ISP Data Retention in the European Union

On 15 March 2006 the European Union formally adopted Directive 2006/24/EC, on "the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC"

The Directive requires Member States to ensure that communications providers must retain, for a period of between 6 months and 2 years, jeopardizing YOUR Internet Anonymity, all necessary data as specified in the Directive:

  • to trace and identify the source of a communication;
  • to trace and identify the destination of a communication;
  • to identify the date, time and duration of a communication;
  • to identify the type of communication;
  • to identify the communication device;
  • to identify the location of mobile communication equipment.

The data is required to be available to competent national authorities in specific cases, "for the purpose of the investigation, detection and prosecution of serious crime, as defined by each Member State in its national law". Protect yourself with a VPN Account!

The Civil Liberties, Justice and Home Affairs (LIBE) committee of the European Parliament had recommended that data be retained for a maximum of only 12 months; that it be made available only with a judicial warrant, and only in connection with crimes serious enough to qualify for a European arrest warrant ; and that communications providers be compensated for the cost of the data storage. But these recommendations were put aside after private representations were made, over the heads of the MEPs who had been specialising on the dossier, by the German government to the German leaders of the dominant Socialist and Christian Democrat blocs in the Parliament.

A majority of Member States have indicated that they will indeed exercise this option.

Member States retain the flexibility to go substantially further than the Directive mandates. Subject to notification to the Commission, they may require data to be held longer than the two year maximum set by the Directive. They retain the freedom under Article 15(1) of the earlier Directive 2002/58/EC to legislate official access to the retained data for purposes beyond those set out in the Data Retention Directive. (Germany, for example, has indicated that it seeks to make retained data admissible in certain civil copyright cases). And they maintain the freedom to require retention of additional data, beyond that specified by the Directive. (For example, the draft of the Danish executive order to implement the Directive seeks to require ISPs to log the source, time and destination of every single internet data packet, rather than just the details of logins and logouts to the ISP that the Directive actually seems to require). You need to buy a VPN Connection!

As of January 2007 there are still several months to go before the deadline for national laws to be adopted to implement the Directive. But at the time the Directive was passed there were three countries in the EU with legal data retention actually in force. Italy retains data for four years and Ireland for three years. The UK has an extensive system of data retention, under a voluntary agreement made with the industry, but it had not yet been placed on a statutory basis. Belgium had re-introduced the possibility of data retention on 13 June 2005 with a new telecommunication law, but the royal decree stipulating what kind of data should be stored, by which market parties and for what period of time was never issued. View more at article Source