diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2014-12-27 15:12:23 +0100 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2014-12-27 15:12:23 +0100 |
| commit | dd8c906d87cda4170fd52ecbd94b4b38bf0bcb65 (patch) | |
| tree | 1e02ebbe5d47e6617ca640b4da3b2cc108783e2d /eut.raw | |
| parent | d4f5c50eac9e5655762a8f4af324d8c97f30178e (diff) | |
Sync with source as of 2014-12-27 15:09.
Diffstat (limited to 'eut.raw')
| -rw-r--r-- | eut.raw | 94 |
1 files changed, 48 insertions, 46 deletions
@@ -17,7 +17,7 @@ /* cache key: new_euwiki-en_:resourceloader:filter:minify-css:7:7c2ee0c606b1353543b5ce882fb1bb3b */</style> <script src="http://en.euwiki.org/w/load.php?debug=false&lang=en&modules=startup&only=scripts&skin=monobook&*"></script> <script>if(window.mw){ -mw.config.set({"wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"EUT/2nd-edition","wgTitle":"EUT/2nd-edition","wgCurRevisionId":17585,"wgRevisionId":0,"wgArticleId":5353,"wgIsArticle":false,"wgIsRedirect":false,"wgAction":"edit","wgUserName":null,"wgUserGroups":["*"],"wgCategories":[],"wgBreakFrames":true,"wgPageContentLanguage":"en","wgPageContentModel":"wikitext","wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy","wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgMonthNamesShort":["","Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"],"wgRelevantPageName":"EUT/2nd-edition","wgIsProbablyEditable":false,"wgRestrictionEdit":[],"wgRestrictionMove":[]}); +mw.config.set({"wgCanonicalNamespace":"","wgCanonicalSpecialPageName":false,"wgNamespaceNumber":0,"wgPageName":"EUT/2nd-edition","wgTitle":"EUT/2nd-edition","wgCurRevisionId":17605,"wgRevisionId":0,"wgArticleId":5353,"wgIsArticle":false,"wgIsRedirect":false,"wgAction":"edit","wgUserName":null,"wgUserGroups":["*"],"wgCategories":[],"wgBreakFrames":true,"wgPageContentLanguage":"en","wgPageContentModel":"wikitext","wgSeparatorTransformTable":["",""],"wgDigitTransformTable":["",""],"wgDefaultDateFormat":"dmy","wgMonthNames":["","January","February","March","April","May","June","July","August","September","October","November","December"],"wgMonthNamesShort":["","Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec"],"wgRelevantPageName":"EUT/2nd-edition","wgIsProbablyEditable":false,"wgRestrictionEdit":[],"wgRestrictionMove":[]}); }</script><script>if(window.mw){ mw.loader.implement("user.options",function($,jQuery){mw.user.options.set({"ccmeonemails":0,"cols":80,"date":"default","diffonly":0,"disablemail":0,"editfont":"default","editondblclick":0,"editsectiononrightclick":0,"enotifminoredits":0,"enotifrevealaddr":0,"enotifusertalkpages":1,"enotifwatchlistpages":1,"extendwatchlist":0,"fancysig":0,"forceeditsummary":0,"gender":"unknown","hideminor":0,"hidepatrolled":0,"imagesize":2,"math":1,"minordefault":0,"newpageshidepatrolled":0,"nickname":"","norollbackdiff":0,"numberheadings":0,"previewonfirst":0,"previewontop":1,"rcdays":7,"rclimit":50,"rows":25,"showhiddencats":0,"shownumberswatching":1,"showtoolbar":1,"skin":"monobook","stubthreshold":0,"thumbsize":2,"underline":2,"uselivepreview":0,"usenewrc":0,"watchcreations":1,"watchdefault":1,"watchdeletion":0,"watchlistdays":3,"watchlisthideanons":0,"watchlisthidebots":0,"watchlisthideliu":0,"watchlisthideminor":0,"watchlisthideown":0,"watchlisthidepatrolled":0,"watchmoves":0,"wllimit":250, "useeditwarning":1,"prefershttps":1,"language":"en","variant-gan":"gan","variant-iu":"iu","variant-kk":"kk","variant-ku":"ku","variant-shi":"shi","variant-sr":"sr","variant-tg":"tg","variant-uz":"uz","variant-zh":"zh","searchNs0":true,"searchNs1":false,"searchNs2":false,"searchNs3":false,"searchNs4":false,"searchNs5":false,"searchNs6":false,"searchNs7":false,"searchNs8":false,"searchNs9":false,"searchNs10":false,"searchNs11":false,"searchNs12":false,"searchNs13":false,"searchNs14":false,"searchNs15":false,"searchNs274":false,"searchNs275":false,"searchNs828":false,"searchNs829":false,"variant":"en"});},{},{});mw.loader.implement("user.tokens",function($,jQuery){mw.user.tokens.set({"editToken":"+\\","patrolToken":false,"watchToken":false});},{},{}); @@ -79,9 +79,9 @@ In order to elucidate the relevant requirements, the authors provide excellent o Crucially, the authors have managed to draw on all these sources to indicate clearly what should be done in practical, technical terms by the officials managing the information and IT systems relating to the work of the European Parliament to truly and fully achieve the legal requirement of "utmost transparency". This report will become a major point of reference for the debates on those steps. It is to be greatly commended for having taken the issue seriously (rather than just rely on all-too-easy slogans or political rallying cries). It cannot be dismissed by those with the power to take action. Rather, it