EU seeks to limit data retention rules to one year
Results 1 to 5 of 5

Thread: EU seeks to limit data retention rules to one year

  1. #1
    In And Above Man Black Cluster's Avatar
    Join Date
    Feb 2005
    Posts
    912

    EU seeks to limit data retention rules to one year

    Members of the European Parliament's civil liberties committee voted on Thursday to limit to 12 months the maximum period for which telephone companies and ISPs (Internet service providers) should store call data logs.

    The new rules being negotiated by the Parliament and 25 European Union governments are designed to help law enforcement agencies track terrorist suspects. Police and intelligence agencies managed to identify the bombers in the London and Madrid attacks at least partly through mobile phone records.

    European Union governments have been pushing for the data to be kept for up to two years for telephone calls and for up to six months for Internet data.

    The draft legislation will now go back to the Council of Ministers, made up of representatives from the EU governments, for them to make further changes. The Parliament and the Council will then have to reach a compromise on the final legislation.

    The civil liberties committee's position was a "major success on a highly sensitive and delicate subject that seeks to strike a fair and workable balance between the needs of combating terrorism without eroding basic civil liberties and the right to privacy," according to German Free Democrat MEP Alexander Alvaro, who drafted the committee's opinion.

    The committee also agreed that the data retention requirements should apply only to cases of serious crime rather than all crimes, as EU governments had wanted. This came in reaction to what was seen as heavy-handed lobbying from music industry groups who wanted Internet logs to be used to prosecute people for illegally downloading music files.

    Members of the European Parliament (MEP) also wanted national governments to be forced to reimburse telephone and Internet companies for the costs of storing the data and making it available to law enforcement agencies. They also wanted to make it optional whether data on unsuccessful calls (i.e., those not connected or answered) have to be stored. National governments want this to be compulsory.

    A spokesman for the U.K. government, which currently has the presidency of the European Union, said EU member states were opposed to nearly all of the changes requested by the MEPs. He said there would likely be particular problems over the length of time for which data had to be kept and the reimbursement of costs.

    EU justice and home affairs ministers are meeting in Brussels next Thursday to finalize their position and are expected to overturn many of the amendments agreed by MEPs.

    A spokesman for the European Internet Service Providers Association (EuroISPA) said that his group "cautiously welcomed" Thursday's vote. Richard Nash, EuroISPA secretary-general, said a lot of clarification was needed. There was still concern on the scope of the rules, especially whether e-mail logs would need to be kept.

    Source
    \"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
    Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    i fail to see how keeping existing records could be an invasion of privacy no matter how long these records are retained. it's not like something new and intrusive were being used here it's simply a record of connections made. it's understandable that the telcos dont want to retain them, they've got to be huge.

    all my logs get archived to cd...is that an invasion of privacy?
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  3. #3
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564
    Law enforcement having access is one thing, the other is can anybody get access to this???

    Recent Privacy News

    Canada's Privacy Wake-Up Call
    My weekly Law Bytes column Article focuses on the recent Maclean's cover story in which a reporter obtained the personal phone records of Privacy Commissioner Jennifer Stoddart. I argue that in a year dominated by almost daily privacy and security violations that have placed the personal information of millions at risk, that this privacy breach, which affected just one person, ranks as 2005's most shocking incident.

    Although major Canadian telecommunications providers such as Bell Canada sought to characterize themselves as "victims" of fraudulent activity and claim that a rapid response to the incident is proof that the Canada' s privacy laws are working as intended, the reality is that Canadian law is simply ill-equipped to deal effectively with such incidents.

    In light of the privacy breach, the public might naturally expect that the Privacy Commissioner of Canada has the powers to address the issue. She does not.

    The investigation will naturally focus on both the telecommunications providers that disclosed the phone records as well as the U.S.-based data broker that obtained and later sold the information.

    The Privacy Commissioner has little recourse against the telecommunications providers. Although she can investigate the incident, without possessing order-making power, the Commissioner is reduced to issuing a non-binding "finding" that must be pursued in federal court in order to levy any financial penalties.

    Indeed last week it was the CRTC that was better able to immediately address the issue. Within days of the report, it sent a letter to the telecommunications providers demanding an internal investigation and imposing a strict 10-day deadline to furnish a host of information, including descriptions of the safeguards that were in place when the breaches occurred, explanations of how the companies verify customer identity, and new measures being taken to improve security.

    The situation with respect to the U.S.-based data broker is even bleaker. Last week the Privacy Commissioner declined to investigate a complaint against another U.S. data broker, arguing that Canada' s privacy laws do not provide sufficient powers to investigate out-of-country operators.

    The implications of that decision are stunning, suggesting that Canadians enjoy no privacy protection for personal information that is disclosed to non-Canadian entities. Although the Commissioner' s interpretation of the limits of the law are subject to challenge - there is a good argument that the jurisdictional limitations on investigation should not act as a barrier to issuing a finding against a foreign entity - it is increasingly clear that Canadian law is not up to the challenge of providing effective privacy protection in a world of global data flows that do not respect national borders.

    Tackling this challenge will not be easy, particularly as the Commissioner is asked to address a growing number of concerns including spam, spyware, and the threat of secret disclosures compelled by U.S. law enforcement. A starting point, however, is to provide the Commissioner with order making power, the unquestioned ability to name the names of privacy violators, and the resources necessary to meet her mandate.

    While a statutory review of Canada' s national privacy legislation is slated for 2006, there is no need to wait for the review. With an imminent national election call, Canada' s political leaders should be required to answer a simple question - how are they prepared to reform Canadian law to provide meaningful privacy protection in the Internet era?

    Privacy Law Canada

    As long as they are required to keep this info for any length of time,it creates a possible violation of someone's privacy, wether it be to sell the information or to use said information for criminal purposes (blackmail,extortion (hubby's phone calls to mistress etc).If it is only Law Enforcement under the direction of a "Search Warrant" then sure let them have a look, if it will solve a crime or prevent one, then personal liberty should take a back seat, but if it used any other way, then have your (ISP) lawer's handy, because there will be litigation.
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    but it's not the records that are the problem but rather the inability to deal with those that get the data unlawfully. if providers were seriously fined for misuse of the data and also those infractions of the law perpetrated by those they allow to access these records the providers just might implement decent protection and auditing procedures. treat it with the seriousness that it deserves. unless providers are pressured they will not do/spend anything. i dont think the records should ever be destroyed.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  5. #5
    The ******* Shadow dalek's Avatar
    Join Date
    Sep 2005
    Posts
    1,564
    i dont think the records should ever be destroyed.
    I believe there should be a set moratorium on any records (in the Accounting world it is 7 yrs) for audit purposes.

    The access should be as tight as it is for Gov't record keeping (is that an oxymoron ) I would feel better if I knew that what ever records they held with my name on it was not available to the newbie office clerk, who is being wined and dined by a future spam operator/or identity thief.

    As you say, if the penalties were such (harsh) that it would dissuade others from trying to gather this information, then okay.

    But locks were designed to keep honest people out.
    PC Registered user # 2,336,789,457...

    "When the water reaches the upper level, follow the rats."
    Claude Swanson

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •