--- http://www.thetimes.co.uk/article/0,,5-2001213193,00.html PLANS by Brussels to force Internet service providers (ISPs), such as BT and AOL, to store detailed logs of their customers Web activities a retrograde step that could compromise privacy and damage e-commerce. http://www.thescotsman.co.uk/business.cfm?id=83701 THE CBI criticised the government's failure to block EU proposals that will allow member states to impose blanket data retention on telecoms and ISPs. --- Related news: Europe weighs recording all phone calls, Net traffic for 7 yrs http://www.politechbot.com/p-02035.html More on Europe recording phone calls, Net traffic for 7 years http://www.politechbot.com/p-02043.html --- http://www.cbi.org.uk/ndbs/press.nsf/0363c1f07c6ca12a8025671c00381cc7/ccfce800c251d49c80256a7300507a26?OpenDocument CBI DISMAYED BY GOVERNMENT STANCE ON DATA RETENTION The CBI is alarmed and dismayed the government has failed to block plans in Brussels that will allow member states to impose blanket data retention requirements on telecommunication and internet service providers (ISPs). "We are dismayed that senior officials in Brussels, including those from UK, have agreed an amendment to the telecommunications data protection directive, which will allow member states to impose blanket data retention requirements on their own service providers. "We believe this will undermine trust and confidence in elelctronic commerce and discourage investment in e-commerce in the EU", said the CBI's Head of E Business, Nigel Hickson. The CBI urges the minister of state for e-commerce Douglas Alexander and colleagues in other member states to veto this proposal when it comes before the Telecommunications Council on Wednesday June 27. In the last few days Brussels officials have paved the way for member states to provide for mass retention of data on e-mail recipients, addresses of websites visited and data on times when customers log into ISP's. Currently such service providers are only allowed to retain such data for billing purposes. "We call on the Government to take all action to prevent unwanted traffic data retention requirements on service providers. So we strongly urge the DTI to ensure the UK vetoes any weakening of Data Protection laws when this is discussed at the Council of Ministers this month. We will also be lobbying the Home Office in a similar vein" said John Stewart, chair of the CBI's E-business Council. 22 June, 2001 Notes to Editors: The European Union is currently reviewing directive 97/66/EC which deals with data protection in the telecommunications sector. There have been calls from the law enforcement community to amend Article 6, which currently prohibits data retention, allowing member States to demand data retention by service providers. The directive has been discussed by the Committee of Permanent Representatives in Brussels (COREPER) and will be voted on by the EU Telecoms Council on June 27. Please note Traffic Data does not mean e-mail content. It covers information about internet activity; for example 1) addresses of people you have sent email to. 2) websites visited. 3) newsgroups used. 4) times people log in and log out of ISP's. Media Contact: Sam Parkhouse, CBI Press Office: 020 7395 8093 - e-mail: sam_parkhouseat_private Out of hours pager no 076 2680 9070. --- http://www.statewatch.org/news/2001/jun/07retention.htm Statewatch Observatory on Surveillance in Europe (S.O.S.Europe) EU governments' to decide on retention of telecommunications data (including internet usage) by law enforcement agencies - Commission and Data Protection Working Party oppose move - UK leading the campaign for data retention ______________________________________________________________ The debate over the retention of telecommunications data by EU states for the purposes of giving access to the law enforcement agencies is reaching the crunch stage. At the Telecommunications Council in Brussels on 27-28 June the decision may be made to back demands by the UK and other governments for data to be retained for use by the agencies. The European Commission are strongly opposed to the changes as are a number of the rapporteurs in the European Parliament. The chair of the EU's Article 29 Data Protection Working Party has sent letters to the President of the European Parliament, Mr Prodi of the Commission and the Council expressing its strong opposition to any changes in the draft measure: Letter from Rodota: full-text The battle lines in the Council at the beginning of June showed the incoming Belgian Presidency and the current Swedish Presidency backed by the UK demanding changes - to the planned new EU Directive on personal data and the protection of privacy in the field of electronic commerce - to allow the retention of telecommunications data for law enforcement agencies. Opposing this move were Greece, Italy, Netherlands and the Commission. At the Telecommunications Council on Wednesday it will be open to the Council (the 15 EU governments) to back the demand now fronted by the UK. The new Directive, which is simply intended to update the current laws, has to be agreed under the co-decision procedure whereby the the Council, Commission and Parliament have to agree on the new measure. The background is on the Statewatch Observatory on Surveillance in Europe: S.0.S. Europe ______________________________________________________________ The latest available draft of the Council's discussions on its "common position" shows that the demands of the law enforcement agencies are centred to two key provisions in the draft new Directive: Article 6 on "Traffic data" and Article 15 which allows EU states to derogate from the provisions on an individual basis and allow law enforcement agencies access to traffic data (including internet usage). Draft dated 31 May (9337/01): Full-text (pdf file) The first key provision, Article 6.1. on Traffic data reads as follows: "1. Traffic data relating to subscribers and users processed and stored by the provider of a public communications network or service must be erased or made anonymous