should lead to Parliament clearly instructing its civil servants to take the steps needed to achieve the "utmost transparency" required of the institution. The recommendations should be fully implemented: that will enhance democracy, accountability and public participation, and trust in the Union at a time of doubt and insecurity. -''''' Professor Douwe Korff''''' +'' Professor Douwe Korff'' -'''''London 15 November 2014''''' +''London 15 November 2014'' = Scope and method of analysis= @@ -219,7 +219,7 @@ The implications of the switch to an informal mode of legislating for representa === The Need for Lawmakers to Deliberate in Private === -The European Union, the Member States and 19 other States are parties to the Aarhus Convention on Access to Information, Public Participation in Decision-Making and Access to Justice in Environmental Matters (‘the Convention’), which entered into force on 30 October 2001. The Convention is based on three ‘pillars’ – access to information, public participation, and access to justice. Its preamble includes the following recitals: +The European Union, the Member States and 19 other States are parties to the Aarhus Convention on Access to Information, Public Participation in Decision-Making and Access to Justice in Environmental Matters (‘the Convention’), which entered into force on 30 October 2001<ref>Aarhus Convention, available at http://www.unece.org/env/pp/treatytext.html</ref>. The Convention is based on three ‘pillars’ – access to information, public participation, and access to justice. Its preamble includes the following recitals: <blockquote>Recognising that, in the field of the environment, improved access to information and public participation in decision-making enhance the quality and the implementation of decisions, contribute to public awareness of environmental issues, give the public the opportunity to express its concerns and enable public authorities to take due account of such concerns, @@ -227,9 +227,9 @@ Aiming thereby to further the accountability of and transparency in decision-mak Recognising the desirability of transparency in all branches of government and inviting legislative bodies to implement the principles of this Convention in their proceedings,</blockquote> -The second sentence of Article 2(2) allows Member States to exclude from the scope of the Directive bodies otherwise falling within the definition of ‘public authority’, ‘when acting in a judicial or legislative capacity’. +Mirroring Article 2 of the Convention, the second sentence of Article 2(2) in Directive 2003/4/EC on public access to environmental information<ref>Directive 2003/4/EC of the European Parliament and of the Council of 28 January 2003 on public access to environmental information and repealing Council Directive 90/313/EEC (OJ 2003 L 41, p. 26) (‘the Directive’).</ref>allows Member States to exclude from the scope of the Directive bodies otherwise falling within the definition of "Public authority", "when acting in a judicial or legislative capacity". -The Convention was approved on behalf of the European Community by Council Decision 2005/370, (3) the annex to which contains a declaration by the European Community (‘the Declaration’) which reads, in so far as relevant, as follows: +The Convention was approved on behalf of the European Community by Council Decision 2005/370/EC<ref>Council Decision 2005/370/EC of 17 February 2005 on the conclusion, on behalf of the European Community, of the Convention on access to information, public participation in decision-making and access to justice in environmental matters (OJ 2005 L 124, p. 1)</ref>, the annex to which contains a declaration by the European Community which reads, in so far as relevant, as follows: <blockquote>In relation to Article 9 of the Aarhus Convention the European Community invites Parties to the Convention to take note of Article 2(2) and Article 6 of [the Directive]. These provisions give Member States of the European Community the possibility, in exceptional cases and under strictly specified conditions, to exclude certain institutions and bodies from the rules on review procedures in relation to decisions on requests for information. @@ -237,15 +237,17 @@ Therefore the ratification by the European Community of the Aarhus Convention en In ratifying the Convention on 20 May 2005, Sweden lodged a reservation which, in so far as is relevant, reads as follows: -<blockquote>Sweden lodges a reservation in relation to Article 9.1 with regard to access to a review procedure before a court of law of decisions taken by the Parliament, the Government and Ministers on issues involving the release of official documents.