IKT-Norge deltar i et opprop av europeiske organisasjoner som er kritiske til innføring av datalagringsdirektivet. Oppropet ble lagt frem i Brussel 15. juli og ber blant annet om at man i forbindelse med revisjon av direktivet minimerer inngripen i personvernet.

Hele oppropet finner du her:

Joint Position on the revision of the EU Data Retention Directive 2006/24/EC

The EU Data Retention Directive 2006/24 requires telecommunications companies to store data
about all of their customers’ communications. Although ostensibly to reduce barriers to the single
market, the Directive was proposed as a measure aimed at facilitating criminal investigations. The
Directive creates a process for recording details of who communicated with whom via various
electronic communications systems. In the case of mobile phone calls and SMS messages, the
respective location of the users is also recorded. In combination with other data, Internet usage is
also to be made traceable.

We believe that such invasive surveillance of the entire population is unacceptable. With a data
retention regime in place, sensitive information about social contacts (including business contacts),
movements and the private lives (e.g. contacts with physicians, lawyers, workers councils,
psychologists, helplines, etc) of 500 million Europeans is collected in the absence of any suspicion.
Telecommunications data retention undermines professional confidentiality, creates the permanent
risk of data losses and data abuses and deters citizens from making confidential communications
via electronic communication networks. It undermines the protection of journalistic sources and
thus compromises the freedom of the press. Overall it damages preconditions of our open and
democratic society. In the absence of a financial compensation scheme in most countries, the
enormous costs of a telecommunications data retention regime must be borne by the thousands of
affected telecommunications providers. This leads to price increases as well as the discontinuation
of services, and indirectly burdens consumers.

Studies prove that the communications data available without data retention are generally sufficient
for effective criminal investigations. Blanket data retention has proven to be superfluous, harmful
or even unconstitutional in many states across Europe, such as Austria, Germany, Romania and
Sweden. These states prosecute crime just as effectively using targeted instruments, such as the
data preservation regime agreed in the Council of Europe Convention on Cybercrime. There is no
proof that indiscriminate and blanket telecommunications data retention improves our protection
against crime in any statistically significant measure. On the other hand, we can see that it costs
billions of euros, puts the privacy of innocent people at risk, disrupts confidential communications
and paves the way for an ever-increasing mass accumulation of information about the entire

Legal experts expect the European Court of Justice to follow the Constitutional Court of Romania
as well as the European Court of Human Rights’s Marper judgement and declare the retention of
telecommunications data in the absence of any suspicion incompatible with the EU Charter of
Fundamental Rights.

As representatives of the citizens, the media, professionals and industry we collectively reject the
Directive on telecommunications data retention.

We urge the EU to outlaw national blanket communications data retention legislation and
encourage the implementation of systems of expedited preservation and targeted collection of
traffic data needed for a specific criminal investigation as agreed in the Council of Europe’s
Convention on Cybercrime. A data preservation system could be defined by an EU instrument but
does not necessarily need to be.

If an EU-wide ban on blanket communications data retention legislation turns out to be impossible
to achieve, the Data Retention Directive, at the very least, would need to be amended as follows:

1) The Directive shall set upper limits on national data retention legislation only, thus
allowing national Parliaments and Constitutional Courts to decide against blanket
communications data retention and for a system of expedited preservation and targeted
collection of traffic data needed for a specific investigation as agreed in the Council of
Europe’s Convention on Cybercrime.

2) Where a Member State decides to enact or maintain blanket retention legislation, which we
consider unacceptable and a violation of human rights, the EU Directive at the very least
would need to make sure that such legislation shall
● not cover Internet access, Internet e-mail, Internet telephony or location data but fixed
line and mobile telephony call records only;
● exempt communications which rely on particular confidentiality (e.g. with physicians,
lawyers, workers councils, psychologists, helplines, journalists) from storage;
● not impose retention periods of more than 3 months;
● exempt small and medium size communications providers from retention obligations;
● provide for full reimbursement of providers’ investment and operating cost including
personnel cost;
● make compulsory decentralized data storage separate from business data, asymmetric
encryption of retained data, application of the two-man rule in conjunction with
advanced authentication procedures for access to the data, audit-proof recording of
access to and deletion of data;
● not require data retention for service providers, types of data or purposes other than
those covered by the Data Retention Directive (Article 15 of directive 2002/58 shall
be deleted).

Signed (in alphabetical order):

1. Access to Information Programme, Bulgaria
2. ARTICLE 19: Global Campaign for Free Expression
3. bdfj Bundesvereinigung der Fachjournalisten e.V., Germany
4. Berufsverband Deutscher Psychologinnen und Psychologen e.V., Germany
5. Bund demokratischer Wissenschaftlerinnen und Wissenschaftler e.V., Germany
6. Center for Peace and Democracy Development, Serbia
7. Deutsche Gesellschaft für Soziologie (DGS), Germany
8. Deutsche Journalistinnen- und Journalisten-Union (dju) in ver.di, Germany
9. Deutscher Journalisten-Verband e.V. (DJV), Germany
10. DVD – Deutsche Vereinigung für Datenschutz e.V., Germany
11. DFJV Deutscher Fachjournalisten-Verband AG, Germany
12. DPV Deutscher Presse Verband – Verband für Journalisten e.V., Germany
13. European Association for the Defense of Human Rights (AEDH), Europe
14. European Federation of Journalists (EFJ), Europe
15. European Trade Union Confederation, Europe
16. European Youth, Norway
17. Ev. Konferenz für Telefonseelsorge und Offene Tür e.V., Germany
18. Federation of German Consumer Organisations (vzbv), Germany
19. FIPR Foundation for Information Policy Research, UK
21. FREELENS e.V., Germany
22. Freie Ärzteschaft e.V., Germany
23. Freiheit statt Angst e.V., Germany
24. Gameparents.de e.V., Germany
25. German Sociological Association (GSA), Germany
26. Hungarian Civil Liberties Union (HCLU), Hungary
27. Internationale Liga für Menschenrechte, Germany
28. Internet Society Belgium, Belgium
29. Irish Council for Civil Liberties, Ireland
30. La Quadrature du Net, France
31. Lesben- und Schwulenverband LSVD, Germany
32. naiin – no abuse in internet e.V., Germany
33. NO2ID, UK
34. Norwegian ICT Industry Association, Norway
35. NRV Association of German Magistrates and Public Prosecutors, Germany
36. Ordre des barreaux francophones et germanophone, Belgium
37. Orde van Vlaamse Balies, Belgium
38. Polish Chamber of Commerce for Electronics and Telecommunications, Poland
39. Romanian Association for Consumers Protection (APC), Romania
40. United Services Union (ver.di – Vereinte Dienstleistungsgewerkschaft), Germany
41. Vereinigung Demokratischer Juristinnen und Juristen e.V., Germany
42. Verband der Freien Lektorinnen und Lektoren e. V., Germany
43. Vereniging ISPConnect Nederland, Netherlands
44. Winston Smith Project, Italy

15 July 2011