EU Data-Retention Laws Stricter Than Many People Realized 263
An anonymous reader writes with a snippet from the Telegraph: "A European Union directive, which Britain was instrumental in devising, comes into force which will require all internet service providers to retain information on email traffic, visits to web sites and telephone calls made over the internet, for 12 months."
Watchon (Score:2, Insightful)
Welcome to the Death of the Free Internet (Score:3, Insightful)
You were here to see it.
40,000 TB of stored emails over 12 months. (Score:3, Insightful)
Thanks for your nation building projects, Eurolovers. Now you have gotten us the panopticon state, and it is never going away. Surveillance, once implemented, has never in history been cut without social upheaval.
Re:Broken summary (Score:5, Insightful)
The EU directive is not that strict, but the law in EU countries might be. An EU directive is not a law by itself, it is a directive to enact a law. The EU members can exceed the requirements of the directive, and if the UK has enacted a law which requires ISPs to store web URLs, then the UK has clearly "overaccomplished" (surprise surprise...)
Comment removed (Score:5, Insightful)
Re:40,000 TB of stored emails over 12 months. (Score:5, Insightful)
While the adoption of the data retention directive was a perfect example of backdoor decision making (to the extent that its rapporteur in the European Parliament had his name removed from it, because he did not want to be associated with the outcome), it's naive to think that without the EU this would never have happened.
In fact, Ireland already had such laws before the directive was adopted, and has been fighting the directive before the European Court of Justice because they have to *weaken* their current implementation to comply with the directive (no, this does not demonstrate how great the directive is, only how repugnant the Irish data retention laws are).
Belgium was also working on such legislation, but suspended that work when the directive was introduced, and is finishing it up now. Those are the two examples I know of, but I'm certain there are/were more.
Re:40,000 TB of stored emails over 12 months. (Score:5, Insightful)
Data retention is optional in mainland Europe but mandatory in Britain [blogspot.com]. The UK Government are using the EU to implement the laws they want, and then blaming those laws on Brussels. Our taxes, hard at work - when we're not paying for their second homes, we're paying for surveillance and the PR that sells the need for it to the main stream media. And through all this, they still have the brass balls to tell us that talk of a police state is daft [guardian.co.uk]. Where does it end? All you US'ians who have complained about Obama or Bush - consider how much worse it would be if you lived over here.
Re:Question (Score:1, Insightful)
Don't worry. I'm in the UK, run a TLS enabled mail server and will not be retaining any email data (other than general business records) on behalf of our looney government. At least, no so long as the whitehouse is able to "lose" emails or Jack Straw is able to veto the release the minutes from the Iraq war meeting.
Most small companies are going to completely ignore this and what exactly do the wankers at the home office think they're going to do about it? It's no time to be threatening or prosecuting small businesses, many are barely surviving in the current economic climate as it is.
Re:This bit intrigues me (Score:5, Insightful)
That argument is a load of rubbish (excuse the pun).
How this can possibly be used to investigate fly-tipping is beyond me: the contents of the emails aren't going to be stored, just header data such as sender, recipient, date, time, and IP addresses. What possible value can this have in identifying a fly-tipper?
If anything, it will be used as a strategy of "guilt by association". If you were in contact with someone that gets picked up for benefit fraud, or some other crime, be prepared to get investigated.
We need this kind of laws in the UK (Score:5, Insightful)
The country is full of terrorists, child molesters and subversives and something has to be done about it.
This being the UK, government needs to be able to track down and follow dangerous people that might endanger the social and political stability of the country, like: members and supporters of anti-war movements, ecologist movements, free-speech/privacy movements, Tories, Lib Dems, Scots, Welsh and Irish nationalist parties, teenagers ('cause of knife crime), investigative journalists, anybody that makes request under the Freedom of Information act, people that complain about the government, anybody that talks too loud in a 1 mile circle around Parliament, whistle-blowers of government wrongdoing and more.
As usual our masters, being wiser than everybody else, have gotten their laws passed using the EU so that they can blame it on the European Union - a trick that always works with the unwashed masses around here.
All hail the fascist-Labour party!
[Having been born in a country under a fascist dictatorship and having been raised hearing my family's stories about it, it's impressive how things in the UK are slowly moving towards a modernized version my mental image of how it was - in the UK we now even have police adverts pretty much telling people to denounce their neighbors.]
Re:Perhaps this is the story you were after. (Score:5, Insightful)
Re:We need this kind of laws in the UK (Score:5, Insightful)
Arms race (Score:5, Insightful)
Most of these have been tools for privacy freaks and people with something to hide. Running them is enough to raise suspicion. But these kind of data retension measures are much more likely to force such tools to become mainstream. This could backfire on law enforcement and security forces in ways they really don't want.
Re:Broken summary (Score:5, Insightful)
No no, it's fine - "The UK government has agreed to reimburse ISPs for the cost of retaining the data."
I run a small ISP for 5 users. I estimate that I will need 27 new servers to handle the data, and that it will take me 42 days to implement, at my standard rate of £1000/day plus expenses.
It will be a big project, so I will need to employ all of my friends and every member of my family to consult on the work, for the full duration of the project, at their standard rate of £500/day.
Where do I send the bill? I'll ask Jacqui Smith, I've heard she knows the address of the expenses department.
Re:Broken summary (Score:5, Insightful)
Yeah, from what I read the German implementation only requires ISPs to retain the connection data to their service, i.e. when someone was connected, what IP he had then, etc. Stuff you'd have thought they were retaining anyway. For phones the requirement is to retain a log of all phonecalls, again something I'd expect them to do for billing and traffic analysis alone already. What did get people up in arms was the idea to install malware to monitor computers but the guy who proposed that seems to be enamoured with the idea of rebuilding the Reich anyway.
