Rights groups are worried about the Bill itself and how it is being made law, writes Carol Coulter.
When the Minister for Justice stood up in the Seanad to introduce the second stage of the 2005 Criminal Justice (Mutual Assistance) Bill, he was giving effect to an EU convention already six years old. This is the Convention on Mutual Assistance in Criminal Matters, and it covers areas as varied as accessing bank accounts across the EU, collecting and transferring evidence, producing prisoners to give evidence in other EU states, and intercepting telecommunications across national boundaries.
The 80-page Bill will transpose the convention into Irish law, and sets out the basis on which a wide range of co-operation will take place in the investigation and prosecution of crime.
Meanwhile, other measures dealing with co-operation in the criminal justice area are coming down the tracks. Two weeks ago EU justice ministers agreed on a new framework document on the retention on request of telephone and internet data for access by the police.
This has yet to be published in the EU's official journal, and will then have 18 months before it has to be transposed into Irish law.
Human rights groups have concerns both about the content of such legislation and the process by which it comes into being.
The Human Rights Commission, for example, has expressed concern that these measures are negotiated in Brussels with no advance input from the commission or from anyone else. By the time a framework decision is agreed and comes before the Oireachtas, it is too late to do much more than tinker with it.
The Heads of the Criminal Justice (Mutual Assistance) Bill were referred to the Human Rights Commission before they were published, and the commission made a number of observations, most of which were incorporated into the Bill when published.
These concerns included the need for judicial oversight of permissions to intercept telecommunications when sought for the investigation of crime; that all the measures proposed be subject to the provisions of Article 8 of the European Convention on Human Rights (on the protection of privacy); and, in relation to co-operation with the US on crime detection, that this not be used in relation to crimes for which the death penalty might apply.
The implications of the framework document on data retention have yet to be worked out in any detail. These deal not with the content of communications, which are covered by the interception provisions of the Criminal Justice (Mutual Assistance) Bill, but the identity of those making and receiving them.
They will cover phone calls to and from mobiles and land lines, and internet and e-mail communications.
Until three years ago telephone companies in Ireland used to keep records of phone calls for six years, for use for billing and marketing purposes. These records were made available to the gardaí on request to assist in crime detection.
For example, in the Michael McKevitt trial, evidence was given of the location of certain mobile phones and the time of calls between them. The law now permits these records to be kept for three years, and requires them to be provided to the gardaí on request.
Under the proposed EU framework document, such records can be kept for periods ranging from six months to two years, depending on national legislation, and made available to police forces across EU, subject to certain conditions. However, the Irish government is permitted to keep its three-year limit.
There is no Irish legislation at present premitting the retention of internet data, though this will have to be drafted in order to comply with the new Directive.
This will require the retention of log-on and log-off information and e-mail addresses, but not the content of e-mails. Asked how the content would be separated from the addresses, a spokesman for the Department of Justice said that the technology permitted the "envelope" containing this information to be separated from the content. "There will be a need for a discussion with the internet providers," he said.
He stressed that the protections that already exist under data protection legislation, the European Convention on Human Rights and the Irish Constitution would still apply.