Clean IT: a symptom of the pinata politics of privatised online enforcement

Joe McNamee, Executive Director of European Digital Rights, explains the European Commission's ‘Clean IT’ project, one of many subtle threats to regulate the internet.

Image: CC-BY-NC-SA think. responsible design & ideas

Over recent years, the European Commission has been both running and outsourcing various projects that all have one core aim – to encourage Internet companies to police, prevent and/or prosecute potential breaches of the law. The suggestion is usually that the companies change their terms of service to give themselves the power to undertake such activities. These projects often come with more or less subtle threats to regulate if industry does not “voluntarily” take action. One of these projects is called “Clean IT”.

There has been a lot of attention to the “Clean IT” project since EDRi published a leaked draft document last week, on 21 September 2012. Since then, the project organisers have said that the statement on the front page saying that “this document contains detailed recommendations” was incorrect and that it also contained (unidentified) other mistakes.

Project coordinator But Klaasen explained on Twitter that the leak was little more than a “discussion document.” According to the Clean IT website, this is the output of a series of two day meetings across European locations from 2011- 2012 According to the website of Clean IT, which has produced 23 pages of bullet points of policy suggestions, there will be just one more meeting (Vienna, November 2012) before a final presentation is made in February 2013. Mr Klaasen also explained on Twitter that all suggestions received thus far are only “food for discussion”, because they do not censor the ideas they receive.

Clean IT is therefore part of a wider problem – a conveyor-belt of ill-defined projects whereby industry is expected to do “something” to solve ill - or even undefined problems on the Internet. For example, it takes an almost impressive amount of fragmentation for the European Commission to be simultaneously funding two different and uncoordinated projects (Clean IT and CEO Coalition on a Safer Internet for Kids) developing “voluntary” industry standards on “notice and takedown”,  “upload filters” and “reporting buttons” ; all with little or no analysis of the specific problems that need to be solved.

Worse still, Clean IT was born out of a failed “voluntary” project organised directly by the European Commission on “illegal online content”. That project failed because it did not define the problem. Without knowing what problems it was trying to solve, it ended up going round in ever smaller circles before finally disappearing down the proverbial drain.

Sadly, no lessons were learned before the Commission committed to funding Clean IT, which is currently making the same mistakes all over again.

Even bigger mistakes have been made with this approach. In the Commission-organised “dialogue on illegal uploading and downloading”, a proposal was made for widespread “voluntary” filtering of peer-to-peer networks. This was resisted by the Internet access provider industry and ultimately ruled by the European Court of Justice (Scarlet/Sabam case C70/10) to be in breach of fundamental rights.

All of this experience meant that EDRi could not possibly participate in Clean IT without seeking to ensure that the project did not make the same mistakes that we have seen over and over again. In 2011, as a precondition of participation, we therefore set very reasonable demands:

1. Identify the specific problems to be solved.

At different moments, Clean IT was meant to address “Al Quaida influenced” networks, “terrorist and extremist 'use' of the Internet” and “discrimination” or “illegal software”.

2. Identify the scope of the industry involvement. Listing every single type of online intermediary is neither credible nor effective.

3. Actively seek to identify and avoid the possibility of  unintended consequences for both fundamental rights and addressing illegal content.

The project leader rejected all of these preconditions, regrettably leaving us no option but to stay outside the process. As a result, they have a project that seeks to use unspecified industry participants to solve unidentified problems in ways which may or may not be in breach of the European Union and international law.

It would be unconscionable for EDRi to participate in these circumstances.

We have also been contacted via Twitter by Commissioner Kroes' spokesperson. Mr Heath's comments suggest that CleanIT is only a “brainstorming” session and that the Commission has spent hundreds of thousands of Euro just for lists of possible policies.

It is very important to stress that absolutely nothing in the document that we released last week has been officially approved as European Commission policy. The recommendations, insofar as they are recommendations, are the sole responsibility of the CleanIT project. Commissioner Malmström has acted to distance herself from the project and has made this very clear via Twitter messages. There are, however, serious questions that are still to be asked regarding the budget  processes that lead to such projects being approved for public funding.

The law is quite clear – indeed the Charter of Fundamental Rights, the Convention on Human Rights and the International Covenant on Civil and Political Rights are quite clear – restrictions on fundamental rights must be foreseen by law and not introduced as unpredictable, ad hoc projects by industry. The rule of law cannot be defended by abandoning the rule of law and EDRi will continue to defend this principle.


EDRi: Clean IT – Leak shows plans for large-scale, undemocratic surveillance of all communications (21.09.2012)

Clean IT rebuttal of our comments

Mr Heath's comments

Mr Klaasen's tweet

Commissioner Malmström's tweets



This article was originally published on the EDRi’s website as ENDitorial: Clean IT is just a symptom of the piñata politics of privatised online enforcement

Joe McNamee is Executive Director of European Digital Rights, an association of 32 digital civil rights organisations (including ORG) from 20 European countries. He has an undergraduate degree in Modern Languages and Masters’ Degrees in International Law and in European Politics.

Twitter: @edri_org Website:



Share this article

Google+ Delicious Digg Facebook Google LinkedIn StumbleUpon Twitter Reddit Newsvine E-mail


Comments (0)

This thread has been closed from taking new comments.

By Joe McNamee on Oct 04, 2012

Featured Article

Schmidt Happens

Wendy M. Grossman responds to "loopy" statements made by Google Executive Chairman Eric Schmidt in regards to censorship and encryption.

ORGZine: the Digital Rights magazine written for and by Open Rights Group supporters and engaged experts expressing their personal views

People who have written us are: campaigners, inventors, legal professionals , artists, writers, curators and publishers, technology experts, volunteers, think tanks, MPs, journalists and ORG supporters.

ORG Events