The lobby group has obtained a copy of the “Interservice
Consultation” version of the draft Directive – a version that is
sent to various Commission departments for input and possible
amendment. The final version is not expected until August,
according to EDRi.
The Commission promised in June that it would put forward its
own data retention proposals, after the European Parliament
rejected a Council draft Framework Decision, initiated by the UK,
Ireland, France and Sweden, for an EU-wide data retention
system.
The Commission is keen to ensure that any harmonisation of EU
data retention laws is made by the Commission rather than
individual Member States. This way, it says, the legislative
process will be more transparent, requiring the approval of both
the Commission and Parliament. Under the Council-led process,
MEPs
can only give their views on the proposals.
According to EDRi, the Commission’s draft closely follows the
draft Framework Decision. Despite this, the Council is still
pushing the draft Decision, and a clash between the two European
institutions is likely.
The draft Directive
In brief, the draft indicates that the Commission is seeking a
shorter data retention period than that detailed in the draft
Framework Decision: only one year for data from fixed and mobile
phones and six months for internet-related communications data.
This compares to a three-year data retention period in the draft
Framework Decision.
The type of data to be retained under the Commission proposals
does not include the content of the communications, but rather data
that identifies the caller and the means of communication (e.g.
subscriber details, billing data, email logs, personal details of
customers and records showing the location where mobile phone calls
were made).
The data can only be used for the purposes of preventing,
investigating, detecting or prosecuting criminal offences and must
be retained in such a manner that it can be quickly transferred to
the competent authorities.
The Commission is also proposing to set up an advisory body,
with representatives from law enforcement, data protection
authorities and the electronics communications industry.
The opposition
All previous proposals for an EU data retention scheme have met
with considerable opposition from civil liberties groups.
In 2003, human rights group Privacy International obtained a
formal legal opinion on the Council’s proposals – which suggested
that the draft Decision was unlawful because it breached the
Convention on Human Rights.
In November 2004, the EU Data Protection Working Party, an
independent EU advisory body, also issued a negative preliminary
Opinion on the draft Decision.
The Commission’s final version of its draft Directive has not
yet been published but already EDRi, together with the Dutch ISPs
XS4ALL and Bit, has launched its opposition – a petition against
data retention.
