Blog van Vrijschrift / ScriptumLibre

Dag Karin

nospam@example.com (Walter van Holst) — Sun, 10 May 2026 17:42:29 +0200

Voor wie het gemist heeft: Karin Spaink is op 8 mei overleden. In veel opzichten is zij de peetmoeder van het Nederlandse internet geweest. Haar strijd tegen Scientology markeerde een overwinning van de uitingsvrijheid op het auteursrecht. Ook was ze één van de drijvende krachten achter het Nederlandse spamverbod, wat in veel opzichten de toon zette voor wat later Europees gecodificeerd werd in de ePrivacy-richtlijn. En ze was niet alleen opiniërend een goede journalist, ook de onderzoeksjournalistiek ging haar aan het hart en mede dank zij haar kwam Follow The Money op een hoger niveau.

Haar laatste blog is hier te vinden: https://www.spaink.net/2026/05/08/exit-spaink/

We missen je nu al, Karin.

EU Parliament vote on asking Court's opinion on EU-Singapore digital agreement

nospam@example.com (Ante Wessels) — Mon, 10 Nov 2025 23:04:24 +0100

Thursday 13 November 2025 the European Parliament will vote on a resolution to give consent to the Digital Trade Agreement with Singapore. It will also vote on a resolution to ask the EU Court of Justice whether the envisaged agreement is compatible with the EU Charter of Fundamental Rights. (agenda, Euractiv)

Organisations voiced concerns: The European Data Protection Supervisor (EDPS), European Trade Union Confederation (ETUC), European Consumer Organisation (BEUC), and European Digital Rights (EDRi). See also Javier Ruiz Diaz for The Left in the European Parliament. ¹

Continue reading "EU Parliament vote on asking Court's opinion on EU-Singapore digital agreement"

EU's future external digital policy

nospam@example.com (Ante Wessels) — Mon, 19 May 2025 18:18:55 +0200

The EU commission holds a consultation on the EU’s external digital policy. Vrijschrift’s submission:

Vrijschrift welcomes this opportunity to give input on the EU’s future external digital policy.

A tension between offensive and defensive interests will always exist in trade agreement negotiations. A relatively new development is that democracy is under pressure; it deserves more attention as a defensive interest. A rebalancing is needed.

Adversaries of our democratic systems can weaponise personal data. To protect our democracies we need to protect our fundamental rights as well. This Vrijschrift paper explores some issues in (digital) trade agreement texts, and some issues with regard to special interests. ¹

International trade creates multinationals, with great lobby powers. Networked societies create network effects, leading to winners take most. The combination of these two dynamics creates behemoths, with outsized effects on democracies and fundamental rights.

Beyond the scope of this paper a further rebalancing is needed. To strengthen the EU’s technological sovereignty, democracy, security, and defence, the EU will also have to concentrate on interoperability, and avoiding patents on standards, and will have to invest in open source and a European cloud.

Continue reading "EU's future external digital policy"

Open brief aan de Europese Commissie over het financieren van vrije software

nospam@example.com (Walter van Holst) — Fri, 19 Jul 2024 12:17:47 +0200

De afgelopen jaren heeft Stichting NlNet kleine maar cruciale fondsen toegekend aan de ontwikkeling van vrije software die bijdraagt aan de robuustheid en openheid van het internet. Dit gebeurde met geld van de Europese Commissie. Naar recent is uitgelekt wil de Europese Commissie een draai maken naar andere onderwerpen om te financieren, zoals edge computing en AI. Daarom onderstaande Engelstalige open brief van tientallen organisaties aan de Europese Commissie.

Continue reading "Open brief aan de Europese Commissie over het financieren van vrije software"

EU-Chile trade agreement: broad cross-border data flow commitment with country without adequacy status

nospam@example.com (Ante Wessels) — Sun, 31 Mar 2024 19:10:07 +0200

The European Parliament gave consent to the EU - Chile trade agreement. The agreement’s digital chapter contains a new, broad cross-border data flow commitment, while Chile does not have a data protection adequacy status. As far as I know, this is a first.

The data flow commitment rules out data localisation. A new exception to the commitment allows measures to ensure privacy and data protection.

Chile’s current data protection law is “seriously outdated”; Chile is working on a new one. The EU-Chile trade agreement may enter into force before the new data protection law in Chile enters into force. Legally, qualitatively, nothing changes for EU outgoing data flows regarding data protection as the EU General Data Protection Regulation (GDPR) stays in force for data transfers, except that data localisation is ruled out for any reason other than the protection of privacy and personal data. Will “legally” match reality? Quantitatively flows may change.

