DRletter: Unterschied zwischen den Versionen

Aus Freiheit statt Angst!
Zur Navigation springen Zur Suche springen
 
(22 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 12: Zeile 12:
  
  
<div align="right">1 September 2010</div>
+
<div align="right">15 November 2010</div>
  
  
Zeile 18: Zeile 18:
  
  
Thank you for your reply of 12 July to the joint letter of more than 100 organisations from 23 European countries asking you to “propose the repeal of the EU requirements regarding data retention in favour of a system of expedited preservation and targeted collection of traffic data”.  
+
Thank you for your reply of 7 October to my letter proposing to remove the obligation in Directive 2006/24/EC to indiscriminately retain information on the daily communications and movements of all 500 mio. citizens in the EU.
  
I welcome your intention to assess the proportionality of directive 2006/24, and I support the opinion you gave in this regard as a Member of European Parliament: “''I have so far not been convinced by the arguments for developing extensive systems for storing data, telephone conversations, e-mails and text messages. Developing these would be a very major encroachment on privacy, with a high risk of the systems being abused in many ways. The fact is that most of us, after all, are not criminals.''”<ref name="ftn1">Debate of 7 September 2005, http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+CRE+20050907+ITEM-002+DOC+XML+V0//EN&query=INTERV&detail=3-044.</ref> This statement also illustrates an understanding of the fact that such encroachments must be ''necessary'' rather than simply occasionally useful.
+
'''1) Differentiated application of the Directive'''
  
In your [http://www.vorratsdatenspeicherung.de/images/reply_malmstroem.pdf reply] of 12 July you ask for more information regarding two statements in our letter: “Studies prove that the communications data available without data retention are generally sufficient for effective criminal investigations. Blanket data retention has proven to be superfluous, harmful or even unconstitutional in many states across Europe, such as Austria, Belgium, Germany, Greece, Romania and Sweden.
+
You write that you do not at this stage see any reason to envisage a differentiated application of the Directive if the evaluation comes to the conclusion that the retention of data is necessary and proportionate.
  
'''1) Blanket data retention has proven to be superfluous'''
+
We hope very much that the new Commission will come to the conclusion that blanket retention of communications data is not necessary and proportionate. The EU Court of Justice only this week ruled invalid regulations requiring the indiscriminate publication of personal data of all beneficiaries of EAGF and EAFRD aid, arguing that "it is possible to envisage measures which affect less adversely that fundamental right of natural persons and which still contribute effectively to the objectives of the European Union rules in question".<ref>Judgement of 9 November 2010, C‑92/09 and C‑93/09, § 86.</ref> I am confident that the Commission will find that data preservation, affecting citizens far less adversely, still contributes effectively to the prosecution of serious crime. The number of convictions etc. that were a result of using retained data does not demonstrate that these convictions etc., or this number of convictions etc., were only made possible through indiscriminate retention of information on the communications of the entire population. In order to comply with the test established by the EU Court of Justice, it is indispensable to examine whether the crime rate or the crime clearance rate differs in a statistically significant manner in countries using targeted data preservation as compared with countries that have blanket retention schemes in place, and whether the coming into effect of retention legislation in a country has any statistically significant effect on crime, crime clearance rates, the number of convictions etc. in that country or not. Certainly the Court of Justice will also examine these issues when asked to rule on the validity of the data retention directive next year.
  
This statement firstly relies on the experience of states around the world whose law enforcement agencies operate successfully without relying on blanket data retention. Among these states are Germany, Austria, Belgium, Greece, Romania, Sweden, Canada and EU member states with data retention legislation that is not yet being applied. The absence of data retention legislation does not lead to a rise in crime in those states, or to a decrease in crime clearance rates, not even in regard to Internet crime. Nor did the coming into force of data retention legislation have any statistically significant effect on crime or crime clearance.
+
Even if the new Commission chose to maintain the position that blanket retention of communications data was necessary and proportionate, it is important to acknowledge that there are good political reasons for national parliaments to opt for a targeted preservation of suspect data instead, as is successfully practised in Europe and beyond. In my last letter I have set out in detail why blanket data retention has proven to be superfluous, harmful or even unconstitutional in many states. So if the Commission decides to uphold the principle of blanket retention at all, it must leave it to national parliaments and constitutional courts to decide whether or not they make use of that radical instrument. The German Minister of Justice has assured me that she is of the same opinion.  
  