</blockquote> +<blockquote>Sweden lodges a reservation in relation to Article 9.1 with regard to access to a review procedure before a court of law of decisions taken by the Parliament, the Government and Ministers on issues involving the release of official documents.<ref>Sweden's reservation is available at https://treaties.un.org/Pages/ViewDetails.aspx?src=TREATY&mtdsg_no=XXVII-13&chapter=27&lang=en#EndDec</ref></blockquote> -In accordance with Directive 2003/4/EC,<ref>Directive 2003/4/EC of the European Parliament and of the Council of 28 January 2003 on public access to environmental information and repealing Council Directive 90/313/EEC (OJ 2003 L 41, p. 26) (‘the Directive’).</ref> public authorities must in principle be required to make environmental information held by or for them available to any applicant at his request. However, the Directive permits Member States to exclude public bodies acting in a legislative capacity from the definition of a ‘public authority’. In addition, access may be refused to certain types of document, or if disclosure would adversely affect the confidentiality of proceedings of authorities where such confidentiality is provided for by law. +In accordance with Directive 2003/4/EC public authorities must in principle be required to make environmental information held by or for them available to any applicant at his request. However, the Directive permits Member States to exclude public bodies acting in a legislative capacity from the definition of a "public authority". In addition, access may be refused to certain types of documents, or if disclosure would adversely affect the confidentiality of proceedings of authorities where such confidentiality is provided for by law. -In her opinion in Flachglas Torgau, AG Sharpstone summarised the dilemma as follows: +In her opinion in Flachglas Torgau (Case C‑204/09), Advocate General Sharpstone summarised the dilemma as follows: -<blockquote>The performance of both judicial and legislative functions could be impaired if information of all kinds concerning each and every stage of the process – analysing the relevant issues and data, deriving conclusions from that analysis and formulating a final decision – could be demanded of right at all times by any member of the public. It seems reasonable to assume that considerations of that kind were in the minds of those who initially drafted the first of the instruments concerned and have remained, albeit implicitly, in the minds of those who have participated in the drafting of the subsequent instruments. +<blockquote> +53. [...] The performance of both judicial and legislative functions could be impaired if information of all kinds concerning each and every stage of the process – analysing the relevant issues and data, deriving conclusions from that analysis and formulating a final decision – could be demanded of right at all times by any member of the public. It seems reasonable to assume that considerations of that kind were in the minds of those who initially drafted the first of the instruments concerned and have remained, albeit implicitly, in the minds of those who have participated in the drafting of the subsequent instruments. -Yet it is by no means desirable, nor would it appear consistent with the overall thrust of the Convention or the Directive, for legislative or judicial activity to take place in impenetrable secrecy. It is generally considered necessary, in order to ensure the rule of law and democratic government, for both courts of law and legislative assemblies to operate in the presence of the public (or at least of the media as an intermediary) other than in wholly exceptional circumstances – and it is, moreover, generally accepted that such circumstances are more common in the course of judicial than of legislative activity. Other than in wholly exceptional circumstances, therefore, in neither case should decisions be taken on the basis of facts, or for reasons, which are concealed from citizens.<ref>Opinion Flachglas Torgau EU:C:2011:413</ref></blockquote> +54. Yet it is by no means desirable, nor would it appear consistent with the overall thrust of the Convention or the Directive, for legislative or judicial activity to take place in impenetrable secrecy. It is generally considered necessary, in order to ensure the rule of law and democratic government, for both courts of law and legislative assemblies to operate in the presence of the public (or at least of the media as an intermediary) other than in wholly exceptional circumstances – and it is, moreover, generally accepted that such circumstances are more common in the course of judicial than of legislative activity. Other than in wholly exceptional circumstances, therefore, in neither case should decisions be taken on the basis of facts, or for reasons, which are concealed from citizens.