When the EU commission first presented the new approach with broad data flows commitments with the new exception it noted that the new plans are meant for countries which do not have adequate protection of personal data. Reuters helpfully gave an example: Russia. Sweeping cross-border data flow commitments with Russia, under this or whatever safeguard would seem imprudent by now. It will remain important to choose trade partners wisely, and even, ever more wisely. Using the new approach in a WTO agreement would seem imprudent.

The new exception to the data flow commitment is unconditional. This is much stronger than earlier conditional exceptions. Still, there may be some potential weaknesses and limitations.

It would seem the European Commission made a mistake with most-favoured nation clauses. This clause imports into the agreement older data flow commitments with weaker exceptions. This undercuts the new exception. The EU could limit these clauses.

The prohibition of data localisation is formulated in an absolute, industry-centered, way. A developmental issue may arise. Would developing countries still have the ability to build up their own digital infrastructure and companies, or will ruling out data localisation “kick away the ladder”? Does ruling out data localisation have an imperialistic aspect?

Zooming out, international trade creates multinationals, with great lobby powers. Networked societies create network effects, leading to winners take most. The combination of these two dynamics creates behemoths, with outsized effects on democracies and fundamental rights. We may be insufficiently prudent regarding this.

1. Analysis
2. A Tech agenda
3. Conclusion
4. Attachment: layers of data flows

Continue reading "EU-Chile trade agreement: broad cross-border data flow commitment with country without adequacy status"

Toch nog even dat publieke domein

nospam@example.com (Walter van Holst) — Mon, 08 Jan 2024 20:53:59 +0100

In het nieuws veel aandacht voor het feit dat in de Verenigde Staten eindelijk weer werken bevrijd zijn van de ketenen van het auteursrecht, met als bekendste voorbeeld Steamboat Willy, de eerste Disney-animatie met Mickey Mouse. Enigszins verlaat is het toch vermeldenswaardig om wat auteurs te noemen waarvan het werk nu in de Europese Unie eindelijk in het publieke domein is gekomen:

Lodewijk van Deyssel
Maria Montessori
Henriette Roland Holst

Later deze week (12 januari) is de jaarlijkse Publiek Domeindag er weer, georganiseerd door Creative Commons Nederland, bij het Instituut Beeld & Geluid in Hilversum. Programma is hier te vinden, aanmelden kan hier.

EU Cyber Resilience Act and the emergence of proto-legislation

nospam@example.com (Ante Wessels) — Sun, 07 Jan 2024 16:55:02 +0100

The EU co-legislators reached a compromise on the Cyber Resilience Act (CRA) proposal. ¹ Both OpenForum Europe and Bert Hubert are positive. They both make important remarks on how to proceed. At the start of the trilogues the situation looked grim; the open source community did an excellent job. The co-legislators understood the importance of open source software for the EU economy and the vulnerability of the open source software development process. May this understanding never dissipate. ²

So, why this blog?

I think the CRA is badly drafted, and this is not a one time issue. The Council of the EU prefers to amend European Commission proposals through recitals, not through articles. And while this may not matter in this case, in general it harms accessibility and legal certainty, and leads (in part) to a patchwork of considerations instead of a legal system.

I would suggest the Council of the EU reinvent itself as a co-legislator.

1. Joint practical guide
2. Proto-legislation
3. Conclusion
4. Attachment, recitals

Continue reading "EU Cyber Resilience Act and the emergence of proto-legislation"

Digitale handel: VS willen meer beleidsruimte

nospam@example.com (Ante Wessels) — Tue, 28 Nov 2023 15:16:34 +0100

De VS zullen de steun voor enkele Wereldhandelsorganisatie (WTO) e-commercevoorstellen beëindigen. Ze willen beleidsruimte voor een heroverweging van de digitale handel, zo meldt Inside US Trade. De VS lieten de steun voor de meest extreme voorstellen varen en komen dichter bij het standpunt van de EU. (English version)

Dit is goed nieuws, aangezien grondrechten en de integriteit van onze instellingen op het spel staan. Laten we echter niet vergeten dat het standpunt van de EU op het gebied van beleidsruimte ook niet zo sterk is. En de technologie-industrie verzet zich tegen het besluit van de VS.

1. Diepe integratie handelsverdragen beperken beleidsruimte
2. One size fits multinationals
3. Verzet tegen een heroverweging
4. In een snel veranderende wereld, wees voorzichtig

Continue reading "Digitale handel: VS willen meer beleidsruimte"

Digital trade: US wants more policy space

nospam@example.com (Ante Wessels) — Sun, 26 Nov 2023 13:58:16 +0100

The U.S. will end support for some World Trade Organisation (WTO) e-commerce proposals. They want policy space for a digital trade rethink, Inside U.S. Trade reports. The U.S. dropped support for the most extreme proposals and moves closer to the EU’s position. This is good news, as fundamental rights and the integrity of our institutions are at stake. Still, let’s not forget the EU’s position on policy space isn’t that strong either. And the tech industry pushes back against the U.S.’s decision. (Nederlandse versie)

