Data Protection Commissioner says data retention must be limited to serious crime
April 11th, 2006
At the launch of the Data Protection Commissioner’s 2005 Annual Report today Mr. Billy Hawkes, the Commissioner, strongly criticised the current Data Protection laws and suggested in his report that the implementation of the European Data Retention Directive into Irish law ought to be used by the government as an opportunity to revisit some of the provisions passed last year.
Specifically, the Data Protection Commissioner suggested that
“it would be helpful if the revised Irish legislation limited the right of Garda access to cases of serious crime and if the safeguards against potential abuse of such access rights were strengthened.”
The significance of this was made clear today when Mr. Hawkes revealed that the call details of hundreds of calls were being accessed by the Gardaí every month.
This is worrying. The data retention legislation was introduced on the basis that it was necessary to deal with serious crime and terrorism and would be used sparingly. Instead, the Data Protection Commissioner’s comments suggest that it’s being used as a matter of course.
In fact, as the law stands Gardaí do not require even to be investigating a specific crime to gain access to call data under these provisions. Access to the call records of everyone in the state is granted on the basis that it may be needed to prevent crime. This is an issue which affects the personal privacy of everyone in the state.
In a press release in response we said:
“Under Irish law, your telephone records are being stored for three years. This includes the location of your mobile phone at all times. The Garda can find out who you rang or where you were up to three years ago without any approval from a judge: all that is required is the signature of a senior garda. The comments of the Data Protection Commissioner about the manner in which this power is being used are worrying. The law must be changed to limit disclosure to serious offences only and to ensure that information is only disclosed where it is genuinely necessary. We must make sure that the phone records of innocent citizens are not revealed indiscriminately.”
Entry Filed under: DRI, Data Retention, Mass surveillance
7 Comments Add your own
1. Mick Wright | April 14th, 2006 at 6:43 pm
This retention of info act is disgraceful. Surely anyone involved in crime would easily circumvent this with phone encryption or by using an outside proxy to hide their trail of mischief.
Given this the ONLY people left are the innocent. For this reason it must be accepted that the new act is not used to find criminals but rather to spy on the rest of us.
Might I suggest that we have a national OVERLOAD day when we all phone a friend and begin talking about crimes we have NO INTENTION of becoming involved in (remeber to mention this in the call somewhere). That should screw them up nicely!
If a thousand concerned individuals made 20 calls on this day we would simply overload anyone listening in and give them many years of sifting heaps of junk.
2. Deirdre Kilroy | May 26th, 2006 at 9:27 am
Interesting that the Germans are moving to resist data retention.
http://www.edri.org/edrigram/number4.10/dataretentionde
3. Peter Harrison | June 27th, 2006 at 3:53 pm
Mick – you are missing the point. This legislation is not about recording or mining content. It’s about having telcos retain for a couple of years the data they currently use for billing – source, destination, location, etc – and making it available to the authorities.
4. alternative party »&hellip | May 18th, 2007 at 12:07 am
[...] “Under Irish law, your telephone records are being stored for three years. This includes the location of your mobile phone at all times. The Garda can find out who you rang or where you were up to three years ago without any approval from a judge: all that is required is the signature of a senior garda.” see Digital Rights Ireland Minister McDowell says it is necessary to combat crime and terrorism. Translation: in order to preserve your freedom we must take away your freedom. [...]
5. Barry | May 22nd, 2007 at 8:56 am
Looks like we won’t have a change of government, pity, I have had contact with Jim O’Keeffe and he is interested in reviewing this legislation, he understands the risks.
6. Barry | May 24th, 2007 at 2:31 pm
The latest edition of EDRI-Gram (http://www.edri.org/) has the following commentary on the implementation of the Data Retention Directive in the UK. They seem to have been influenced by ‘the McD syndrome’ i.e. slip it in, leave it wide open to abuse…..
UK implements the Data Retention Directive
============================================================
The UK Home Office is presently implementing the Data Retention Directive
that will oblige telephony and internet service providers to keep data for
12 months. The decision was taken without any debate by simple “affirmative”
votes in the parliament and the Directive is to be implemented by 15
September 2007 for fixed and mobile telephones and 18 months later for
internet services (including VOIP telephony).
The Home Office intents to implement the Directive by a Regulation that will
replace the current “voluntary” Code and does not seem to have taken into
consideration any risk related to the privacy of personal data.
Moreover, the government says that the EC Directive covering serious crime
can be used for any crime and that there is no need for public or
parliamentary discussion on privacy, civil liberties or human rights issues
as these have already been discussed at the EU level.
Tony Bunyan, Statewatch editor, comments:
“The collection and retention of everyone’s communications data is a
momentous decision, one that should not be slipped through parliament
without anyone noticing as the government plans to do.
The government’s proposal changes a voluntary agreement into a binding law,
on these grounds alone there should be primary legislation.
Moreover, the EC Directive limits the purpose for which data can be retained
to “serious crime” but the government intends to extend the scope to all
crime however minor.”
Having in view the character of the data retained, consumers and telecoms
companies need safeguards concerning the use of these data. Under the EC
Directive, all countries are required to adopt measures that ensure the data
can only be used by competent national authorities. Yet, UK’s draft
regulation and consultation process makes no reference on this. Also there
is nothing in the Regulation covering sanctions and remedies for
unauthorised use of the data as stipulated in the EC Directive.
Further more, the data can also be obtained in the absence of existing court
proceedings and can be available to anyone who can convince the Courts that
they have a right to access them.
Keeping personal data should help law enforcement authorities in their fight
against crime and for national security purposes. On the other hand, telecom
companies must protect their customers’ privacy and, according to the draft
regulations, they will not be able to protect these data by destroying it.
The only positive element for them is that, at least, the government
proposes to compensate them for compliance costs and litigants are obliged
to pay for disclosure of documents which they request from third parties.
Mandatory data retention in the UK – Statewatch analysis (05.2007)
http://www.statewatch.org/news/2007/may/uk-data-ret.pdf
Data retention: a balancing act for telcos (10.05.2007)
http://business.timesonline.co.uk/tol/business/law/article1774049.ece
7. Mick Wright | January 7th, 2008 at 3:06 pm
Peter,
Hmmm… not really missing the point regardless of wheter its legal, illegal, there is simply NO WAY to catch someone who circumvents the technology by not allowing their NAME to be associated with the DEVICE!… If I were planning a terrorist attack I certainly would not be likely to use my own mobile phone to plan it… Its like the ID cards…what sort of terrorist carries an ID card with them?
The only thing the authorities will have is a long list of legitimate phone calls from the average joe on the street. And a host of phone calls which look dodgy but there is no way to trace the caller, surfer, etc.
What possible good is that to anyone?? true my phone can be tracked to where i was at 4pm on 15th may 2005…but thats not much good if I were a criminal and tossed my pre paid phone into the liffey after a bank job now is it?
This stinks of the excuse that ’speed bumps’ everywhere will sort out joyriders… when in fact speed bumps are a magnet to those who don’t actually own the car they are driving.
Eqaully so watching everyone will only identify everyone identifyable… those who choose not to be identified will simply steal a phone, register using false ID, use once and throw away….whatever.. in the meantime the rest of us are being watched as if we are all criminals…the excuse ‘if your innocent you have nothing to worry about’ does not wash here… maybe we should get everyone in the country and tie their arms and feet together and throw them in dublin bay… if they sink they are innocent and we absolve them…if they float they are guilty and we burn them at the stake!
Leave a Comment
Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
Trackback this post | Subscribe to the comments via RSS Feed