Pronouncements from this week's G8 Justice and Interior Ministers meeting about data protection and the retention of Internet traffic data have created concern among privacy activists.
Controversy centres around whether blanket retention of traffic data on the entire population should be permitted (effectively making every Internet user susceptible to continuous surveillance of their online activity), or whether data should only be recorded on specifically designated targets or groups. Although the G8 refers to September 11 and terrorism as justification for data retention, there is no proposal to limit the use of data to terrorist cases.
Influential IT think tank, the Foundation for Information Policy Research (FIPR), notes that statements from the G8 parallel controversy on the new EU Communications Privacy Directive.
A policy document from the G8 states: "To the extent that data protection legislation continues to permit the retention of data only for billing purposes, such a position would overlook crucial legitimate societal interests - particularly when applied to the Internet service provider area, where flat rate pricing and free Internet and E-mail services foreclose the need to retain traffic data for billing purposes - and thereby seriously hamper public safety."
"The G8 also believes that when data protection legislation allows specific derogation to the general regime on specific grounds, this should not be the exclusive means for recognizing these other interests, since the default rule would continue to require destruction."
G8 ministers do recognise economic implications to the collection and retention of data, and note privacy concerns, but are pushing governments to move towards the blanket retention of data, with ISP logs been of particular interest.
Critics of this approach, like the FIPR, argue that putting an entire population under computerised surveillance is incompatible with human rights in a democratic society, and question whether such measures will prove effective in preventing terrorism.
It proposes a new type of data preservation order, judicially authorised case-by-case, which could require ISPs to perform detailed logging and preservation of specific traffic data on specified targets, only for the same purposes as interception. ®
Background documents on the G8 Ministers of Justice and Interior meeting in Mont-Tremblant, Quebec, Canada this week
G8 calls for widespread data retention (along the lines of the Council of Europe Cybercrime treaty
FIPR's position on data retention