Net's data retention plan approved

Internet and phone users are one step closer to having their communications stored for up to 12 months following an EU parliament committee decision to green light Charles Clarke's data retention plan.



The move was voted in 33 to eight in favour of the new rules, stating that Europe-wide telecoms firms and ISPs must retain details of all activities for a minimum of six months, in a bid to combat global terrorism.



Contrary to a 58,000-strong petition rejecting the plan as an infringement of civil liberties, Britain, France and record companies have won their claim for online and phone details to be kept 'for the prevention, investigation, detection and prosecution [of] serious crimes.'



For the meantime, this refers directly to organised crime and acts of terrorism, prompting record companies like Sony BMG, EMI and Disney to urge MEPs to reject "any amendments that limit further the scope of the Directive."



Although piracy is included under the definition of 'serious crimes,' music giants fear law enforcement agents may face significant obstacles in their pursuit - meaning data retention may not become "an effective instrument in the fight against piracy."



Critics of the legilslation, such as the Open Rights Group, highlight if the accompanying IP Rights Enforcement Directive (PRED2) is passed, then copyright infringement would become a criminal offence, possibly including the aiding, abetting, inciting to file-sharing.



In its current draft, it is believed the law could be used to pursue anyone who posts details of anti-DRM hacks online, such as DVD DeCSS codes, and any other "offence serious enough and punished by at least 3 years' imprisonment in the member state that has issued the warrant."



The Civil Liberties committee's decision to approve the draft is in line to face scrutiny from the full European parliament in December, and member state approval will be needed before the rules become law, according to Reuters.



Other approved amends include the onus on member states to reimburse telecoms firms to fund the additional costs of complying with the data retention rules.



Furthermore, only a judge could approve access to telephone and internet traffic, the latter being the most vital for investigators, which so far covers the retention of IP address, telephone number for connectivity, name and address of the subscriber and dates/times of log-ins.



VoIP and email records are likely to be re-introduced at the full parliament stage, whereas mobile phone callers could be identified by their location and SIM card, while fixed line callers would be detected via name and address of caller, numbers dialed and duration of the call.



The committee added it seeks to exclude operators of "not publicly available networks" such as company virtual intranets, from the storage obligations.



Moreover, it requires a data processing register that would reveal who required what data, for what purposes and how it was used, with a view to protecting against abuse and safeguarding human rights.



The committee, known as the LIBE, said member states should decide how long the data shall be stored within a timeframe of 6 to 12 months, but demands that the data be erased therafter.




































Nov 29, 2005