GLOBAL INTERNET LIBERTY
FINAL VERSION [22.05.02] - ENGLISH VERSION
Mr. Pat Cox
Dear Mr. Cox:
We write to you and all the Members of the European Parliament on behalf of a wide range of civic organizations in the world concerning the upcoming vote on the proposed European Union Directive on the protection of privacy in the electronic communications sector ("the proposed Directive") scheduled for 29 May. We urge you to vote against general and exploratory data retention of individuals' electronic communications by law enforcement authorities. We recommend that you vote in favour of the position on Article 15(1) of the European Parliament Committee on Citizens' Freedoms and Rights, Justice and Home Affairs (the "LIBE Committee"). We strongly recommend that you do not vote for any amendment on Article 15 that would leave EU Member States governments free to decide on the fundamental issue of data retention. With this collective statement, we want to underline the critical importance that this vote will have for democratic societies.
We believe that data retention of communications by law enforcement authorities should only be employed in exceptional cases. It should be authorised only by the judicial or other competent authorities on a case-by-case basis. When permitted, data retention must be a necessary, appropriate, proportionate and temporary measure, in accordance with the European Convention on Human Rights, the European Union Charter of Fundamental Rights, and the case law of the European Court of Human Rights.
We therefore strongly endorse the April 18, 2002 vote of the LIBE Committee on the Draft Recommendation for second reading ("the Committee's Draft Recommendation"). We particularly endorse language that promotes and preserves the most fundamental values democratic societies must defend: the right to privacy, freedom of expression, and presumption of innocence. We recommend opposing the language of the Council's common position of 28 January because it allows Member States to authorise general and exploratory electronic surveillance on a large scale. While the fight against terrorism is a legitimate purpose, we do not believe it can justify actions that undermine the most fundamental rights of democratic states.
Many European institutions involved in the legislative process share our position and have emphasized the importance of the decision before the European Parliament with respect to the protection of individuals' privacy.
The European data protection authorities have opposed efforts to create new data retention obligations. In a letter of 7 June 2001 to the President of the Council of the European Council, the Chairman of the Article 29 Working Group wrote that "systematic and preventive storage of EU citizens communications and related traffic data would undermine the fundamental rights to privacy, data protection, freedom of expression, liberty and presumption of innocence."
Similarly, members of the European Parliament Committee on Citizens' Freedoms and Rights, Justice and Home Affairs have stressed that Member States should not have a general right to request whatever traffic and location data they wish without stating a specific reason why such information is needed. They have noted the risk that law enforcement authorities might use such authority to conduct broad and arbitrary 'fishing expeditions'.
Further, European privacy commissioners have recognised that one of the best privacy safeguards is to minimize the collection of personal data where possible. They have consistently affirmed that confidentiality of communications is one of "the most important elements of the protection of the fundamental right to privacy and data protection as well as of secrecy of communications", and that "any exception to this right and obligation should be limited to what is strictly necessary in a democratic society and clearly defined by law." A blanket retention of all communications data for hypothetical and future criminal investigations would not respect these basic conditions.
Wide data retention powers for law enforcement authorities, especially if they were used on a routine basis and on a large part of the population, could have disastrous consequences for the most sensitive and confidential types of personal data. Vast databases now include personal data about medical conditions, racial or ethnic origins, religious or philosophical beliefs, political opinions, trade-union membership, and sexuality. New retention requirements as envisaged by the common position's broad language will create new risks to personal privacy, political freedom, freedom of speech, and public safety. Moreover, because of the cross-border nature of Internet communications, your decision could have repercussions that will reach far beyond the European Union.
Some of you may consider that the Council's position is not binding on EU Member States and that it should be up to the Member States' Parliaments to decide, in their own national laws, whether data retention has or not to be allowed. However, a still unofficial Framework Decision, secretly drafted by some EU Member States, would compel all the States to introduce a law providing for the retention of telecommunications traffic data. This development clearly shows the Council and EU governments' total disregard for the European Parliament's opinion. That is why we now encourage you to decide whether the crucial issue of data retention should be a matter exclusively left in the hands of EU governments and the Council, out of reach of EU citizens' representatives.
We therefore respectfully urge you to vote for the LIBE Committee's position on Article 15(1), and not concede any compromise language. Whether the European Parliament will permit generalized surveillance of EU citizens has become a crucial issue for the future of democratic states. It is now up to you to safeguard fundamental freedoms.