This is exemplified by statistics published by the German Federal Crime Agency (BKA):
+
I understand that the Commission initially proposed a harmonised regime to prevent providers under a retention obligation from being disadvantaged in comparison to other providers. Yet these economical differences can be eliminated by fully compensating providers for the cost involved in blanket retention, or even by imposing duties on providers under no such obligation. If a Member State can demonstrate that it does not need blanket data retention to prosecute crime effectively, and that no obstacle to the functioning of the internal market is created, there is no reason for the European Union to still impose the unacceptable blanket retention regime on it and its citizens.
  
{| class="prettytable"
+
That being said, I hope to have demonstrated that there are good reasons for a differentiated application of the Directive, if the principle of blanket retention is to be upheld at all.
| '''German Crime Statistics '''
 
| 2005 ''(no data retention)''
 
| 2006 ''(no data retention)''
 
| 2007 ''(no data retention)''
 
| 2008 ''(telephone data retention in force)''
 
| 2009 ''(telephone and Internet data retention in force)''
 
  
|-
+
'''2) Involvement of civil society in the expert group'''
| Registered crime
 
| [http://www.bka.de/pks/pks2008/p_2_1_1.pdf 6'391'715]
 
| [http://www.bka.de/pks/pks2008/p_2_1_1.pdf 6'304'223]
 
| [http://www.bka.de/pks/pks2008/p_2_1_1.pdf 6'284'661]
 
| [http://www.bka.de/pks/pks2008/p_2_1_1.pdf 6'114'128]
 
| [http://www.bka.de/pks/pks2009/download/pks2009_imk_kurzbericht.pdf 6'054'330]
 
  
|-
+
All along the process of evaluation and revising the Directive, the Commission is involving the expert group "the platform on electronic data retention", set up by Commission Decision 2008/324/EC, whose mandate is inter alia to assist the Commission with the evaluation of the Directive, and to provide feedback from stakeholders. Although the Commission has decided that the group should initially be composed of law enforcement, industry, European Parliament and data protection representatives, it has expressly reserved to also "invite official representatives of [...] non-governmental organisations to participate in its meetings".<ref>Article 5 of Decision 2008/324/EC.</ref>
| Clearance rate
 
| [http://www.bka.de/pks/pks2005/download/pks-jb_2005_bka.pdf 55.0%]
 
| [http://www.bka.de/pks/pks2007/download/pks-jb_2007_bka.pdf 55.4%]
 
| [http://www.bka.de/pks/pks2007/download/pks-jb_2007_bka.pdf 55.0%]
 
| [http://www.bka.de/pks/pks2008/download/pks-jb_2008_bka.pdf 54.8%]
 
| [http://www.bka.de/pks/pks2009/download/pks2009_imk_kurzbericht.pdf 55.6%]
 
  
|-
+
As an official representative of the Working Group on Data Retention (AK Vorrat), I respectfully ask the Commission to invite me to future meetings of the platform on electronic data retention, as of 6 December 2010. I can provide feedback from the coalition of over 100 civil liberties, data protection and human rights associations, crisis line and emergency call operators, professional associations of journalists, jurists and doctors, trade unions and consumer organisations that represent those whose communications are being registered under the Directive. I can also feed in the position of European Digital Rights, being an observer to this group. Since a proper and careful balancing of the fundamental rights of citizens is required by the EU Court of Justice,<ref>Judgement of 9 November 2010, C‑92/09 and C‑93/09, § 86.</ref> the involvement of civil society in every step of the process of revising the Directive is crucial. Being a jurist and having been closely involved with the developments surrounding data retention for years, my expertise can be valuable to the work of the platform and the Commission.  
| Registered Internet crime
 
| [http://www.bka.de/pks/pks2005/download/pks-jb_2005_bka.pdf 118'036]
 
| [http://www.bka.de/pks/pks2007/download/pks-jb_2007_bka.pdf 165'720]
 
| [http://www.bka.de/pks/pks2007/download/pks-jb_2007_bka.pdf 179'026]
 
| [http://www.bka.de/pks/pks2008/download/pks-jb_2008_bka.pdf 167'451]
 
| [http://www.bka.de/pks/pks2009/download/pks2009_imk_kurzbericht.pdf 206'909]
 
  
|-
+
By inviting a civil society representative, the Commission would demonstrate that it is serious about fully taking into account the views of all stakeholders, rather than rushing the revision of the Directive as much as the original proposal was. We would welcome the invitation of a civil society representative as an important sign of good-will to the public.
| Clearance rate for Internet crime
 
| [http://www.bka.de/pks/pks2005/download/pks-jb_2005_bka.pdf 84.9%]
 
| [http://www.bka.de/pks/pks2007/download/pks-jb_2007_bka.pdf 84.4%]
 
| [http://www.bka.de/pks/pks2007/download/pks-jb_2007_bka.pdf 82.9%]
 
| [http://www.bka.de/pks/pks2008/download/pks-jb_2008_bka.pdf 79.8%]
 
| [http://www.bka.de/pks/pks2009/download/pks-jb_2009_bka.pdf 75.7%]
 
|}
 
 
 
