined by the Charter of Fundamental Rights of the European Union (the Charter) and the wider European aquis, in laws and policies relating to technology and data. As a collection of technologists, lawyers, academics, human rights advocates and other specialists, we welcome the opportunity to share our perspective on the European Commissions (ECs) proposal to digitalise travel documents and create a digital travel credential (DTC). Whilst we recognise that digitalisation efforts can provide convenience and benefits for people as well as for public administration, it is vital that such efforts are pursued in a transparent and diligent manner. The use of digital technologies frequently entail the processing of personal data, which in the case of this proposal, includes several forms of sensitive data. The use of digital technologies also can have significant environmental impacts, which should be properly taken into account. Such efforts must also be considered within broader structures of power dynamics between individuals and the state, increasingly hostile border and migration contexts, and risks of discrimination by governments (includingthe risk of exclusion of certain groups and communities as a result of non-inclusive digitalisation programmes). This is especially pertinent given that the proposal would centralise peoples digital travel credentials for visa applications, travel authorisation under ETIAS, the EU Entry-Exit System (EES) and the recently-adopted advanced passenger information (API) Regulation, and would allow for broader use of the DTC via the EU digital identity wallet (eIDAS). These are all laws or proposals about which civil society groups, especially those who work to protect fundamental rights at the intersection of migration and digitalisation, have already raised serious concerns. EDRi takes the opportunity of this consultation to raise our substantive, evidentiary and procedural concerns about the ECs proposals to digitalise travel documents, based on the claim of making travelling easier. It is our view that the EC has not done their due diligence, and has not properly represented the issues and risks at stake. As such, these proposals may disproportionately limit fundamental rights including, inter alia, privacy, data protection, non-discrimination and freedom of movement. We call into question that claim that travel will be smoother as a result of this package. Our concerns can be split into 7 main parts: 1. Better Regulation concerns: Procedural concerns in the context of the EUs Better Regulation commitment, including questions about the legitimacy of the process, the lack of engagement with fundamental rights risks, and the exclusion of inconvenient stakeholders and perspectives; 2. Exaggerated efficiency promises: Lack of robustness in underlying efficiency calculations; 3. Biometric mass surveillance threats: Obfuscation of the reality and the risks of mass biometric processing and databases; 4. Convenience for some, profiling for others: Entrenching systems of surveillance, securitisation and discrimination against people on the move; 5. Consent and the risk of coercion: Concerns about how freely-given consent to the DTC would actually be; 6. Limitations that cannot be solved by an app: Interrogating the underlying political, technical and economic motivations; 7. Lucrative digital innovation at the expense of the planet: The foreseeable scope creep of the DTC, as well as lack of engagement with climate impacts.

Read full response

Meeting with Birgit Sippel (Member of the European Parliament) and European Tech Alliance and

11 Dec 2024 · European Internet Forum Breakfast Protecting Children Online

Meeting with Jeroen Lenaers (Member of the European Parliament, Rapporteur)

5 Dec 2024 · EDRI

Meeting with Svenja Hahn (Member of the European Parliament)

4 Dec 2024 · EU-Singapore Digital Trade Agreement

Meeting with Marina Kaljurand (Member of the European Parliament)

21 Nov 2024 · Europol JPSG

Meeting with Charles Goerens (Member of the European Parliament)

19 Nov 2024 · the protection of human rights in the context of the internet, data, and digitalisation.

Meeting with Evin Incir (Member of the European Parliament)

18 Nov 2024 · Digital rights and the JPSG on Europol

EDRi urges stricter conflict of interest rules for AI experts

14 Nov 2024

Topic — Rules for establishing a scientific panel to advise the AI Office on enforcement.

Message — EDRi recommends extending conflict-of-interest rules to include experts with financial ties to AI deployers. They also advocate for greater transparency and effectiveness in the panel's operations.1 2

Why — This would prevent experts representing AI-using companies from undermining neutral regulatory oversight.3

Impact — Individuals with financial interests in major AI-using corporations would be barred from the panel.4

Read full response

Meeting with David Cormand (Member of the European Parliament)

12 Nov 2024 · AI Act

Meeting with Birgit Sippel (Member of the European Parliament, Rapporteur)

7 Nov 2024 · Exchange on future digital policies

Meeting with Saskia Bricmont (Member of the European Parliament)

23 Oct 2024 · Europol - JPSG

Meeting with Daniel Freund (Member of the European Parliament) and Amnesty International Limited and

16 Oct 2024 · Cooperation on LIBE related matters

Meeting with Tineke Strik (Member of the European Parliament) and Amnesty International Limited and

16 Oct 2024 · LIBE Civil Society Meeting

Meeting with Alexandra Geese (Member of the European Parliament)

3 Oct 2024 · Online Advertisement

Meeting with Alexandra Geese (Member of the European Parliament) and Wikimedia Foundation

1 Oct 2024 · Tech and Society Summit: Community based alternatives: a tool to rein in Big Tech and build a healthy online public sphere

Meeting with Leila Chaibi (Member of the European Parliament, Shadow rapporteur) and Corporate Europe Observatory

1 Oct 2024 · Speaker - Big tech lobbying

Meeting with Kim Van Sparrentak (Member of the European Parliament)

1 Oct 2024 · Tech & Society Summit (speaker)

Meeting with Alexandra Geese (Member of the European Parliament) and Bureau Européen des Unions de Consommateurs and

1 Oct 2024 · Visionary roundtable: building an EU digital enforcement strategy

Meeting with Dóra Dávid (Member of the European Parliament)

1 Oct 2024 · Panel discussion: Tech and Society Summit

Meeting with Birgit Sippel (Member of the European Parliament)

1 Oct 2024 · Tech & Society Summit (staff-level)

EDRi urges privacy-first design instead of intrusive age verification

30 Sept 2024

Topic — The Commission is drafting guidelines to improve online safety and privacy for minors.

