Digital Rights Ireland

Data Retention Directive Passed

Yesterday morning (14th December 2005) the European Parliament passed a Directive mandating member states to introduce surveillance of all European citizens in their daily lives.

Digital Rights Ireland deplores the decision of the large parties in the European Parliament to collude with the Council of Ministers in this back-room deal, by-passing the compromise proposal proposed by the Parliament Rapporteur from the Committee for Civil Liberties, Justice and Home Affairs, Mr. Alexander Alvaro.

The Directive mandates that EU member states, including Ireland, are to track the location of all mobile phones, all calls made from land lines and mobile phones, as well as all information on individuals’ internet and email usage. This will include keeping records of all web sites visited, the senders and recipients of all emails and the use of any other Internet Protocol (IP) based communication such as the increasingly popular Voice over IP (VoIP) phone providers such as Skype.

Digital Rights Ireland chairman, TJ McIntyre responded “We will be campaigning for a full and public consultation process before the Irish implementing legislation is drafted. So far, data retention measures have been negotiated behind closed doors, with a haste justified by artificial urgency. The citizens of this country deserve an open and inclusive debate before any further freedoms are taken away.”

Privacy Under Attack

Ireland has already had surveillance of this kind for some years. The existing rules required details of telephone use and mobile phone location to be stored for three years. This was initially introduced in secret in 2002, and was placed on a statutory basis only this year, by way of a last-minute amendment to pending legislation. This amendment was introduced without prior warning or consultation, and rushed through with little debate.

However, this European law goes further. It extends monitoring to cover all internet use. It will require Internet service providers to record details of every email you send and every web page you visit. The Directive requires this information to be kept for a minimum of 6 months, but allows national governments to adopt longer periods if they wish. The Irish Government already requires your telephone records to be held for 3 years and seems set to apply the same to these new areas.

In addition, this law, since it was adopted in Europe, is immune from challenge under our Constitution. No Irish judge will be able to decide whether this law amounts to a breach of the constitutional right to privacy. Digital Rights Ireland is concerned that our Constitutional rights can be evaded so easily.

A Rushed Job

This directive was the fastest ever to be adopted by the European Parliament – moving from initial European Commission draft to final vote in less than three months, as opposed to the usual period of over a year. The rush was attributable to the UK Presidency’s need to have the matter dealt with during their term of office.

Gay Mitchell MEP, who broke with Fine Gael’s grouping (the European People’s Party) to vote against the law said, “I do not know why this proposal was rushed. The extremely accelerated legislation procedure has meant that there was little time for discussion, and translations were sometimes unavailable. There was also no time for a technology assessment or for a study on the impact on the internal market.”

Internet business groups have decried the Parliament’s decision. The umbrella group for European Telco and ISP industry associations warned “This directive will impose a significant burden on European e-communications industry, impacting on its competitiveness. However, only a fraction of the e-mail services used today would be covered by the EU Directive as the world’s largest e-mail providers are not in Europe, allowing criminals to easily circumvent the rules.”

Michele Neylon, of Carlow-based Blacknight Hosting echoed this warning “Although, as a responsible company, we can appreciate the spirit of the legislation, I feel that this legislation’s introduction will have a negative impact on industry, while it will fail to address its own objectives.”

“It is disappointing that the European Parliament has seen fit to support such a draconian and disproportionate directive. Those MEPs who voted in favour of data retention have shown an alarming disregard for Europeans’ civil liberties and human rights. We will now be looking at what can be done both in the European Court of Human Rights, and on a national level, to overturn – or at least limit – this legislation.”- Suw Charman, Open Rights Group (UK)

Gus Hosein, Visiting Fellow of the LSE and Senior Fellow of UK-based watchdog Privacy International said “The EU used to set the standard for privacy protection. Now because of pressure from the UK and Ireland, the EU is ‘going it alone’ and leading the world in surveillance of all of our interactions and movements in the information society.”

Ireland’s Response

The Irish Minister for Justice, Mr. Michael McDowell, who was one of the promoters of Data Retention in the Council of Ministers, has now threatened to take a legal challenge to this directive to the European Court of Justice. This is the result of an argument over whether the European Commission and Parliament should have had any role in determining what Mr. McDowell argues was a matter solely for the governments. Digital Rights Ireland would welcome this development, and calls on the Minister not to pull back from his stated position, which is also supported by the government of Slovakia.

