Friday, 11 December 2015

Internet governance: on the right road or the road to nowhere?

Internet governance: on the right road or the road to nowhere? | LSE Media Policy Project: "The problem with today’s debates on Internet governance, is that they’re still yesterday’s debates. Arguments about ‘enhanced cooperation’ are a cul-de-sac. It’s the changes taking place in the fast lane of the motorway – the transition to cloud computing, the concentration of economic power within the Internet, the step change in the Internet-user interface which the Internet of Things is poised to bring – that will determine the future of the Internet and its growing impact on our societies. It’s in that fast lane that today’s debates about Internet governance need to be taking place." 'via Blog this'

Thursday, 10 December 2015

VSPs and the FN - Krugman on LePen

VSPs and the FN - The New York Times:

"Funke, Schularick, and Trebesch recently did some work asking whether the rise of right-wing extremism in the 1930s was paralleled in other times, and found that the answer is yes: “politics takes a hard right turn following financial crises.”

 Interestingly, this isn’t true for all kinds of crises. Financial crises, they suggest, are different, in part because

financial crises may be perceived as endogenous, ‘inexcusable’ problems resulting from policy failures, moral hazard and favouritism.

 I would put it a bit differently: financial crises call into question whether respectable people know what they’re doing, in a way that other kinds of economic shocks often don’t.

 The point for Europe is that the doctrinaire policies followed since 2010, and the unwillingness to rethink dogma in the light of experience, aren’t just economically destructive. They undermine the legitimacy of the whole European system, and may in the end lead to political catastrophe." 'via Blog this'

Thursday, 19 November 2015

UK cyber counter attack programme

Chancellor's speech to GCHQ on cyber security - Speeches - GOV.UK:

"And part of establishing deterrence will be making sure that whoever attacks us knows we are able to hit back.
We need to destroy the idea that there is impunity in cyberspace.

We need those who would harm us to know that we will defend ourselves robustly. And that we have the means to do so.

This is the fifth element of the plan.

Thanks to the investment that we have made during the last Parliament, just as our adversaries can use a range of actions against us, from the virtual to the physical, so we are making sure that we can employ a full spectrum of actions in response.

We reserve the right to respond to a cyber attack in any way that we choose.

And we are ensuring that we have at our disposal the tools and capabilities we need to respond as we need to protect this nation, in cyberspace just as in the physical realm.

We are building our own offensive cyber capability – a dedicated ability to counter-attack in cyberspace.
We have built this capability through investing in a National Offensive Cyber Programme.

The Programme is a partnership between the Ministry of Defence and GCHQ, harnessing the skills and talents of both organisations to deliver the tools, techniques and tradecraft required for the UK to establish a world class capability." 'via Blog this'

