Out-Law News 1 min. read
17 Sep 2002, 12:00 am
The UK and other EU governments have proposed that ISPs and telcos should retain their customers’ traffic data for periods of one year or longer and give law enforcement agencies access to the data in cases of criminal investigation.
The retained data would include catalogues of web sites visited, records of e-mail recipients, lists of telephone numbers dialled, and the geographical location of mobile phones. In the UK, the Anti-Terrorism Crime and Security Act regulates data retention, however relevant codes of practice for ISPs and telcos have not yet been finalised.
The commissioners said in a statement that such data retention “would be an improper invasion of the fundamental rights guaranteed to individuals by Article 8 of the European Convention on Human Rights.” They also emphasised the “excessive costs that would be involved for the telecommunication and internet industry”, as well as “the absence of such measures in the United States. “
The UK Foundation for Information Policy Research (FIPR) welcomed the Commissioners’ statement, characterising it as a “particularly timely warning for the UK, where the government is still attempting to implement the December 2001 Anti-Terrorism Crime and Security Act.”
The commissioners concluded:
“Where traffic data are to be retained in specific cases, there must therefore be a demonstrable need, the period of retention must be as short as possible and the practice must be clearly regulated by law, in a way that provides sufficient safeguards against unlawful access and any other abuse. Systematic retention of all kinds of traffic data for a period of one year or more would be clearly disproportionate and therefore unacceptable in any case.”