<ref>Opinion Flachglas Torgau EU:C:2011:413</ref> +</blockquote> == Conduct of Business as "Openly as Possible" or with the "Utmost Transparency" == @@ -453,9 +455,7 @@ To our knowledge, that was the first attempt to define open standards in an offi === The European Interoperability Framework V.2 === -In 2006, the European Commission has started the revision of the European Interoperability Framework.<ref>{{cite web|title=Revision of the EIF and AG|url=http://ec.europa.eu/idabc/en/document/7728.html|accessdate=7 August 2014}}</ref> - -The effort was completed on December 2010.<ref name=EIFv2>{{cite web|title=Annex 2 to the Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of Regions 'Towards interoperability for European public services' COM(2010) 744 final +In 2006, the European Commission has started the revision of the European Interoperability Framework<ref>{{cite web|title=Revision of the EIF and AG|url=http://ec.europa.eu/idabc/en/document/7728.html|accessdate=7 August 2014}}</ref>. The effort was completed with the communication of Version 2 in December 2010.<ref name=EIFv2>{{cite web|title=Annex 2 to the Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of Regions 'Towards interoperability for European public services' COM(2010) 744 final |url=http://ec.europa.eu/isa/documents/isa_annex_ii_eif_en.pdf|accessdate=7 August 2014}}</ref> Reportedly due to intense lobbying by industry representatives,<ref>{{cite web|title=European Commission Betrays Open Standards|url=http://blogs.computerworlduk.com/open-enterprise/2010/05/european-commission-betrays-open-standards/index.htm|website=ComputerWorld UK - Blog|accessdate=7 August 2014}}</ref> <ref>{{cite web|title=European Interoperability Framework supports openness|url=http://opensource.com/government/10/12/european-interoperability-framework-supports-openness|website=Opensource.com|accessdate=7 August 2014}}</ref> notably in the new document there is no reference to standards at all, let alone to open standards, but more vaguely to "open specifications". <ref>EIFv2 , page 26</ref> @@ -486,7 +486,7 @@ This is not the place to resolve the issue, but it is indicative of how there is Whether it is advisable or not to adopt a firm stance on Royalty Free standard can be debated at length. However because there are policies and rules that take that approach, means that at least it is ''possible'' to come to a stricter definition of Open Standards. -One clear Royalty Free stance with really far reaching requirements case is the one adopted by the UK Government.<ref>{{cite web|last1=UK Cabinet|title=Open Standards principles|url=https://www.gov.uk/government/publications/open-standards-principles/open-standards-principles#open-standard---definition|accessdate=11 November 2014|ref=UK-open}}</ref> +One clear Royalty Free stance with really far reaching requirements case is the one adopted by the UK Government: <blockquote> '''12. Open standard - definition''' @@ -503,21 +503,28 @@ Fair access - the standard is published, thoroughly documented and publicly avai Market support - other than in the context of creating innovative solutions, the standard is mature, supported by the market and demonstrates platform, application and vendor independence. -Rights - rights essential to implementation of the standard, and for interfacing with other implementations which have adopted that same standard, are licensed on a royalty free basis that is compatible with both open source (see a list of open source licences approved by the Open Source Initiative via their License Review Process) and proprietary licensed solutions. These rights should be irrevocable unless there is a breach of licence conditions. +Rights - rights essential to implementation of the standard, and for interfacing with other implementations which have adopted that same standard, are licensed on a royalty free basis that is compatible with both open source (see a list of open source licences approved by the Open Source Initiative via their License Review Process) and proprietary licensed solutions. These rights should be irrevocable unless there is a breach of licence conditions.