Feeds

EC wants to cap data retention laws

Delete data after a year

  • alert
  • submit to reddit

SANS - Survey on application security programs

The European Commission has stepped into the debate on the proposed data retention bill, saying that the legislation will now require telcos and ISPs to hold onto data for a year, rather that the three or four years originally proposed.

The decision follows a vote from the civil liberties committee to reject the original plans as "disproportionate and ineffective", as well as serious concerns over the legality of the proposed legislation.

The bill was put together, some argue hastily, in the wake of the Madrid train bombings which killed 191 people. Telephone records were reportedly a key part in the police investigation, and allowed them to make quick arrests.

It was put forward by the UK. France, Ireland and Sweden, but following legal advice, the member states now suggest that the bill be proposed by the Commission, rather than by individual countries. This would mean the laws would need to be given the OK by Parliament and the member states, Reuters reports.

Information Society Commissioner Viviane Reding also says the bill should encompass wider issues than just fighting terrorism, saying that there needed to be a balance between the need for security, and the need for privacy.

In its original form, the draft did not state an explicit upper limit on how long data could or should be kept. The draft also failed to delineate between data and content, causing concern among civil liberties campaigners, and among the businesses it would affect.

"It will certainly not be three to four years but a maximum of one year and I hope even less," Reding told Reuters.

While all this sounds very positive - many of the concerns raised when the original document was published do seem to be being addressed - it remains to be seen how these good intentions will affect the bill. The Commission is expected to publish its new proposal in June or July. Until then, we will have to wait and see. ®

Related stories

EU's data retention laws could be illegal
UK and EU allies plan moves against terror websites
EC calls for rethink of data retention proposals

SANS - Survey on application security programs

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.