Feeds

MEPs urged to reject data retention plan

'Irreversibly shift European civil liberties'

Security for virtualized datacentres

Privacy International and European Digital Rights (EDRi) are calling on MEPs to reject a proposed Directive on data retention when it comes before the European Parliament next week following an agreement reached by EU Ministers on Friday.

In an open letter to the Parliament yesterday, the groups argue that, if approved, the Commission-drafted Directive would irreversibly shift European civil liberties, affect European consumer rights and obstruct the competitiveness of European industry.

The plea follows an agreement reached among Ministers at the Justice and Home Affairs Council on Friday. That agreement approves amendments to a draft Directive on data retention that are considered less draconian than proposals originally put forward by the Council of Ministers; but it does not chime with amendments made to the same Directive by the Civil Liberties, Justice and Home Affairs Committee of the European Parliament (LIBE) less than two weeks ago.

In that meeting, the LIBE committee stipulated that the data should be retained for a minimum of six months and a maximum of 12 and insisted that if national law enforcement authorities needed to have access to concrete data they would have to get judicial authorisation.

MEPs also stated that telcos should be fully reimbursed by Member States for all costs of retention, storage and transmission of data, including investment and operational costs.

But the Council of Ministers’ amendments change the retention period to a minumum of six months and a maximum of 24 months – with the proviso that Member States may decide on a longer term if they wish. (Ireland and Italy have maximum retention periods of three and four years respectively, while Poland is considering a retention period of 15 years.)

Ministers have also removed any requirement to reimburse telcos and have limited access to the retention data to the investigation of “serious crimes”.

The Council of Ministers and MEPs have been at loggerheads over the controversial proposals since they were first mooted by UK, Ireland, France and Sweden in April 2004.

Ministers have threatened to push through their own proposals if the two institutions cannot reach agreement on the draft Directive by the end of the year – so the pressure is on MEPs to approve the draft when they meet in a plenary session of the Parliament on 12th December.

According to reports, while MEPs have rejected the data retention proposals on two previous occasions, the agreement reached on Friday followed backroom talks with the Commission and MEPs. Ministers therefore appear hopeful that the Parliament will approve the amendments

Civil liberties groups are furious about the change of heart and are calling on MEPs to reject the Directive.

Privacy International, EDRi, ISPs and consumer groups sent today's open letter to MEPs expressing concern that the Directive will involve the “indiscriminate collection and retention of data on a wide range of Europeans' activities.”

According to the letter, the proposals are illegal. They contravene the European Convention on Human Rights and will have a chilling effect on the use of communications technology. In addition, retaining the data will cost EU industry hundreds of millions of Euros per year, harming global competitiveness.

The letter suggests that the Directive will not be the ultimate solution; that further invasive laws will follow. It speculates on a possible future requirement for anyone to identify themselves before using communication tools.

“As the EU embarks on this unprecedented policy,” says the letter, “we are facing a momentous decision as to whether we wish to set in motion a chain of events that will lead to a surveillance society.”

“The EU should follow the example of open and democratic countries that have instead chosen to implement a preservation regime where data is collected and retained only for a specific investigation and then is accessed through court orders,” it concludes.

Related links

The Council’s compromise draft Directive (23-page / 138KB PDF) The open letter

Copyright © 2005, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

New hybrid storage solutions

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Forget silly privacy worries - help biometrics firms make MILLIONS
Beancounter reckons dabs-scanning tech is the next big moneypit
Microsoft's Office Delve wants work to be more like being on Facebook
Office Graph, social features for Office 365 going public
Alibaba swings a large one with STONKING IPO legal bills
Chinese e-commerce beast searches for $21bn from investors
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.