Monday, 16 November 2015

Privacy, encryption and the draft Investigatory Powers Bill #IGF2015

From the official transcript (corrected into English):
GABRIELLE GUILLEMIN:  I would be curious to hear from Chris Marsden who is Professor at Sussex University of what he thinks of the debate in United Kingdom when the investigative powers bill was published recently. 
CHRIS MARSDEN:  So I promised... by the way I was expecting to have people start throwing things at me.  I am only telling you what is going on in the UK but I am not responsible.  I promised I would divide this talk up in the good, the bad and the ugly.  
Let's start with the good.  This will be the shortest part.  We are actually having a debate in the UK and the current investigative powers bill is going in front of joint Parliamentary Committee scrutiny.  It is the response to a previous attempt to introduce a piece of legislation under the last Government that was actually vetoed by the junior coalition partner. Since this May we have a majority Government for the Conservative Party.  It has now been reintroduced in a different way.  You can see what the junior partner thought of it if you look up ‘Nick+Clegg’ online.  
We are having a debate and that's a very good thing. It is a 300 page Bill and there are lots of explanatory memoranda as well.  It is almost Patriot Act length, someone was commenting to me earlier.  Think of it as the UK Patriot Act, 14 years later.  
I should say the other element which I think is very important is that the Joint Scrutiny Committee (which considers the draft bill before it is actually introduced as a Bill in to Parliament) unfortunately doesn't seem to have taken advantage of the expertise that was available from the Scrutiny Committee that considered the previous failed Bill from three years ago, and there are no members of that previous Committee on the new Committee which is to say the least a shame.  For instance, the Intelligence and Security Committee of Parliament which is now Chaired by the former Attorney General of the country, is actually conducting its own shadow scrutiny investigation.  So we are shining light into dark corners.  
That's the good.  
The bad and I could go through a very long list but we only got five minutes.  So I should make it relatively short.  
There is no effective judicial review in a way that people would think of judicial review in the rest of the world.  So as things stand judges will have the ability to examine warrants for their reasonableness but not factual check on what the warrant contains.  And that's not full judicial review as it were. That's maybe a more of a matter problem of judicial oversight.  But I think that's probably the major bad.  
But there were many others. One of them is that there is as you may well know and the Chair stated in introduction, the Prime Minister has said he doesn't want there to be end to end encryption which doesn't have a back door for the security agencies.  There are problems with that, in that the British economy which if you start interfering as it were in the strong encryption products the UK has a very strong IT industry and there are a lot of companies that upset by what is still a draft scrutiny power that may or may not be introduced.  Tim Cook of Apple has been outraged at the ban on full encryption suggested.  
There will be problems for cloud providers and the financial services industry too.  And it has been suggested that this may be a major issue for as it were UK PLC, the UK economy as well.  I realize this is a rights based discussion we are having but Governments respond very well to that kind of thing.  
I have one minute.  
Let me quickly say, you know the new James Bond film has come out.  On the bad side I should tell you in Britain we think that the security agencies are a combination of Enigma code breakers, Alan Turing and Austin powers and if not James Bond and there has been quite a substantial publicity push, I repeat that, publicity push by the security agencies around the film and the publication of the draft bill.  Do not expect the British as we always call them the Great British Public to push back hard about this bill.  Activists have been outraged and some Members of Parliament outraged.  Sysadmins are outraged even at a local level.  Do not expect the general public to be outraged.  They like James Bond and they think he is a tremendous fellow.  
On the ugly, a year’s data retention costs will be extremely high.  There was a meeting, a Committee of Parliament, on Tuesday.  Government predicted the data retention cost would be somewhere in the order of $300 million, using universal currency (we have a currency but no one talks about it anymore).  The actual cost is basically exponentially higher at least according to the ISP and this will affect the one thing that the British people do care about in their broadband connections, the price.  That is the one possibility of there being a more general outcry of the bill.  
The other thing to say are about the data retention element of the bill: it will only retain metadata and not content. Two issues with that. Metadata is content. If you have access to all of someone's metadata you can make a very, very good approximation of what they want.  Content, of course, is relatively useless in security services unless you are very targeted because it is extremely expensive to analyze.  But the other part is to say that the ISPs think it is extremely difficult on a limited budget to separate metadata on a budget. That will be an interesting challenge if it were to come to law.  
I know this is audience that looking at the primary materials, section are the gagging clauses. One is a kind of Snowdonian engaging clauses and the other two are blanket clauses anything that the intelligence agencies don't do that is absolutely outrageous will be legal.  See sections 65, 66 and 71 of the Bill.
One final thing to say is UK Government will have to declare this Bill is consistent with both the European Convention on Human Rights and obligations as a member of the European Union under that Convention as it is incorporated in European Union law, but in terms of whether we will be members of either or both by the time this bill comes in to effect, watch this space.  
Much greater minds have contributed to my contribution this morning.  I spoke to Jon Crowcroft who is a professor at Cambridge, and many other academics who are deeply involved in trying to explain to Parliamentarians about what is involved.  Two people you should read. First and I almost take this draft bill as kind of the final insult, kind of postmortem insult, to Casper Bowden who has been one of the heroes of this debate.  He died in July of this year.  He wrote about the compatibility of mass surveillance with the European Convention on the Human Rights and he has been advising the European Parliament on this for 15 years. The second is my coauthor on our book where we talk about default encryption. His name is Ian Brown and he is a professor at Oxford.  And if you have read anything by Ian and Casper, you will be much more educated than with what advice I have given today."

Friday, 11 September 2015

Zimmermann Telegram - illegal UK interception of US cable in 1917 to aid war effort

Zimmermann Telegram - Wikipedia, the free encyclopedia: "Hall passed the telegram to the Foreign Office on 5 February, but still warned against releasing it. Meanwhile, the British discussed possible cover stories: to explain to the Americans how they got the ciphertext of the telegram without admitting to the cable snooping; and to explain how they got the cleartext of the telegram without letting the Germans know their codes were broken. Furthermore, the British needed to find a way to convince the Americans the message was not a forgery.