Message — EDRi calls for systemic design changes rather than relying solely on age verification. They recommend safety settings like disabling behavioral profiling and location tracking. They also propose making platform risk assessments available to the public.1 2 3

Why — This would ensure digital rights principles are applied to all internet users globally.4

Impact — Dominant Big Tech platforms lose their ability to exploit invasive and manipulative practices.5

Read full response

Meeting with Birgit Sippel (Member of the European Parliament)

26 Sept 2024 · 20 years of digital policy in the EU

Meeting with Alexandra Geese (Member of the European Parliament) and Access Now Europe and ARTICLE 19

26 Sept 2024 · Digital Rights policy

Meeting with Leila Chaibi (Member of the European Parliament, Shadow rapporteur) and Access Now Europe and ARTICLE 19

26 Sept 2024 · Speaker at an event on digital policies in the EU

Meeting with Sandro Ruotolo (Member of the European Parliament)

23 Sept 2024 · Introductory meeting

Meeting with Katarina Barley (Member of the European Parliament)

19 Sept 2024 · Digitalpolitik

Meeting with Birgit Sippel (Member of the European Parliament)

18 Sept 2024 · EU-US e-Evidence & UN Cybercrime Convention (Staff-Level)

Meeting with Diana Riba I Giner (Member of the European Parliament)

17 Sept 2024 · Pegasus

Meeting with Bruno Gencarelli (Cabinet of Commissioner Didier Reynders) and Access Now Europe

12 Sept 2024 · GDPR and data flows - state of play and future prospects.

Meeting with Daniel Attard (Member of the European Parliament)

10 Sept 2024 · Introductory meeting with EDRi

Meeting with Dóra Dávid (Member of the European Parliament)

9 Sept 2024 · Protection of human rights in the context of the internet, data, and digitalisation

Meeting with Bruno Gonçalves (Member of the European Parliament) and Neste Oyj and

9 Sept 2024 · ITRE policies

EDRi demands stricter transparency for tech platforms scanning messages

5 Sept 2024

Topic — This regulation standardises reports for service providers processing personal data during content scanning.

Message — EDRi supports binding rules for detailed and consistent reporting by service providers. They demand granular data about the performance and outcomes of automated detection.1 2

Why — More granular reporting would enable a robust assessment of fundamental rights compliance.3 4

Impact — Service providers currently providing evasive reports would face much higher transparency standards.5 6

Read full response

Meeting with Aura Salla (Member of the European Parliament)

5 Sept 2024 · CSA Regulation

Meeting with Lynn Boylan (Member of the European Parliament)

4 Sept 2024 · Key digital rights topics for new mandate

Meeting with Birgit Sippel (Member of the European Parliament)

26 Jun 2024 · Digital files in LIBE

Meeting with Kim Van Sparrentak (Member of the European Parliament)

30 Apr 2024 · Digitale mensenrechten

Meeting with Paul Tang (Member of the European Parliament) and Centre for Democracy Technology, Europe

17 Apr 2024 · Staff Level: Fifth Edition of the Civil Society Roundtable Series

Meeting with Hannah Neumann (Member of the European Parliament)

18 Mar 2024 · Digital rights

Meeting with Erik Marquardt (Member of the European Parliament, Shadow rapporteur) and Save the Children Europe and

13 Feb 2024 · Facilitators Package - stakeholders’ consultation meeting

European Digital Rights opposes extension of mass message scanning derogation

8 Feb 2024

Topic — EU regulation allowing temporary scanning of private messages for child abuse material.

Message — EDRi opposes extending the temporary ePrivacy derogation, arguing the Commission has not proven mass scanning is necessary or proportionate. They emphasize any fundamental rights limitation must have clear evidence and safeguards, which the implementation report fails to provide.1 2 3

Why — This would protect their core mission of defending digital privacy and fundamental rights online.4 5

Impact — Tech companies lose legal cover for voluntary mass scanning of user communications.6 7

Read full response

Meeting with Paul Tang (Member of the European Parliament)

24 Jan 2024 · EDRi Privacy Camp

Meeting with Eleonora Ocello (Cabinet of Commissioner Thierry Breton) and Access Now Europe and Electronic Frontier Foundation

13 Dec 2023 · Digital policy

Meeting with Birgit Sippel (Member of the European Parliament)

11 Dec 2023 · EU/US eEvidence COM(2019) 70 final (staff-level)

Meeting with Jana Toom (Member of the European Parliament, Shadow rapporteur)

20 Nov 2023 · GDPR enforcement

Meeting with Cristian Terheş (Member of the European Parliament, Shadow rapporteur for opinion) and epicenter.works - Plattform Grundrechtspolitik

7 Nov 2023 · Digital euro file

Meeting with Alexandra Geese (Member of the European Parliament) and Corporate Europe Observatory and

25 Oct 2023 · Greens/EFA event "Reclaiming our Digital Future"

Meeting with Sergey Lagodinsky (Member of the European Parliament, Rapporteur) and Access Now Europe

