FC: U.K. firms protest Euro plan for email, web, Usenet recordkeeping

From: Declan McCullagh (declanat_private)
Date: Tue Jun 26 2001 - 07:23:39 PDT

  • Next message: Declan McCullagh: "FC: Can well-intended but misguided privacy laws harm education?"

    ---
    
    http://www.thetimes.co.uk/article/0,,5-2001213193,00.html 
       PLANS by Brussels to force Internet service providers (ISPs), such as
       BT and AOL, to store detailed logs of their customers Web activities
       a retrograde step that could compromise privacy and damage e-commerce.
    
    http://www.thescotsman.co.uk/business.cfm?id=83701
      THE CBI criticised the government's failure to block EU proposals that
      will allow member states to impose blanket data retention on telecoms
      and ISPs. 
    
    ---
    
    Related news:
    
    Europe weighs recording all phone calls, Net traffic for 7 yrs 
    http://www.politechbot.com/p-02035.html
    
    More on Europe recording phone calls, Net traffic for 7 years 
    http://www.politechbot.com/p-02043.html
    
    ---
    
    http://www.cbi.org.uk/ndbs/press.nsf/0363c1f07c6ca12a8025671c00381cc7/ccfce800c251d49c80256a7300507a26?OpenDocument
         
       CBI DISMAYED BY GOVERNMENT STANCE ON DATA RETENTION
       The CBI is alarmed and dismayed the government has failed to block
       plans in Brussels that will allow member states to impose blanket data
       retention requirements on telecommunication and internet service
       providers (ISPs).
       
       "We are dismayed that senior officials in Brussels, including those
       from UK, have agreed an amendment to the telecommunications data
       protection directive, which will allow member states to impose blanket
       data retention requirements on their own service providers.
       "We believe this will undermine trust and confidence in elelctronic
       commerce and discourage investment in e-commerce in the EU", said the
       CBI's Head of E Business, Nigel Hickson.
       The CBI urges the minister of state for e-commerce Douglas Alexander
       and colleagues in other member states to veto this proposal when it
       comes before the Telecommunications Council on Wednesday June 27.
       In the last few days Brussels officials have paved the way for member
       states to provide for mass retention of data on e-mail recipients,
       addresses of websites visited and data on times when customers log
       into ISP's.
       Currently such service providers are only allowed to retain such data
       for billing purposes.
       "We call on the Government to take all action to prevent unwanted
       traffic data retention requirements on service providers. So we
       strongly urge the DTI to ensure the UK vetoes any weakening of Data
       Protection laws when this is discussed at the Council of Ministers
       this month. We will also be lobbying the Home Office in a similar
       vein" said John Stewart, chair of the CBI's E-business Council.
       
       22 June, 2001
       Notes to Editors:
       The European Union is currently reviewing directive 97/66/EC which
       deals with data protection in the telecommunications sector. There
       have been calls from the law enforcement community to amend Article 6,
       which currently prohibits data retention, allowing member States to
       demand data retention by service providers. The directive has been
       discussed by the Committee of Permanent Representatives in Brussels
       (COREPER) and will be voted on by the EU Telecoms Council on June 27.
       
       Please note Traffic Data does not mean e-mail content. It covers
       information about internet activity; for example 1) addresses of
       people you have sent email to. 2) websites visited. 3) newsgroups
       used. 4) times people log in and log out of ISP's.
       
       Media Contact:
       Sam Parkhouse, CBI Press Office: 020 7395 8093 - e-mail:
       sam_parkhouseat_private
       
       Out of hours pager no 076 2680 9070.
       
    ---
    
    http://www.statewatch.org/news/2001/jun/07retention.htm
    
         Statewatch Observatory on Surveillance in Europe (S.O.S.Europe)
    
         EU governments' to decide on retention of telecommunications data
         (including internet usage) by law enforcement agencies
         
         - Commission and Data Protection Working Party oppose move
         - UK leading the campaign for data retention
         ______________________________________________________________
         
         The debate over the retention of telecommunications data by EU
         states for the purposes of giving access to the law enforcement
         agencies is reaching the crunch stage. At the Telecommunications
         Council in Brussels on 27-28 June the decision may be made to back
         demands by the UK and other governments for data to be retained for
         use by the agencies. The European Commission are strongly opposed
         to the changes as are a number of the rapporteurs in the European
         Parliament.
         
         The chair of the EU's Article 29 Data Protection Working Party has
         sent letters to the President of the European Parliament, Mr Prodi
         of the Commission and the Council expressing its strong opposition
         to any changes in the draft measure: Letter from Rodota: full-text
         
         The battle lines in the Council at the beginning of June showed the
         incoming Belgian Presidency and the current Swedish Presidency
         backed by the UK demanding changes - to the planned new EU
         Directive on personal data and the protection of privacy in the
         field of electronic commerce - to allow the retention of
         telecommunications data for law enforcement agencies. Opposing this
         move were Greece, Italy, Netherlands and the Commission.
         
         At the Telecommunications Council on Wednesday it will be open to
         the Council (the 15 EU governments) to back the demand now fronted
         by the UK.
         
         The new Directive, which is simply intended to update the current
         laws, has to be agreed under the co-decision procedure whereby the
         the Council, Commission and Parliament have to agree on the new
         measure.
         
