The European Union Council of Ministers held its 2626th Council Meeting on Justice and Home Affairs in Brussels, on 2 December 2004.
The 24 page press release (.pdf) waffles about various general reports and plans e.g.
"EUROPEAN EVIDENCE WARRANT
We hope that UK and EU politicians will be reminded of the international jurisdictional and sovereignty issues highlighted by the Indymedia server seizure scandal this October.
EXCHANGE OF INFORMATION EXTRACTED FROM THE CRIMINAL RECORDS
DATA RETENTION BY TELECOMMUNICATION SERVICE PROVIDERS
SHIP SOURCE POLLUTION
TERRORISM : PREPARATION OF THE EUROPEAN COUNCIL
EXCHANGE OF INFORMATION ON TERRORIST OFFENCES
LOST OR STOLEN PASSPORTS"
These Data Retention plans should be controversial, in that they now seem to be going even further than the draconian United Kingdom plans, which were not debated in Parliament , but which were smuggled in to the Part 11. Retention of Communications Data of the Anti-terrorism, Crime and Security Act 2001
The European Union Council of Ministers are planning to force communications service providers to retain data which they do not normally retain or process for billing purposes etc. , for all types of crime, not just terrorism.
This goes well beyond even the UK's unsuccessful attempts to get the communications industry to cooperate and pay for data retention of log files etc. for which they no longer have a commercial use for, and is in direct in contravention of the Principles of Data Protection.
Just to be clear, Data Retention means trawling through the private data of the innocent majority of people, rather than focussing on the data of suspects or criminals where there is some reasonable suspicion of criminal activity.
In addition to the police state mentality of these proposals, the "justice ministers" seem to be unwilling to actually pay from their own budgets, for the vast expense of creating new IT computer systems to log and retain data, which, in many cases do not exist at present, as there is no valid commercial reason for exisiting telecommunications and internet companies to do so.
As this meeting is composed only of civil servants and justice or police ministers, someone should try to educate them on the technical and commercial facts of life and the huge bureacracratic and financial cost implications of their ideas, before they inflict them on us.
"DATA RETENTION BY TELECOMMUNICATION SERVICE PROVIDERS
The Council examined the scope of the draft Framework Decision on data retention.
The proposal implies in principle that providers of publicly available electronic communications services or networks must retain specified data allowing for establishing the source, routing, destination, time, date and duration of communications and the location of the telecommunications devices used. In its original form, the proposal seems to be limited to data already processed andstored for billing, commercial and other legitimate purposes."
Apparently this is not draconian enough, so they are planning an even more expensive and intrusive option:
"But this approach would imply that the possibilities for access to data for law enforcement purposes depend on the technical and commercial setup of each individual service provider. Some service providers apply systems, such as flat rate systems, which imply that relevant data, processed for the purpose of providing the telecommunication concerned, is erased immediately after the communication has been terminated.
Therefore the Council instructed its preparatory bodies to examine another approach implying an obligation for service providers to retain relevant data defined in a common list in the instrument, provided that the data is processed/generated by the service provider in the process of supplying the telecommunications service concerned. Particular consideration should be given to the proportionality of the measure in relation to costs, privacy (data protection) and efficiency.
This approach may lead to a higher degree of certainty for the retention of the data concerned, and is less sensitive to the commercial behaviour of the service provider and technical developments.
The service provider would be under an obligation to retain the data concerned to the extent that the data is processed/generated by the service provider, even if the data has no interest for the service provider. The level of harmonisation of Member States' legislation would be relatively high.
Judicial authorities and law enforcement authorities have during the last years increasingly expressed concerns regarding the use of the technical innovations, brought about by the continuous development of electronic telecommunications services, for the purpose of committing crimes, and the difficulties which this may cause regarding detection of crimes and investigation into crimes.
These concerns relate not only to communications by fixed phones, mobile phones, short message services (SMS), electronic media services (EMS) and multi media services (MMS). Increasingly,
they also relate to internet Protocols including Email, voice over the internet, world wide web, file transfer protocols, network transfer protocols, voice over broadband etc.
The proposal was made in the light of in particular the Declaration by the European Council of 25 March 2004 on combating terrorism. The text strongly highlighted in particular the use of telecommunications for the purpose of the commission of terrorist acts. The Declaration of 25 March proves that an instrument on data retention should be adopted by June 2005."