Former Irish Chief Justice slams data retention as mass surveillance and threat to fundamental rights

On the plus side, at least Irish authorities will have to get juridical approval to access retained data under proposed government amendments.
Written by Chris Duckett, Contributor

Former Chief Justice of Ireland John L Murray has warned that retained telecommunications data poses a threat to "fundamental rights and freedoms" in a searing report [PDF] released on Tuesday alongside proposed amendments by the government to Ireland's data retention laws.

Murray said Ireland's data retention system touches every aspect of a person's communications profile for a lengthy period of time.

"[Data retention] establishes a form of mass surveillance of virtually the entire population of the state, involving the retention and storage of historic data, other than actual content, pertaining to every electronic communication, in any form, made by anyone and everyone at any time," he wrote.

"A vast amount of private information pertaining to the personal communications of virtually everyone in the state is now retained without the consent of those affected in databases maintained by each private service provider in fulfillment of its statutory obligations."

Ireland's data retention regime, enacted in 2011, mandates that data related to phone calls, text messages, and phone location be kept for two years and IP addresses for internet connections for one year. Due to a decision by the European Court of Justice (ECJ) striking down a European Union data retention directive in 2014, Ireland's laws in the area need to be modified to remain compliant.

The retained data is able to be currently accessed under a disclosure request by Irish Defence Forces, an officer of the Revenue Commissioners, the Garda Síochána (Irish Police), the Competition and Consumer Protection Commission, or anyone with an appropriate court order or authorisation by the Data Protection Commissioner. The legislation also allows for individuals to request the data kept on them.

The former chief justice warned that safeguards in place for state authorities to access retained data could be undermined by those agencies believing they are entitled to the data if it is deemed useful by them.

"Access to a person's private historical communications data is an intrusion on their rights and on data which is personal to them," Murray said. "Mere utility or potential utility is not the test.

"The potential threat to fundamental rights and freedoms arising from the statutory rights of access to retained data by state investigatory authorities is especially concerning."

Under proposals released by the Irish Minister for Justice and Equality Charlie Flanagan on Tuesday, the disclosure of data to the Garda Síochána and other agencies would only occur after judicial authorisation is acquired; however, the proposals also allow for the minister to unilaterally extend the categories of data being retained.

"It is important that Ireland's data retention laws remain robust and are updated in line with evolving case law coming from the ECJ," Flanagan said. "The ECJ has identified difficulties with the model that EU member states use to manage law enforcement access to communications data.

"All EU states will have to have regard to the evolving legislative landscape, and I want Ireland to be in the vanguard."

UK Home Secretary not deterred by failing to understand end-to-end encryption

UK Home Secretary Amber Rudd has said that WhatsApp's end-to-end encryption communication services allow paedophiles and organised crime groups to operate beyond the reach of the law.

After four militant attacks in Britain killed 36 people this year, senior ministers have repeatedly demanded internet companies do more to suppress extremist content and allow access to encrypted communications.

"I do not accept it is right that companies should allow them and other criminals to operate beyond the reach of law enforcement," Rudd said. "We must require the industry to move faster and more aggressively. They have the resources and there must be greater urgency."

Rudd also called on technology giants such as Facebook , Google, Microsoft, and Twitter to go further and faster to counter extremist material.

According to a report by the BBC, Rudd responded to an audience question on whether she understands end-to-end encryption by stating it is "so easy" to be patronised in such areas, and that the government would do its best to understand.

"We will take advice from other people, but I do feel that there is a sea of criticism for any of us who try and legislate in new areas who will automatically be sneered at and laughed at for not getting it right," the BBC reported Rudd as saying.

"I don't need to understand how encryption works to understand how it's helping ... the criminals."

For its part, the tech industry says it wants to help governments remove extremist or criminal material but also has to balance the demands of state security with the freedoms enshrined in democratic societies.

Britain's MI5 security service has said it needs access to encrypted communications to foil attacks. In the United States, the Federal Bureau of Investigation has pushed for full access to encrypted communications and devices, but Congress has so far refused.

Australia is currently planning to create a national facial surveillance database, and has previously said it wants to deny encryption to terrorists.

With AAP

Editorial standards