Marc Rotenberg (email@example.com)
Andreas Stern (firstname.lastname@example.org)
Jean-Michel Duniau (email@example.com)
Barry Steinhardt (BSteinhardt@aclu.org)
Sylvain Zamora (firstname.lastname@example.org)
Association "Souriez vous ętes filmés" (http://svef.free.fr)
Alexandre Dulaunoy (email@example.com)
Andreas Stern (firstname.lastname@example.org)
Anriette Esterhuysen (email@example.com)
Maurice Wessling (firstname.lastname@example.org)
Milena Georgieva (email@example.com)
Julian T. J. Midgley (firstname.lastname@example.org)
Bruno Jaffré (email@example.com)
James X. Dempsey (firstname.lastname@example.org)
Alkan Deniz (email@example.com)
Andy Mueller-Maguhn (firstname.lastname@example.org)
Sean O Siochru (email@example.com)
Robert Guerra (firstname.lastname@example.org)
Jean-Francois Grezes (email@example.com)
Yaman Akdeniz (firstname.lastname@example.org)
Thomas Mayer (email@example.com)
Thilo Weichert (firstname.lastname@example.org)
Per Helge Sørensen (email@example.com)
Anne-marie Hochet (firstname.lastname@example.org)
Ville Oksanen (email@example.com)
Shari Steele (firstname.lastname@example.org)
Caspar Bowden (email@example.com)
Richard Stallman (firstname.lastname@example.org)
Erick Aubourg (email@example.com)
Karen Banks (firstname.lastname@example.org)
Markus Beckedahl (email@example.com)
Chris Evans (firstname.lastname@example.org)
Anne Deschuyteneer (email@example.com)
Meryem Marzouki (Meryem.Marzouki@iris.sgdg.org)
Sylvain Zamora (firstname.lastname@example.org)
John Wadham (JohnW@liberty-human-rights.org.uk)
Jean-Marc Manach (email@example.com)
James Landrith (firstname.lastname@example.org)
Antonia (email@example.com - firstname.lastname@example.org)
Will Doherty (email@example.com)
Alexis Braud (firstname.lastname@example.org)
Simon Davies (email@example.com)
Andriy Pazyuk (firstname.lastname@example.org)
Dr. Roland Alton-Scheidl (email@example.com)
Erich Moechel (firstname.lastname@example.org)
François Sauterey (email@example.com)
Simon Heckmann (firstname.lastname@example.org)
Jean-Pierre Masse (email@example.com)
Tony Bunyan (firstname.lastname@example.org)
Tini Jodda (email@example.com)
Felix Rauch (firstname.lastname@example.org)
Mihaly Bako (email@example.com)
André Lefranc (firstname.lastname@example.org)
Albert Koellner (email@example.com)
Sjoera Nas (firstname.lastname@example.org)
Members of the European Parliament
Prime Minister José María Aznar López, President, European Union Council of Ministers.
Mr. Romano Prodi, President of the European Commission.
Mr. Stefano Rodota, Chairman of the Article 29 Working Party.
Mr. Javier Solana, Secretary-General/High Representative, Council of the European Union.
GILC (Global Internet Liberty Campaign)'s letter to Prime Minister Guy Verhofstadt, President, EU Council of Ministers (12 November 2001), at http://www.gilc.org/verhofstadt_letter.html [English version]; http://www.gilc.org/verhofstadt_french.html [French version].
All the documents related to the legislative process regarding the proposed Directive are available at http://europa.eu.int/prelex/detail_dossier_real.cfm?CL=en&DosId=158278.
Page on the theme of data retention: http://www.epic.org/privacy/intl/data_retention.html.
Most important official documents:
The original directive (currently in force):
Directive 97/66/EC of the European Parliament and of the Council of 15
December 1997 concerning the processing of personal data and the protection
of privacy in the telecommunications sector, O.J. L 024 , 30/01/1998 P.