Of course I might have missed some later additions if they happened. Wish the Brits good luck with their web browsing logging and hope the citizenry will get some HTTP noise makers (connecting to random websites a lot) to make the logs truly useless.
The name is Bond (Score:1, Insightful)
"Technology .. Stasi .. dreamed of" (Score:4, Insightful)
"Hundreds of public bodies and quangos, including local councils, will also be able to access the data to investigate flytipping and other less serious crimes."
quangos - non-governmental organization performing governmental functions.
This could mean deputised cyber vigilante groups targeting anyone who visits a website, posts on a forum or has a link to someone of interest.
Gathering data like this is fine for the security services. With MI5/6, Scotland Yard or some task force you *should* face a day in court.
Even with MI5/6 rendition, a member of the house may ask after you and after a few years you get to face a real UK Embassy official.
The problem with the UK system is 'anyone' interested can see your usage data and get a mob at your door.
If you sell up, your guilty.
If you stay you have a good lawyer.
Re:Arms race (Score:3, Insightful)
Re:Broken summary (Score:4, Insightful)
Re:Broken summary (Score:3, Insightful)
when someone was connected, what IP he had then, etc. Stuff you'd have thought they were retaining anyway. For phones the requirement is to retain a log of all phonecalls
One of the Colombian drug cartels used to collect this kind of information in order to catch informants. They were very successful with it for some time and people who called the officials (Colombian or US) tended to disappear. What if a drug gang or a mafia would get this information in Europe?
Re:Broken summary (Score:5, Insightful)
Thank you for raising those points. And I can't be earning less than the people I'm paying, so I'd better up my daily rate too. £3000/day sounds reasonable.
Might be worth building a data centre in the Caribbean too. For remote backups, to ensure data integrity. Just off the beach, facing the sea, to take full advantage of the sea breezes to reduce cooling costs. Will need to spend at least 6 months a year out there maintaining the systems, so may as well add a small apartment to the data centre, to save on hotel bills. 7 bedrooms should be enough for me and my consultants, who would need to rotate in on a 4-weekly basis.
I should stand at the next election, I've clearly got the right attitude for government.
Re:We need this kind of laws in the UK (Score:1, Insightful)
All hail the fascist-Labour party!
If you think the Tories will be any better when they (probably) take over next year, you're in for a shock. They talk a bit more pro-liberty in opposition but their record in power has been basically authoritarian.
I bet it will end this (Score:3, Insightful)
They will simply won't have slightest idea how to use these data usefully. It will be abused and finnally revoked.
Unfortunately people in power NEVER learns. Because we let them to skip that.
Re:Broken summary (Score:4, Insightful)
Unlike the crime infested US, there are no drug gangs or mafia in Europe
You're supposed to post that sort of thing on the first day of this month, not the sixth.
In any case, it's of far more concern that "legitimate" public bodies such as local councils and quangos will potentially be able to access this sort of information. That covers hundreds of thousands of people, many of them low-level staffers or those elected by only a few hundred people. There is an obvious case for allowing the police and intelligence services to access this kind of information, subject to powerful safeguards and judicial oversight, where it is necessary for the performance of their public duties. However, there is absolutely nothing that is done at the level of the hundreds of other organisations involved that justifies the kind of invasion of privacy covered by this sort of law.
We've seen a seemingless endless stream of abuses reported in the press recently, invoking draconian surveillance powers to cover the most trivial of suspected offences, and often against people who turned out to be entirely innocent anyway. This is not the behaviour of a people-serving government in a free country. It is staggering that this has been allowed to go through in its current form anyway.
Re:What about me ? (Score:3, Insightful)
There was a case of the Dutch internet provider Xs4all suing the government, to be reimbursed for the storage costs that resulted from this legislation. They lost.
Re:40,000 TB of stored emails over 12 months. (Score:3, Insightful)
You don't know anything about the STASI then. Do you really think, recording who is called and to whom mail is sent would make the STASI green with envy, because after all, they only listened in to phone calls and opened the mail?
I'll admit up front I don't know anything at all about the Stasi.
So they listened to phone calls and opened mail--how much more wonderful would they think it was to be able to go do a full search of people's communication for key words/phrases in mere seconds or minutes? Once you figure out some new item to search for, you can almost instantly go back months (years?) and probably turn up new "troublemakers." That's some serious pre-information age police state wet dream material right there.
Love for the editors (Score:3, Insightful)
I would have agreed w/you a year or two ago. OMG! Another dupe?!? WTF do these monkeys DO when they are busy 'working'?!?
But then I saw the firehose andplayed with it for a while. It dramatically changed my mind, and explains why sites like digg often seem like broken records, with the same stuff getting front paged over and over every few days/weeks/months.
Imagine seeing the same thing, over and over and over again, worded slightly different each time. Did you see that story before? Well, yes you did. It is one of a hundred candidates for reading/posting.
But here's the kicker: did you post it? When you see the same crap over and over, by the hundreds, day after day, that can be a very, very tough question to answer!
Respect our editor overlords. Love the editors!
Re:Broken summary (Score:3, Insightful)
The EU directive is not that strict, but the law in EU countries might be. An EU directive is not a law by itself, it is a directive to enact a law. The EU members can exceed the requirements of the directive, and if the UK has enacted a law which requires ISPs to store web URLs, then the UK has clearly "overaccomplished" (surprise surprise...)
The data retention directive specifically says they must retain elements that identify the origin and the destination.
Please read it [europa.eu]. The level of fachism scares me.
From what they demand to storing URLs, is merely a matter of semantics, and the danger of that being done was predicted long before the directive was approved.
The Data Retention Directive is the equivalente to having a spy per citizen, noting down who he talks with, where and for how long.
Would you accept this in real life? No. Why do you accept it online?
Repeal the Data Retention directive now!