According to a leaked discussion paper, the European Commission is working on scenarios to reintroduce indiscriminate and general retention of traffic, location and internet connection data.
MEP and civil rights activist Patrick Breyer (Pirate Party) sharply criticises the move:
“Reintroducting the blanket collection of everybody’s metadata basically makes us naked in the system. Indiscriminately collecting sensitive information about social contacts (including business contacts), movements and the private lives (e.g. contacts with physicians, lawyers, workers councils, psychologists, helplines, etc.) of millions of citizens that are not suspected of any wrongdoing is a radical measure of mass surveillance. It is scandalous that the EU Commission and EU governments are secretly preparing a new initiative behind closed doors.
Data retention laws have had no measurable effect on the crime rate or the crime clearance rate in any EU country. Requests for communications data are rarely unsuccessful even in the absence of indiscriminate data retention legislation. The clearance rate for cybercrime in Germany, for example, is at 58.6% and above average even without IP data retention. It fell when data retention legislation was first enacted. No other surveillance law encroaches as deeply on our right to privacy as the indiscriminate retention of our contacts, movements and internet connections.
A new EU law on data retention would not only bypass national parliaments, but also national constitutional courts. This threatens to result in yet another case of ‘policy laundering’ at EU level, orchestrated behind closed doors and without EU governments having to take responsibility for it.”
Breyer goes on to explain what the options under consideration would mean:
“1. Only in exceptional situations, such as an imminent terrorist attack, has the European Court of Justice temporarily allowed blanket data retention for reasons of ‘national security’, but following the example of the French ruling on data retention, the EU Commission is threatening to make it the rule. With ‘risks’ existing always and everywhere, data retention could easily be made permanent. This perverts EU jurisprudence protecting our fundamental rights to privacy and freedom of expression.
2. The supposedly ‘targeted data retention’ as envisaged by the EU Commission could affect millions of innocent people, such as tourists, public transport users or even drivers at toll booths. There is likely to be ‘above-average crime’ in every imaginable city. The EU Commission‘s plans to amass information on people in ‘affluent residential areas’, churches, schools, shopping centres and even at protest marches and place them under general suspicion. This would violate religious freedom and the secrecy of confessions as well as freedom of assembly. In parliaments, members of parliament‘s communications would be indiscriminately recorded, in courts, the attorney-client privilege would be violated. I thank the EU bureaucrats for thoroughly antagonising every conceivable social group, right down to sports fans.
3. The proposed ban on anonymous prepaid cards and thus anonymous communications threatens whistleblowers and press informants, political activists and people in need of advice, who often fall silent without the protection of anonymity. Only anonymity prevents the persecution and discrimination of courageous people in need of help and ensures the free exchange of sometimes vital information.
4. A quick freeze procedure to quickly preserve the data of suspects would make sense and is long overdue. It has been blocked by the surveillance fundamentalists who ideologically insist on total data retention.
5. Perhaps the greatest danger at present results from the ECJ’s recent approval of indiscriminate IP data retention, which would allow authorities to retrace the private internet use of any citizen for months and make it possible to identify pseudonyms of people at risk. This could endanger whistleblowers and political activists. Criminals can easily circumvent this total surveillance by using anonymisation services, but ordinary users would be hit hard by a ban on anonymous browsing.
The fact that the EU Commission now also wants to oblige OTT services such as messenger services or video telephony to retain data and identify users goes far beyond even the EU Directive on data retention, which has been annulled for violating fundamental rights, and also goes beyond existing national laws on data retention. This risks capturing every confidential contact in private, business and governments.
If there is one thing we have learned from past totalitarian regimes in Europe, it is that we must never again allow the construction of a surveillance state. Now all concerned groups need to join forces very early to stop the threat of total surveillance and identification in time.”