For the first story, the British obtained the ciphertext of the telegram from the Mexican commercial telegraph office. The British knew that the German Embassy in Washington would relay the message by commercial telegraph, so the Mexican telegraph office would have the ciphertext. "Mr. H", a British agent in Mexico, bribed an employee of the commercial telegraph company for a copy of the message. (Sir Thomas Hohler, then British ambassador in Mexico, claimed to have been "Mr. H", or at least involved with the interception, in his autobiography.) This ciphertext could be shown to the Americans without embarrassment. Moreover, the retransmission was enciphered using cipher 13040, so by mid-February the British not only had the complete text, but also the ability to release the telegram without revealing the extent to which the latest German codes had been broken—at worst, the Germans might have realized that the 13040 code had been compromised, but weighed against the possibility of United States entry into the war that was a risk worth taking.

Finally, since copies of the 13040 ciphertext would also have been deposited in the records of the American commercial telegraph, the British had the ability to prove the authenticity of the message to the United States government.
As a cover story, the British could publicly claim that their agents had stolen the telegram's deciphered text in Mexico. Privately, the British needed to give the Americans the 13040 cipher so that the United States government could verify the authenticity of the message independently with their own commercial telegraphic records, however the Americans agreed to back the official cover story. The German Foreign Office refused to consider a possible code break, and instead sent von Eckardt on a witch-hunt for a traitor in the embassy in Mexico." 'via Blog this'

Friday, 10 July 2015

Obituary: Caspar Bowden, a fearless privacy pioneer

Simon Davies, London School of Economics and Political Science

The world’s privacy advocates are reeling over the loss of one of their most influential and feared campaigners, Caspar Bowden, who has died of cancer. His fierce and combative evangelism for online privacy over two decades and surgical analysis of complex surveillance legislation raised the standard of commentary that influenced advocacy groups at home and abroad.

I had the honour and the pleasure of becoming a close friend and co-conspirator of Caspar. It wasn’t always easy – he held high expectations of his colleagues, who could often experience his wrath whenever they dared to negotiate with “the bastards” (whoever they happened to be at the time). The archaic American expression “ornery” could well have been invented for Caspar Bowden, as his opponents well knew.

In conferences and meetings where officials and ministers appeared there was frequently what became known as the “popcorn moment”, when Caspar would stand up and, from the back of the hall, clear his throat and launch into a devastating critique that would utterly destroy the credibility of his opponents. Within two years, ministerial staffers were routinely calling me to find out whether Caspar would be in the audience. No better tribute could ever be awarded to any campaigner.

Caspar Bowden, mid ‘popcorn moment’. Rama, CC BY-SA

Caspar joined the mainstream privacy world in 1997 during the Scrambling for Safety encryption event that I organised at the London School of Economics, and soon after he co-founded the Foundation for Information Policy Research (FIPR), which became the most astute think-tank in Britain in the field of surveillance.

At the time Caspar chaired Scientists for Labour, an organisation which at the time believed that the Labour Party (which had been elected to government only 18 days earlier) would actually respect scientific advice. The reams of dangerous and intrusive legislation the Labour government subsequently passed caused him to ditch this fantasy. In the years since Caspar appeared to abandon all faith in parties, taking pride in comparisons with TV character Mr MacKay in the comedy series Porridge, who famously said: “I have a job to do and, whatever else I am, I’m firm but fair. I want you to know that I treat you all with equal contempt”.

In 2002 Caspar joined Microsoft’s operation in Europe as chief privacy strategist, but the arrangement was a bad fit. Caspar continued to be outspoken, eventually parting company with Microsoft after he criticised the lack of privacy measures in its software and the firm’s cosiness with US government spooks. Years before Snowden’s revelations about US and UK mass surveillance in 2013, Bowden had already become deeply worried about the relationship between companies and security agencies – with his arguments about the safety of cloud data proven true by the subsequent leaks.

Gus Hosein, executive director of Privacy International and an an old friend and colleague said:

I’m not new to this issue, but whenever I struggle to get my head around the implications of a new policy or technology, I always looked to Caspar. I sought his guidance to navigate it, but I feared what he would say if I came out with something stupid. The future is uncertain enough, but without him it is even more daunting.

Caspar was very accurately described by another close friend and colleague Ian Brown, professor of Information Security and Privacy at Oxford University:

Caspar was a truly unique individual, one of the most passionate, methodical, relentless advocates of any cause I have met. I learnt so much from him as we worked together on and off for nearly 20 years on privacy issues. His forensic analysis of UK surveillance laws, and later European and US legislation, was essential reading for anyone who wanted to understand the implications of some extremely obscure language – including legislators themselves.

