Feeds

MEPs vote for mandatory data retention

Costs, scope still unclear

5 things you didn’t know about cloud backup

The European Parliament has approved proposals on data retention that would compel telecom firms to keep customer email logs, details of internet usage and phone call records for between six months to two years.

The plan - designed to assist law enforcement in the fight against terrorism and serious crime - leaves it up to individual governments to decide how long service providers will be obliged to keep data.

Police and intelligence agencies would have access to call records (including data on lost calls), location information and internet logs without getting access to the content of the information communicated. MEPs decided to drop provisions to make it mandatory for member states to reimburse telecom companies for additional costs incurred in servicing law enforcement requests.

The EU directive on data retention passed by 378 votes in favour to 197 against and 30 abstentions during its first reading on Wednesday. The measures were put forward by Britain after the 7 July bomb attacks on London.

Who foots the bill?

A spokesman for the UK Internet Service Providers' Association (ISPA) said it remained to be seen how the directive will be implemented into UK law. Voluntary co-operation already exists between ISPs and UK law enforcement agencies over requests for communications data but implementation of the directive would change this from a voluntary arrangement into a mandatory code of practice.

"We are concerned that ISPs may have to foot the bill for mandatory data retention. ISPs are not law enforcement agencies so they should not have to pay for it all," he said.

The amounts involved are not small. ISPA cites estimates from one large UK-based ISP that it would cost £26m a year to set up data retention kit on its systems and £9m a year in running costs to service law enforcement requests.

MEPs agree with the need to retain data for the detection, investigation and prosecution of crime, but only for "specified forms" of serious criminal offences (terrorism and organised crime), and not for the mere "prevention" of all kinds of crime.

Dai Davis, a consultant lawyer at Nabarro Nathanson, said the European Parliament had fudged important issues such as how long records should be kept and who would end up footing the bill for data retention.

Safeguards (including independent oversight) have been put in place by MEPs to make sure data retention requests can't be used to trawl through databases and need to be sanctioned on a case by case basis. But Davis said that it was unclear if checks and balances established in the directive provide adequate safeguards against abuse. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
Kaspersky backpedals on 'done nothing wrong, nothing to fear' blather
Founder (and internet passport fan) now says privacy is precious
TROLL SLAYER Google grabs $1.3 MEEELLION in patent counter-suit
Chocolate Factory hits back at firm for suing customers
Facebook, Google and Instagram 'worse than drugs' says Miley Cyrus
Italian boffins agree with popette's theory that haters are the real wrecking balls
BBC: We're going to slip CODING into kids' TV
Pureed-carrot-in-ice cream C++ surprise
Twitter: La la la, we have not heard of any NUDE JLaw, Upton SELFIES
If there are any on our site it is not our fault as we are not a PUBLISHER
Sit tight, fanbois. Apple's '$400' wearable release slips into early 2015
Sources: time to put in plenty of clock-watching for' iWatch
Facebook to let stalkers unearth buried posts with mobe search
Prepare to HAUNT your pal's back catalogue
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.