25 Oct 2023 · GDPR Enforcement Regulation

Meeting with Marcel Kolaja (Member of the European Parliament, Shadow rapporteur for opinion)

17 Oct 2023 · discussion about the negative consequences of Chat Control with EDRi member Iuridicum Remedium

Meeting with Saskia Bricmont (Member of the European Parliament)

11 Oct 2023 · Remise pétition CSAR

Meeting with Miapetra Kumpula-Natri (Member of the European Parliament)

3 Oct 2023 · Digital policies

Meeting with Miapetra Kumpula-Natri (Member of the European Parliament)

3 Oct 2023 · EU´s Digital Policy

Meeting with Maria-Manuel Leitão-Marques (Member of the European Parliament)

28 Sept 2023 · Digital policy priorities

Meeting with Jeroen Lenaers (Member of the European Parliament)

27 Sept 2023 · CSAM

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur) and Electronic Frontier Foundation

26 Sept 2023 · Staff Level: event: "Encryption in the age of surveillance"

Meeting with Paul Tang (Member of the European Parliament)

19 Sept 2023 · Staff Level: Digital advertising market

Meeting with Daniel Freund (Member of the European Parliament, Shadow rapporteur for opinion)

11 Sept 2023 · Spyware, European Media Freedom Act (staff level)

Meeting with Paul Tang (Member of the European Parliament)

7 Sept 2023 · Digital Policy

Meeting with Brando Benifei (Member of the European Parliament, Rapporteur) and Bureau Européen des Unions de Consommateurs and

6 Sept 2023 · AI Act and fundamental rights impact assessment

Meeting with Alexandra Geese (Member of the European Parliament) and epicenter.works - Plattform Grundrechtspolitik and

4 Sept 2023 · Digital policies and human rights

Meeting with Marie Frenay (Cabinet of Vice-President Věra Jourová)

29 Aug 2023 · European Media Freedom Act

Meeting with Brando Benifei (Member of the European Parliament, Rapporteur) and Bloomberg L.P. and ServiceNow

12 Jul 2023 · AI Act

Meeting with Svenja Hahn (Member of the European Parliament, Shadow rapporteur) and Amnesty International Limited

6 Jun 2023 · Meeting with NGOs on Remote Biometrical Identification (RBI) prohibition

Meeting with Birgit Sippel (Member of the European Parliament)

11 May 2023 · CSA-R (Staff-level)

Meeting with Birgit Sippel (Member of the European Parliament)

10 May 2023 · CSA-R (Staff-level)

Meeting with Sylwia Spurek (Member of the European Parliament, Shadow rapporteur)

4 May 2023 · Extraordinary meeting with experts specialised in cyberviolence

Meeting with Malin Björk (Member of the European Parliament)

3 May 2023 · AI Act

Meeting with Petra Kammerevert (Member of the European Parliament, Shadow rapporteur) and Access Now Europe

27 Apr 2023 · APAs - European Media Freedom Act

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur)

27 Apr 2023 · Staff Level: Child Sexual Abuse Regulation

Meeting with Birgit Sippel (Member of the European Parliament) and Caritas Europa and EuroMed Rights / EuroMed Droits

11 Apr 2023 · Schengen Borders Code

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur)

11 Apr 2023 · S&D LIBE working group with external guests on Prum II and other files

Meeting with Birgit Sippel (Member of the European Parliament)

29 Mar 2023 · Preparation of the a meeting on Europol and Prüm-II (staff level)

Meeting with Alexandra Geese (Member of the European Parliament, Shadow rapporteur) and Expertisebureau Online Kindermisbruik

28 Mar 2023 · Greens/EFA experts hearing on the Regulation to prevent and combat child sexual abuse (CSAR)

Meeting with Alexandra Geese (Member of the European Parliament, Shadow rapporteur) and European Youth Forum and

27 Mar 2023 · Political advertising

EDRi urges harmonized rules to fix failing GDPR enforcement

23 Mar 2023

Topic — Initiative to streamline cooperation between national data protection authorities in cross-border GDPR cases.

Message — EDRi requests a common complaint template and strict deadlines for the administrative process. They demand that individuals have a guaranteed right to be heard and access files. They also insist that all complaints must result in a formal, appealable decision.1 2 3 4

Why — Harmonized rules would reduce the legal costs and time needed to file complaints.5

Impact — Tech giants lose the ability to avoid enforcement through procedural delays and inaction.6

Read full response

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur)

23 Mar 2023 · Prüm II Regulation and Child Sexual Abuse Regulation

Meeting with Birgit Sippel (Member of the European Parliament, Rapporteur)

21 Mar 2023 · 20th anniversary EDRi and current files in the area of digital rights

Meeting with Alexandra Geese (Member of the European Parliament)

21 Mar 2023 · European Digital Rights 20 anniversary

Meeting with Birgit Sippel (Member of the European Parliament)

14 Mar 2023 · Event Preparation (Staff-level)

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur) and AMBER Alert Europe

8 Mar 2023 · Shadows meeting on Prüm II Regulation

Meeting with Marcel Kolaja (Member of the European Parliament, Shadow rapporteur for opinion) and Meta Platforms Ireland Limited and its various subsidiaries and

8 Mar 2023 · discussion about protection of children on-line and encryption

Meeting with Kateřina Konečná (Member of the European Parliament, Shadow rapporteur for opinion)

6 Mar 2023 · Preventing and combating child sexual abuse online

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur)

28 Feb 2023 · Shadows meeting on Child Sexual Abuse Regulation

Meeting with Daniel Freund (Member of the European Parliament, Shadow rapporteur for opinion)

8 Feb 2023 · European Media Freedom Act (staff-level)

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur) and eco - Verband der Internetwirtschaft

30 Jan 2023 · Panellist at event ECO on Child Sexual Abuse Regulation

Meeting with Deirdre Clune (Member of the European Parliament, Shadow rapporteur) and Access Now Europe

12 Jan 2023 · Artificial Intelligence Act & Migration

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur) and Google and

12 Jan 2023 · Closed door stakeholders meeting on Child Sexual Abuse Regulation with MEP Alex Agius Saliba and MEP Helene Fritzon

Meeting with Javier Zarzalejos (Member of the European Parliament, Rapporteur)

8 Dec 2022 · Meeting with European Digital Rights (EDRi), to discuss the proposal on preventing and combating child sexual abuse online

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur for opinion)

23 Nov 2022 · Staff Level: Political Advertising Regulation

Meeting with Birgit Sippel (Member of the European Parliament)

9 Nov 2022 · Bias in artificial intelligence

Meeting with Stéphane Séjourné (Member of the European Parliament) and La Quadrature Du Net

8 Nov 2022 · AI Act (équipe)

Meeting with Maria-Manuel Leitão-Marques (Member of the European Parliament, Shadow rapporteur)

27 Oct 2022 · Political Advertising

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur)

21 Oct 2022 · Staff Level: Prüm II Regulation

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur) and Fair Trials Europe

11 Oct 2022 · Staff Level: Prüm II Regulation

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur) and AMBER Alert Europe

29 Sept 2022 · Staff Level: Prüm II Regulation

Meeting with Alexandra Geese (Member of the European Parliament, Shadow rapporteur)

21 Sept 2022 · Political advertising, Digital Services Act

European Digital Rights calls for withdrawal of child abuse regulation

12 Sept 2022

Topic — EU regulation requiring online platforms to detect and report child sexual abuse material.

Message — EDRi calls for the proposal to be withdrawn and replaced with a better solution. They argue the regulation's mass surveillance approach is error-prone and will cause irrevocable harm to online communications and children's rights.1 2

Why — This would preserve end-to-end encryption and prevent their members from being subjected to mass surveillance.3 4

Impact — Children lose digital means to seek help, as 80% of abuse involves known perpetrators.5

Read full response

Meeting with Werner Stengg (Cabinet of Executive Vice-President Margrethe Vestager) and epicenter.works - Plattform Grundrechtspolitik and IT-Political Association of Denmark

8 Sept 2022 · Telecom, Open Internet Regulation.

Meeting with Gwendoline Delbos-Corfield (Member of the European Parliament, Shadow rapporteur)

13 Jun 2022 · Prüm II

Meeting with Saskia Bricmont (Member of the European Parliament) and Fair Trials Europe

2 Jun 2022 · Europol regulation reform

Meeting with Paul Tang (Member of the European Parliament, Shadow rapporteur)

1 Jun 2022 · Co-organiser and moderator event: 'How to effectively fight child sexual exploitation and abuse online?'

Meeting with Birgit Sippel (Member of the European Parliament)

31 May 2022 · CSAM

Meeting with Rob Rooken (Member of the European Parliament, Shadow rapporteur)

20 May 2022 · Biometrics

Meeting with Filomena Chirico (Cabinet of Commissioner Thierry Breton)

20 May 2022 · Protecting net neutrality, confidentiality of information, eID

Meeting with Maria-Manuel Leitão-Marques (Member of the European Parliament) and Platform for International Cooperation on Undocumented Migrants and Access Now Europe

11 May 2022 · AI Act

Meeting with Christel Schaldemose (Member of the European Parliament, Rapporteur)

10 May 2022 · DSA

Meeting with Ibán García Del Blanco (Member of the European Parliament)

22 Apr 2022 · Exchange of views on AI

Meeting with Alice Kuhnke (Member of the European Parliament) and The European Region of the International Lesbian, Gay, Bisexual, Trans and Intersex Association and

19 Apr 2022 · Roundtable: Gender-based Violence

Meeting with Miapetra Kumpula-Natri (Member of the European Parliament, Shadow rapporteur for opinion)

16 Mar 2022 · Meeting on AI Act

Meeting with Alexandra Geese (Member of the European Parliament, Shadow rapporteur)

11 Mar 2022 · Political advertising

Meeting with Alexandra Geese (Member of the European Parliament, Shadow rapporteur) and Bureau Européen des Unions de Consommateurs and

10 Mar 2022 · Digital Services Act

Meeting with Petar Vitanov (Member of the European Parliament, Shadow rapporteur) and Independent Retail Europe (formerly UGAL - Union of Groups of Independent Retailers of Europe) and Fair Trials Europe

2 Mar 2022 · AI Act

Meeting with Roberto Viola (Director-General Communications Networks, Content and Technology)

26 Jan 2022 · Digital issues

Meeting with Cristian Terheş (Member of the European Parliament, Rapporteur for opinion)

14 Dec 2021 · eIDAS file parliamentary activity

Meeting with Filomena Chirico (Cabinet of Commissioner Thierry Breton) and Access Now

28 Oct 2021 · DSA

Meeting with Saskia Bricmont (Member of the European Parliament, Shadow rapporteur)