Continue reading "Digital trade: US wants more policy space"

Vrijschrift to Dutch Parliament: EU Cyber Resilience Act will harm competitiveness

nospam@example.com (Ante Wessels) — Fri, 06 Oct 2023 14:01:49 +0200

Letter from the Vrijschrift Foundation to the Dutch Parliament’s First and Second Chambers about the EU Cyber Resilience Act proposal. (original Dutch version)

to: : Chairman of the Parliament Second Chamber Committee for Digital Affairs,
Chairman of the Parliament First Chamber committee for Justice and Security
from: Vrijschrift Foundation
concerns: EU Cyber Resilience Act will harm competitiveness

Dear Mr Valstar,
Dear Mr. Dittrich,

The EU Cyber Resilience Act (CRA) proposal aims to make products containing software and software itself more secure. [1] This objective is endorsed by Vrijschrift. The Minister of Economic Affairs and Climate has written to the Senate that concerns regarding open source software have been “extensively addressed” by means of a recital. However, recitals do not have independent legal force; the amendments of the Council of the EU are ineffective. The CRA, if adopted in this form, will seriously harm the open source ecosystem and the competitiveness of the European economy. We will explain this below.

Continue reading "Vrijschrift to Dutch Parliament: EU Cyber Resilience Act will harm competitiveness"

Brief Vrijschrift: EU Cyber Resilience Act zal concurrentievermogen schaden

nospam@example.com (Ante Wessels) — Mon, 02 Oct 2023 21:14:32 +0200

Brief van Stichting Vrijschrift aan Eerste en Tweede Kamer over het EU Cyber Resilience Act voorstel.

aan: Voorzitter TK commissie voor Digitale Zaken,
Voorzitter EK commissie voor Justitie en Veiligheid
van: Stichting Vrijschrift
betreft: EU Cyber Resilience Act zal concurrentievermogen schaden

Zeer geachte heer Valstar,
Zeer geachte heer Dittrich,

Het EU Cyber Resilience Act (CRA) voorstel heeft tot doel producten met software en software zelf veiliger te maken. ¹ Deze doelstelling wordt door Vrijschrift onderschreven. De minister van Economische Zaken en Klimaat heeft aan de Eerste Kamer geschreven dat de zorgen met betrekking tot open source software door middel van een overweging “uitgebreid geadresseerd” zijn. Echter, overwegingen hebben geen zelfstandige rechtskracht; de amendementen van de Raad van de EU missen werking. De CRA zal, indien in deze vorm aangenomen, het open source ecosysteem en het concurrentievermogen van de Europese economie ernstig schaden. We zullen dit hieronder uiteenzetten.

Continue reading "Brief Vrijschrift: EU Cyber Resilience Act zal concurrentievermogen schaden"

German car industry explains why Cyber Resilience Act will harm open source software

nospam@example.com (Ante Wessels) — Tue, 05 Sep 2023 13:31:10 +0200

The German Association of the Automotive Industry (VDA) published a brief position paper on the Cyber Resilience Act in relation to free and open source software. The Cyber Resilience Act (CRA) proposal aims at making products with software and software itself safer. The German car industry’s brief does a great job in explaining the importance of free and open source software (FOSS), and why the approach taken with the legislative proposal will harm the European economy. It’s a short paper, one and a half page, I encourage you to read it. I will discuss the paper and point to a possible solution.

Continue reading "German car industry explains why Cyber Resilience Act will harm open source software"

Cyber Resilience Act may seriously harm free and open source software

nospam@example.com (Ante Wessels) — Thu, 10 Aug 2023 15:28:36 +0200

The European Parliament Industry, Research and Energy Committee (ITRE) approved its report on the Cyber Resilience Act (CRA). It also voted for a fast track process. (updated ¹) The CRA is meant to strengthen software security.

Prior to the vote, many individuals and free and open source software organisations were very critical: EFF, FossForce, Bert Hubert 1, Bert Hubert 2, Team NLnet Labs, Apache Software Foundation, Opensource org, GitHub, CNLL, Vrijschrift, major industry associations, overview.

After the vote, organisations are just as critical. FossForce: Bad News for Open Source: EU Committee Approves the Cyber Resilience Act

“I’m discouraged that the proposed legislation has made it this far, and concerned that industry response so far is not robust enough to counter what is likely to be very damaging if it is enacted,” Joe Brockmeier, head of community at Percona said in a statement after the approval was announced.

The German automotive industry is worried about the impact of the legislative proposal. Joomla is. Inter-CMS Working Group:

However, in their current form, the proposed regulations run the risk of reducing software security, as well as undermining the EU’s core aims and values, as we explain below.