<ref>{{cite web|last1=UK Cabinet|title=Open Standards principles|url=https://www.gov.uk/government/publications/open-standards-principles/open-standards-principles#open-standard---definition|accessdate=11 November 2014|ref=UK-open}}</ref> </blockquote> === The Indian definition (an example of strictest approach) === -Another very strict definition is the one for India's Government <ref name="Policy in India">{{cite web|last1=Government of India|title=Policy on Open Standards for e-Governance|url=https://egovstandards.gov.in/sites/default/files/Published_Policy_Framework_Document/Policy%20on%20Open%20Standards%20for%20e-Governance.pdf|accessdate=25 July 2014|ref=india}}</ref> +Another very strict definition is the one for India's Government: <blockquote> '''4.1 Mandatory Characteristics''' + An Identified Standard will qualify as an “Open Standard”, if it meets the following criteria: -*4.1.1 Specification document of the Identified Standard shall be available with or without a nominal fee. -* 4.1.2 The Patent claims necessary to implement the Identified Standard shall be made available on a Royalty-Free basis for the life time of the Standard. -* 4.1.3 Identified Standard shall be adopted and maintained by a not-for-profit organization, wherein all stakeholders can opt to participate in a transparent, collaborative and consensual manner. -* 4.1.4 Identified Standard shall be recursively open as far as possible. -* 4.1.5 Identified Standard shall have technology-neutral specification. -* 4.1.6 Identified Standard shall be capable of localization support, where applicable, for all Indian official Languages for all applicable domains. + +4.1.1 Specification document of the Identified Standard shall be available with or without a nominal fee. + +4.1.2 The Patent claims necessary to implement the Identified Standard shall be made available on a Royalty-Free basis for the life time of the Standard. + +4.1.3 Identified Standard shall be adopted and maintained by a not-for-profit organization, wherein all stakeholders can opt to participate in a transparent, collaborative and consensual manner. + +4.1.4 Identified Standard shall be recursively open as far as possible. + +4.1.5 Identified Standard shall have technology-neutral specification. + +4.1.6 Identified Standard shall be capable of localization support, where applicable, for all Indian official Languages for all applicable domains.<ref name="Policy in India">{{cite web|last1=Government of India|title=Policy on Open Standards for e-Governance|url=https://egovstandards.gov.in/sites/default/files/Published_Policy_Framework_Document/Policy%20on%20Open%20Standards%20for%20e-Governance.pdf|accessdate=25 July 2014|ref=india}}</ref> </blockquote> === Many more definitions === @@ -538,9 +545,9 @@ IETF's RFCs are generally considered Open Standards, and are commonly understood ==== Definitions ==== -There are two separate definitions on what is Free and what is Open Source Software. <ref name=piana_eup_juri>For an historical and general overview of Free and Open Source Software we refer to a briefing paper prepared for the Juri Commitee by Carlo Piana, which covers much of the background of Free Software {{cite journal|last1=Piana|first1=Carlo|title=A discussion of the different software licensing regimes|journal=Policy Department C: Citizens' Rights and Constitutional Affairs, Workshop: Legal aspects of free and open source software, Tuesday, 9 July 2013|pages=30-49|url=http://www.europarl.europa.eu/document/activities/cont/201307/20130708ATT69346/20130708ATT69346EN.pdf|accessdate=7 August 2014}}</ref> +There are two separate definitions on what is Free and what is Open Source Software.<ref name=piana_eup_juri>For an historical and general overview of Free and Open Source Software we refer to a briefing paper prepared for the Juri Commitee by Carlo Piana, which covers much of the background of Free Software {{cite journal|last1=Piana|first1=Carlo|title=A discussion of the different software licensing regimes|journal=Policy Department C: Citizens' Rights and Constitutional Affairs, Workshop: Legal aspects of free and open source software, Tuesday, 9 July 2013|pages=30-49|url=http://www.europarl.europa.eu/document/activities/cont/201307/20130708ATT69346/20130708ATT69346EN.pdf|accessdate=7 August 2014}}</ref> -* The Free Software Definition (by the Free Software Foundation) <ref>{{cite web|title=What is free software - The Free Software Definition|url=https://gnu.org/philosophy/free-sw.html|accessdate=7 August 2014}}</ref> +* The Free Software Definition (by the Free Software Foundation): <blockquote> A program is free software if the program's users have the four essential freedoms: @@ -548,11 +555,11 @@ A program is free software if the program's users have the four essential freedo * The freedom to run the program as you wish, for any purpose (freedom 0). * The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this. * The freedom to redistribute copies so you can help your neighbor (freedom 2). -* The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.</blockquote> +* The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.