April 18, 2011 | Jim Killock

Data retention: given whitewash by EU Commission

In 2006, the EU passed a Directive requiring traffic details* of our phone calls, text messages, internet (IP) addresses and emails to be recorded and stored across Europe. Today, that Directive is being officially reviewed, in a widely leaked report expected to whitewash concerns about its basic incompatibility with human rights.

This Directive – the “Data Retention Directive” – was pushed by the UK at the height of New Labour’s push for intrusive surveillance and lack of respect for fundamental rights, in the wake of the 2005 London bombings. The UK persuaded the EU that data retention was necessary and had to be applied across the EU to combat terrorism and serious crime.

This blanket monitoring of every EU citizen has been struck down in a number of EU states, most recently the Czech Republic, as simply unconstitutional. Monitoring is generally held to need to be specific and targeted, rather than general, in order to respect our fundamental right to privacy. Meanwhile, fellow EDRi-member Digital Rights Ireland, are seeking to challenge data retention in the EU courts.

EDRI, which ORG belongs to, have produced a detailed shadow report that demolishes the Commission’s position on Data Retention. calling it “an unprecedented violation of the fundamental rights of all 500 million EU citizens.”

It shows that the need has never been shown, the legal basis to be flawed, and data security obligations are being violated. It is a “cost for which there is no benefit, no justification and no credible legal basis.”

While EDRi’s shadow report reflects the thinking of civil liberties organizations, there is no evidence that the UK government has shifted its thinking. In fact, with the proposed database of air travel information, the UK government seems to wish to transfer the principle of hoarding data without prior suspicion to new sectors. You can sign our petition here.

* Traffic details are who sends who and when, rather than the full content, of messages

Comments (3)

  1. Emil A. Georgiev:
    Apr 18, 2011 at 12:34 PM

    Hi there,

    do you have the leaked evaluation report or a link to it?

    Btw, the directive you refer to in the second para is the "data Retention directive" and not the "data Protection directive".


  2. Jim Killock:
    Apr 18, 2011 at 12:41 PM

    Hi Emil,

    The leaked draft is here: http://www.alexander-alvaro.de/archives/1904/test-2

    Correction made ;)

  3. Simon Hopkins:
    Apr 20, 2011 at 02:59 PM

    Any one who wants security of communication and data will simply use one of the many long available technologies to achieve this.

    A few of many examples are: Phone Digital Scrambling (small plug in box both ends), Email PGP Encryption (free software), Secure WEB HTTPS (built into all browsers).

    We will just end up with an epidemic of very difficult to monitor data and a monster headache for the security services.

    We do not believe anyone has thought this through.