Statistics published by the Ministry of the Interior of the Czech Republic and by The Police of the Czech Republic:
 
 
 
{| class="prettytable"
 
| '''Czech Crime Statistics '''
 
| 2003 ''(no data retention)''
 
| 2004 ''(no data retention)''
 
| 2005 ''(telephone and Internet data retention introduced)''
 
| 2006 ''(telephone and Internet data retention in force)''
 
| 2007 ''(telephone and Internet data retention in force)''
 
| 2008 ''(telephone and Internet data retention in force)''
 
| 2009 ''(telephone and Internet data retention in force)''
 
 
 
|-
 
| Registered crime
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2003/index.html 357'740]
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2004/index.html 351'629]
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2005/index.html 344'060]
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2006/index.html 336'446]
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2007/index.html 357'391]
 
| [http://www.policie.cz/clanek/statisticke-prehledy-kriminality-725362.aspx 343'799]
 
| [http://www.policie.cz/clanek/statisticke-prehledy-kriminality-327216.aspx 332'829]
 
 
 
|-
 
| Clearance rate
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2003/index.html 37.9%]
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2004/index.html 38.2%]
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2005/index.html 39.3%]
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2006/index.html 39.7%]
 
| [http://aplikace.mvcr.cz/archiv2008/statistiky/krim_stat/2007/index.html 38.9%]
 
| [http://www.policie.cz/clanek/statisticke-prehledy-kriminality-725362.aspx 37.2%]
 
| [http://www.policie.cz/clanek/statisticke-prehledy-kriminality-327216.aspx 38.3%]
 
 
 
|-
 
| Number of data retention requests
 
| [-]
 
| [-]
 
| [NA]
 
| [NA]
 
| [NA]
 
| [http://www.lupa.cz/clanky/digitalni-spiclovani-uzivatelu-znovu-tematem-dne/ 131'560]
 
| [http://www.slidilove.cz/content/iure-oslovilo-policii-cr-s-dotazem-na-prakticke-vyuzivani-data-retention-udaju 145'368]
 
|}
 
 
 
Notwithstanding this comprehensive evidence, I would like to recall that we cannot be expected to prove that blanket data retention is superfluous. The onus of proof regarding the alleged necessity of blanket data retention is clearly on its proponents. In our response<ref name="ftn3">Antworten auf den Fragebogen der Europäischen Kommission vom 30.09.2009 zur Vorratsdatenspeicherung, [http://www.vorratsdatenspeicherung.de/images/antworten_kommission_vds_2009-11-13.pdf http://www.vorratsdatenspeicherung.de/images/antworten_kommission_vds_2009-11-13.pdf], p. 29.</ref> to your evaluation questionnaire we have explained why access statistics, anecdotal evidence or perceived utility<ref name="ftn2">Such as cited in the “Overview of information management in the area of freedom, security and justice”, COM(2010)385, p. 36, as well as in a “Room Document”, [http://www.vorratsdatenspeicherung.de/images/RoomDocumentEvaluationDirective200624EC.pdf http://www.vorratsdatenspeicherung.de/images/RoomDocumentEvaluationDirective200624EC.pdf].</ref> do not prove a need for blanket data retention: Successful requests for traffic data retained under directive 2006/24 do not prove that data would otherwise have been lacking, despite the commercial billing data stored under directive 2002/58 and extra data stored in compliance with specific judicial orders. Even where extra data is disclosed under data retention schemes, it often has no influence on the outcome of investigation procedures.
 
 
 
The possible occasional utility of access to communications data by law enforcement agencies does not mean that there was a need to retain such data indiscriminately. The European Court of Human Rights has consistently held that mere usefulness does not satisfy the test of necessity.<ref name="ftn4">Silver v. UK (1983) 5 EHRR 347, § 97.</ref> As there is a danger that the Commission might rely on inconclusive data provided by member states, I would like to cite the European Court of Human Rights' critical comments on similar data regarding the retention of biometric data: “''It is true, as pointed out by the applicants, that the figures do not reveal the extent to which this 'link' with crime scenes resulted in convictions of the persons concerned or the number of convictions that were contingent on the retention of the samples of unconvicted persons. Nor do they demonstrate that the high number of successful matches with crime-scene stains was only made possible through indefinite retention of DNA records of all such persons. At the same time, in the majority of the specific cases quoted by the Government (see paragraph 93 above), the DNA records taken from the suspects produced successful matches only with earlier crime-scene stains retained on the data base. Yet such matches could have been made even in the absence of the present scheme''”.<ref name="ftn5">Marper v United Kingdom (2009) 48 EHRR 50, § 116.</ref>
 