<ref>{{cite web|title=What is free software - The Free Software Definition|url=https://gnu.org/philosophy/free-sw.html|accessdate=7 August 2014}}</ref></blockquote> * The Open Source Definition (by the Open Source Initiative) -This is a slightly more verbose definition (only headlines are provided, for brevity):<ref name=OSD>Full text at {{cite web|title=The Open Source Definition|url=http://opensource.org/osd|website=OSI|accessdate=7 August 2014}}</ref> +This is a slightly more verbose definition (only headlines are provided, for brevity): <blockquote> # Free Redistribution @@ -564,8 +571,7 @@ This is a slightly more verbose definition (only headlines are provided, for bre # Distribution of License # License Must Not Be Specific to a Product # License Must Not Restrict Other Software -# License Must Be Technology-Neutral - +# License Must Be Technology-Neutral<ref name=OSD>Full text at {{cite web|title=The Open Source Definition|url=http://opensource.org/osd|website=OSI|accessdate=7 August 2014}}</ref> </blockquote> Although the two definitions are different, it is difficult – nay impossible ‒ to find a subset of licenses that qualify under one definition and are outside the other definition, therefore, for our scopes, we will treat Free Software and Open Source Software (i.e., software licensed under either definition) as synonyms. @@ -658,7 +664,9 @@ Therefore, in order for datasets to be re-used, and thus to enhance their availa The European Commission, not bound to the PSI Directive, recognising the importance that all data produced by it be available to the general public as much as possible in an open and unencumbered fashion, and possibly also in a machine-readable format , has adopted a Decision on re-use of Commission documents (2011/833/EU)<ref>{{cite web|title=Rules for the re-use of Commission information|url=https://ec.europa.eu/digital-agenda/en/news/rules-re-use-commission-information|accessdate=14 October 2014}}</ref>, adopting an open by default rule (Art. 9). As for the formats, Art. 8 of said Decision provides: -<blockquote>Article 8 +<blockquote> +Article 8 + Formats for documents available for reuse 1. Documents shall be made available in any existing format or language version, in machine-readable format where possible and appropriate. @@ -667,7 +675,7 @@ Formats for documents available for reuse 3. This Decision does not create any obligation for the Commission to translate the requested documents into any other official language versions than those already available at the moment of the application. -4. The Commission or the Publications Office may not be required to continue the production of certain types of documents or to preserve them in a given format with a view to the reuse of such documents by a natural or legal person.</blockquote> +4. The Commission or the Publications Office may not be required to continue the production of certain types of documents or to preserve them in a given format with a view to the reuse of such documents by a natural or legal person.<ref>Commission Decision of 12 December 2011 on the reuse of Commission documents (2011/833/EU), OJ L 330, 14.12.2011, p. 39–42</ref></blockquote> While fully analysing the licensing of data goes beyond the scope of this study, and while the discussion on open standards also covers the ''way'' (or format) in which data are made available for non-intermediated consumption, we suggest that not only for transparency purpose, but in order to generally remove unnecessary confusion, that instead of '''licensing''' data, a '''waiver''' on database right is adopted as default legal release tool. <ref>One of the authors has explained this finding in {{cite web|title=FreeGIS.net Data Licence 1.0|url=https://freegis.net/documents/10157/14646/FreeGIS+data+licence+1?version=1.0}} [ITA], but see also {{cite web|last1=Morando|first1=Federico|title=http://leo.cineca.it/index.php/jlis/article/view/5461|url=http://leo.cineca.it/index.php/jlis/article/view/5461|accessdate=8 August 2014}}</ref> @@ -685,12 +693,9 @@ Meanwhile, the email system is threatened by all sort of attacks, because of its === Basic introduction to the standard infrastructure === -The email system, which is basically made of two server components (one for sending the outbound emails, one for receiving, storing and forwarding to the recipient) and one client component. - -The standard server components are +The email system, which is basically made of two server components (one for sending the outbound emails, one for receiving, storing and forwarding to the recipient) and one client component. The standard server components are: * the Simple Mail Transfer Protocol (SMTP)<ref>http://tools.ietf.org/html/rfc5321</ref> for relaying and sending the messages out; * and the Internet Message Access Protocol (IMAP)<ref>http://tools.ietf.org/html/rfc3501</ref> and the Post Office Protocol (POP)<ref>http://tools.ietf.org/html/rfc1939</ref> for accepting, storing and making available the inbound message. - The client component can be a local application, installed on a