March 20, 2006
Privacy, Security & Data Retention in the EU
The European Parliament and Council have passed a new law titled the Data Retention Directive, despite concerns from the EU's privacy watchdog, the Article 26 Working Group. The Article 26 Working Group is made up of national data protection commissioners.
[The European Union is] facing [a] fundamental conflict between freedom and security needs when discussing plans to introduce European-wide preventive retention of all telecommunications traffic data including those on Internet use....It would also deeply interfere with the daily life of practically all European citizens using telephones or electronic services.
[If the Data Retention Directive is approved a] huge amount of information would become available revealing nearly all our contacts, our interests, our life style, our whereabouts, and finally: what we do, what we think, what we feel and thus, who we are. We know that even data processed by banks and other financial institutions with the highest security levels have become the subject of large-scale intrusion and misuse. A general obligation to store traffic data over a long period of time would not only restrict privacy.
Such a regulation would also produce new risks for data security and data confidentiality because hackers and other unauthorised persons would be interested in getting access to enormous amounts of sensitive data. Should we create such immense risks? |Article 26 Working Group|
Apparently the European Union has collectively decided that the benefits justify the risks. Archiving and indexing such a large volume of data will be a Herculean task and will undoubtedly generate scholarship in the field of information retrieval.
The question American privacy advocates may be asking is: will Europe's Data Retention Directive spawn similar proposals within the United States?
On the heels of the data retention directive, the European Commission has launched an investigation into Radio Frequency Identification (RFID) amid regulatory concerns over this new technology. Issues to be addressed include the privacy & security implications of RFID and therefore the degree of RFID standardization the EU should require of members states and trading partners.
In January the Register reported that the new Dutch passport's contactless card's security was breached and it is unclear if other European passport's security is similarly threatened.
Neal R. Axton, Reference Librarian, William Mitchell College of Law
TrackBack URL for this entry:
Listed below are links to weblogs that reference Privacy, Security & Data Retention in the EU :