Civil rights advocates have achieved a key victory in the fight against the European-wide data retention policy. A short report from EU authorities says, “European Data Protection Authorities find current implementation of data retention directive unlawful”
It’s been a while since we’ve heard much about the EU data retention policy. Even the group against data retention, “Data Retention is no Solution” seemed to have stopped reporting on news as of 2007 if the Wiki is anything to go by. That doesn’t mean the story is dead completely though. An announcement has been made (PDF) by EU authorities saying that the implementation of the data retention policy in Europe was unlawful.
“The report that results from a joint inquiry carried out by the data protection authorities,” the announcement says, “concludes that the obligation to retain all telecom and internet traffic data resulting from the directive is not applied correctly in the EU member states.”
“Most importantly,” the announcement continues, “service providers were found to retain and hand over data in ways contrary to the provisions of the directive. The provisions of the data retention directive are not respected and the lack of available sensible statistics hinders the assessment of whether the directive has achieved its objectives. The European Data Protection Authorities therefore call on the European Commission to take into account the findings of the report when taking the decision on whether or not to amend or repeal the Directive.”
Katitza Rodriguez of the Electronic Frontier Foundation (EFF) calls this a “landmark announcement” and summarized the important findings:
* “Service providers were found to retain and hand over data in ways contrary to the provisions of the [data retention] directive.”
* “There are significant discrepancies regarding the retention periods, which vary from six months to up to ten years, which largely exceeds the allowed maximum of 24 months.”
* “More data are being retained than is allowed. The data retention directive provides a limited list of data to be retained, all relating to traffic data. The retention of data relating to the content of communication is explicitly prohibited. However, it appears from the inquiry that some of these data are nevertheless retained.”
* Regarding Internet traffic data: “Several service providers were found to retain URLs of websites, headers of e-mail messages as well as recipients of e-mail messages in “CC”- mode at the destination mail server.
* Regarding phone traffic data: “it was established that not only the location of the caller is retained at the start of the call, but that his location is being monitored continuously.”
* “Member states have scarcely provided statistics on the use of data retained under the Directive, which limits the possibilities to verify the usefulness of data retention.”
* “The provisions of the data retention directive are not respected and the lack of available sensible statistics hinders the assessment of whether the directive has achieved its objectives.”
European Data retention, or Directive 2006/24/EC, has been a hugely controversial policy that contains surveillance measures on internet users. According to the Wikipedia entry, “According to the directive, member states will have to store citizens’ telecommunications data for six to 24 months stipulating a maximum time period. Under the directive the police and security agencies will be able to request access to details such as IP address and time of use of every email, phone call and text message sent or received. A request to access the information will be able only with a court order.”
Data retention was just one of many issues the Freedom, Not Fear campaigns targeted in their many European-wide protests.
Where will things go from here? That’s difficult to say. If the announcement is anything to go by, anything from amending or even repealing the EU data retention directive could occur. Clearly, there are problems with data retention in its current form, one of the most obvious is the implications of basic civil liberties.
Have a tip? Want to contact the author? You can do so by sending a PM via the forums or via e-mail at [email protected].
Related Stories
- Demands Increase to Annul European Data Retention Policy
- Czech Republic Government Close to Implementing Data Retention Directive
- Massive Data Retention Protests Hit Germany, Expected to Spread Across Europe
- Austrian Newspapers Want to Use Data Retention to Enforce Copyright
- EU States Propose Massive Data Retention Plan
Its a good expensive lesson to learn for the uneducated bureaucrats.
Its a good expensive blow to our power as peasants.
The king has taken care to ensure there are no more whispers in the courtyard.
He was getting nervous for a time…
Deep packet inspection ISP side makes current encryption attempts defunct.
Dark-net software will become illegal, and point to point encryption services for monetary transfer will be standardized, monopolized and enforced so no credit card transaction occurs without the ‘verified’ tunnel, forcing all vendors and consumers transactions through one easily monitored system.
Similarly think of self signed https certs on many torrent sites, but soon your browser wont allow you to visit them, for the same reason.
This is why the CIA and NSA have threatened to blackball and sanction countries that are supportive of open source software, whom even have the ‘gall’ to recommend it to their citizens.
This is why Uncle Sam won’t hand over ICANN registration control to the EU.
Complete control of the consuming, unthinking cattle we call civilians, to ensure the rich are never exposed.
Pretty soon everything will be encrypted – it will be a big selling feature for phones, browsers, storage media, and other telecom devices. First only the rich will have it, but eventually the world will be encrypted and that will finally put an end to this big brother nonsense. Let them store terabytes of random characters that can never be decoded because they used a different key each time. Its a good expensive lesson to learn for the uneducated bureaucrats.
Stupid fools can’t even implement laws like we tell them to.
‘…hinders the assessment of whether the directive has achieved its objectives.”
What are the objectives of the plan?
Stop terrorists?
Don’t make me laugh.
One company, One cult, One consumer, just a quiet peaceful death….