when it is no longer needed for the purpose [upon completion] of the transmission of a communication without prejudice to the provisions of paragraphs 2, 3, and Article 15, paragraph 1 4." (bold are changes proposed by the Council; the [] show deletions) These changes were put forward by the Swedish Presidency of the EU. A number of EU governments and the Commission oppose the addition of the reference to Article 15. However, in a footnote there is an alternative wording put forward by Belgium, the incoming EU Presidency from 1 July. This reads as follows where "B" stands for Belgium: " Alternative text proposed by B for Article 6, paragraph 1: "Traffic data relating to subscribers and users processed for the purpose of the transmission of a communication and stored by the provider of a public communications network or service may upon completion of the transmission only be processed for legitimate purposes as determined by national law or applicable instruments. Within the scope of this directive, those purposes can be no other than those mentioned in paragraphs 2 and 3". The effect of this proposal is to delete the provision that data should be erased or made anonymous and to insert another purpose (ie: other than for checking billing for customers) saying it can be "processed for legitimate purposes determined by national law" - in other words it would allow each EU member state adopt a law saying data may be retained for law enforcement purposes for periods of 12 moths to 7 years. The discussion in the Council (between the governments) Another document, also dated 31 May, reveals much more detail of the discussion in the Council and the differences between EU governments. Both of these documents need to be placed in context. Both are intended to lead to the adoption by the Council of a "common position" on the proposed new Directive before the European Parliament has completed its First Reading vote and adoption of its report. Strictly the Council should wait for the parliament but it applies an informal "rule" (created by the Council) which says the parliament has only three months to decide its position. Moreover, the formulation that the law to allow data retention for law enforcement agencies should be agreed at national law will allow government "spin-doctors" to say that it is not binding and that therefore there is no EU policy on the issue - an examination of the background documents produced since last autumn show that for data usage to work for law enforcement purposes it has to operate in every EU country and in all the applicant countries. The second document: Text (9356/01) reveals the divisions between the EU governments. The report opens by noting that the Commission has proposed that Article 6.1 remain intact - that is, to maintain EC law as set out in the existing Directive which says that traffic data "must be erased or made anonymous on completion of the transmission, except for billing purposes". It goes on to say: "Three delegations (B, S, UK) have placed a reservation on the Commission proposal by requesting the abandonment of paragraph 1 on the principle of the erasure of data or making it anonymous. These delegations in fact hold that this principle does not take into account the needs of the repressive authorities" (translation from French) B, S & UK stands for the incoming Belgian Presidency of the EU, Sweden the current EU Presidency and the UK. The Telecommunications Working Party was unable to resolve the differences because of: "the refusal by certain delegations (GR, I, NL) and by the Commission to see the text of the present directive changed on this point. The latter underline the importance and sensitivity of this issue which affects human rights and fundamental rights." Thus Greece, Italy and the Netherlands together with the Commission oppose the change. The Commission and Italy also opposed a change to Article 15 put forward by the UK. The grounds on which national laws can derogate from the basic principles, including the obligation to erase traffic data, are different in the two current EU Directives. The grounds in the General Data Protection Directive are broader than those in the later Directive on Telecommunications Data Protection this was because the latter covers the principle of the confidentiality of communications. The General Directive covers many sectors and a large range of data roles. The UK wants to change this and insert the broad range of exceptions, plus adding public health, which would allow national laws to derogate from the protections now in force. Indeed the intention of the UK is quite explicit, it wants to ensure that Article 15 allows the general retention of data and the Swedish Presidency is proposing that the following is added to Article 15.1: "Member States may provide for the retention of data for a limited period justified on the grounds of Article 15.1 in conformity with the general principles of community law" Data Protection Working Party letter The EU's Data Protection Working Party has sent a very strongly worded letter to the President of the European Parliament, the President of the European Commission and the Presidency of the Council of the European Union. Their views speak for themselves: "It is not acceptable that the scope of initial data processing is widened in order to increase the amount of data available for law enforcement objectives. Any such changes in these essential provisions that are directly related to fundamental human rights, would turn the exception into a new rule. Systematic and preventive storage of EU citizens' communications and related traffic data would undermine the fundamental rights to privacy, data protection, freedom of expression, liberty and presumption of innocence. Could the Information Society still claim to be a democratic society under such circumstances ?" ______________________________________________________________ ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. To subscribe, visit http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Tue Jun 26 2001 - 10:55:57 PDT