13 Aug 2021 · Eurodac reform

Response to Requirements for Artificial Intelligence

3 Aug 2021

European Digital Rights (EDRi) is Europe’s biggest network defending rights and freedoms online. EDRi welcomes the European Commission’s globally significant step towards regulating the development and deployment of artificial intelligence systems. However, we would like to make suggestions to ensure that the AI Act is in line with the Charter of Fundamental Rights of the EU, future proof, and a role model for rights-protective future AI legislation around the world. We raise concerns about the extent to which the Act protects fundamental rights and addresses broader structural, political and economic issues. In the attached paper, we highlight how the use of AI systems can systematically target, harm and exclude marginalised communities. We question how far the act can address these structural harms, due to its tendency towards de-regulation of all but the most narrowly-defined ‘unacceptable’ uses; the lack of obligations on users; and the lack of individual and collective redress for those subject to AI systems. EDRi thus recommends the following improvements: 1. Ensure effective protection against prohibited practices and address the full scope of unacceptable risks: a) Strengthen art. 5 prohibitions to provide meaningful protection against fundamental rights violations and individual and collective harms; b) Comprehensively prohibit biometric mass surveillance practices (RBI and automated recognition of human features in publicly-accessible spaces for any purpose); c) Prohibit additional practices which are incompatible with fundamental rights and democracy: uses of AI in law enforcement or criminal justice that purport to predict future behaviour; in migration control in ways that undermine the right to claim asylum; to implement invasive surveillance, monitoring and algorithmic management in an employment and educational context; to categorise people on the basis of their human features; for emotion recognition; and in uses that constitute mass surveillance. 2. Adapt the AIA to ensure a holistic, democratic and future-proof framework: a) Introduce a democratic, inclusive and accessible process for the insertion of new prohibitions, including criteria for ‘unacceptable risk’ and the addition of future prohibitions; b) Ensure high risk ‘areas’ can be updated under art. 7; c) Fix gaps relating to economic and environmental impact, structural inequality, migration control, law enforcement (LE), worker surveillance, mass surveillance and exports; d) Remove loopholes in arts. 2.4 and 83 (international LE agreements); e) Remove art. 47 broad public security exemption for conformity assessment; f) Remove art. 54.1.a purpose limitation exemption in criminal justice. 3. Enhance obligations on users of all AI systems: a) Mandate ex ante human rights impact assessments for high risk systems before putting into use; b) Implement duty to cooperate with national authorities under arts. 65 and 67 for all systems; c) Implement meaningful consultation duty; d) Implement public authority notification requirement. 4. Implement meaningful public transparency for high risk systems: a) Registration in EU database (art. 60) for AI systems that are put into use; b) Add instructions for use for LE, migration, asylum and borders to public database; c) Require providers to include access to conformity assessment as per article 13.2-3 under art. 60; d) Require more thorough detail from providers to users under art. 13.3; e) Remove art. 52 exemptions for transparency in detection, prevention or prosecution; for art. 52 uses, suspects should be notified post factum. 5. Facilitate accountability: Include oversight and enforcement infrastructures that work for people: a) Ensure cohesive national enforcement structure; b) Include individual and collective flagging and redress mechanisms; c) Implement a more democratic governance infrastructure and greater independence for EAIB. See EDRi’s attached paper for further analysis and recommendations.

Read full response

Meeting with Filomena Chirico (Cabinet of Commissioner Thierry Breton) and Access Now

20 Jul 2021 · Attention points on DSA legislative process

Response to Declaration of Digital Principles

15 Jun 2021

EDRi welcomes the opportunity to provide feedback to help shape the future "Declaration of Digital Principles – the ‘European way’ for the digital society" and we support our members Access Now, FSFE as well as the contributions from the Free Knowledge Advocacy Group EU and Communia. We would like to express a strong preference of legal obligations for digital policies over “principles”. While principles can and should complement legal obligations (from the EU Treaties and the Charter of Fundamental rights down to specific laws such as the General Data Protection Regulation), principles cannot and should not replace these legal obligations or undermine them. When preparing a Declaration of Digital Principles – the ‘European way’ for the digital society, we encourage you to base any such Declaration on the Charter of Fundamental Rights and to complement the Declaration with aspects that were not specifically foreseen when the Charter was drafted but that can be interpreted from it. Bearing this in mind, we have prepared the following set of principles that we believe should be part of any Declaration of Digital Principles. You can find our full submission attached.

Read full response

Response to Guidance on tackling disinformation

29 Apr 2021

Access Now, Civil Liberties Union for Europe (Liberties) and European Digital Rights (EDRi), welcome the opportunity to submit feedback on the Guidance tackling disinformation. Pleas find attached our joint submission.

Read full response

Meeting with Saskia Bricmont (Member of the European Parliament, Shadow rapporteur)

8 Apr 2021 · Eurodac recast

Meeting with Věra Jourová (Vice-President) and Google and

22 Feb 2021 · Disinformation COVID -19

Response to Legislative framework for the governance of common European data spaces

29 Jan 2021

We are providing our 4000 characters response in the attached document due to the formatting issues when adding the text from an .odt document in this box.