Digital Rights Ireland, along with other European rights groups and industry representatives, have argued that data retention is a disproportionate invasion of everyone’s privacy. It treats everyone using a telephone or the Internet as a suspect, putting every man, woman and child in Europe under surveillance. Data preservation, which rights groups prefer, would target only those actually suspected of being engaged in criminal activities, and would implement adequate safeguards such as court orders and warrants

Following the formality of Council of Ministers’ approval for this law, Ireland will have 18 months in which to draft national legislation to implement its terms, pending the outcome of the Minister for Justice’s mooted challenge to the validity of this directive.

As befits the public significance of this kind of legislation, Digital Rights Ireland will vigorously seek to assist policy makers in drafting proportionate and secure national laws.

We will also be campaigning for adequate safeguards to be put in place before this new law is implemented. These must include minimising the time for which your information is stored, limiting the circumstances in which your information can be accessed, providing for adequate oversight of the data retention system, and requiring independent approval before your personal information can be accessed. Without these safeguards, details of your phone calls, your internet use, and even your whereabouts will be wide open to abuse.

14 comments December 15th, 2005

Last chance to fight EU data retention

Next Tuesday, the 13th of December, the European Parliament will vote on a Data Retention Directive. This proposes to extend data retention to the Internet, and will result in your ISPs logging every email you send, every web page you visit, and everything else you do online and storing that information for several years.

We urge you to email, fax or phone your MEPs as soon as possible to express your opposition to this measure, which will introduce mass surveillance of every man, woman and child in the EU.

As to what you should say, it is best if that comes directly from what you consider important. However, Privacy International and EDRI have adopted a position (which DRI has endorsed) setting out five key criticisms of the Directive. Feel free to copy and paste these if you wish.

1. This Directive invades the privacy of all Europeans. The Directive calls for the indiscriminate collection and retention of data on a wide range of Europeans’ activities. Never has a policy been introduced that mandates the mass storage of information for the mere eventuality that it may be of interest to the State at some point in the future.

2. The proposed Directive is illegal. It contravenes the European Convention on Human Rights by proposing the indiscriminate and disproportionate recording of sensitive personal information. Political, legal, medical, religious and press communications would be logged, exposing such information to use and abuse.

3. The Directive threatens consumer confidence. More than 58,000 Europeans have already signed a petition opposing the Directive. A German poll revealed that 78% of citizens were opposed to a retention policy. The Directive will have a chilling effect on communications activity as consumers may avoid participating in entirely legal transactions for fear that this will be logged for years.

4. The Directive burdens EU industry and harms global competitiveness. Retention of all this data creates additional costs of hundreds of millions of Euros every year. These burdens are placed on EU industry alone. The U.S., Canada and the Council of Europe have already rejected retention.

5. The Directive requires more invasive laws. Once adopted, this Directive will prove not to be the ultimate solution against serious crimes. There will be calls for additional draconian measures including:
* the prior identification of all those who communicate, thus requiring ID cards at cybercafes, public telephone booths, wireless hotspots, and identification of all pre-paid clients;
* the banning of all international communications services such as webmail (e.g. Hotmail and Gmail) and blocking the use of non-EU internet service providers and advanced corporate services.

Helpfully, we in Ireland are in a unique position to lobby our MEPs – because the Government has already stated it is so opposed to this particular draft that they will bring a case to the European Court of Justice to block it if the European Parliament approves it. Thus even MEPs from the Government Parties have no reason to support the proposed text in Tuesday’s vote.

It is not too late to stop this law: please join us by contacting your MEPs to say no to a surveillance society.

5 comments December 9th, 2005

Keeping Your Rights In An Information Age

Digital Rights Ireland (DRI), a new group aiming to “Protect Civil, Legal and Human Rights in a Digital Age”, was launched on Tuesday 6th December 2005 in Pearse Street Library, Dublin.

Digital Rights Ireland is chaired by UCD Law Lecturer TJ McIntyre and is comprised of academics, journalists and technologists. DRI believes that citizens’ digital rights are being eroded – the rights we expect in the real world are being stripped from us in the online world. Mr. McIntyre said that DRI intends to “inform the public about their digital rights, to educate policy makers on the importance to a knowledge economy of strong protections for those rights and to lobby for law reform in those areas where change is needed.”

Continue Reading 3 comments December 6th, 2005

DRI Formal Launch

December 6th sees the formal launch of Digital Rights Ireland, with a press conference in the Conference Room, Pearse St. Library, Dublin 2 at 11.00am. (Directions.) We would like to invite to you to come along – we’d welcome your support, and the chance to chat with you about your concerns after the main conference. Please feel free to invite anyone else who you think would be interested in digital rights. To give us an idea of numbers, we’d appreciate an email to contact@digitalrights.ie to let us know if you’re planning on coming along.

3 comments December 1st, 2005