(c/o M) EU reconsiders new data retention laws News Story by Simon Taylor http://www.computerworld.com/securitytopics/security/story/0,10801,98100,00. html
DECEMBER 07, 2004 (IDG NEWS SERVICE) - European Union justice ministers are rethinking measures to force telecommunications companies and Internet service providers to retain data to use in the fight against crime and terrorism. ISPs are still warning that current plans could devastate the industry. Late last week, EU justice and home affairs ministers debated plans to force electronic communications providers to retain information for up to three years. Under draft legislation proposed by the U.K., Ireland, Sweden and France in April, operators would have to keep for at least 12 months all data concerning the source, routing, destination, time, date and duration of communications as well as the location of the telecom device used in a particular transmission. The data to be stored would be that obtained by operators for billing and other commercial purposes. The move is part of the EU's drive to combat terrorism. Rules would apply to providers of fixed-line services, mobile phones, SMS operators and ISPs, including VoIP providers. But both ISPs and telecommunications companies have insisted that the proposal is unworkable and would hit operators with enormous costs, massive security issues and, in some cases, impossible technical difficulties in collecting and storing the data. "Data retention is one of the most important issues ever faced by the Internet services industry," according to a position paper issued by the European ISP association EuroISPA in September. It warned that the implications of the proposed measures could be "devastating" for the industry. At last week's meeting, ministers indicated they were prepared to consider another approach to the collection of data, since not all operators collected information in the same way. For example, some service providers apply a flat-rate system, where the relevant data is simply erased after communication has been terminated. Instead, ministers considered a different approach where operators would be required to supply a common list of data. Richard Nash, EuroISPA secretary-general, said the fact that the ministers were examining an alternative approach showed that there was "some recognition of serious flaws in the original proposal". But he argued that the fundamental problems remain. The proposal was "so far-reaching as to destroy the industry," he said. There is a perception among EU legislators that an ISP could "flick a button and the data will be on a disc, ready cataloged. But it's just not possible to do that," Nash said. Ministers have referred the legislation back to experts and have set themselves a deadline of June 2005 to finalize new rules. You are a subscribed member of the infowarrior list. Visit www.infowarrior.org for list information or to unsubscribe. This message may be redistributed freely in its entirety. Any and all copyrights appearing in list messages are maintained by their respective owners.
