Slashdot Mirror
EU Data-Retention Laws Stricter Than Many People Realized
An anonymous reader writes with a snippet from the Telegraph: "A European Union directive, which Britain was instrumental in devising, comes into force which will require all internet service providers to retain information on email traffic, visits to web sites and telephone calls made over the internet, for 12 months."
First po<a href="http://www.telegraph.co.uk/scienceandtechnology/technology/technologynews/5105
The revolution will not be televised... but it will have a page on Wikipedia
Something is going badly wrong here. A story's posted without a link to TFA, and everyone replies with links to TFA, rather than, you know, comments? Given that nobody reads the article anyway, why would we need links to it? Someone mod this offtopic, please.
If all they have to retain is an a href link to an article on the Telegraph, I'd rather call that a victory for privacy campaigners everywhere.
'If Christ had tweeted the sermon on the mount, it might have lasted until nightfall.' - John Perry Barlow
Thanks for your nation building projects, Eurolovers. Now you have gotten us the panopticon state, and it is never going away. Surveillance, once implemented, has never in history been cut without social upheaval.
Hundreds of public bodies and quangos, including local councils, will also be able to access the data to investigate flytipping and other less serious crimes.
So how many people will post on a website or email their friends to say "we just dumped the old sofa in someone's driveway"?
If I'm using Gmail for email (using SSL) and am in the UK, does this directive affect my email?
Obviously my ISP won't be able to read the headers and Google is a US company, but is my data still stored in the UK and if so does it fall under the directive?
Does anyone know how this is supposed to be implemented and how it relates to "arbitrary" data passing through the system? For example, email "headers" are supposed to be logged. One might imagine this being done by logging smtp, pop and imap transactions. But given that almost everyone I know uses webmail these days, and given that web traffic (presumably monitored using transparent proxy servers) is only supposed to have the URLs logged, not content, how does that stack up -- especially when you throw SSL into the mix? Are ISPs legally required (even if it's technologically unfeasable -- that's never stopped the law) to inspect HTTP transactions to see if it's webmail passing through, and log the recipients? Or is this just a humungous loophole for webmail hosted outside of the jurisdiction? Also: how does it affect non-UK citizens whose services are hosted by a geographically-distributed provider who might have nodes in the UK or at least the EU?
This is so obviously not about preventing terrorism or saving the children.
All it is is to give the police an easy tool to bring proof to whomever they want. Also this cost will be higher your ISP bill, as they are the ones who must pay it. The provider XS4All used to have a counter on their pages on how much data they would need to retain and we are talking about enormous amounts of data.
The excuse why this must be done is often that the police is able to get your phonecontacts from the telecom operator (after legal intervention).
There however is a huge difference. The reason that the data of who you called is available is because of billing. Somebody must pay the call you made, including those to 800 numbers. So what they do is ask to see (part of) their bill.
This is different in such that they not only enforce measurements to be taken by companies, they also make it almost so as if telecom operators would record each and every conversation.
What they should do is, just as with telecom, ask for billing information and if they think there is more to it, listen in on the connection. Oh well, everybody is guilty untill proven innocent, no matter that the law tries to tell you otherwise. Well, unless you have a lot of money, then you are innocent.
Don't fight for your country, if your country does not fight for you.
No, if you look at the submitted article, on the firehose link, it's fine, correctly formatted, if a bit verbose. It took a human to fuck it up.
The country is full of terrorists, child molesters and subversives and something has to be done about it.
This being the UK, government needs to be able to track down and follow dangerous people that might endanger the social and political stability of the country, like: members and supporters of anti-war movements, ecologist movements, free-speech/privacy movements, Tories, Lib Dems, Scots, Welsh and Irish nationalist parties, teenagers ('cause of knife crime), investigative journalists, anybody that makes request under the Freedom of Information act, people that complain about the government, anybody that talks too loud in a 1 mile circle around Parliament, whistle-blowers of government wrongdoing and more.
As usual our masters, being wiser than everybody else, have gotten their laws passed using the EU so that they can blame it on the European Union - a trick that always works with the unwashed masses around here.
All hail the fascist-Labour party!
[Having been born in a country under a fascist dictatorship and having been raised hearing my family's stories about it, it's impressive how things in the UK are slowly moving towards a modernized version my mental image of how it was - in the UK we now even have police adverts pretty much telling people to denounce their neighbors.]
http://news.bbc.co.uk/1/hi/technology/7985339.stm
Because a troll asked and a mindless sheep complied.
Most of these have been tools for privacy freaks and people with something to hide. Running them is enough to raise suspicion. But these kind of data retension measures are much more likely to force such tools to become mainstream. This could backfire on law enforcement and security forces in ways they really don't want.
The text of the directive is available (External links in http://en.wikipedia.org/wiki/Directive_2006/24/EC) for everyone to draw his own conclusions. For the most part I find it pretty reasonable. ISPs and telcos probably already store this type of information for their own purposes. It also limits the detention period (at least six months, less than two years).
Wow this is very invasive.
"Hundreds of public bodies and quangos, including local councils, will also be able to access the data to investigate flytipping and other less serious crimes."
quangos - non-governmental organization performing governmental functions.
This could mean deputised cyber vigilante groups targeting anyone who visits a website, posts on a forum or has a link to someone of interest.
Gathering data like this is fine for the security services. With MI5/6, Scotland Yard or some task force you *should* face a day in court.
Even with MI5/6 rendition, a member of the house may ask after you and after a few years you get to face a real UK Embassy official.
The problem with the UK system is 'anyone' interested can see your usage data and get a mob at your door.
If you sell up, your guilty.
If you stay you have a good lawyer.
Domestic spying is now "Benign Information Gathering"
...is some way of sending email to random people to clog up their logging servers and make it difficult, if not impossible to separate the real content from the garbage. I hear there are some enterprising individuals who have been running a pharmaceutical mail order business based on that concept, maybe we can ask them for some advice?
--frank[at]unternet.org