TCS Daily

Privacy In Part

By Matthew Elliott - June 13, 2002 12:00 AM

BRUSSELS -- How would you describe a country that allows the police to access your telephone records, to monitor the websites you visit and to track your movements by tracing your mobile telephone signal?

How would you define a political system that passes such legislation following a threat by the Government to ignore the decision of the Parliament?

Acting under duress, the European Parliament recently approved legislation permitting the police to carry out such actions without warrant. The 'Council Directive' will be formally approved at the Telecommunications Council later this month and national parliaments will then transpose it into law.

How did a 'liberal democracy' come to approve such legislation?

At the start of the new millennium, European Union leaders pledged to make Europe the world's most high-technology economy by 2010. The final part of their showpiece telecommunications package - which covers telephones, faxes, SMS, e-mail and the Internet - was a Directive concerning "the protection of privacy in the electronic communications sector." Unsurprisingly for the Orwellian world of EU politics, an unnecessary piece of legislation to protect privacy has metamorphosed into what one civil liberties campaigner described as "the greatest threat to freedom for a generation."

The unnecessary elements of the Directive concern 'cookies' (the technology to track internet usage) and 'spam' (unsolicited commercial email). Websites will now have to provide users with clear and complete information concerning cookies, which they will then be allowed to refuse. With regards to spam, users will have to give their prior consent ('opt-in') to the sending of unsolicited advertising messages.

Far from promoting e-commerce, these measures could have the unintended consequence of stifling it in its infancy. People dislike spam if they are uninterested in the product. Whilst many people, for example, are offended by pornographic spam, most of us marvel when Amazon selects a book we then buy and enjoy. In short: more cookies means better spam.

For those who value privacy, the free market has already solved these 'problems' making the directive unnecessary. Software such as Anonymiser and Zero Knowledge provide privacy in cyberspace and programmes such as BrightMail and the inbox protector on Hotmail stop spam.

Both these issues are, however, less significant than the amendment to the Directive proposed by the European Council, on behalf of national governments, following 9/11. Meeting soon after the attacks, the Council emphasised, in characteristically understated language, "the need to keep the balance between the protection of civil liberties and the demands on security from the State." It then proposed the massive extension of police powers over telecommunications described above.

This amendment put the European Council on a collision course with the European Parliament. The representatives of the peoples of Europe maintained their position that data should only be retained for billing purposes. Seeing as the Directive required the approval of both bodies to come into force, there was deadlock. The opposition of the Parliaments was overcome when the Council, led by the British Government, threatened to implement the proposal via a 'Framework Decision', thus overriding the need for Parliamentary approval. The centre-right European People's Party (EPP) and centre-left Party of European Socialists (PES) gave in and accepted an amendment to lift data privacy "during a limited period" to conduct criminal investigations or safeguard national or public interest when it is a "necessary, appropriate and proportionate measure within a democratic society."

After the vote, the Italian 'rapporteur' (the Member of the European Parliament sponsoring the original Directive) Marco Cappato asked for his name to be removed from the report. As one European Parliament official commented to me: "What is a limited period of time? How long is a piece of string?"

Government action in this area has had the opposite effect than intended. Far from promoting technology, the extra costs of storing data will increase the transaction costs of business. Rather than protecting privacy, we will all now have less privacy.

The irony of ironies is that two days before the vote, the Internal Market Commissioner Frits Bolkestein expressed his "concerns" with Microsoft's .NET Passport system, which collects personal information when users log on to particular websites. The European Commission is now investigating its compatibility with privacy legislation "as a matter of priority."

So, business respecting privacy "yes", government respecting privacy "no". Who would you rather had your personal information: the diffuse powers of business or the centralised power of government? My advice: click on now.

Matthew Elliott is a writer based in Brussels and London.


TCS Daily Archives