I haven’t been involved with the CRA earlier, and others are more knowledgeable regarding this proposal. In this blog I will limit myself to

(i) argue that the ITRE text violates the EU Joint practical guide by putting safeguards in the recitals where they may be completely ineffective and as a result creates legal uncertainty which may be very damaging for the software industry, especially the free and open source software community;

(ii) conclude that fixing the text is of strategic importance; and

(iii) suggest an approach – a shared set of high quality amendments with broad support could make the open source community’s case more compelling.

Continue reading "Cyber Resilience Act may seriously harm free and open source software"

Artificiële "intelligentie", wetten en verdragen

nospam@example.com (Ante Wessels) — Tue, 13 Jun 2023 12:13:20 +0200

Algoritmische transparantie is een belangrijk aspect van wetgeving over artificiële “intelligentie” (AI). Helaas beperkt een broncodeclausule voor software in EU-handelsverdragen algoritmische transparantie. Na een korte inleiding over AI en wetgeving, zal ik bepleiten dat de EU deze clausule uit handelsverdragen moet verwijderen. (Engelse versie)

Het EU-handelsakkoord met Japan ondermijnt algoritmische transparantie, schreef Stichting Vrijschrift in 2018 in een brief aan het Nederlandse parlement. De broncodeclausule van de overeenkomst zou de mogelijkheden beperken om software en algoritmen te controleren. ¹

De EU ratificeerde de overeenkomst en ratificeerde meer overeenkomsten met de clausule. Normaal gesproken is met deze bekrachtigingen het lot bezegeld. Maar met het toenemende besef over de ontwrichtende mogelijkheden van AI is er een kans om het debat te heropenen.

We hebben beleidsruimte nodig om AI goed te reguleren.

Continue reading "Artificiële "intelligentie", wetten en verdragen"

Artificial "intelligence", laws, and trade agreements

nospam@example.com (Ante Wessels) — Tue, 09 May 2023 14:16:56 +0200

Algorithmic transparency is a important aspect of artificial “intelligence” (AI) legislation. Unfortunately, a software code clause in EU trade agreements limits algorithmic transparency. After a short introduction to AI and lawmaking, I will argue the EU should reverse course on this clause.

The EU trade agreement with Japan undermines algorithmic transparency, the Vrijschrift foundation wrote in a letter to the Dutch Parliament, in 2018. The agreement’s software code clause would limit the possibilities to audit software and algorithms.

The EU ratified the agreement, and ratified more agreements with the clause. Normally speaking, with these ratifications, the fate is sealed. But with the perplexity about AI’s disruptive capabilities, there may be a window of opportunity to reopen the debate.

We need policy space to properly regulate AI.

Continue reading "Artificial "intelligence", laws, and trade agreements"

Blog van Vrijschrift / ScriptumLibre

Dag Karin

EU Parliament vote on asking Court's opinion on EU-Singapore digital agreement

EU's future external digital policy

Open brief aan de Europese Commissie over het financieren van vrije software

EU-Chile trade agreement: broad cross-border data flow commitment with country without adequacy status

Table of Contents

Toch nog even dat publieke domein

EU Cyber Resilience Act and the emergence of proto-legislation

Table of Contents

Digitale handel: VS willen meer beleidsruimte

Table of Contents

Digital trade: US wants more policy space

Vrijschrift to Dutch Parliament: EU Cyber Resilience Act will harm competitiveness

Brief Vrijschrift: EU Cyber Resilience Act zal concurrentievermogen schaden

German car industry explains why Cyber Resilience Act will harm open source software

Cyber Resilience Act may seriously harm free and open source software

Artificiële "intelligentie", wetten en verdragen

Artificial "intelligence", laws, and trade agreements

Blog van Vrijschrift / ScriptumLibre

Dag Karin

EU Parliament vote on asking Court's opinion on EU-Singapore digital agreement

EU's future external digital policy

Open brief aan de Europese Commissie over het financieren van vrije software

EU-Chile trade agreement: broad cross-border data flow commitment with country without adequacy status

Table of Contents

Toch nog even dat publieke domein

EU Cyber Resilience Act and the emergence of proto-legislation

Table of Contents

Digitale handel: VS willen meer beleidsruimte

Table of Contents

Digital trade: US wants more policy space

Vrijschrift to Dutch Parliament: EU Cyber ​​Resilience Act will harm competitiveness

Brief Vrijschrift: EU Cyber Resilience Act zal concurrentievermogen schaden

German car industry explains why Cyber Resilience Act will harm open source software

Cyber Resilience Act may seriously harm free and open source software

Artificiële "intelligentie", wetten en verdragen

Artificial "intelligence", laws, and trade agreements

Vrijschrift to Dutch Parliament: EU Cyber Resilience Act will harm competitiveness