Read full response

Meeting with Thierry Breton (Commissioner) and

9 Dec 2020 · Roundtable with NGOs on DSA and DMA

Meeting with Filomena Chirico (Cabinet of Commissioner Thierry Breton) and epicenter.works - Plattform Grundrechtspolitik and Access Now

6 Nov 2020 · Austrian NetzDG and Digital Services Act

Meeting with Werner Stengg (Cabinet of Executive Vice-President Margrethe Vestager) and epicenter.works - Plattform Grundrechtspolitik and Access Now

6 Nov 2020 · Austrian NetzDG and Digital Services Act

Meeting with Anthony Whelan (Cabinet of President Ursula von der Leyen)

6 Nov 2020 · Digital issues

Meeting with Filomena Chirico (Cabinet of Commissioner Thierry Breton)

3 Nov 2020 · Digital Services Act

Response to Sustainable corporate governance

7 Oct 2020

The EDRi (European Digital Rights) network is a collective of 44 civil society organisations, as well as advocates and academics, working to defend and advance digital rights across Europe. We work to challenge private and state actors who abuse their power to control or manipulate the public. EDRi reiterates the Commission’s concerns that businesses operating in Europe are not sufficiently embedding genuine, meaningful and enforceable human rights processes, safeguards and redress measures; transparency and accountability mechanisms; and sustainability initiatives; across their full business activities, in ways that can be properly analysed and measured from the outside. Concerning the policy options proposed by the Commission in section B of the roadmap, we argue that it is not sufficient to ask companies “to take measures to address” or “to take into account” due diligence for sustainability and fundamental rights. The SCG roadmap recognises that self-regulation has not been successful so far. Therefore, the SCG Initiative must move beyond the language of vague commitments and instead ensure that businesses are given clear, robust and specific rules for how they can ensure fundamental rights respect and protections. EDRi recommends that policy options 1, 2 and 3 (bullet points 1, 2 and 3, pp. 3-4) should be cumulative and mandatory, and that “complementary guidance” cannot be used instead of legislation. Please see attached for our full feedback in response to the roadmap.

Read full response

Response to Strengthening the automated data exchange under the Prüm framework

6 Oct 2020

European Digital Rights (EDRi) is an association representing 44 human rights organisations from across Europe that defend rights and freedoms in the digital environment. We welcome this opportunity to provide feedback on the future developments of the Prüm framework. This submission has been developed with the expertise of our member IT-Pol Denmark. The Inception Impact Assessment related to the existing framework of the Prüm Decisions published on 11 August 2020 shares the European Commission’s plans to further expand the scope of automated exchanges of personal data between national law enforcement authorities in the EU without properly evaluating the compliance of Prüm with EU law, notably the EU Charter of Fundamental Rights. In response to the Commission’s consultation call, EDRi would like to provide the following response: • We recommend that the European Commission includes the European Parliament in the first phases of the evaluation process and takes into due account its opinion when defining the future political orientations of the Prüm framework. • We encourage the European Commission to properly evaluate (with significant evidence) the Prüm framework against the principles of necessity and proportionality before expanding its scope. • We strongly recommend the European Commission to conduct a thorough assessment of all Member States’ transpositions of the Law Enforcement Directive (LED) in connection with the upcoming evaluation of the Prüm framework. EDRi recommends to align the Prüm framework with the current data protection rules for law enforcement. • EDRi urges the European Commission to launch an EU-wide, truly democratic debate on facial recognition and refrain from imposing it through the Prüm framework. • EDRi strongly opposes the extension of the Prüm framework with facial images in Member States' criminal investigation databases. • EDRi opposes the automated disclosure of hit-follow-up data as this would be likely problematic in regards to the Law Enforcement Directive requirements. EDRi calls for a mandatory manual review by the requested Member State to ensure that all legal safeguards are guaranteed, the requested personal data is accurate and the request is proportionate and necessary. Refusal grounds should always be available to the requested Member State. • EDRi encourages the European Commission to speed up the hit-follow-up process by improving the efficiency of the administrative process (e.g. by ensuring that Member States allocate sufficient resources for police and judicial cooperation). • EDRi opposes the inclusion of Europol data into the Prüm exchange system.

Read full response

Meeting with Helena Dalli (Commissioner)

22 Sept 2020 · Anti-Racism Action Plan measures regarding artificial intelligence

Response to External dimension of the EU policy on Passenger Name Records

10 Sept 2020

We welcome the opportunity to contribute to the roadmap on the external dimension of the EU policy on Passenger Name Records (Ares(2020)3918953). For the purpose of this feedback we have also incorporated in the attached document, when required, our analysis on the two most recent documents from the Commission, namely the Commission Staff Working Document – On the review of Directive 2016/681 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime (SWD(2020) 128 final, 24 July 2020) (hereby “the Staff Working Document” or “the SWD”) and the European Commission Report on the review of Directive 2016/681 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime{SWD(2020)128final} (hereby “the EC Review Report”). One general remark to which we would like to bring the European Commission’s attention is the appalling lack of evidence (including statistics and a diversity of sources of data and information) both documents demonstrate. They seem to rely solely on information coming from the Member States, leading to a poor critical assessment of the Directive. For example, the section related to the role of Data Protection Officers merely includes a broad evaluation made by national authorities, with no consultation of data protection officers’ own opinions, nor those of individuals who filed complaints to them. Similarly, there is a crucial lack of information regarding the number of complaints issued concerning false positives or other issues, making assessment of the current safeguards provided by the Directive difficult. EDRi has repeatedly encouraged the Commission to produce evidence- based policy and not policy-driven evidence. We therefore hope the following remarks will be taken into due account and addressed. Conclusion and recommendations: We recommend that the European Commission suspends the existing PNR agreements, pauses further negotiations with additional third countries and suspends the EU PNR Directive. In addition, the EU Commission should ensure that outcomes of the negotiations at the International Civil Aviation Organisation (ICAO) for draft new PNR standards through an expert Task Force established within the ICAO Facilitation Panel (which does not include any representatives of data protection authorities or civil society) is in line with EU law and does not lead to new obligations being placed on the EU and its Member States. In particular, the EU cannot adhere to standards that would contradict Opinion 1/15 of the CJEU and lower the level of data protection guaranteed in the EU – both for data stored and processed in the EU and in the context of international transfers. As several cases regarding the legality and validity of PNR measures are currently before the Court of Justice of the EU, the EU should refrain from agreeing to new obligations on PNR until the Court has providing guidance as to which measures are lawful under EU primary law.