 
 
An independent study commissioned by the German government found that among a sample set of 1.257 law enforcement requests for traffic data made in 2005, only 4% of requests could not be (fully) served for a lack of retained data.<ref name="ftn6">Max Planck Institute for Foreign and International Criminal Law, The Right of Discovery Concerning Telecommunication Traffic Data According to §§ 100g, 100h of the German Code of Criminal Procedure, March 2008, [http://dip21.bundestag.de/dip21/btd/16/084/1608434.pdf http://dip21.bundestag.de/dip21/btd/16/084/1608434.pdf], p. 150.</ref> Taking into account the total number of criminal investigation procedures in 2005, only 0.01% of investigations were affected by a lack of traffic data.<ref name="ftn7">Starostik, Pleadings of 17 March 2008, [http://www.vorratsdatenspeicherung.de/images/schriftsatz_2008-03-17.pdf http://www.vorratsdatenspeicherung.de/images/schriftsatz_2008-03-17.pdf], p. 2.</ref> About one third of the suspects in those procedures were still taken to court on the basis of other evidence.<ref name="ftn8">Starostik, Pleadings of 17 March 2008, p. 2.</ref> Moreover 72% of investigations with fully successful requests for traffic data did not result in an indictment.<ref name="ftn9">Starostik, Pleadings of 17 March 2008, p. 2.</ref> All in all, blanket data retention would have made a difference to only 0.002% of criminal investigations.<ref name="ftn10">Starostik, Pleadings of 17 March 2008, p. 2.</ref> This number does not change significantly when taking into account that in the absence of a blanket data retention scheme, less requests are made in the first place.<ref name="ftn11">Starostik, Pleadings of 17 March 2008, p. 2.</ref>
 
 
 
Similarly a dutch study of 65 case files found that requests for traffic data could "nearly always" be served even in the absence of compulsory data retention.<ref>Erasmus University Rotterdam, Who retains something has something, 2005, http://www.erfgoedinspectie.nl/uploads/publications/Wie%20wat%20bewaart.pdf, p. 43.</ref> The cases studied were almost all solved or helped using traffic data that was available without compulsory data retention.<ref>Erasmus University Rotterdam, Who retains something has something, 2005, http://www.erfgoedinspectie.nl/uploads/publications/Wie%20wat%20bewaart.pdf, p. 28.</ref>
 
 
 
The German Federal Crime Agency (BKA) counted only 381 criminal investigation procedures in which traffic data was lacking in 2005.<ref name="ftn12">Starostik, Pleadings of 17 March 2008, p. 2.</ref> In view of a total of 6 million procedures in 2005, no more than 0.01% of criminal investigation procedures were potentially affected. In the absence of a blanket traffic data retention regime, German law enforcement agencies have consistently cleared more than 70% of all reported Internet offences, significantly outperforming the average crime clearance rate of about 50%. The coming into force of data retention legislation did not have any statistically significant effect on crime rates or crime clearance rates.
 
 
 
'''2) Blanket data retention has proven to be harmful'''
 
 
 
A poll<ref name="ftn13">Forsa, Opinions of citizens on data retention, 2 June 2008, [http://www.eco.de/dokumente/20080602_Forsa_VDS_Umfrage.pdf http://www.eco.de/dokumente/20080602_Forsa_VDS_Umfrage.pdf] or [http://www.webcitation.org/5sLeT8Goj http://www.webcitation.org/5sLeT8Goj].</ref> of 1,000 Germans found in 2008 that indiscriminate bulk data retention is acting as a serious deterrent to the use of telephones, mobile phones, e-mail and Internet. The survey conducted by research institute Forsa found that with communications data retention in place, one in two Germans would refrain from contacting a marriage counsellor, a psychotherapist or a drug abuse counsellor by telephone, mobile phone or e-mail if they needed their help. One in thirteen people said they had already refrained from using telephone, mobile phone or e-mail at least once because of data retention, which extrapolates to 6.5 mio. Germans in total. There can be no doubt that obstructing confidential access to help facilities poses a danger to the physical and mental health of people in need as well as of the people around them.
 
