Denmark to push EU data-retention law

BRUSSELS -- Denmark, holder of the European Union's six-month rotating presidency, will try to push through a law that would force Internet and telecommunications service providers throughout the EU to store their customers' data traffic for more than a year.

The Danish initiative will be discussed at the committee level with 14 other EU members next month, a European Commission spokesman said. It comes less than three months after the EU passed a controversial data-protection law that opened the door for prolonged data retention.

In May, the European parliament passed a new data-protection law that allows EU states to force Internet service providers and telecommunications providers to retain data on their customers' online and phone activity beyond the one or two months this information is usually stored for billing purposes.

The Danish initiative would take this one step further by specifying that such data would have to be retained for a period of more than a year. The initiative was proposed to harmonize data-retention policies across the EU and to help fight international crimes such as terrorism, human trafficking and pedophilia, according to the EC spokesman. But to European online privacy advocates and telecommunications operators, the new initiative confirms their worst fears.

"The traffic data of the whole population of the EU -- and the countries joining -- is to be held on record. It is a move from targeted to potentially universal surveillance," said Tony Bunyan, an editor for the civil liberties group Statewatch.

When the directive on data protection for telecommunications was passed in May, Internet service providers warned that it would be followed by more draconian legislation that would enhance justice authorities' rights to snoop on e-mail and Internet users.

"This is the beginning, not the end of data retention," Joe McNamee, European affairs manager for industry group EuroISPA, said at the time.

"Now we know that all along they were intending to make it compulsory across Europe," said Bunyan in reaction to the latest legislative initiative.

Internet service providers and telecommunications operators fear being left to foot the bill for extended storage times for everyday traffic data and for the retrieval mechanisms needed to make this data accessible to the authorities.

The data to be retained if the new law is passed would include information identifying the source, destination and time of communication, as well as the personal details of the subscriber to any communications device.

Access to this information by law enforcement officials would require a warrant from a court.

Britain's Investigatory Powers Act allows law enforcement and intelligence agencies to access personal communications data without any court or executive warrant. This law may have to be softened to fit in with the proposed law, a commission spokesman said.

Copyright © 2002 IDG Communications, Inc.

Shop Tech Products at Amazon