Read full response

Response to Requirements for Artificial Intelligence

9 Sept 2020

Aims: 1. EDRi argues that promoting AI uptake should not be an end in itself, rather a detailed framework to ensure all AI is lawful and fundamental rights compliant. Problem definition: 2. The definition of “remote biometric identification” is overly narrow. All mass surveillance uses of biometrics invoke severe fundamental rights implications, and therefore should be in scope. 3. Greater attention is needed to the potential impact of AI applications on human rights. 4. Dataset bias is only one source of AI bias, not overlooking bias in programming of the systems, and the discrimination resulting from deployment of AI systems in already discriminatory contexts, e.g. facial recognition and predictive policing in the context of proven systemic racial discrimination. 5. Discrimination is not “immaterial harm”; it can have highly material consequences: threats to liberty and safety when AI is deployed for policing, migration control; safety and financial implications when sensitive identity traits are inferred in the delivery of essential public services; or in employment. 6. Dual uses of AI pose numerous threats to data protection and fundamental rights and must be addressed. Impact assessment 7. The impact on fundamental rights must be given primary attention over assumed economic impact. All presumed benefits of AI, particularly when invoked in public sector must be demonstrated with scientific criteria. 8. Societal level harms such as impact on democracy must be included, with a specific reference to uses of AI for content moderation and the impact on democracy. 9. AI has an environmental impact in terms of encouraging wasteful development and consumption. When AI systems are proposed as solutions to climate change, evidence must be presented. 10. Fundamental rights impact must be further detailed in an HRIA, in particular with respect to rights to privacy, freedom of assembly and non-discrimination. The HRIA must articulate how fundamental rights will be de facto protected within the proposed regulatory framework. Policy Options: 11. EDRi recommends that the policy options are amended to include legislation which defines the scope of lawful AI and introduces prohibitions for uses which violate fundamental rights, including untargeted biometric surveillance, predictive policing, migration control and other uses detailed in EDRi’s AI recommendations and case bank of impermissible uses. The prohibition of certain uses of AI is necessary to achieve the stated aim of preventing harm. 12. For legal uses of AI, EDRi favours the application of safeguards to all uses of AI (3C) . EDRi recommends a rejection of the risk-based categorisation and the sectoral delineation of ‘high risk’, which will create a gap in fundamental rights protections. Mandatory, external HRIAs, at all stages should evaluate the impact of all AI systems on a case-by-case basis to determine safeguards, with a range of options (including prior conformity assessment, notification to oversight body, prohibition). 13. For public sector uses of AI, the EU must introduce mechanisms of democratic oversight. This includes consultation with marginalised communities and people most affected by particular deployments. Democratic oversight must extend to decision-making power for those affected. 14. The Commission must take specific steps to ensure enforcement of fundamental rights in upcoming legislation, and individual and collective redress. 15. EDRi rejects options 0-2. Individuals impacted are not ‘customers’ and often not consumers of AI, but subjects to AI systems. Soft law, industry-led or voluntary schemes will be insufficient to protect their rights. Find furhter information in EDRi’s recommendations on artificial intelligence regulation and ban on biometric mass surveillance position. EDRi attaches use cases of AI deployments in Europe which require prohibition in law.

Read full response

Meeting with Věra Jourová (Vice-President)

24 Jul 2020 · Artificial Intelligence & biometrics

Response to Strengthening of Europol’s mandate

8 Jul 2020

European Digital Rights (EDRi) is an association representing 44 human rights organisations from across Europe that defend rights and freedoms in the digital environment. This submission has been developed with the contributions from our members Statewatch (UK) and IT-Pol Denmark. In response to the Commission’s consultation call, EDRi would like to share the following response: - EDRi recommends to first carry out a full evaluation of the 2016 Europol Regulation, before expanding the agency’s powers, in order to base the revision of its mandate on proper evidence; - EDRi opposes the Commission’s proposal to expand Europol’s powers in the field of data exchange with private parties as it goes beyond Europol’s legal basis (Article 88(2)); - The extension of Europol’s mandate to request personal data from private parties promotes the voluntary disclosure of personal data by online service providers which goes against the EU Charter of Fundamental Rights and national and European procedural safeguards; - The procedure by which Europol accesses EU databases should be reviewed and include the involvement of an independent judicial authority; - The Europol Regulation should grant the Joint Parliamentary Scrutiny Group with real oversight powers. Please find attached our full analysis and list of recommendations.

