DETAILED INFORMATION on the web pages people view will be retained for possible future criminal investigations if telecommunications operators comply with a letter from the Garda Commissioner.
The request for real-time web-browsing information – the content or the web address (URL) of every web page browsed by users of mobile handsets, palmtop devices or 3G modems – goes beyond the European Union’s data retention directive, which the Government intends to implement as a statutory instrument.
Such a measure would cover the content of web-based email. “The directive does not pertain to the retention of content, and this would be very concerning,” said Deputy Data Protection Commissioner Gary Davis.
Industry sources confirmed last night that Vodafone – the largest mobile service provider in the State – had received a letter from the Garda Commissioner.
The Irish Times understands that the chief executives of O2 and 3 Ireland have not yet received the letters requesting the subscribers’ browsing history to be retained, although the Garda Commissioner is believed to want to make retention of internet data a requirement for all mobile broadband providers.
Industry sources indicated that Vodafone has met Garda representatives to discuss the letter. Vodafone executives are believed to have questioned the legal basis under which it could retain this data.
Representatives of Vodafone, O2 and 3 discussed the letter at a meeting with Mr Davis yesterday. The meeting had been called to discuss a separate undisclosed telecoms regulation matter
It is understood the request for the web content is based on an appeal to telecommunications operators to act as “good citizens” and aid criminal investigations if asked to do so.
Ireland’s draft statutory instrument, which must bring in the EU directive in full, allows for the retention of traffic information relating to phone and mobile calls – already retained in Ireland under legislation passed in 2006 – and also introduces new requirements for the retention of internet data. However, the content of calls or e-mails, or details on webpages browsed, is excluded from the directive and its disclosure would conflict with existing European data protection legislation.
With the disclaimer “I’m both Irish and work for the EU Commission,” reader VShael [John Finnan] writes “The head of the Irish police force has requested that Irish cell phone providers (Vodafone, 02, Meteor, 3) retain detailed information on the web pages that people view over their handheld devices. This information would be held over for ‘possible future criminal investigations’, but would be gathered without a warrant, probable cause, or without the citizen being suspected of a crime. This request goes way beyond the European Union’s data retention directive, which never included retention of web-based email. Representatives of Vodafone, O2 and 3 discussed the letter at a meeting with Mr Davis (6th November 2008) and questioned the legal basis under which they could retain this data. It is their understanding that the content of calls or e-mails, or details on webpages browsed, are excluded from the EU directive. As such, any retention or disclosure of that information would be a violation of existing EU data protection legislation.”