computer, or a web application ‒ often referred to as "webmail" ‒ which offers retrieving, reading, composing and sending services that replicate those of the local application, without the need to locally download the message. Some providers have developed proprietary extensions to these protocols and services, probably the most popular is the MAPI protocol that links together the client Microsoft Outlook (and other clients that implement the protocol) with Microsoft Exchange Server <ref>{{cite web|url=http://msdn.microsoft.com/en-us/library/cc307725%28EXCHG.80%29.aspx|accessdate=7 October 2014|title=Exchange Server Protocols}}</ref> , but also Google's Gmail and Apple's Mail use proprietary protocols, especially for mobile consumption of the email services. @@ -707,11 +712,9 @@ Similarly SMTP allows both user authentication and encryption of the flow, altho On privacy concerns, it is highly recommendable that both are in use, as they create a readily available layer of security at virtually no expense. According to art. 22.1 of Regulation (EC) No 45/2001, the data controller (as well as a third party processor or service provider) shall comply with the following rule: -<blockquote>Having regard to the state of the art and the cost of their implementation, the controller shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected.</blockquote> +<blockquote>Having regard to the state of the art and the cost of their implementation, the controller shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks represented by the processing and the nature of the personal data to be protected.<ref>Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (OJ L 008 , 12/01/2001)</ref></blockquote> -As TLS is a publicly available standard, using it is highly recommendable.<ref>This is very basic advice, securing an email system is well beyond the scope of this work and the expertise of the authors. Many guidelines can be found online, supporting this finding and more, like http://www.cisco.com/web/about/security/intelligence/bpiron.html or https://otalliance.org/best-practices/transport-layered-security-tls-email</ref> - -TLS only protects the data stream from the originating point (the client for outbound and SMTP for incoming email) to the first endpoint (the SMTP server for outbound and the client for incoming email). Once the email has left the internal system, it is bound to be transmitted in clear over the Internet. In order to secure the content from the sender to the recipient, the only way is full encryption of the message, as the message itself will be relayed through an arbitrary number of servers as plain text. +As TLS is a publicly available standard, using it is highly recommendable<ref>This is very basic advice, securing an email system is well beyond the scope of this work and the expertise of the authors. Many guidelines can be found online, supporting this finding and more, like http://www.cisco.com/web/about/security/intelligence/bpiron.html or https://otalliance.org/best-practices/transport-layered-security-tls-email</ref>, but TLS only protects the data stream from the originating point (the client for outbound and SMTP for incoming email) to the first endpoint (the SMTP server for outbound and the client for incoming email). Once the email has left the internal system, it is bound to be transmitted in clear over the Internet. In order to secure the content from the sender to the recipient, the only way is full encryption of the message, as the message itself will be relayed through an arbitrary number of servers as plain text. The two most used ways of (directly)<ref>Obviously an email message can have arbitrary encoded files, including encrypted ones, here we are only dealing with encrypted messages that are recognised directly by the client application without the need to open them outside, and with the ability to have a "seamless" email discussion</ref> encrypting the messages are S/MIME<ref>http://tools.ietf.org/html/rfc5751</ref> and OpenPGP<ref>http://tools.ietf.org/html/rfc4880</ref>, neither of which is an approved standard, although they are implemented directly or through third parties in many email clients, so they satisfy many of the requirements for being open standards (fully public and available standard text, independently managed, multiple independent implementations, no known IPR). Although the adoption of email encryption seems to be very limited, the case for allowing encrypted emails to flow through the servers is clear also from a transparency point of view (no pun intended). @@ -731,17 +734,16 @@ Publishing information in the form of documents can be achieved through numerous However, people rarely work with web pages and web pages are most of the time not just documents. Individuals