Slashdot Mirror
EU Data-Retention Laws Stricter Than Many People Realized
An anonymous reader writes with a snippet from the Telegraph: "A European Union directive, which Britain was instrumental in devising, comes into force which will require all internet service providers to retain information on email traffic, visits to web sites and telephone calls made over the internet, for 12 months."
All but Content, will be kept in a Teleco archive says... My foot I say... Who watches the watchers dear? Spam might proove usefull after all! Three witches watch three Swatch watches. Which witch watches which Swatch watch?
You were here to see it.
Thanks for your nation building projects, Eurolovers. Now you have gotten us the panopticon state, and it is never going away. Surveillance, once implemented, has never in history been cut without social upheaval.
The EU directive is not that strict, but the law in EU countries might be. An EU directive is not a law by itself, it is a directive to enact a law. The EU members can exceed the requirements of the directive, and if the UK has enacted a law which requires ISPs to store web URLs, then the UK has clearly "overaccomplished" (surprise surprise...)
This is so obviously not about preventing terrorism or saving the children.
All it is is to give the police an easy tool to bring proof to whomever they want. Also this cost will be higher your ISP bill, as they are the ones who must pay it. The provider XS4All used to have a counter on their pages on how much data they would need to retain and we are talking about enormous amounts of data.
The excuse why this must be done is often that the police is able to get your phonecontacts from the telecom operator (after legal intervention).
There however is a huge difference. The reason that the data of who you called is available is because of billing. Somebody must pay the call you made, including those to 800 numbers. So what they do is ask to see (part of) their bill.
This is different in such that they not only enforce measurements to be taken by companies, they also make it almost so as if telecom operators would record each and every conversation.
What they should do is, just as with telecom, ask for billing information and if they think there is more to it, listen in on the connection. Oh well, everybody is guilty untill proven innocent, no matter that the law tries to tell you otherwise. Well, unless you have a lot of money, then you are innocent.
Don't fight for your country, if your country does not fight for you.
Don't worry. I'm in the UK, run a TLS enabled mail server and will not be retaining any email data (other than general business records) on behalf of our looney government. At least, no so long as the whitehouse is able to "lose" emails or Jack Straw is able to veto the release the minutes from the Iraq war meeting.
Most small companies are going to completely ignore this and what exactly do the wankers at the home office think they're going to do about it? It's no time to be threatening or prosecuting small businesses, many are barely surviving in the current economic climate as it is.
That argument is a load of rubbish (excuse the pun).
How this can possibly be used to investigate fly-tipping is beyond me: the contents of the emails aren't going to be stored, just header data such as sender, recipient, date, time, and IP addresses. What possible value can this have in identifying a fly-tipper?
If anything, it will be used as a strategy of "guilt by association". If you were in contact with someone that gets picked up for benefit fraud, or some other crime, be prepared to get investigated.
'If Christ had tweeted the sermon on the mount, it might have lasted until nightfall.' - John Perry Barlow
The country is full of terrorists, child molesters and subversives and something has to be done about it.
This being the UK, government needs to be able to track down and follow dangerous people that might endanger the social and political stability of the country, like: members and supporters of anti-war movements, ecologist movements, free-speech/privacy movements, Tories, Lib Dems, Scots, Welsh and Irish nationalist parties, teenagers ('cause of knife crime), investigative journalists, anybody that makes request under the Freedom of Information act, people that complain about the government, anybody that talks too loud in a 1 mile circle around Parliament, whistle-blowers of government wrongdoing and more.
As usual our masters, being wiser than everybody else, have gotten their laws passed using the EU so that they can blame it on the European Union - a trick that always works with the unwashed masses around here.
All hail the fascist-Labour party!
[Having been born in a country under a fascist dictatorship and having been raised hearing my family's stories about it, it's impressive how things in the UK are slowly moving towards a modernized version my mental image of how it was - in the UK we now even have police adverts pretty much telling people to denounce their neighbors.]
Because a troll asked and a mindless sheep complied.
Most of these have been tools for privacy freaks and people with something to hide. Running them is enough to raise suspicion. But these kind of data retension measures are much more likely to force such tools to become mainstream. This could backfire on law enforcement and security forces in ways they really don't want.
No no, it's fine - "The UK government has agreed to reimburse ISPs for the cost of retaining the data."
I run a small ISP for 5 users. I estimate that I will need 27 new servers to handle the data, and that it will take me 42 days to implement, at my standard rate of £1000/day plus expenses.
It will be a big project, so I will need to employ all of my friends and every member of my family to consult on the work, for the full duration of the project, at their standard rate of £500/day.
Where do I send the bill? I'll ask Jacqui Smith, I've heard she knows the address of the expenses department.
Yeah, from what I read the German implementation only requires ISPs to retain the connection data to their service, i.e. when someone was connected, what IP he had then, etc. Stuff you'd have thought they were retaining anyway. For phones the requirement is to retain a log of all phonecalls, again something I'd expect them to do for billing and traffic analysis alone already. What did get people up in arms was the idea to install malware to monitor computers but the guy who proposed that seems to be enamoured with the idea of rebuilding the Reich anyway.
