Telecommunication data retention
The rapporteur from the European Parliament on telecommunication data retention, Alexander Alvaro, has presented his first views on the draft framework decision in a turbulent meeting from the Committee on Civil Liberties, Justice and Home Affairs (LIBE). Alvaro proposed on 1 February 2005 to split the proposal in two, and give the European Parliament full co-decision power on the decision where it affects the internal market, on the costs and the exact list of data. Currently, the European Parliament only has a 'consultation' right on this issue. It cannot veto or amend the proposed decision, since it is considered third pillar legislation (police and judicial cooperation in criminal matters). Only the ministers from the EU member states can decide about these matters, if they reach unanimity. Alvaro doubts whether the proposal can ever meet the demands of proportionality when it comes to the Internet. He finds the proposal lacks proportionality, is in possible violation of the assumption of innocence, and contrary to the spirit of Article 15 of the E-Privacy Directive of 2002, which only allows for specific and temporary legal measures by member states, not for a harmonising decision. Concluding, he demanded a maximum term of 6 months, a limitation to data already processed by companies for business purposes and rules for general cost reimbursement.
Berichterstatter des Europäischen Parlaments zu dem Entwurf eines Rahmenbeschlusses über die Vorratsspeicherung von Daten, die in Verbindung mit der Bereitstellung öffentlicher elektronischer Kommunikationsdienste verarbeitet und aufbewahrt werden, oder von Daten, die in öffentlichen Kommunikationsnetzen vorhanden sind, für die Zwecke der Vorbeugung, Untersuchung, Feststellung und Verfolgung von Straftaten, einschließlich Terrorismus (Ratsdokument 8958/04)
Note: This is a full-length version of Mr. Alvaro's Working Paper. A version which had to be abridged due to length limitations imposed by the translation service will be presented in the European Parliament's Civil Liberties, Justice and Home Affairs (LIBE) Committee on February 1, 2005. Translations of the abridged version into all the EU's official languages will be made available on the LIBE website here, under agenda point 14. A machine translation of the full version, powered by systran, is available here.
The European Parliament's rapporteur on the retention of traffic data resulting from all kinds of electronic communications, Alexander Alvaro (Liberal, Germany) has asked the Parliament's legal service to look into the legal foundation for this report. His doubts are founded on the fact that the report contains obligations addressed to civil parties, which is a strong indication that it ought to be in co-decision. As Mr. Alvaro told EDRI-gram, he proposes to split the draft into two separate reports. The first part would contain the law-enforcement side of data retention and remain in the consultation procedure. The other part, dealing with the industry's obligations, would have to be in the co-decision procedure. Mr. Alvaro also considers going to the European Court of Justice to get a
According to a recent Dutch study into the costs of mandatory data retention, internet providers will face investments of millions of Euro. The Dutch study is the only governmental study in Europe made public so far about the costs of data retention. The EU proposal from April 2004 is very vague about the specific data internet providers will have to store, but has a very broad scope, including all kinds of new protocols and communication technologies. In November 2004, the Council of Ministers of Justice and Home Affairs (JHA) announced they would even expand that scope, and oblige providers to collect data they normally do not process. The Dutch research company KPMG has just assumed the obligation will be about e-mail log-files and about all connection data to all internet services. How providers, especially large ones, should actually deduct these kinds of data from their data streams remains a mystery.
The Council of Europe is working on a new declaration or recommendation on human rights and internet. An ad-hoc committee of experts on the information society has been meeting for the first time in November 2004, and will have a second meeting in Strasbourg on 3 and 4 February 2005. The Council does not provide any information about the proceedings or specific members of the committee, but has recently published the terms of reference. The aim of the committee is to provide "a draft political statement on the principles and guidelines for ensuring respect for freedom of expression and opinion, for human rights and for the rule of law in the Information Society, with a view to its use as a Committee of Ministers' contribution to the Third Summit of Heads of State and Government of the Council of Europe (16-17 May 2005) and the 2005 Tunis
The European Commission has published the contributions to the public consultation on the copyright and related right directives. 126 contributions are available, ranging from all kinds of right-holders to civil society. Most contributions are available in English, some in French and German. The contributions from the right-holders provide interesting insight in the arguments used to convince the Commission to extend the term of related rights from 50 to 95 years, claiming Europe should harmonise with the United States. The MPA contribution (United States Motion Picture Association) is especially worth close-reading, insisting Europe should introduce mandatory data retention for law enforcement purposes (where the United States themselves have no such obligation). "There is, thus, a need for harmonized, proportionate data retention rules that apply to all relevant service providers, together with additional measures to streamline the process for ensuring access to data on a cross-border basis. It is also essential that the adoption of new data retention rules does not undermine the rights of access to data provided in the Enforcement Directive."
The European Commission has adopted, on 7 December 2004, its annual report on the implementation of the EU electronic communications regulatory package. The report states that 20 of the EU's present 25 Member States have notified the Commission that they have adopted primary legislation transposing the package, which became law in 2002. The Commission has launched infringement proceedings against Belgium, the Czech Republic, Estonia, Greece, and Luxembourg, who have so far failed to notify transposition. All of these countries have failed to transpose the 2002 e-Privacy Directive, which is part of the package.
The Staff Working Paper attached to the report examines in particular three issues from the e-Privacy Directive, which are according to the Commission "most debated in the market and by national authorities, and which may have a significant impact on the consumer": Data retention, spam, and cookies.
The draft Framework Decision on the retention of traffic data resulting from electronic communication has been sent to the European Parliament at the beginning of December. This started the public part of the lawmaking process. But the Council of the European Union has still failed to declassify the very document that the Parliament is supposed to vote on next spring.
On 2 December 2004 the ministers of Justice and Home Affairs, united in the JHA Council, decided to focus on an extended obligation to store telecom traffic data. Instead of an obligation to store traffic data already processed by companies for billing or internal company purposes, a majority in the Council is now in favour of an obligation to collect and store all traffic data for law enforcement purposes. This includes for example location data collected when using a mobile phone, history of web sites visited, IP numbers of partners contacted in Instant Messaging services, as well addressees and senders of all e-mails sent and received. This data will have to be collected by ISPs and telecom providers, but standardised interfaces will facilitate access for law enforcement and intelligence services. With methods of data mining, the data can be assembled into detailed personality profiles, including contacts, travels, shopping habits, political, religious and sexual likes and dislikes, for all users of electronic communication.