and working groups still use "standalone" documents that they share, edit, print, archive and make available to a larger audience, and these documents are still largely based on the same model of paper documents and are made using document applications (such as wordprocessors, spreadsheets, presentations applications). As the bulk of the documents produced by public institutions are generated, kept and electronically exchanged in their original form, or "printed" and exchanged as if they were on paper, many times it has been suggested that the use of proprietary and non standard documents tilt the table in favour of the proponents of those documents and at the same time limit the access to those document by those who do not use the applications made by the same proponents. -The state of Massachusetts has perhaps been the first taking action to solve this situation and mandate the use of open standards in document files made and exchanged by the public administration. <ref>{{cite web|title=Massachusetts moves ahead sans Microsoft|url=http://news.cnet.com/Massachusetts-moves-ahead-sans-Microsoft/2100-1012_3-5878869.html|accessdate=13 October 2014}}</ref>. It will take too long to narrate the discussion that ensued. At the time of writing, the last large government to take action in this regard has been the UK Cabinet, which has opened a very large consultation and performed a thorough analysis of the best way to achieve "transparency and accountability of government and its services".<ref>{{cite web|title=Improving the transparency and accountability of government and its services|url=https://www.gov.uk/government/policies/improving-the-transparency-and-accountability-of-government-and-its-services|accessdate=13 October 2014}}</ref> Citing from the premises of this study: +The state of Massachusetts has perhaps been the first taking action to solve this situation and mandate the use of open standards in document files made and exchanged by the public administration. <ref>{{cite web|title=Massachusetts moves ahead sans Microsoft|url=http://news.cnet.com/Massachusetts-moves-ahead-sans-Microsoft/2100-1012_3-5878869.html|accessdate=13 October 2014}}</ref>. It will take too long to narrate the discussion that ensued. At the time of writing, the last large government to take action in this regard has been the UK Cabinet, which has opened a very large consultation and performed a thorough analysis of the best way to achieve "transparency and accountability of government and its services". Citing from the premises of this study: <blockquote> -In order for data to be used this way, it has to be released in a format that will allow people to share it and combine it with other data to use it in their own applications. This is why transparency isn't just about access to data, but also making sure that it is released in an open, reusable format. -</blockquote> +[I]n order for data to be used this way, it has to be released in a format that will allow people to share it and combine it with other data to use it in their own applications. This is why transparency isn't just about access to data, but also making sure that it is released in an open, reusable format.<ref>{{cite web|title=Improving the transparency and accountability of government and its services|url=https://www.gov.uk/government/policies/improving-the-transparency-and-accountability-of-government-and-its-services|accessdate=13 October 2014}}</ref></blockquote> -In terms of publishing documents, the conclusion has been: <ref>{{cite web|title=Open document formats selected to meet user needs|url=https://www.gov.uk/government/news/open-document-formats-selected-to-meet-user-needs|accessdate=13 October 2014}}</ref> +In terms of publishing documents, the conclusion has been: <blockquote> -* '''PDF/A''' or '''HTML''' for viewing government documents -* '''Open Document Format''' (ODF) [ISO/IEC IS26300] for sharing or collaborating on government documents</blockquote> +* PDF/A or HTML for viewing government documents +* Open Document Format (ODF) [ISO/IEC IS26300] for sharing or collaborating on government documents<ref>{{cite web|title=Open document formats selected to meet user needs|url=https://www.gov.uk/government/news/open-document-formats-selected-to-meet-user-needs|accessdate=13 October 2014}}</ref></blockquote> == Surveillance and privacy == @@ -869,5 +871,5 @@ mw.loader.state({"site":"ready","user":"ready","user.groups":"ready"}); mw.loader.load(["mediawiki.action.edit.collapsibleFooter","mediawiki.user","mediawiki.hidpi","mediawiki.page.ready","mediawiki.searchSuggest"],null,true); }</script> <script>if(window.mw){ -mw.config.set({"wgBackendResponseTime":284}); +mw.config.set({"wgBackendResponseTime":289}); }</script></body></html>
\ No newline at end of file |