Of course I might have missed some later additions if they happened. Wish the Brits good luck with their web browsing logging and hope the citizenry will get some HTTP noise makers (connecting to random websites a lot) to make the logs truly useless.
Justice is the sheep getting arrested while an impartial judge declares the vote void.
GCHQ is watching you too. No pressure. Have a martini.
Wow this is very invasive.
"Hundreds of public bodies and quangos, including local councils, will also be able to access the data to investigate flytipping and other less serious crimes."
quangos - non-governmental organization performing governmental functions.
This could mean deputised cyber vigilante groups targeting anyone who visits a website, posts on a forum or has a link to someone of interest.
Gathering data like this is fine for the security services. With MI5/6, Scotland Yard or some task force you *should* face a day in court.
Even with MI5/6 rendition, a member of the house may ask after you and after a few years you get to face a real UK Embassy official.
The problem with the UK system is 'anyone' interested can see your usage data and get a mob at your door.
If you sell up, your guilty.
If you stay you have a good lawyer.
Domestic spying is now "Benign Information Gathering"
We bother to read slashdot -- shouldn't the editors? Many (most?) of us take more care in posting comments than the editors do in reviewing summaries. Presumably, these are paid positions. Is it really that hard to find motivated and competent editors? College freshmen will do.
when someone was connected, what IP he had then, etc. Stuff you'd have thought they were retaining anyway. For phones the requirement is to retain a log of all phonecalls
One of the Colombian drug cartels used to collect this kind of information in order to catch informants. They were very successful with it for some time and people who called the officials (Colombian or US) tended to disappear. What if a drug gang or a mafia would get this information in Europe?
Thank you for raising those points. And I can't be earning less than the people I'm paying, so I'd better up my daily rate too. £3000/day sounds reasonable.
Might be worth building a data centre in the Caribbean too. For remote backups, to ensure data integrity. Just off the beach, facing the sea, to take full advantage of the sea breezes to reduce cooling costs. Will need to spend at least 6 months a year out there maintaining the systems, so may as well add a small apartment to the data centre, to save on hotel bills. 7 bedrooms should be enough for me and my consultants, who would need to rotate in on a 4-weekly basis.
I should stand at the next election, I've clearly got the right attitude for government.
They will simply won't have slightest idea how to use these data usefully. It will be abused and finnally revoked.
Unfortunately people in power NEVER learns. Because we let them to skip that.
user@ubuntubox:~$ stfu This server is going down for shutdown NOW!
Unlike the crime infested US, there are no drug gangs or mafia in Europe
You're supposed to post that sort of thing on the first day of this month, not the sixth.
In any case, it's of far more concern that "legitimate" public bodies such as local councils and quangos will potentially be able to access this sort of information. That covers hundreds of thousands of people, many of them low-level staffers or those elected by only a few hundred people. There is an obvious case for allowing the police and intelligence services to access this kind of information, subject to powerful safeguards and judicial oversight, where it is necessary for the performance of their public duties. However, there is absolutely nothing that is done at the level of the hundreds of other organisations involved that justifies the kind of invasion of privacy covered by this sort of law.
We've seen a seemingless endless stream of abuses reported in the press recently, invoking draconian surveillance powers to cover the most trivial of suspected offences, and often against people who turned out to be entirely innocent anyway. This is not the behaviour of a people-serving government in a free country. It is staggering that this has been allowed to go through in its current form anyway.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
There was a case of the Dutch internet provider Xs4all suing the government, to be reimbursed for the storage costs that resulted from this legislation. They lost.
Han-Wen Nienhuys -- LilyPond
I would have agreed w/you a year or two ago. OMG! Another dupe?!? WTF do these monkeys DO when they are busy 'working'?!?
But then I saw the firehose andplayed with it for a while. It dramatically changed my mind, and explains why sites like digg often seem like broken records, with the same stuff getting front paged over and over every few days/weeks/months.
Imagine seeing the same thing, over and over and over again, worded slightly different each time. Did you see that story before? Well, yes you did. It is one of a hundred candidates for reading/posting.
But here's the kicker: did you post it? When you see the same crap over and over, by the hundreds, day after day, that can be a very, very tough question to answer!
Respect our editor overlords. Love the editors!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
The EU directive is not that strict, but the law in EU countries might be. An EU directive is not a law by itself, it is a directive to enact a law. The EU members can exceed the requirements of the directive, and if the UK has enacted a law which requires ISPs to store web URLs, then the UK has clearly "overaccomplished" (surprise surprise...)
The data retention directive specifically says they must retain elements that identify the origin and the destination.
Please read it. The level of fachism scares me.
From what they demand to storing URLs, is merely a matter of semantics, and the danger of that being done was predicted long before the directive was approved.
The Data Retention Directive is the equivalente to having a spy per citizen, noting down who he talks with, where and for how long.
Would you accept this in real life? No. Why do you accept it online?
Repeal the Data Retention directive now!