 
 
In a poll of 1,489 German journalists commissioned in 2008, one in fourteen journalists reported that the awareness of all communications data being retained had at least once had a negative effect on contacts with their sources.<ref name="ftn0">Meyen/Springer/Pfaff-Rüdiger, Free Journalists in Germany, 20 May 2008, [http://www.dfjv.de/fileadmin/user_upload/pdf/DFJV_Studie_Freie_Journalisten.pdf http://www.dfjv.de/fileadmin/user_upload/pdf/DFJV_Studie_Freie_Journalisten.pdf] or [http://www.webcitation.org/5sLdXIt55 http://www.webcitation.org/5sLdXIt55], p. 22.</ref> The inability to electronically receive information through untraceable channels with blanket data retention in place affects not only the press, but all watchdogs including government authorities.
 
 
 
Apart from this statistical evidence the German Working Group on Data Retention has received ample reports on negative effects of data retention, which have been summarised in our response to your evaluation questionnaire.<ref name="ftn14">Antworten auf den Fragebogen der Europäischen Kommission vom 30.09.2009 zur Vorratsdatenspeicherung, [http://www.vorratsdatenspeicherung.de/images/antworten_kommission_vds_2009-11-13.pdf http://www.vorratsdatenspeicherung.de/images/antworten_kommission_vds_2009-11-13.pdf], p. 2.</ref> The indiscriminate retention of all communications data turned out to disrupt confidential communications in many areas, affecting victims of sexual abuse, political activists, journalists, accountants, lawyers, businessmen, psychotherapists, drugs advisers and crisis line operators.
 
 
 
A poll of 2,176 Germans found in 2009 that 69.3% oppose data retention, making it the most strongly rejected surveillance scheme of all, including biometric passports, access to bank data, remote computer searches or PNR retention.<ref name="ftn15">Infas poll, [http://www.vorratsdatenspeicherung.de/images/infas-umfrage.pdf http://www.vorratsdatenspeicherung.de/images/infas-umfrage.pdf]. </ref> It appears the public opinion has not yet been tested on a European scale. We would be happy to assist in preparing a Eurobarometer poll on the matter though. A 2008 Eurobarometer poll found that a large majority of 69-81% of EU citizens rejected the idea of “monitoring” the Internet use or phone calls of non-suspects even in light of the fight against international terrorism.<ref name="ftn16">Flash Eurobarometer, Data Protection in the European Union, February 2008,[http://ec.europa.eu/public_opinion/flash/fl_225_en.pdf  http://ec.europa.eu/public_opinion/flash/fl_225_en.pdf], p. 48 (32+18+19=69%, 35+21+25=81%).</ref>
 
 
 
'''3) Blanket data retention has proven to be unconstitutional'''
 
 
 
Last year the Romanian Constitutional Court found that data retention per se breached Article 8 of the European Convention on Human Rights: “[Data retention] equally addresses all the law subjects, regardless of whether they have committed penal crimes or not or whether they are the subject of a penal investigation or not, which is likely to overturn the presumption of innocence and to transform a priori all users of electronic communication services or public communication networks into people susceptible of committing terrorism crimes or other serious crimes. Law 298/2008 [applies] practically to all physical and legal persons users of electronic communication services or public communication networks – so, it cannot be considered to be in agreement with the provisions in the Constitution and Convention for the defence of human rights and fundamental freedoms regarding the guaranteeing of the rights to private life, secrecy of the correspondence and freedom of expression.”<ref name="ftn17">Constitutional Court of Romania, decision of 8 October 2009, [http://www.legi-internet.ro/english/jurisprudenta-it-romania/decizii-it/romanian-constitutional-court-decision-regarding-data-retention.html http://www.legi-internet.ro/english/jurisprudenta-it-romania/decizii-it/romanian-constitutional-court-decision-regarding-data-retention.html]. </ref>
 
 
 
The Federal Constitutional Court of Germany then ruled the German data retention requirements unconstitutional and void for being disproportionate in their concrete form.<ref name="ftn21">Federal Constitutional Court of Germany, decision of 2 March 2010, [http://www.bverfg.de/en/press/bvg10-011en.html http://www.bverfg.de/en/press/bvg10-011en.html]. </ref> Although the Court considered that data retention did not per se breach the German constitution, it made clear that surveillance programs may not exceed an absolute overall constitutional threshold that exists for the collection of personal data by governments. The Court did not assess the compatibility of data retention with the European Convention on Human Rights or with the EU Charter of Fundamental Rights, but it found that telecommunications data retention would bring the surveillance situation in Germany already very close to this barrier. Future surveillance measures might be found unconstitutional not even for being disproportionate in themselves, but for passing this absolute overall surveillance barrier. Therefore, maintaining blanket and superfluous data retention jeopardizes the constitutionality of more effective and targeted future measures.
 