Brown believes UK internet users are still benefiting from Caspar’s successful campaign to remove “Big Browser” surveillance powers from the Regulation of Investigatory Powers Act 2000, and to ensure the burden of proof was not put onto individuals who might have actually forgotten passwords later demanded by police. His important reports for the European Parliament will also be key in the long-term decisions made by the EU to protect the privacy of its 500m citizens.

Anyone who knew Caspar understood that he was dogged in his later years by a deep cynicism about progress in privacy. Deeply mistrustful of governments, corporations and even the law, he eschewed mobile phones and came to place his faith almost solely on mathematical solutions, for example by heavily promoting the concept of differential privacy, which attempts to prevent a loss of privacy in situations where details can be inferred from other data.

Perhaps Caspar’s greatest legacy is that, in an age of increasing compromise, he showed us the importance of dogged, non-negotiable persistence. As George Bernard Shaw observed, all progress depends on the unreasonable man. In that respect, Caspar was a beacon of progress.

The Conversation

Simon Davies is Associate Director at London School of Economics and Political Science.

This article was originally published on The Conversation. Read the original article.

Thursday, 18 June 2015

Some thoughts on Usability of Privacy Technologies - George Danezis

Some thoughts on Usability of Privacy Technologies (Outline of Talk) | Conspicuous Chatter: "one may assume that the key customers of this software — large enterprises and governments — simply never asked for such features, and in fact probably considered such a feature to conflict with other requirements (such as the need to recover mail of employees, backup, …).

 These commercial pressures, have changed in the past few years, as large internet companies start relying heavily on serving end-users (search, webmail, social networking). Sadly, these companies have adopted both a business model — ad-based monetization — and a technical architecture — cloud computing — that makes meaningful privacy protection very difficult. In turn the “success” of those architectures has lead to an extreme ease of developing using this model, and an increasing difficulty in providing end-user solutions with appropriate privacy protections — let alone usable ones.

 The rise of services has pushed a number of key privacy technologies into not being commercially supported and a key feature, and in effect at best a “common” — with the governance and funding problems this entails. We have recently learned about the systemic under funding of key privacy technologies such as OpenSSL and GPG. Technologies like Tor are mostly funded for their national firewall traversal features, seeing development on anonymity features suffer.

Unlike other commons (health, parks, quality assurance in medicines), the state has not stepped in to either help with governance or with funding — all the opposite. For example, standardization efforts have systematically promoted “surveillance by design” instead of best of breed privacy protection; funding for surveillance technology is enormous compared to funding for privacy technologies, and somehow ironically, a number of calls for funding of privacy technologies are in the context of making surveillance more “privacy friendly” — leading to largely non-nonsensical outcomes." 'via Blog this'

Sunday, 26 April 2015

EU Wants a New Regulator to Make Sure Internet Firms are Behaving Themselves

The EU Wants a New Regulator to Make Sure Internet Firms are Behaving Themselves | Gizmodo UK: "They warn that some digital businesses are "transforming into super-nodes that can be of systemic importance” and “only a very limited part of the economy will not depend on them in the near future.”

 The documents warn that a lack of action could lead to a "point of no return", where economies are irreversibly tied to a handful of large companies.  Examples include the likes of Amazon, Etsy, Trip Advisor, Facebook, and Google.

They are mentioned as having undue power over their sectors of the market and can exclude any company or products they feel like, without evidence, by claiming they breach terms and conditions.

Apparently this could potentially put the whole European economy at risk due to market exploitation.

To tackle this the documents propose that a new "supervision framework" should be put together and do things like ban unfair business practices and prevent internet companies from using their platforms to provide preferential treatment to their own services." 'via Blog this'

Tuesday, 14 April 2015

Spying on the U.S. Submarine That Spies For the NSA and CIA

Spying on the U.S. Submarine That Spies For the NSA and CIA: "Annapolis's parent unit, Submarine Development Squadron 12, brokers all of this special equipment for the Navy's submarines, setting up relations with the CIA and NSA, as well as the National Reconnaissance Office, which operates the spy satellites and stealthy communications links. And there are a set of silent partners in industry and academia who also ply their trade in this secret submarine world.

