Ireland sneaks data retention into law

[David Farber <dave () farber net>]

------ Forwarded Message
From: adam beecher <lists () beecher net>
Organization: BEECHER.NET
Date: Thu, 10 Mar 2005 16:04:29 +0000
To: Dave Farber <dave () farber net>, 'Declan McCullagh' <declan () well com>
Subject: Ireland sneaks data retention into law

Hi Dave, Declan,

Between this and software patents, I'm growing ashamed of being both Irish
and European. And yes Declan, I'm aware of the irony!

From EDRI-gram:
http://www.edri.org/edrigram

adam


> ============================================================
> 2. Ireland sneaks data retention into law
> ============================================================
>
> After pushing a framework decision on data retention at the
> EU, Ireland's Government has decided to focus on its national
> parliament and to pass a law on data retention there. Data
> retention was snuck into the Criminal Justice (Terrorist
> Offences) Act, first introduced in 2002, in the final hours
> before the Bill became law in February 2005.
>
> The law now calls for three years data retention at all phone
> companies that provide fixed line and mobile services. The
> obligation does not extend to more complex information such
> as location data.
>
> In April 2002, the Minister for Public Enterprise issued
> directions at the request of the Minister of Justice to
> oblige service providers to retain data for at least three
> years. The Government argued that this was a necessary
> temporary bridging of the gap between the transposition of
> the EU Directive on privacy and electronic communications
> into Irish law. This is misleading because the 2002 Directive
> did not require data retention.
>
> The transposition into law was approved in March 2002, and
> providers were not required to retain the data for the full
> three years. The legislation was never published, however, as
> they were subject to a "gagging order"
> requiring that the service providers not disclose the fact of
> the directions were made. Eventually the details were leaked,
> and the documentation accessed under the Freedom of Information.
>
> In January 2005 the Irish Data Protection Commissioner,
> Joseph Meade, issued an order to service providers to erase
> data that is more than six months old, as of May of 2005. The
> Commissioner argued that the temporary directions were in
> force for too long without legal mandate. The Government
> interpreted this as a requirement to move forward with
> primary legislation calling for retention. The Minister of
> Justice argued "Without some contrary action being taken, the
> initiative by the Data Protection Commissioner would, if the
> telecommunications companies accepted its validity, seriously
> undermine the ability of the Garda Síochána to investigate
> criminal activity, including terrorism and to protect the
> security of the State."
>
> The Government contends that service providers need this
> legislation because of a current conflict of obligations.
> The Government believes that service providers are compelled
> to retain data for 36 months under section 110 of the Postal
> and Telecommunications Act 1983; but the Data Protection
> Commissioner's notice required them to delete this data after
> six months.
>
> On 27 January 2005 the Minister of Justice announced his
> intent to comply with 'international obligations' and to help
> fight terrorism through introducing a policy on data
> retention. Such international obligations do not exist,
> however, despite the great attempts by the Irish Government
> to create these international obligations in the first instance.
>
> The Government accepted that its strategy to launder this
> policy through the EU was facing some challenges. As the
> Minister of Justice admitted, "I had hoped to avail of the
> European basis for making rules in this area but it did not
> materialise." When it held the presidency of the EU the
> government pushed the 'framework decision' that would compel
> all service providers of all types (telephone, mobile,
> internet, etc.) to retain data for up to three years. This
> initiative was also pushed by the French, Swedish, and
> British governments. In the summer of 2004, however, the
> European Commission decided to intervene in this Council
> process arguing that it was a first pillar issue, and thus
> internal market considerations were required.
>
> The Minister of Justice found this to be a frustrating
> situation, however.
> "The framework decision ran into difficulties with the
> European Commission. It is difficult to understand exactly
> what has happened to the framework decision but it appears
> that the commissioner is of the strong view that data
> retention should be dealt with in the first pillar of the
> European Union treaties, that is the same pillar as data
> protection and communications. While it is probably safe to
> assume that the framework decision in its present form is
> moribund, we do not know what proposal will take its place.
> The Commission has apparently promised a first pillar on data
> retention but, whatever the outcome, it seems that any EU
> initiative will not now take place in a time frame that would
> allow me to meet the May deadline set by the Data Protection
> Commissioner. Faced with that I must act now before 5 May.
> There is no EU cavalry coming down the hill to help me. I
> must sort out this conflict."
>
> The 'EU cavalry' is facing increased trouble, so having
> failed at the strategy of policy laundering the Minister of
> Justice relied on obscuring the policy to minimise debate.
>
> Full article: Ireland begins communications data retention
> (15.02.2005)
> http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-140716
>
> (Contribution by Gus Hosein, Privacy International)


------ End of Forwarded Message


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/