 
 
There are further complaints pending before the Hungarian Constitutional Court<ref name="ftn19">Hungarian Civil Liberties Union, Constitutional Complaint Filed by HCLU Against Hungarian Telecom Data Retention Regulations, 2 June 2008, [http://tasz.hu/en/data-protection/constitutional-complaint-filed-hclu-against-hungarian-telecom-data-retention-regulat http://tasz.hu/en/data-protection/constitutional-complaint-filed-hclu-against-hungarian-telecom-data-retention-regulat]. </ref> and before the Irish High Court. Recently, the Irish High Court ruled in favour of a request to challenge the Data Retention Directive at the EU Court of Justice.<ref name="ftn20">High Court of Ireland, decision of ..., [http://www.scribd.com/doc/30950035/Data-Retention-Challenge-Judgment-re-Preliminary-Reference-Standing-Security-for-Costs http://www.scribd.com/doc/30950035/Data-Retention-Challenge-Judgment-re-Preliminary-Reference-Standing-Security-for-Costs]. </ref><nowiki> The Court found that data retention had the potential to be of “importance to the whole nature of our society”. “[I]t is clear that where surveillance is undertaken it must be justified and generally should be targeted”. The Court ruled that civil liberties campaign group Digital Rights Ireland had the right to contest “whether the impugned provisions violate citizen's rights to privacy and communications” under the EU treaties, the European Convention on Human Rights and the EU Charter of Fundamental Rights. The reference to the EU Court of Justice is expected in the next weeks.</nowiki>
 
 
 
The Court of Justice can be expected to follow the previous rulings and annul directive 2006/24, having regard to the jurisprudence of the European Court of Human Rights. The Grand Chamber of the latter Court found in 2008 that the retention of biometrics on mere suspects breached Article 8 of the European Convention on Human Rights: “''In conclusion, the Court finds that the blanket and indiscriminate nature of the powers of retention of the fingerprints, cellular samples and DNA profiles of persons suspected but not convicted of offences, as applied in the case of the present applicants, fails to strike a fair balance between the competing public and private interests and that the respondent State has overstepped any acceptable margin of appreciation in this regard. Accordingly, the retention at issue constitutes a disproportionate interference with the applicants' right to respect for private life and cannot be regarded as necessary in a democratic society.''”<ref name="ftn18">European Court of Human Rights, decision of 4 December 2008, [http://www.webcitation.org/5g6FzdBr4 http://www.webcitation.org/5g6FzdBr4], § 125.</ref> This assessment of the collection of identification data on 5 million citizens<ref name="ftn22">Human Genetics Commission, Nothing to hide, nothing to Fear?, November 2009, [http://www.hgc.gov.uk/UploadDocs/DocPub/Document/Nothing%20to%20hide,%20nothing%20to%20fear%20-%20online%20version.pdf http://www.hgc.gov.uk/UploadDocs/DocPub/Document/Nothing%20to%20hide,%20nothing%20to%20fear%20-%20online%20version.pdf], p. 4.</ref> must, ''a fortiori'', apply to the much larger collection of information on the daily communications of 500 million citizens throughout the EU.
 
 
 
'''4) Proposal'''
 
 
 
Repealing directive 2006/24 would not prevent member states from maintaining data retention schemes and would remove the upper limits the directive sets. We are therefore currently discussing, both in our coalition and with industry, a joint proposal to limit the application of directive 2006/24 to Member States that decide to impose data retention nationally. According to this proposal, directive 2006/24 should be amended to give Member States a choice: First the option of sticking with directive 2002/58 and the Council of Europe's Convention on Cybercrime that sets an international standard for a system of expedited preservation and targeted collection of traffic data. Second the option of a harmonised and minimised data retention scheme with compulsory cost reimbursement for providers. There are many advantages to such a two-pronged proposal in comparison to a mere repetition, more or less, of the initial proposal that was put forward by the Commission in 2005.<ref name="ftn23">COM(2005)438.</ref> I am setting out some of those advantages in a separate document attached to this letter.
 
 
 
We would welcome very much your embracing of this concept in the upcoming evaluation report, and in a subsequent legislative proposal. Please be assured of our full support in removing the compulsory EU requirements regarding blanket communications data retention.
 
  
  
Zeile 160: Zeile 50:
 
*Ms Viviane Reding, Vice President
 
*Ms Viviane Reding, Vice President
 
*Ms Neelie Kroes, Vice President
 
*Ms Neelie Kroes, Vice President
 
+
*Mr, John Dalli
 
 
'''Draft Proposal regarding Telecommunications Data Retention'''
 
 
 
The EU data retention directive, adopted in 2006, currently requires all 27 EU Member States to compel telecommunications and Internet companies to indiscriminately collect data about all of their customers' communications. “The majority of Member States do not reimburse costs incurred by operators to retain and retrieve data”, the Commission reports. Industry has so far been lobbying for replacing the current directive with a harmonised data retention regime that includes a cost reimbursement provision.
 
