Business

Government on EU data retention mission

Net Results/Karlin Lillington: As if it weren't bad enough that we have a constitutionally questionable phone data retention…

Fri May 07 2004 - 01:00

Net Results/Karlin Lillington: As if it weren't bad enough that we have a constitutionally questionable phone data retention scheme in place - one snuck in without any public discussion or Dáil debate - the Republic now has the ignominy of joining an ill-conceived push for a European-wide retention scheme.

Along with Britain, France and Sweden, Ireland has put forward a motion to the Council of Ministers of Justice and Home Affairs to introduce communications data retention throughout Europe.

Data retention is the gathering and storage of the traffic data information about your phone, mobile and fax calls, as well as emails and internet usage. Traffic data reveals where you were when you made calls, who you made them to, and the duration.

The content of communications is not held per se but, as anyone familiar with email headers or the way in which internet page addresses are constructed, a wealth of content and fine detail can be gleaned from this information alone.

READ MORE

Email to and from information, and internet sites visited, would also be stored under the proposal for periods of one to three years, with scope for individual EU states to hold data for longer.

Yet the State has already been threatened several times with High Court proceedings by Irish Data Protection Commissioner Joe Meade, who questioned the legality of the secretive way in which it introduced data retention. A Cabinet decision in April 2002 guaranteed retention could be imposed without public announcement or Dáil debate, because Cabinet decisions fall under confidentiality protections.

The direction imposed an extraordinary surveillance regime on the State's citizens - gathering information about Irish people and storing it for three years. In the past, technically a warrant was required to hold data for such long periods of time on a citizen. Now it is a wholesale exercise on the entire population.

Mr Meade has been demanding for almost three years that the State replace this secret direction with properly debated legislation on data retention - how it is done, when, why, who has access to the information, when it is destroyed and so forth.

For serious investigations, telecommunications data are needed but, as with the gathering of physical objects under search warrants, the practice needs strict guidelines and limitations.

We all accept that law enforcement should not have the right to enter a private home and gather items just because there might be something that seems incriminating among a person's belongings.

"Seems" is a key concept here, for democratic societies reject the notion that fishing expeditions through private citizens' lives are an acceptable way of doing criminal research.

But when there is a reasonable case and evidence growing against an individual, we have a system that allows very senior law enforcement or legal figures to grant a warrant for information gathering.

But data retention is based on the notion that everyone is potentially guilty until proven innocent, and that elements of everyone's private affairs should be gathered and stored "just in case".

The fact that such a wealth of data is under storage makes it very tempting for fishing expeditions and abuse - temptations that have been yielded to time and again when such databases are in existence, as has been internationally documented.

This odious system has now been in place in the State for two years and we have yet to see even a draft Bill on the subject.

Now our Government apparently wants our European fellow nations to enjoy the same open-to-abuse, business-damaging, appalling data retention scheme they secretly imposed on us two years ago.

Our Government also seems to think that Europe deserves even more surveillance, usable under even more circumstances, than it has imposed on us so far.

The EU-wide proposal is even broader in scope than a Belgian 2002 proposal for data retention that, when leaked by privacy rights organisation Statewatch, was immediately shot down by business and citizens' rights groups in that country.

The new proposals allow for even longer retention than we have here; it greatly expands the allowable use of such data from 32 specific serious crimes and terrorist offences to "any crime"; it specifically allows data to be used not for criminal investigations but in the "prevention and detection of crime"; and moves far beyond what US law enforcement agencies would ever consider imposing on US citizens.

Already European business interests, especially the telecommunications industries, have protested against data retention proposals because of the costs and risks. What business wants the State holding sensitive information like its phone and email logs, for example?

Esat/BT has estimated that it would cost €8 million per server per year to store and manage data under a proposed Irish regime to retain call and location data, email and internet details.

klillington@irish-times.ie

http://weblog.techno- culture.com

Business Today

Business Today

Get the latest business news and commentary from our expert business team in your inbox every weekday morning