0001 0008, at http://europa.eu.int/smartapi/cgi/sga_doc?smartapi!celexapi!prod!CELEXnumdoc&lg=
The proposed Directive:
- Proposal for a European Parliament and Council directive concerning the processing of personal data and the protection of privacy in the electronic communications sector (25 August 2000), COM(2000) 385 final - C5-0439/2000 - 2000/0189(COD) - Official Journal C 365 E , 19/12/2000, P. 0223 - 0229, at
European Parliament Committee on Citizens' Freedoms and Rights, Justice and Home Affairs:
- Draft Recommendation for second reading on the Council common position for adopting a European Parliament and Council Directive concerning the processing of personal data and the protection of privacy in the electronic communications sector, PE 311.019/20-37 (10 April 2002), at http://www.europarl.eu.int/meetdocs/committees/libe/20020418/466059fr.pdf [French version]; http://www.europarl.eu.int/meetdocs/committees/libe/20020418/466059en.pdf [English version]; http://www.europarl.eu.int/meetdocs/committees/libe/20020418/466059es.pdf [Spanish version].
- Draft Recommendation for second reading on the Council common position for adopting a European Parliament and Council Directive concerning the processing of personal data and the protection of privacy in the electronic communications sector (12 March 2002), PE 311.019, at http://www.europarl.eu.int/meetdocs/committees/libe/20020418/462905fr.pdf [French version]; http://www.europarl.eu.int/meetdocs/committees/libe/20020418/462905en.pdf [English version]; http://www.europarl.eu.int/meetdocs/committees/libe/20020418/462905es.pdf [Spanish version].
Communication from the Commission to the European Parliament pursuant
to the second subparagraph of Article 251 (2) of the EC Treaty concerning
the common position of the Council on the adoption of a Directive of the
European Parliament and of the Council on processing of personal data
and the protection of privacy in the electronic communications sector
(30 January 2002), SEC/2002/0124 final - COD 2000/0189 - Celex No. 52002SC0124,
Council of the European Union:
- Common Position (EC) No. 26/2002 adopted by the Council with a view to the adoption of a Directive of the European Parliament and of the Council concerning the processing of personal data and the protection of privacy in the electronic communications sector (28 January 2002), 15396/2/01 REV 2 - C5-0035/2002 - 2000/0189(COD) - OJ C 113 E, 14/05/2002, p. 0039-0053, at http://europa.eu.int/eur-lex/fr/dat/2002/ce113/ce11320020514fr00390053.pdf [French version]; http://europa.eu.int/eur-lex/en/dat/2002/ce113/ce11320020514en00390053.pdf [English version]; http://europa.eu.int/eur-lex/es/dat/2002/ce113/ce11320020514es00390053.pdf [Spanish version].
- Note from the Presidency to the Committee of Permanent Representatives ("COREPER"), Proposal for a Directive of the European parliament and of the Council concerning the processing of personal data and the protection of privacy in the electronic communications sector European parliament second reading (preparation for a possible informal trialogue) (16 May 2002), 8657/02, ECO 146, CODEC 554, 2000/0189 (COD).
Working Party on the Protection of Individuals with regard to the processing of personal data ("Working Party Article 29"):
- Opinion 7/2000 on the European Commission Proposal for a Directive of the European Parliament and of the Council concerning the processing of personal data and the protection of privacy in the electronic communications sector of 12 July 2000 COM (2000) 385 (2 Nov. 2000), at
http://europa.eu.int/comm/internal_market/en/media/dataprot/wpdocs/wp36es.pdf [Spanish version]. Reprinted in M. Rotenberg, The Privacy Law Sourcebook, United States Law, International Law, and Recent Developments 437 (EPIC, 2001).
- Recommendation 3/99 on the preservation of traffic data by Internet Service Providers for law enforcement purposes (7 September1999), at http://europa.eu.int/comm/internal_market/en/media/dataprot/wpdocs/ wp25fr.pdf [French version]; http://europa.eu.int/comm/internal_market/en/media/dataprot/wpdocs/ wp25en.pdf [English version]; http://europa.eu.int/comm/internal_market/en/media/dataprot/wpdocs/ wp25es.pdf [Spanish version].
- Letter to Mr. Göran Persson, Acting President of the Council of the European Union (June 7, 2001), at http://www.statewatch.org/news/2001/jun/07Rodota.pdf.
EU Forum on Cyber-Crime, Discussion Paper for Expert's Meeting on Retention of Traffic Data (November 6, 2001), at http://europa.eu.int/information_society/topics/telecoms/internet/ crime/wpapnov/index_en.htm.