Read full response

Meeting with Werner Stengg (Cabinet of Executive Vice-President Margrethe Vestager)

1 Jul 2020 · To discuss Biometrics and Artificial Intelligence

Meeting with Christiane Canenbley (Cabinet of Executive Vice-President Margrethe Vestager), Werner Stengg (Cabinet of Executive Vice-President Margrethe Vestager)

25 May 2020 · Fundamental rights and digital policy

Meeting with Věra Jourová (Vice-President) and

15 May 2020 · Fundamental Rights, EC response to COVID 19, GDPR, Artificial Intelligence

Meeting with Thierry Breton (Commissioner) and

30 Apr 2020 · Fundamental rights and digital policies

Meeting with Věra Jourová (Commissioner) and

9 Oct 2018 · Privacy Shield

Response to EU Whistleblower protection

13 Jul 2018

European Digital Rights (EDRi) is an association of civil and human rights organisations from across Europe. We defend rights and freedoms in the digital environment. This analysis has been led by EDRi member Xnet.

Read full response

Meeting with Thomas Zerdick (Cabinet of First Vice-President Frans Timmermans) and Bureau Européen des Unions de Consommateurs

29 May 2018 · Data flows in trade agreements

Response to Measures to further improve the effectiveness of the fight against illegal content online

30 Mar 2018

General comments We welcome that the EC acknowledges the need to avoid that legal content is taken down. However, the section as it stands is somewhat misleading. Current liability rules already constitute “a regime that encourages removal without safeguards”. The decision to be made by providers is always the choice between, on the one hand, liability attached to secondary legislation encouraging removal of content and defending free speech and privacy on the other. We recommend binding rules to address this prior to which appropriate assessments need to be made. The Commission should extract lessons from 20 years of voluntary measures in relation to different types of illegal activity online. We believe the addition of such experience would be constructive in helping better frame and address the current problem. We would also welcome reliable evidence upon which policy will be built, particularly as quick removal is only one element of the issue. Responsibility for illegal content There is an over-emphasis on “voluntary” measures for the removal of content by private companies. Yet, the more serious the infringement, the less proportionate it is that the responsibility should be on private companies to deal with what is arguably the most superficial aspect of the crime, namely its availability. To give “enhanced responsibility” to platforms would be to institutionalise the role of private companies in censoring free speech, falling below the standards of Art. 10 of the ECHR and Arts. 11 and 52 of the Charter. This presents a threat to freedom of expression; companies should not have a role in regulating free speech and certainly not without rigid compliance with Article 52 of the Charter. Similarly, to incentivise companies to comply or to sanction for non-compliance is nonconstructive. We would advise that the EC give consideration to the need for precautions to avoid “voluntary” measures interfering with ongoing investigations or evidence. Furthermore, there is nothing in secondary law nor practice that would require Member States or companies themselves to implement any “adequate safeguards”. The EC should not rely on “safeguards” being spontaneously put in place by companies that have not already felt the need to do so. Any measures to manage the removal of content on the grounds of illegality must be subject to democratic scrutiny and judicial challenge. Time frame for review and removal of content The proposed time frames as referenced in Option 1 as “swift removal upon notice or referrals” and in Option 2 as “timeframes for certain types of content” are unrealistic. The proposed timeframes thus far have appeared vague, short, and arbitrary. There is also insufficient data or evidence on the effectiveness of privatised enforcement in order to justify these. We would urge the speed and proportion of takedowns not to be prioritised over the quality i.e. whether it is productive to do so, and whether the content being deleted is illegal. Methods for review and removal There is an unexplained assumption that all “trusted flagger” schemes are the same, are equally effective, and have no inherent flaws that need to be addressed. Unfortunately, this is not the case. Additionally, clearer definitions are needed, not least with regard to the nebulous concept of “duty of care” in this context. There is a significant gap between the way the EC refers to upload filtering and the fact that the CJEU has said that “the need for safeguards is all the greater where personal data is subjected to automatic processing” (Case C-362/14, para91). Conclusions Any measures considered must protect citizens’ fundamental rights to privacy, freedom of expression and the protection of personal data. We recommend that the EC take heed of the Council of Europe’s recommendation on the roles and responsibilities of internet intermediaries as an example of good practice in this area.

Read full response

Meeting with Andrus Ansip (Vice-President) and

1 Mar 2018 · Privacy Shield, GDPR implementation and e-Privacy

Response to 2nd Data Package

22 Jan 2018

European Digital Rights (EDRi) is an umbrella organisation with 35 NGO members with representation in 19 countries and beyond. We promote and defend fundamental rights in the digital environment. We welcome the opportunity of giving feedback to the European Commission on its legislative proposal on the Free flow of non-personal data. Our position can be found in the attached document.

Read full response

Meeting with Liene Balta (Cabinet of First Vice-President Frans Timmermans)

5 Jan 2018 · exchange of views on access to electronic evidence

Meeting with Věra Jourová (Commissioner) and

7 Mar 2017 · Privacy shield, GDPR

Meeting with Andrus Ansip (Vice-President) and

7 Mar 2017 · e-Privacy proposal, general data protection regulation-state of play, privacy shield and international transfer

Meeting with Markus Schulte (Digital Economy) and Bureau Européen des Unions de Consommateurs and Bundesverband Breitbandkommunikation e.V.

14 Jun 2016 · Telecom review

Meeting with Günther Oettinger (Commissioner)

25 Aug 2015 · Net Neutrality, TSM

Meeting with Bernd Martenczuk (Cabinet of First Vice-President Frans Timmermans)

20 Feb 2015 · TTIP, Data protection reform, rule of law on internet

Meeting with Laure Chapuis-Kombos (Cabinet of Vice-President Andrus Ansip), Stig Joergen Gren (Cabinet of Vice-President Andrus Ansip)

29 Jan 2015 · Copyright reform, data protection issues

Meeting with Anna Herold (Digital Economy)