 
 
'''Why should the Commission not solely propose a harmonised data retention regime with compulsory cost reimbursement?'''
 
 
 
A proposal to this effect is unlikely to succeed and may result in no changes to the data retention directive at all. This would mean that all providers in the EU would continue to be compelled to retain and hand over varying types of data, mostly at their own expense.
 
 
 
The Commission's initial proposal for the data retention directive (COM/2005/0438) already once suggested a uniform data retention regime with compulsory cost reimbursement. This proposal was clearly rejected by Member States due to differing legal traditions and due to the high cost of blanket data retention. This situation persists in 2010. It is unlikely a voting majority of the 27 EU Member States would be prepared to accept a uniform data retention regime with compulsory cost reimbursement.
 
 
 
In addition, even where some cost reimbursement is in place, it generally covers only a share of the total cost of retrieving, storing and handing over of bulk data. Data retention is never profitable but always troublesome and distracts providers from their business. The constant risk of a theft, loss or abuse of sensitive communications data puts providers' reputation at risk. Customers generally dislike a blanket retention of their communications data in the absence of any suspicion.
 
 
 
'''What proposal should the Commission make instead?'''
 
 
 
The EU data retention directive should offer two alternatives to member states: First the option of a modest and harmonised data retention scheme with compulsory cost reimbursement. Second the option of no national data retention scheme at all (but instead a system of expedited preservation and targeted collection of traffic data as agreed in the Council of Europe's Convention on Cybercrime).
 
 
 
'''What are the advantages of an optional approach?'''
 
 
 
National data retention provisions need to be harmonised only where they are in place. In other member states directive 2002/58 is achieving an even better harmonization. While it is true that making data retention optional does not provide for total harmonisation, neither does the current directive. The national implementations currently in force vary so widely in terms of data types, storage periods, reimbursement and access that the situation is actually more harmonised in countries that have decided to stick with directive 2002/58 and not impose blanket data retention at all. Making data retention optional at the EU level would also remove the legal risk of directive 2006/24 being annulled. Furthermore it would take into account the situation of Member States that are legally unable (Romania) or politically unwilling to introduce blanket data retention legislation.
 
 
 
For industry, optional data retention is the only feasible way to prevent Member States from adopting or maintaining costly and uncompensated data retention requirements. Member States are more likely to accept a harmonised data retention regime with compulsory cost reimbursement if they are given the alternative to opt out. Some Member States would be happy not to introduce data retention requirements at all for political, constitutional of financial reasons. The German liberal party has already decided not to re-introduce data retention legislation if given a choice by the EU. Romania has been ordered not to re-introduce data retention legislation by its Constitutional Court. At present several states across Europe do not have data retention requirements in place (e.g. Austria, Belgium, Germany, Greece, Romania, Sweden). Whereas the current data retention directive will ultimately force thousands of providers in these countries to retain data at their own cost, an optional directive would take that burden off those providers entirely. Other Member States would still insist on having data retained, but could be convinced to accept having to compensate providers by at least reimbursing a fair share of their costs.
 
 
 
For citizens, making data retention optional would finally give national parliaments, the citizens (in referendums) and Constitutional Courts the opportunity to opt for a targeted approach instead of indiscriminately having the entire population's communications data retained. Differences in legal traditions, constitutions and political preferences in member states are too great to impose data retention on all Member States.
 
 
 
The Commission, industry and civil society jointly pushing for an optional directive as set out above could create political majorities that would otherwise not be possible to achieve. Civil society is a major political factor and has a strong interest in making the data retention directive optional. In June, more than 100 organisations from 23 European countries spoke out against data retention, including major NGOs such as EDRi, FFII and Human Rights Watch.
 
 
 
 
 
 
----
 
----
 
<references/>
 
<references/>
 +
 +
[[Kategorie:English]]
 +
[[Kategorie:International]]
 +
[[Kategorie:Vorratsdatenspeicherung]]
 +
[[Kategorie:Data Retention]]

Aktuelle Version vom 14. Mai 2011, 09:17 Uhr

Recipients

  1. Cecilia Malmström, European Commissioner for Home Affairs, BE-1049 Brussels, Belgium
  2. Viviane Reding, European Commission Vice-President with responsibility for Justice, Fundamental Rights and Citizenship, BE-1049 Brussels, Belgium
  3. Neelie Kroes, European Commission Vice-President with responsibility for the Digital Agenda

Draft text

Cecilia Malmström

European Commissioner for Home Affairs

BE-1049 Brussels


15 November 2010


Dear Ms Malmström,


Thank you for your reply of 7 October to my letter proposing to remove the obligation in Directive 2006/24/EC to indiscriminately retain information on the daily communications and movements of all 500 mio. citizens in the EU.

