The Department of Justice's proposed data retention Act will inevitably lead to misuse and abuse, writes Karlin Lillington
'If you've done nothing wrong, you don't have to worry." That's been one of the key arguments presented by governments and law-enforcement agencies across the world as they attempt, in the wake of September 11th, to bring in new surveillance and data retention schemes.
The Minister for Justice, Mr McDowell, implied as much when he recently defended the Department of Justice's secretive plans to introduce just such a regime in the Republic.
Since early summer, his department has been drafting a Bill which would require the retention of detailed traffic information about all of your personal and business phone calls, mobile calls, faxes, e-mails and Internet surfing habits in gigantic databases for a minimum of three years - the longest period proposed by any EU state.
Under EU data protection and privacy directives, such detailed and intimate information can now just be held to fulfil billing needs - usually, three to six months - then must be destroyed. With this proposal, such information would be retained only on the grounds that you - and every single Irish citizen - are a potential suspect whose everyday activities may need to be investigated in coming years.
Such information, Mr McDowell insisted on News at One, would only be accessed by the Garda in appropriate investigations (although the Department of Justice recently told the Council of Ministers that not one Garda investigation had been hampered by the lack of the kind of data-retention scheme it is now proposing). But what is an appropriate investigation and who decides what is "wrong"?
The Garda Síochána's ongoing attempts to force Deputy Brendan Howlin (Labour) and Senator Jim Higgins (Fine Gael) to hand over their personal phone and fax records underlines just how slippery such determinations can be and how open to potential misuse and abuse.
This is a bizarre and inappropriate request. The gardaí say they believe the records will reveal who provided details of alleged Garda corruption in Donegal - information that was so convincing to Mr McDowell's predecessor that it led to the establishment of the tribunal of inquiry into Garda activities in Donegal and helped to expose the sordid McBrearty affair.
How would the Garda respond to similar demands for detailed phone records of calls to its crucial confidential crime hotlines, which rely totally on a guarantee of anonymity for citizens who supply information?
The promise of anonymity and protection of personal privacy is a concept which has long benefited society. As Mr McDowell reiterated last week, the right - and obligation - of TDs to protect the confidences of whistle-blowing citizens was established in a Supreme Court ruling in 1992, a consequence of revelations which led to the beef tribunal.
Last week, the Labour leader, Mr Pat Rabbitte, said: "If the gardaí establish a right of access to telephone records of TDs and senators, what will be the next step?"
The next step is on its way, embedded in the introduction of data-retention laws that assume we are guilty until proven innocent and which would stockpile years of information, instead of the limited range of records under current law. While members of the Oireachtas may have the privilege of protecting their informants - at least for the moment - what about citizens who take information instead to one of the Government's new range of corporate and citizen watchdog organisations? Or, for that matter, to a journalist?
Mr McDowell has said access to information held in databases would be strictly controlled, yet the State itself has admitted to secretly allowing inappropriate surveillance on individuals' telephone calls in the past.
Back then, such efforts required wiretapping and bugging. Now, we all use devices which leave easily-traced digital footprints everywhere.
The vulnerability of such information has led Europe's Data Protection Commissioners to consistently and strongly oppose holding data traffic records of any sort for longer than six months. The commissioners have also noted that retaining data for such long periods keeps years of personal data available for trawling expeditions. Already, existing databases are regularly misused in this way.
For example, Detroit's main newspaper, the Free Press, has revealed that more than 90 Michigan police officers, dispatchers, federal agents and security guards have abused the Law Enforcement Information Network, a database which is supposed to be used for fighting crime. Instead, it was used to get information to intimidate and harass individuals, to produce details for officers' child custody battles and to get personal information on women whom male officers found attractive. One Michigan officer is accused of planning his wife's murder using the network.
In Nevada, a former FBI agent was convicted of selling sensitive informant details and data on ongoing criminal investigations from police databases to criminals and the Mafia.
The entire police department of a city in Indiana was barred from using an FBI database after it was caught regularly trawling for information on people it - but not the courts - had decided were suspects. In several US states, police used databases to intimidate workers on election campaigns for candidates they opposed.
In Australia, an officer used a police database to run nearly 7,000 searches on women in two months while in California, a 14-year veteran of the Drug Enforcement Administration was recently jailed for 27 months for selling sensitive information on individuals that he pulled off police databases.
More than the Garda though would have access to our records. Mr McDowell noted that telecommunications companies and Internet service providers would be expected to store and administrate their respective stockpiles of our personal data traffic data.
So it's a bit worrying that last month, half a dozen senior executives of major Finnish telecommunications company Sonera - including its former chief executive - were arrested on charges of misusing its customers' personal phone record data. Why? They were trying to track down who might have leaked information about the company to journalists.
So, the next step, Mr Rabbitte? The next step is that the Oireachtas must resoundingly reject any attempt by the Department of Justice to bring in a surveillance-enhancing and misuse-prone data retention Bill.