By Marie Boran
We are about to enter into a state where every digital step you take is recorded. At the end of March, the Government will introduce the most draconian law in the history of personal privacy in Ireland: 24-hour internet monitoring. A log will be made of everyone’s internet activity and every email sent and received. Greetings from the State of surveillance.
By the end of March 2008, the Irish Government will begin mass digital surveillance, noting when we log on and log off the internet, as well as every email we send and who we send it to. We have entered into a new democratic state where our entire digital footprint is recorded and stored for up to two years by our internet service providers (ISPs).
Legal professionals suggest the move equates to the mass digital surveillance of the entire people of Ireland and may leave the Government to weather a brewing legal storm over the issues of human rights and privacy.
The Criminal Justice (Terrorist Offences) Act 2005 implies that personal data would only ever be accessed in the situation of fighting terrorist offences.
But this is not the case: presently your stored telecommunications data may be accessed in the investigation of any crime, be it serious or trivial, in relation to a terrorist offence or not at all.
Here in Ireland several data leaks have occurred, including the case of a senior civil servant who accessed without authorisation and then sold the social welfare records of 40 different individuals to the media.
Furthermore, the Data Protection Commissioner, Billy Hawkes, doesn’t think the wide scope given to the Gardaí to access our stored data will be reined in.
“We are taking it that no attempt will be made to raise the bar from the current provisions which permit access to these records by the Gardaí when investigating ‘crime’, in order to bring them into line with the directive provision requiring access to records when investigating ‘serious crime’,” he says.
This leaves us in a situation where the ISPs are investing in terabytes of extra storage to retain data that if lost or breached will affect everyone, while those who wish to avoid detection have the ability to do so.
The cost of this data retention weighs heavily on the minds of ISPs located here in Ireland.
If the Government was to go in line with the current data retention period of three years for telephony and decide upon the upper limit of two years for internet data, then this could have the effect of de-clawing the already ageing Celtic Tiger, warns Paul Durrant, general manager of the Internet Service Providers Association of Ireland (ISPAI).
“The ISPAI is very concerned that if the Irish Government decides upon a retention period of over six months, greater than most of our leading competitors in Europe, this could have a detrimental effect on the IT industry in Ireland, which has played such a central role in generating the Celtic Tiger and giving us the standard of living that we now have.
“People don’t realise how volatile and how mobile internet-based industries are. Marginal cost differences can have a huge impact on location-based decisions,” says Durrant.
Shane Deasy, managing director for wireless i n t e r n e t provider Bit- Buzz, while willing and able to comply with the new legislation, echoes Durrant’s sentiment: “There is a grey area – details we have yet to get answers to.
“The industry has met with the Department of Justice and has had several discussions on this forth forthcoming legislation but to my knowledge the industry has not yet been given information on exactly what data they are required to store and for how long.
If the notion of mass electronic surveillance makes you feel uncomfortable and you are left wondering when this democratic decision was made… Current data retention requirements in Ireland have their legal grounding in the Criminal Justice (Terrorist Offences) Act 2005, added on at the last minute and pushed through by the then Minister for Justice, Michael McDowell, without public discussion or visibility.
This time around it seems to be the same old story. “We have not yet seen any specific proposals from the Government, either in terms of a statutory instrument or anything else,” says Pat Rabbitte, Labour’s justice spokesman.
“The Irish Government claims it is introducing the directive now because it is running out of time but in fact it had the power to avail of a further exemption for another 18 months: something many other member states did but Ireland chose not to,” says McGarr.
All this information is being stored about every innocent citizen out there and Durrant along with many others believes that it is in some ways turning around the whole reality of our legal system.
The real problem with this directive, he says, is that ISPs will be storing terabytes upon terabytes of data relating to innocent people who are doing nothing except going about their normal digital lives of browsing and emailing.
The adage of “the innocent have nothing to fear” is clearly not the case and McIntyre adds that data retention is trivially easy to circumvent, so those who want to avoid being detected will find a way regardless of mass digital surveillance.
“The criminals, who you really want to capture, are the very people who will take the trouble to know how to get around this…”