The information commissioner is warning the Council of Europe to take a "proportionate" approach towards the interception and retention of all electronic communications contained within the Cybercrime Convention.
Elizabeth France, the information commissioner, has heated up the European debate over police powers to snoop on communication traffic data and location data, warning that access to this data by law enforcement authorities should be "limited to cases where the need to prevent or detect crime or safeguard national security justifies the privacy intrusion". Her response contradicts UK demands for electronic data to be retained for up to seven years.
"The temptation to use [electronic data] as a more general resource to spot, and require individuals to account for, apparently suspicious patterns of activity should be resisted," said France within her response.
As the alarming outcome of the EP's recent Echelon report confirmed, the Internet and mobile telephony is not only providing new opportunities for criminals, but also expanding law enforcement methods of surveillance. One example is the global positioning services (GPS) available on mobile networks, which makes it increasingly possible to generate precise location data to track individual's movements. Conventional "telephone tapping" techniques may also become obsolete now that voice messages are increasingly being carried over the Internet rather than through traditional telephone systems.
But the Office of the Information Commissioner argues that developments in electronic communications are complicated by competence issues within Europe. "Telecoms issues fall within European competency, but it is unclear whether the retention of data by ISPs is a telecoms issue or a policy one," said Iain Bourne, strategic policy manager for the commissioner. "It's tedious European technical stuff."
France's warning follows the European Parliament (EP) Civil Liberties Committee's approval of a report by the radical MEP Marco Cappato yesterday, which states that electronic information should not be stored for longer than is necessary for the transmission of data and for traffic management purposes. Her response similarly points to concerns that the Cybercrime Convention is likely to breach Article 8 of the European Convention on Human Rights, which guarantees a person's right to privacy.
"Her comments are questioning the overall philosophy of the [Cybercrime Convention]," said Michael Ryan, partner at city law firm Arnold and Porter. "Measures incorporated within the Treaty should take proper account of other social values aside from detecting crime."
The Cybercrime Convention decision will go to a plenary session for ratification by the EP on 5 September, on the same day that the draft report on Echelon is discussed.
They can see you... Find out how and why in ZDNet UK's Surveillance News Section.
Have your say instantly, and see what others have said. Click on the TalkBack button and go to the Telecoms forum.