tl;dr: Projects building open communications networks using custom router software are playing an important role in providing refugees with Internet access. Last year, largely unbeknownst to the public, a new EU directive was passed on the regulation of radio equipment. This directive may limit the software that can be run on WiFi routers to those certified by the manufacturer. This could keep initiatives from being able to provide such open networks in the future. Now is the time to get active in your member state to protect open WiFi networks!
In cities throughout Europe, people are seeking refuge from war, discrimination, hunger and persecution. Initiatives from civil society have been building up free Internet connections surrounding camp sites and housing projects.
Freifunk in Magdeburg Olvenstedt (Photo: Keywan Tonekaboni, CC-BY-NC/4.0)Many had to flee from their countries in months-long trips. Free WiFi connections allow them to participate in society, in culture and everyday life, which has become unthinkable to most of us without access to the Internet. It also allows them to get in touch with relatives and friends who may still be in their countries of origin, who may be fleeing themselves or have found refuge in other cities or other parts of Europe.
In Germany, Freifunk and other initiatives have been building up free and open – that is: collectively built-up, not-for-profit – wireless networks for more than a decade. Similar initiatives exist throughout Europe, such as Guifi.net in Spain or Funkfeuer in Austria. In the current situation, Freifunk and others have committed themselves to an additional, humanitarian goal.
They provide Internet access to refugees by way of installing customized software onto devices such as routers and WiFi access points. They are replacing the software (so-called firmware) originally installed on the devices by their manufacturers. Using their own software, they can build up free and open networks more easily and automatically.
Radio equipment rules with unwanted consequences?
There are common rules for devices that communicate using radio waves in the European Union. They have been put into place to avoid devices interfering unwantedly with other devices, as well as to keep certain frequencies clear for communication of airplanes, emergency services and so on.
WiFi access points and routers are subject to these regulations. The overhaul of the old directive (Directive 2014/53/EU on “the making available … of radio equipment”) early in 2014, at the end of the last parliament’s legislative term, introduced a new requirement for hardware manufacturers to demonstrate that software running on devices comply with rules regarding the use of certain radio channels, for example. This not only applies to firmware shipped by device manufacturers but also to any kind of software installable on the devices.
In Article 3.3 (i) of the directive, it says devices need to be built in a way to “ensure that software can only be loaded into the radio equipment where the compliance of the combination of the radio equipment and software has been demonstrated”. This could be interpreted as a requirement for manufacturers to only allow certified software to run on their devices. Projects like Freifunk and others as well as commercial third-party producers would suffer as a result, lacking proper certification.
not be abused … to prevent … use with software … by independent parties
The original Commission draft of the directive (PDF), however, includes a recitalRecitals are a way of stating the purpose or intent of a directive, they do not have a binding effect for lawmakers and are used by courts and member states to interpret and understand a directive. (19) that explicitly mentions: “Verification … should not be abused in order to prevent [the devices’] use with software provided by independent parties”.
It is now a matter of the member states’ transposition of the directive into national law whether the recital’s intention is kept.
Will manufacturers have to verify third party software?
It is curious that according to recital (29), “conformity assessment should … remain solely the obligation of the manufacturer”. Depending on the implementation of the directive into national law, manufacturers would subsequently have to verify third party producers’ software. It is hitherto unknown if manufacturers are sympathetic to the idea of having to spend money and expertise on this process.
Governments need to make sure open WiFi projects can continue
Volunteer projects throughout Europe that are building WiFi networks for refugees, similar to Freifunk in Germany, have made headlines and earned sympathy this summer. Lawmakers in Europe need to make sure these projects can continue their work.
Der Gesetzentwurf der Bundesregierung wird zur Zeit vorbereitet.
EU member states have until 13 June 2016 to complete their national implementations of Directive 2014/53/EU. A freedom of information request brought forward by Michel Vorsprach in Germany has already produced an answer from the ministry for economic affairs. According to their reply, the German draft law is in its final stages and implementation will happen in due time. Governments throughout Europe need to implement the radio equipment directive in a way that does not hinder the free and open internet movement.
Manufacturers must not be lured into implementing even more restrictive measures than they are already using to prevent installation of third-party firmwares. It is a basic necessity for volunteers to be able to install customized firmware onto routers. Only if they can overcome the boundaries of what hardware manufacturers had originally planned for their devices to do, can free and open Internet projects continue to flourish.
Act now!
If you are working with an initiative that provides free and open networks that are based on OpenSource firmwares like OpenWRT or DDWRT, or if you are willing to help them continue to do so, you have to act now:
- Ask your national government how it is planning on implementing Directive 2014/53/EU in its national law and if your WiFi routers can subsequently still be equipped with customized software.
- Ask your routers’ manufacturers how they plan on handling the requirements that arise from Article 3.3 of Directive 2014/53/EU.
- Ask politicians with special expertise in all political parties about how they envision an implementation that encourages Freifunk-like projects.
- Write to funkregulierung@felixreda.eu with any answers you have received.
- Translate this call to action to your native language so we can mobilise activists in all member states. We’re happy to publish translations here that are sent to us via funkregulierung@felixreda.eu.
- Forward this call to action to 5 friends.
To the extent possible under law, the creator has waived all copyright and related or neighboring rights to this work.
Wireless networking research depends on the ability of researchers to investigate and modify their devices.
Americans need the ability to fix security holes in their devices when the manufacturer chooses to not do so.
Users have in the past fixed serious bugs in their wifi drivers, which would be banned under the NPRM.
Not fixing security holes either feeds cyberthreats or increases electronic waste.
Billions of dollars of commerce, such as secure wifi vendors, retail hotspot vendors, depends on the ability of users and companies to install the software of their choosing.
The CeroWrt Project filed a letter with the FCC on these issues friday. It is not yet available online at the fcc site ( http://apps.fcc.gov/ecfs/comment/confirm?confirmation=2015109379635 ), but our copy is at:
http://huchra.bufferbloat.net/~d/fcc_saner_software_practices.pdf
Signers in addition to myself included Vint Cerf, Linus Torvalds, Jonathan Corbet, David P. Reed, Dan Geer, Jim Gettys, Phil Karn, Felix Fietkau, Corinna “Elektra” Aichele, Randell Jesup, Bruce Schneier, Eric S. Raymond, Simon Kelly, Andreas Petlund, Sascha Meinrath, Joe Touch, Dave Farber, Nick Feamster, Paul Vixie, Bob Frankston, Eric Schultz, Brahm Cohen, Jeff Osborn, Harald Alvestrand, and James Woodyatt, and 250+ other researchers, network experts, and FOSS developers.
We recommended that no locked down firmware be allowed, that public source and binary update streams be mandated, and the code controlling the radios be be openly, publicly managed via a source code control system.
We would like to know what to do to get a similar letter in front of the right people in the EU.
Keep fighting for our digital freedom.
Thanks a lot,
Jérôme
This is worrisome. Keep up the good work!
Not merely worrysome. Appalling. Outrageous. The opposite of digital self-determination is being legislated at a time where any empowering use of technology should instead receive active political support. EU 2014/53/EU is a prime example of the kind of thoughtless, bumbling misregulation of the digital world that we definitely don’t need and didn’t ask for, yet another shortcut to dystopia that no sane person would even consider. Another artificial obstacle that will have meshnet communities jump through artificial hoops put up by insane control freaks instead of expanding and actually improving things
I wonder about the timing, just now Freifunk and its sister projects are getting more publicity, but somehow I get the feeling that the people who decided on this don’t know the first thing about meshnets, or have any concept of libre software and why that is a good idea.
Thank you for alerting us of this appalling directive, Julia. Keep going.