         The background is on the Statewatch Observatory on Surveillance in
         Europe: S.0.S. Europe
         ______________________________________________________________
         
         The latest available draft of the Council's discussions on its
         "common position" shows that the demands of the law enforcement
         agencies are centred to two key provisions in the draft new
         Directive: Article 6 on "Traffic data" and Article 15 which allows
         EU states to derogate from the provisions on an individual basis
         and allow law enforcement agencies access to traffic data
         (including internet usage). Draft dated 31 May (9337/01): Full-text
         (pdf file)
         
         The first key provision, Article 6.1. on Traffic data reads as
         follows:
         
         "1. Traffic data relating to subscribers and users processed and
         stored by the provider of a public communications network or
         service must be erased or made anonymous when it is no longer
         needed for the purpose [upon completion] of the transmission of a
         communication without prejudice to the provisions of paragraphs 2,
         3, and Article 15, paragraph 1 4." (bold are changes proposed by
         the Council; the [] show deletions)
         
         These changes were put forward by the Swedish Presidency of the EU.
         A number of EU governments and the Commission oppose the addition
         of the reference to Article 15. However, in a footnote there is an
         alternative wording put forward by Belgium, the incoming EU
         Presidency from 1 July. This reads as follows where "B" stands for
         Belgium:
         
         " Alternative text proposed by B for Article 6, paragraph 1:
         "Traffic data relating to subscribers and users processed for the
         purpose of the transmission of a communication and stored by the
         provider of a public communications network or service may upon
         completion of the transmission only be processed for legitimate
         purposes as determined by national law or applicable instruments.
         Within the scope of this directive, those purposes can be no other
         than those mentioned in paragraphs 2 and 3".
         
         The effect of this proposal is to delete the provision that data
         should be erased or made anonymous and to insert another purpose
         (ie: other than for checking billing for customers) saying it can
         be "processed for legitimate purposes determined by national law" -
         in other words it would allow each EU member state adopt a law
         saying data may be retained for law enforcement purposes for
         periods of 12 moths to 7 years.
         
         The discussion in the Council (between the governments)
         
         Another document, also dated 31 May, reveals much more detail of
         the discussion in the Council and the differences between EU
         governments. Both of these documents need to be placed in context.
         Both are intended to lead to the adoption by the Council of a
         "common position" on the proposed new Directive before the European
         Parliament has completed its First Reading vote and adoption of its
         report. Strictly the Council should wait for the parliament but it
         applies an informal "rule" (created by the Council) which says the
         parliament has only three months to decide its position.
         
         Moreover, the formulation that the law to allow data retention for
         law enforcement agencies should be agreed at national law will
         allow government "spin-doctors" to say that it is not binding and
         that therefore there is no EU policy on the issue - an examination
         of the background documents produced since last autumn show that
         for data usage to work for law enforcement purposes it has to
         operate in every EU country and in all the applicant countries.
         
         The second document: Text (9356/01)  reveals the divisions between
         the EU governments. The report opens by noting that the Commission
         has proposed that Article 6.1 remain intact - that is, to maintain
         EC law as set out in the existing Directive which says that traffic
         data "must be erased or made anonymous on completion of the
         transmission, except for billing purposes". It goes on to say:
         
         "Three delegations (B, S, UK) have placed a reservation on the
         Commission proposal by requesting the abandonment of paragraph 1 on
         the principle of the erasure of data or making it anonymous. These
         delegations in fact hold that this principle does not take into
         account the needs of the repressive authorities" (translation from
         French)
         
         B, S & UK stands for the incoming Belgian Presidency of the EU,
         Sweden the current EU Presidency and the UK. The Telecommunications
         Working Party was unable to resolve the differences because of:
         
         "the refusal by certain delegations (GR, I, NL) and by the
         Commission to see the text of the present directive changed on this
         point. The latter underline the importance and sensitivity of this
         issue which affects human rights and fundamental rights."
         
         Thus Greece, Italy and the Netherlands together with the Commission
         oppose the change. The Commission and Italy also opposed a change
         to Article 15 put forward by the UK. The grounds on which national
         laws can derogate from the basic principles, including the
         obligation to erase traffic data, are different in the two current
         EU Directives. The grounds in the General Data Protection Directive
         are broader than those in the later Directive on Telecommunications
         Data Protection this was because the latter covers the principle of
         the confidentiality of communications. The General Directive covers
         many sectors and a large range of data roles. The UK wants to
         change this and insert the broad range of exceptions, plus adding
         public health, which would allow national laws to derogate from the
         protections now in force.
         
         Indeed the intention of the UK is quite explicit, it wants to
         ensure that Article 15 allows the general retention of data and the
         Swedish Presidency is proposing that the following is added to
         Article 15.1:
         
         "Member States may provide for the retention of data for a limited
         period justified on the grounds of Article 15.1 in conformity with
         the general principles of community law"
         
         Data Protection Working Party letter
         
         The EU's Data Protection Working Party has sent a very strongly
         worded letter to the President of the European Parliament, the
         President of the European Commission and the Presidency of the
         Council of the European Union. Their views speak for themselves:
         
         "It is not acceptable that the scope of initial data processing is
         widened in order to increase the amount of data available for law
         enforcement objectives. Any such changes in these essential
         provisions that are directly related to fundamental human rights,
         would turn the exception into a new rule. Systematic and preventive
         storage of EU citizens' communications and related traffic data
         would undermine the fundamental rights to privacy, data protection,
         freedom of expression, liberty and presumption of innocence. Could
         the Information Society still claim to be a democratic society
         under such circumstances ?"
         ______________________________________________________________
         
    
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe, visit http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    -------------------------------------------------------------------------
    



    This archive was generated by hypermail 2b30 : Tue Jun 26 2001 - 10:55:57 PDT