Wednesday, July 8, 2015
Sophie Stalla-Bourdillon , Evangelia Papadaki and Tim Chown (University of Southampton , University of Southampton and University of Southampton) have posted Metadata, Traffic Data, Communications Data, Service Use Information... What is the Difference? Does the Difference Matter? An Interdisciplinary View from the UK (Serge Gutwirth & Ronald Leenes, Data Protection on the Move, Springer 2015) on SSRN. Here is the abstract:
In the wake of the Snowden revelations, it has become standard practice to rely upon the dichotomies metadata/data or metadata/content of communications to delineate the remit of the surveillance and investigation power of law enforcement agencies as well as the range of data retention obligations imposed upon telecommunications operators and in particular Internet service providers (ISPs). There is however no consensual definition of what metadata is and different routes can be taken to describe what metadata really covers. The key question is whether or to which extent metadata should be treated akin to content data for the purposes of identifying the categories of data which shall actually be retained by telecommunications operators and to which law enforcement agencies can have access. In an attempt to answer the question, this paper provides an understanding of what metadata is and what their diversity is by following two steps. First, adopting an interdisciplinary approach, we argue that three types of metadata should be distinguished in relation to the nature of the activity of the service provider processing them and their level in a network communications - network-level, application-level metadata, and service-use metadata - and we identify three types of criteria to classify these metadata and determine whether they should be deemed as akin to content data. Second, we compare these categories with legal concepts and in particular UK legal concepts to assess to which extent law-makers have managed to treat content data and metadata differently.