Detailed personal data on every Irish citizen's phone and mobile calls, faxes, and e-mail and Internet usage will be retained for up to four years under a new Department of Justice Bill, writes Karlin Lillington
The Bill, which is being drafted and which the Minister, Mr McDowell, hopes to implement by next spring, requires that personal electronic data be retained for two to four years. At present, data may only be retained for a short period, exclusively for billing purposes - generally, three to six months - and then must be destroyed.
"We have serious concerns that this is treating everybody as a potential suspect in a crime," said Mr Malachy Murphy, e-rights convener with the Irish Council for Civil Liberties. "This would also appear to go against the European Convention on Human Rights, which has explicit protections for citizen privacy."
Data produced by digital networks can be highly revealing, while 3G mobile phone networks, with phones which regularly broadcast their location back to the network, will provide information on where a person is standing to within a few metres. The legislation could also demand that Internet service providers store information on all the individual web pages a subscriber has visited over four years.
It is understood that Department officials failed to consult any organisation other than the Garda Síochána in preparing legislation which would in effect overturn existing EU data protection directives. The Bill would also run counter to data protection provisions within the State's E-Commerce Act 2000 - considered essential for creating a supportive e-commerce environment where businesses and consumers can trust how their private information is stored and handled.
Officials within the Department of Justice are understood to be seeking a legal regime similar to that mandated by Britain's controversial Regulation of Investigatory Powers (RIP) Act.
In Britain, aspects of RIP are being rewritten after strong opposition to the initial Act from the House of Lords, the business community, privacy advocacy groups and the British media. The British government had to withdraw additional legislation dealing with the same areas of data retention as the Irish Bill after this provoked widespread outrage and anger.
"The RIP Act was incredibly controversial when passed, but that was nothing compared to the opposition to data retention," said Mr Ian Brown, director of British policy for the Foundation for Information Policy Research (FIPR).
"Creating a huge database that is lying there for years is a huge invitation for government misuse, much more for hackers, blackmailers, criminals and others."
Mr Brown said Britain and the Republic have been under pressure from American surveillance agencies such as the CIA and FBI to loosen protections on data privacy.
The Department of Justice did not respond to questions about the Bill's details.