1) Differentiated application of the Directive

You write that you do not at this stage see any reason to envisage a differentiated application of the Directive if the evaluation comes to the conclusion that the retention of data is necessary and proportionate.

We hope very much that the new Commission will come to the conclusion that blanket retention of communications data is not necessary and proportionate. The EU Court of Justice only this week ruled invalid regulations requiring the indiscriminate publication of personal data of all beneficiaries of EAGF and EAFRD aid, arguing that "it is possible to envisage measures which affect less adversely that fundamental right of natural persons and which still contribute effectively to the objectives of the European Union rules in question".[1] I am confident that the Commission will find that data preservation, affecting citizens far less adversely, still contributes effectively to the prosecution of serious crime. The number of convictions etc. that were a result of using retained data does not demonstrate that these convictions etc., or this number of convictions etc., were only made possible through indiscriminate retention of information on the communications of the entire population. In order to comply with the test established by the EU Court of Justice, it is indispensable to examine whether the crime rate or the crime clearance rate differs in a statistically significant manner in countries using targeted data preservation as compared with countries that have blanket retention schemes in place, and whether the coming into effect of retention legislation in a country has any statistically significant effect on crime, crime clearance rates, the number of convictions etc. in that country or not. Certainly the Court of Justice will also examine these issues when asked to rule on the validity of the data retention directive next year.

Even if the new Commission chose to maintain the position that blanket retention of communications data was necessary and proportionate, it is important to acknowledge that there are good political reasons for national parliaments to opt for a targeted preservation of suspect data instead, as is successfully practised in Europe and beyond. In my last letter I have set out in detail why blanket data retention has proven to be superfluous, harmful or even unconstitutional in many states. So if the Commission decides to uphold the principle of blanket retention at all, it must leave it to national parliaments and constitutional courts to decide whether or not they make use of that radical instrument. The German Minister of Justice has assured me that she is of the same opinion.

I understand that the Commission initially proposed a harmonised regime to prevent providers under a retention obligation from being disadvantaged in comparison to other providers. Yet these economical differences can be eliminated by fully compensating providers for the cost involved in blanket retention, or even by imposing duties on providers under no such obligation. If a Member State can demonstrate that it does not need blanket data retention to prosecute crime effectively, and that no obstacle to the functioning of the internal market is created, there is no reason for the European Union to still impose the unacceptable blanket retention regime on it and its citizens.

That being said, I hope to have demonstrated that there are good reasons for a differentiated application of the Directive, if the principle of blanket retention is to be upheld at all.

2) Involvement of civil society in the expert group

All along the process of evaluation and revising the Directive, the Commission is involving the expert group "the platform on electronic data retention", set up by Commission Decision 2008/324/EC, whose mandate is inter alia to assist the Commission with the evaluation of the Directive, and to provide feedback from stakeholders. Although the Commission has decided that the group should initially be composed of law enforcement, industry, European Parliament and data protection representatives, it has expressly reserved to also "invite official representatives of [...] non-governmental organisations to participate in its meetings".[2]

As an official representative of the Working Group on Data Retention (AK Vorrat), I respectfully ask the Commission to invite me to future meetings of the platform on electronic data retention, as of 6 December 2010. I can provide feedback from the coalition of over 100 civil liberties, data protection and human rights associations, crisis line and emergency call operators, professional associations of journalists, jurists and doctors, trade unions and consumer organisations that represent those whose communications are being registered under the Directive. I can also feed in the position of European Digital Rights, being an observer to this group. Since a proper and careful balancing of the fundamental rights of citizens is required by the EU Court of Justice,[3] the involvement of civil society in every step of the process of revising the Directive is crucial. Being a jurist and having been closely involved with the developments surrounding data retention for years, my expertise can be valuable to the work of the platform and the Commission.

By inviting a civil society representative, the Commission would demonstrate that it is serious about fully taking into account the views of all stakeholders, rather than rushing the revision of the Directive as much as the original proposal was. We would welcome the invitation of a civil society representative as an important sign of good-will to the public.


Yours sincerely,


...


cc.

  • Ms Viviane Reding, Vice President
  • Ms Neelie Kroes, Vice President
  • Mr, John Dalli

  1. Judgement of 9 November 2010, C‑92/09 and C‑93/09, § 86.
  2. Article 5 of Decision 2008/324/EC.
  3. Judgement of 9 November 2010, C‑92/09 and C‑93/09, § 86.