A Question of Privacy

Like Pinocchio’s when he lies, big Brother’s nose grows ever longer — the better, seemingly, to sniff out terrorism and other serious crimes across Europe. In response to pleas by law-enforcement agencies and — particularly since Sept. 11 — the U.S. government, European legislatures have approved greater snooping powers. As the trend continues, however, there is growing concern among civil libertarians, politicians and others about the degree to which such laws are necessary, practical or consistent with fundamental human-rights guarantees.

Alarm bells began to sound in late May when the European Parliament amended the E.U.’s telecommunications framework legislation. The revision allows the E.U.’s 15 member states to introduce national legislation requiring telephone companies and Internet service providers to log and retain data on customers’ calls, e-mails, faxes and Web connections and for law-enforcement agencies to have access to that information.

Quick off the mark was the British government, which sent draft legislation to Parliament — for consideration this week — that would make such personal data available, without a court order, not only to the police and other security services — who already have wide investigative powers — but also to a broad assortment of national and local bodies, including district councils and health and social-services authorities. “Clearly, this is not about the police pursuing terrorists or serious criminals,” says Roger Bingham, a spokesman for the human-rights group Liberty. “This raises the possibility of civil servants trawling through data collected for one purpose and used for another.”

The government rejects assertions that it is opportunistically creating a snooper’s charter. “We’re not talking about content of e-mails here,” says a Home Office spokesman. “We’re talking about dates and times of communications” — who contacted whom, and when. Requests for warrants to actually intercept content as part of a criminal investigation, he adds, would be subject to stringent criteria. “We can completely reassure the public. It’s nonsense to say that every communication is now going to be targeted, that civil liberties are going to be highly compromised.” Still, concern over potential abuse is high, given the cornucopia of “specific circumstances” under which data could be sought, as cited by Prime Minister Tony Blair’s spokesman: national security, crime detection or prevention, disorder prevention, the nation’s economic well-being, public safety, protection of public health, assessment or collection of a tax, duty or levy, prevention — in an emergency — of death or injury, or any damage to a person’s physical or mental health.

“Throughout history, surveillance has always started in piecemeal ways,” says Simon Davies, director of Privacy International, a London-based watchdog group. “But once privacy is taken away, it is never returned. It becomes part of the infrastructure of surveillance and control.” Also worried is Marco Cappato, an Italian Member of the European Parliament. An original sponsor of the E.U.’s data-protection legislation, he turned against it, he said, when late amendments under-mined its language. His compatriot, Rome law professor Stefano Rodot, who helped draft the E.U.’s Charter of Fundamental Rights, views the new European law as the “last frontier” of compromise between data protection and national security.

Phone and Internet companies are also unsettled. “As a global company, we would prefer a harmonized approach,” says Richard Purcell, Microsoft’s director of corporate privacy, while the E.U. directive “will likely create a patchwork of laws.” For example, he says, data might need to be retained for anywhere from 90 days — the usual period for billing purposes — to seven years. Press-freedom groups, whose interests include the protection of news sources, are concerned as well. Paris-based Reporters sans Frontières urges telecom and Internet firms to refuse to submit to the legislation. British Telecom feels like “piggy-in-the-middle,” a company spokesman says, but still must comply with the law.

As the debate heats up, users of the hundreds of millions of phones and e-mail accounts across the E.U. may take comfort in their numbers and in the tens of millions of euros that greater surveillance would cost. “Investigators would suffocate in data junk,” observes Harald Summa, director of Germany’s Electronic Commerce Forum. So, too, the right to privacy could soon be gasping for breath, yet another victim of the “war on terror.”