Over 21.000 people have already signed the new EDRI and XS4ALL petition against mandatory data retention. The petition is now available in 13 languages, including Bulgarian, Polish, Czech and Hungarian and will remain open for signatures until October 2005.

Divided per country, the Netherlands keep their number 1 position, with over 7.300 signatures. But relatively, the amount of signatures from Finland (almost 4.500) is actually much higher, when compared to the number of inhabitants (5 million). Germany is taking a third position with almost 3.500 signatures, followed by Austria and Italy with almost a 1.000 signatures each. France, Belgium and Sweden all have contributed over 500 signatures. The petition is also supported by 45 organisations and companies.

To engage more supporters to contribute to the campaign against data retention, EDRI has opened a special WIKI, based on the technology used by the online encyclopaedia Wikipedia. Everybody is invited to contribute background information and localised banners. The WIKI also contains a link-back list, to allow people to indicate they have put a banner to the petition on their homepage. Everybody interested in joining the fight against data retention may also subscribe to the open EDRI mailinglist on data retention.

European Digital Rights, together with the Dutch ISPs XS4ALL and Bit, launched an international petition today against mandatory data retention. The petition is aimed at the European Commission and the members of the European Parliament.

EDRI argues that retention of telecommunication traffic data is an invasive tool that interferes with the private life of all 450 million people in the European Union. Secondly, the petition points out that data retention is illegal under Article 8 of the European Convention on Human Rights, because it is disproportionate. Thirdly, the petition explains that security gained from retention may be illusory, as traffic data may easily point to another user and finally, the means through which this policy is being pursued are illegitimate.

In the next two months, EDRI hopes to collect an impressive amount of signatures from all over Europe, to convince Commission and Parliament that data retention is no solution against terrorism and crime. Supporters are kindly invited to help distribute information about this petition, by placing the banner on their sites or homepages and spread the news through mailinglists.

The European Commission has finally produced its draft directive on data retention. According to the Commission, all fixed and mobile telephony traffic and location data from all private and legal persons should be stored for 1 year. Data about communications 'using solely the internet protocol' should be stored for 6 months. The Commission does not provide any argument about the usefulness and necessity of data retention, but considers the directive to be proportionate if providers are reimbursed for 'demonstrated additional costs'. The last compromise achieved by the ministers of Justice and Home Affairs (the JHA Council) to create a two-step approach, starting with telephony data and introducing internet data retention at a later stage, is completely ignored by the Commission.

The Commission claims it seeks a balance between law enforcement, human rights and competition aspects by defining the purpose, limiting the categories and time period. The purpose is derived from Article 15 of the E-Privacy directive of 2002 and is actually larger than what the JHA Council proposed. The Commission includes the prevention of criminal offences and safeguarding national security, defence and public security besides the JHA purpose of the investigation, detection and prosecution of criminal offences.

Immediately after the London attacks on 7 July 2005, the National High Tech Crime Unit sent an e-mail to the UK provider association and to the London Internet Exchange asking for voluntary help in preserving traffic data of telephone and internet, but also the contents of e-mails, voice-mails and SMS. Some technicians outside of the UK responded in outrage at this request, comparing the request to asking the Postal Services to photocopy all post and pointed out the technical impossibility of storing tens of millions of e-mails a day.

But the UK ISP world remained extremely silent. Now it turns out the preservation was voluntarily offered by UK ISPA and it also turns out this is not the first time UK ISPs have voluntarily preserved massive amounts of sensitive data on all their customers. After the New York attacks, on 14 September 2001 the UK ISPA already recommended giving in to a preservation request from the Crime Unit. As one anonymous UK ISP remarked in a technical conversation: "they took six months to get back to us, without even mentioning they wanted the data." After that, the ISP deleted the records, because of the massive amount of necessary hard-disk space.

On Wednesday morning 13 July 2005 UK Home Secretary Charles Clarke met with the European Parliament Committee on Citizens' Rights, Justice and Home Affairs (LIBE). His plan to push through data retention during the UK presidency of the European Council, no matter in what pillar, met with great protest. The Social-Democrats, the Greens and the Liberals all referred to the legal advices recommending the issue should be dealt with in the first pillar, i.e. on a directive proposal from the European Commission and with full co-decision from the European Parliament. The liberal rapporteur on data retention, Alexander Alvaro, perhaps used the strongest words when he said "the LIBE Committee was not to be pushed into blind obedience" by the UK.

The influential social-democrat vice-president of the committee, Stavros Lambrinidis, added some very sharp questions about the lack of proof of the effectiveness of biometrics, of ID cards and of data retention. He also questioned the intentions of the JHA Council to deal with data retention without the full democratic scrutiny. Clarke said it didn't matter to him how the decision would be taken, as long as it was during the UK presidency, i.e. before 31 December 2005. He also explained he reached agreement with the European Commissioner for Justice, Frattini, to jointly work out a proposal that could be adopted within that timeframe. He didn't explain how he would deal with a possible rejection by the European Parliament. The group coordinator from the Greens, Kathalijne Buitenweg, immediately reminded Clarke the Parliament would take the Council to court if they proceeded on the third pillar path.

EDRI press release
Tuesday 12 July, 13.00 PM

European Digital Rights and Privacy International have sent an urgent letter today to the UK Presidency and the European Commissioners for Justice and Media to show restraint in tomorrow's extraordinary JHA Council. EDRI expects the UK Presidency to table a new urgent procedure for the proposal on telecommunication data retention, bypassing the European Commission and the European Parliament.

From 6 to 8 July 2005 the leaders of the 8 richest industrial countries, the G8, will meet in Gleneagles, Scotland. This upcoming G8-summit has been in the media spotlight for debating solutions to the world poverty, but is equally important as a driving force of the surveillance society. According to an article in the Guardian the leaders will discuss a plan to exchange and bundle terrorism research, computer material and possibly DNA and fingerprint samples, "testing the limits of data protection and privacy laws". This proposal was prepared by a 3 day meeting of the Justice and Home Affairs ministers in Sheffield, UK from 16 to 18 June 2005.

Researcher Tom Blickmann from the Dutch Trans National Institute recently published a convincing analysis of the previous law enforcement activities