As of today, Telcos and ISPs will according to a new EU directive soon be required to store and be able to retrieve traffic data of the usage of their networks for up to 12 months. Yes, details of all Internet use and telephone calls made must be logged and archived.
Utter insanity. Costs will be enormous (I have seen large ISPs mention investments of up to 100 million Euros), volumes of data will be ridiculous, noone has really specifically described how this data will be secured and used (vague phrases like "serious crime" according to what I have heard, certainly looking into it in more detail now...) and I have the distinct feeling (as always when policy makers and technology meet) that our representatives don't really know what they have voted through.
This is of course all done in the name of The War on Terrorism. We (as in the security and police organisations protecting us) must be able to find and track down suspicious messages in order to prevent horrible acts of violence to happen. As much as I never want anything like 9/11, 7/7, the horrible bombings in Spain or Indonesia and so on ever happen again I really fail to see the usefulness of this directive. What I see is instead a big slippery slope of not thought through arguments, vague descriptions on implementations/use and lack of understanding of the consequences leading into a mudpit of big brother style surveillance.
Ola Larsmo wrote a great article in DN (in Swedish) on the topic a few days ago. Like he says, keeping phone logs of which phone has connected to what other phone is one thing, but extending this kind of logging to Internet traffic is a completely different animal altogether. Logging of Internet traffic will show not only which computers have connected to eachother. It will show who you have emailed, who has emailed you, which web sites have you visited, what have you actually read on that scary dangerous thing called the Internet? This is more like phone tapping than phone call logging.
Also, to what point? Again I am amazed over how certain laws seem to only succeed in making life harder for the ordinary person. Seriously, anyone who is about to commit serious crime, would they sit in their home, with a kosher connection to the Internet, using an email account registered under their own name at a well known ISP? I think not. Internet cafés, anonymising proxys and hijacked wireless connections spring to mind.
Ever heard of a phone booth? Pay as you go mobiles? Public surf terminals offered for free at libraries? Geez. Or will we have to start registering to use those things now (link in Swedish).
What will be interesting to see is what will happen to the ability of European ISPs and Telcos to compete on a global playing field. When the rest of the world won't have these requirements two things will happen: customers will seek hosting and connectivity solutions elsewhere (hint: not within the borders of Festung Europa) and prices on comparable products and services will be higher in the EU.
Who else will get access to these vast tanks of people profiling data? The press release mentions "judicial authorities from an EU Member State". For a long while now the music industry has tried to clamp down on pirating over P2P networks, downloading of illegal music and movies. This is their dream come through. Of course they are already making inquiries as to get access to these log files.
Complete and utter stupidity. Expensive stupidity. How many of the citizens of Europe are law abiding citizens (at least in areas relevant for this directive...)? 99%? 99,5%? How about leaving this majority of people alone, let them go about their daily business without risking having indications on their medical conditions, sexual desires, employment thoughts, political opinions and love affairs registered? How about going after the bad guys instead of watching those supposed to be protected as if they were all criminals?
URL: European Parliament press release
URL: Bloomberg - EU Parliament Approves Storage
URL: More background over at PC Pro
URL: Links on the topic (del.icio.us)
UPDATE: Anders Gardebring, an acquaintance of mine, wrote about how he just now quit his membership (in Swedish) in his political party of choice following some statements of Inger Segelström, one of the Swedish EU parlamentarians backing the suggestion. Basically what she is saying in response to questions about the consequences of the bill shows a total lack of competence in the areas surrounding the issues of the law she has just been part of voting for.
He also wrote about the software known as Tor, a tool to "confuse" the routing of your Internet traffic, protecting you against big brotheresque attempts of monitoring your traffic data. For the geeks, it feels good to say that Tor is distributed as Free Software under the 3-clause BSD license. For the non-geeks: that means it is free for you to download and use.
Ah. As in nature, life finds a way.
UPDATE: Another aspect of the extended logging and a most probable consequence of this new law is that reporters and news media will run into problems when it comes to protecting their sources. Brilliant. I see free speech starting to crumble already.
In Sweden a source of information to a journalist has constitutional rights to be protected. How is this supposed to fit with the new law?
Comments