On 24 March 2004 the Danish Ministry of Justice released a draft Administrative Order and a set of guidelines for mandatory retention of telecommunication traffic data. It is a follow-up to the 'anti-terror package' from 6 June 2002 (Act no. 378), that extended the minimum time for data retention to a year and allowed police and intelligence agents to look at such material with court permission where serious crimes were involved and to install on ISP servers software similar to the US Carnivore system to intercept e-mail.

The Administrative Order and the guidelines aim to regulate in detail the obligations of the Danish telecommunication providers (minor private ISPs included), specify how they must assist the Danish police interfering with the secrecy of communication, what data should be retained, and how it should be done. For internet, this means an obligation for providers to keep an extended mail server logfile with precise information who has been e-mailing whom, an extensive IP-registration of all incoming and outgoing IP-requests and an obligation to log all IP-addresses from visitors to chatrooms. Mobile telephony providers are to store all data about incoming and outgoing calls, including SMS and MMS, and all localisation data they generate for each call, even if the call is not successful.

On 29 July 2004 the French Constitutional Council decided that the proposed new data protection act is not unconstitutional, except for one provision (article 9.3), which has been suppressed from the law. The law is an adoption of the European privacy directive of 1995 (1995/46/EC), and was accepted by the French Senate on 15 July 2004.

The proposal to examine the law was submitted on 20 July by members of the French parliamentary opposition. They objected particularly against the powers granted in the new paragraph 9.4 to collecting societies and similar representatives of intellectual property rights to create files with telecommunication traffic data of supposed copyright infringers to 'mutualise the battle against the piracy of works'.

The Constitutional Council rejects this complaint explicitly, considering that existing safeguards established by other laws are sufficient, like

The Dutch government is 'in principle positive' about the proposal to store the telecommunication traffic data of all 450 million EU citizens for a period of 12 to 36 months. This point of view is expressed in a letter to the Dutch parliament about the proposal. As president of the EU, the Netherlands wish to press ahead with the proposal: "The Netherlands have a vested interest that the proposal takes priority."

The proposal was made by the UK, Ireland, France and Sweden on 28 April 2004, and followed by a questionnaire to the 25 EU member states about their current and intended data retention laws. Answers to the questionnaire had to be given by 29 July 2004, but the results will probably only become available at or after the next meeting of the working party on co-operation in criminal matters on 27 and 28 September 2004.

The Swiss data protection authorities and several political parties have used a governmental consultation round to protest against a proposal to introduce a new sectoral ID number for persons, the SPIN law.

According to the privacy authorities, the proposed law violates both constitutional and data protection principles. The new personal identification number would be sectoral and based on a central server within the federal justice department. But the sectors are not clearly defined or even analysed, thus violating the principle of proportionality.

To make it worse, the responsibilities for access, for security, transmission and usage of the PIN are not sufficiently clear. "This results in a lack of transparency and absence of indispensable protection measures." The privacy authorities demand a serious public debate and find the schedule for parliamentary debate (in the winter of 2004) much too early.

According to a report by the German Max Planck Institute for Foreign and International Criminal Law, Italy and the Netherlands are the wiretap champions of the Western world.

The report entitled 'Rechtswirklichkeit und Effizienz der Überwachung der Telekommunikation' researches the legal and practical situation in Germany regarding police wiretapping. The report also investigates the situation in surrounding countries, notably in Western Europe and the Anglo-Saxon countries.

The report concludes that Italy has the highest number of wiretaps per capita, 76 per 100.000 inhabitants. The Netherlands follow closely on the second place with 62 and Switzerland gets a third place with 32. Austria has the lowest number in Western-Europe with 9 wiretaps per 100.000 inhabitants. The statistics show a remarkable low figure for the Anglo-Saxon countries. The USA apply only 0,5 wiretaps for the given number of inhabitants. The statistics would mean that Italy engages into wiretapping about 140 times more often then the USA when compared to the number of inhabitants. The report does not go into the use of wiretaps by intelligences services and systems like Echelon.

On 28 July, Privacy International will celebrate the 6th annual UK Big Brother Awards ceremony. From about 300 nominees a 'Dirty Dozen' was selected for the shortlist. Award categories for this year are as they have been in past years: Worst Public Servant; Most Invasive Company; Most Appalling Project; Most Heinous Government Organisation and Lifetime Menace (now renamed the 'David Blunkett Lifetime Menace Award').

The number of nominations for Home Secretary Blunkett, the Home Office and the proposed National Identity Card far outweighed all other nominees, but their unpopularity will not be recognised this year because they have received awards in previous years. Among the favourites that are tipped to win is the Rt Hon Margaret Hodge MP, Minister of State for Children for Worst Public Servant. Hodge has received numerous nominations because of her patronage of the controversial tracking provisions in the Children Bill and for her determination to develop a wide spectrum of intrusive databases and information systems.

By verdict of 24 June 2004 the Appeals Court of Amsterdam in the Netherlands has to a large extent limited the freedom of internet users to express their opinion anonimously. The main issue in this principal case was whether internet provider Lycos was required to hand over the personal data of one of its subscribers to a third party. This third party, the Dutch lawyer and stamp trader Pessers, claimed this subscriber had treated him unlawfully. The appeal verdict largely confirms an ealier verdict by a judge at the District Court of Haarlem on 11 September 2003, against which Lycos appealed.

Mr Pessers trades in postage stamps on the auction portal eBay and was accused of fraud by a Lycos subscriber, who published Mr Pesser’s name on his website and provided an e-mail address for anyone to report fraudulent incidents they felt Mr Pessers had committed. After complaints from Mr Pessers, the site was removed and the text replaced with "Site removed to avoid legal actions!!". Subsequently Pessers demanded the personal data from the subscriber, but Lycos refused and was taken to court. After the initial verdict, Lycos did hand over the data, but only to find out the address data were false. Pessers started another procedure, to force Lycos to find other ways to retrieve the correct information, but that demand was declined on 1 April 2004. However, this case instigated a debate in the Netherlands whether internet service providers should be obliged to collect the correct information from their subscribers.

The Article 29 Working Party that oversees the implementation of the EU privacy directive has released its opinion on the current state of affairs regarding the transfer of passenger data from EU airlines to the U.S. Department of Homeland Security.

The Working Party notes that the Commission failed to take into account previous demands by the Working Party before authorizing its transfer to the U.S., particularly on the scope of the data, the retention period, and the ways in which the data is used. As the European Parliament is pursuing this case in the Courts, the Working Party is calling for some immediate 'essential' changes to the current practices to minimize the encroachments on passengers' rights.

These 'essential' changes include:

1. Replacing U.S. Customs direct access to reservation systems with a 'push' system where carriers send only the required information to the American authorities.