November 24, 2005 | Suw Charman Anderson

Data retention another step closer

Today the LIBE Committee - that's the committee of MEPs who have been 'looking after' the data retention directive - voted on whether or not they liked the amendments that have been proposed in the backroom meetings which have been going on between the various interested parties in Brussels. Thirty three MEPs voted to accept the changes, eight voted against and five abstained. As the the LIBE Committee is responsible for guiding the legislation through the law making process, their amendments will define for a large part what the final directive will look like when it's placed before the European Parliament as a whole. This, you will recall, will only happen once, in mid-December. The current state of play is this:

  1. Telcos and ISPs must retain fixed and mobile traffic data, including location data and internet log-in log-off, for 6-12 months.
  2. E-mail and VoIP logging has been rejected by the Green Party MEPs, but will probably be re-introduced as a Parliament-wide amendment when the legislation comes out of committee.
  3. Governments may, but don't have to, introduce retention for failed caller attempts. (This is an important concession to telephone companies, as they may not currently be logging this information.)
  4. The list of 'serious' criminal offences has been defined as being those crimes listed for use in the EU Arrest Warrant legislation.

Point four is a genuine concern. The arrest warrant list includes "piracy" which, if IPRED2 passes (which criminalises copyright infringement) could possibly include aiding/abetting/inciting to filesharing. The basic issues about privacy, proportionality and the contravention of the European Convention on Human Rights have not changed. The entire directive should be rejected, and once again I would urge you to email your MEP and ask them to vote against data retention.

Comments (6)

  1. Julian Bond:
    Nov 28, 2005 at 01:24 PM

    A note for the webmaster. I've just posted a comment using IE6 because firefox didn't work. I got a spurious message about javascript needing to be enabled. Well it was but it didn't work.

  2. Louisiana:
    Dec 01, 2005 at 09:26 AM

    Hm, I just posted a comment using Firefox and it worked okay, no problems. Maybe there's an issue with certain releases of Firefox (?). Louise F

  3. Kevin Marks:
    Nov 25, 2005 at 12:02 AM

    The EU Data Protection Working Party has condemned this legislation and has a 20 point list of objections:

    1. PURPOSES The data should only be retained for specific purposes of fighting terrorism and organised crime, rather than with regard to any other undetermined

  4. Julian Bond:
    Nov 28, 2005 at 01:23 PM

    I'm decidely confused about the scope of this and don't feel I understand the true nature of what's being proposed. But I do have some major reservations.

    - Everything I've read seems to be pointed at major ISPs and telcos as though they are only people who process internet communications. However very large numbers of much smaller oragnizations, right down to individuals, run email servers. Will they also have to retain records for 6-12 months? How about organisations that provide free, rented or charged internet access such as Hotels, Business office space such as Regus, Internet cafes, Wifi Access hotspots and so on.

    - Then there's the very large numbers of wide open WiFi networks (the infamous "Linksys Community Network"!). The ends aren't secure. So if we follow the line of reasoning that data retention is required we have to secure the ends as well. This leads to completely unacceptable requirements on end users. The same line of reasoning can be applied to Internet cafes and leads directly to the sort of issues thrown up by repressive regimes that require internet cafes to be "licensed".

    - There are numerous internet applications that are by their nature P2P. Some of these (such as Skype) are encrypted. Some anonymise the end points. How does getting ISPs to retain data hope to cover these applications?

    Time to resurrect the decentralisation meme again.

  5. Neil Dunbar:
    Nov 26, 2005 at 11:58 AM

    re: Arrest warrant list includes "piracy".

    Does it? I can't find it on the EAW document:

    And anyway, doesn't that mean the "Pirates of the Carribean" sort of piracy? The warrant can only be granted for offences carry a minimum 1 year jail term. Copyright Infringement doesn't carry that minimum sentence - IPRED2 or not. The only ones I can see there which might fly is fraud or "participation in a criminal organisation" - which I'm guessing means the Mafia, or the like. I think the content providers would struggle to get anywhere with this.

    Looking at the changes voted on by LIBE, it seems to spike the guns of the CMBA, since it limits the scope of offences allowable for retained data access, as well as strictly limiting the agencies allowed to request access.

  6. Karl-Friedrich Lenz:
    Nov 25, 2005 at 02:11 PM

    Please consider linking to the Wiki at