 One such player is the Applied Research Laboratory of Pennsylvania State University. As a Pentagon-designated university-affiliated research center, Penn State's ARL "maintains a special long-term strategic relationship with DoD," the lab brags in an online presentation. That relationship accounts for nearly half the university's research budget—and it includes work on Annapolis's RADIANT GEMSTONE, the only public mention of this highly secretive program:

 How excited is the Navy about this new mission? Imagine being the only kid on the block with a shiny new red wagon. The service's admiral in charge of cryptology says the Navy is anxiously crafting "an ordered, sustainable maritime means of realizing military power in cyberspace."

 Still: What does that mean? When you can spy on anyone, anywhere, anytime—not just heads of state, but anyone on a cell or a WiFi connection—what do you actually do? More to the point: Who was the Annapolis spying on last year?

We know roughly where it traveled through the "European and Central Command areas of responsibility"—near Iran, Israel, perhaps even Yemen.

We know that its crew briefed those NSA and CIA officials. We know that Parks, his mission accomplished, recently stepped aside and handed command of Annapolis to a "tactical analysis" expert from Submarine Development Squadron 12." 'via Blog this'

NSA declares war on general purpose computers - Boing Boing

NSA declares war on general purpose computers - Boing Boing: "NSA director Michael S Rogers says his agency wants "front doors" to all cryptography used in the USA, so that no one can have secrets it can't spy on -- but what he really means is that he wants to be in charge of which software can run on any general purpose computer.

 Rogers's proposal is no less stupid than the proposal made by UK Prime Minister David Cameron, but it's even scarier in that Rogers runs a highly technical criminal organization with state backing and a history of attacking the security of American computing infrastructure by deliberately introducing vulnerabilities into computers used by American citizens, businesses, and government.

There's no way to stop Americans -- particularly those engaged in criminal activity and at risk from law enforcement -- from running crypto without locking all computers, Ipad-style, so that they only run software from a government-approved "app-store."

The world teems with high quality, free, open crypto tools. Simply banning their integration into US products will do precisely nothing to stop criminals from getting their code from outside non-US vendors or projects. Only by attacking the fundamental nature of computing itself can the NSA hope to limit its adversaries' use of crypto.

I predicted this in 2012, and I'm sad to see it coming true.

The risk of this happening is why I've gone back to EFF to kill DRM in all its forms." 'via Blog this'

Sunday, 12 April 2015

EU Deal Probes May Weigh Value of Personal Data: Vestager

EU Deal Probes May Weigh Value of Personal Data: Vestager - Bloomberg Business:

"“Many people still don’t realize that sites that appear to be free are actually paid for by the information you provide through your searches and behavior online,” Vestager said.

While the EU has been investigating allegations that Google Inc. abuses its role as the biggest search engine, it avoided looking at control of personal data in a 2008 merger review of Google’s bid for online advertising platform DoubleClick. EU regulators didn't identify data-usage concerns in last year’s review of Facebook Inc.’s takeover of messaging service WhatsApp." 'via Blog this'

Thursday, 2 April 2015

Pasquale: Interview on the Black Box Society

Balkinization: Interview on the Black Box Society: "The Black Box Society’s central subject--agnotology, the suppression or destruction of knowledge--is a particularly difficult topic to interpret methodically. But I’ve tried to highlight some very important disputes, show their broader relevance, and explain what laws would need to change for us to really understand the value of what data brokers, search engines, financiers, or homeland security contractors are doing. I justify those policy proposals with reference to emerging work in more normatively oriented branches of political economy and social science...

Political economy is a venerable discipline. While it has, of late, been dominated by “positive political economists” focused on the pathologies of governance, there is a venerable tradition of political economists studying the “ideal role of the state in the economic and social organization of a country” (as Piketty puts it). Lawyers are particularly well-suited to the task of studying political economy, because we are the ones drafting, interpreting, and applying the rules governing the interface between state actors and firms.

Integrating the long-divided fields of politics and economics, a renewal of modern political economy could unravel “wicked problems” neither states nor markets alone can address.

But it’s actually more urgent than that, because the very terms “state” and “market” seem antiquated. For example, Medicare may be publicly funded, but it’s ultimately run by a panoply of private contractors. Banks may make tremendous profits from financial “markets,” but the main reason they have deposits and counterparties to deal with is governmental guarantees that take the sting out of credit risk—and, in turn, reward many of those administering such guarantees with lucrative jobs once they leave government.

 So a purely economic approach to “markets” here, or a purely political approach to “states,” misses the critical interaction between the two. A political economic approach is vital—and that’s what has made social theory ranging from Smith and Mill, to Tocqueville and Durkheim, to Weber and Habermas, of such enduring interest. In law, we still read Robert Lee Hale and the legal realists for exactly the same reason. My concluding chapter tries to revive this political economic perspective, suggesting reforms beyond the purely legal concerns of the penultimate chapter." 'via Blog this'

Tuesday, 24 March 2015

Ian Brown & Christopher T. Marsden: Regulating Code: Good governance and better regulation in the information Age. - Free Online Library

Ian Brown & Christopher T. Marsden: Regulating Code: Good governance and better regulation in the information Age. - Free Online Library: "Regulating code is a solid and well researched textbook that will appeal to experts and practitioners, who will enjoy the authors' incisive and thorough coverage of the field. It is well written and gives an honest and impartial (one could call it a politically correct) coverage of the current internet debate. It is highly interdisciplinary and well written in its analysis of the different legal, technical and economic arguments. It's a must read for educated professionals from diverse disciplines who seek to master the information sciences domain, since the book offers a one-stop background and accurate context covering practically all the hot regulatory topics, from privacy & data protection, to copyright, social media censorship to net neutrality, stretching to cybersecurity and broadband innovation. The historical references and current bibliography are truly impressive. In fact the lengthy bibliography is so complete that the expert reader will not be disappointed unless their own magnum opus were accidentally not to have been listed there." 'via Blog this'

Friday, 6 February 2015

GCHQ censured over sharing of internet surveillance data with US

BBC News - GCHQ censured over sharing of internet surveillance data with US: "Before December, the IPT said: "The regime governing the soliciting, receiving, storing and transmitting by UK authorities of private communications of individuals located in the UK, which have been obtained by US authorities pursuant to Prism and... Upstream, contravened articles 8 or 10 [of the European Convention of Human Rights]."

Article 8 is the right to privacy, article 10 the right to freedom of expression.

The agency is now compliant, the tribunal said." 'via Blog this'

GCHQ censured over sharing of internet surveillance data with US

BBC News - GCHQ censured over sharing of internet surveillance data with US: "Before December, the IPT said: "The regime governing the soliciting, receiving, storing and transmitting by UK authorities of private communications of individuals located in the UK, which have been obtained by US authorities pursuant to Prism and... Upstream, contravened articles 8 or 10 [of the European Convention of Human Rights]."

Article 8 is the right to privacy, article 10 the right to freedom of expression.

The agency is now compliant, the tribunal said." 'via Blog this'

Tuesday, 3 February 2015

1000 Days of Google: change in privacy policy after 3-year ICO investigation

Google to change privacy policy after ICO investigation | ICO: "Google introduced a new privacy policy in March 2012 combining around 70 existing policies for various services, but the ICO ruled that the new policy did not include sufficient information for service users as to how and why their personal data was being collected.

Google has now signed an undertaking committing to make further changes to the privacy policy to ensure it meets the requirements of the Data Protection Act and to take steps to ensure that future changes to its privacy policy comply, including user testing.

Whilst conducting its own investigation, the ICO has worked with other European Data Protection Authorities, as part of the Article 29 working party." 'via Blog this'

How TAFTA/TTIP's Regulatory Co-operation Body Will Undermine Sovereignty

Two Leaks Reveal How TAFTA/TTIP's Regulatory Co-operation Body Will Undermine Sovereignty And Democracy | Techdirt: "a leak back in December 2013 gave a clue about how it might be possible for the US and EU governments to promise that the TAFTA/TTIP agreement would not lower standards, and yet provide a way to dismantle those non-tariff barriers (pdf).

This would be achieved after TTIP was ratified, through the creation of a new body called the Regulatory Council, which would play a key role in how future regulations were made. Effectively, it would provide early access to all new regulations proposed by the US and EU, allowing corporations to voice their objections to any measures that they felt would impede transatlantic trade.

This regulatory ratchet would push standards downwards and reduce costs for business, but only gradually, and after TTIP had come into force -- at which point, nothing could be done about it.

 Since then, things have been quiet on the regulatory front, not least because corporate sovereignty in the form of investor-state dispute settlement emerged as the most contentious issue -- in Europe, at least -- which has rather eclipsed earlier concerns about this supranational regulatory body.

But now, in a single week, we have had two important leaks in this area, both confirming those initial ideas sketched out in 2013 are still very much how TAFTA/TTIP aims to bring about the desired regulatory harmonization.

Corporate Europe Observatory obtained a very recent draft copy of the EU's proposals for the chapter covering regulatory co-operation (pdf), which describes a new transatlantic organization, now called the Regulatory Cooperation Body." 'via Blog this'