The data retention directive: data protection aspects Frank Robben General manager Crossroads Bank for Social Security Sint-Pieterssteenweg 375 B-1040 Brussels Belgium Website:

2 Frank RobbenBrussels, 5th October 2006 Data retention directive n conflicting interests -society fight against crime trust in information society – no digital divide competitiveness of the Belgian service providers -citizen privacy protection limited costs -service providers trust of clients acceptable risk and liability technical feasibility n need to find the right balance between the interests, with a clear division of tasks between the several parties involved and in a sufficiently coordinated way throughout countries

3 Frank RobbenBrussels, 5th October 2006 Basic principles of data protection n purpose limitation n proportionality n accuracy n transparency n security n export to non-EU-countries

4 Frank RobbenBrussels, 5th October 2006 Purpose limitation n principle -data must be collected for specified, explicit and legitimate purposes and -not further processed in a way incompatible with those purposes n consequences -the type of service providers the regulation applies to has to be specified (also content providers ?) -the type of crime in the fraud against which the data can be processed must be specified -data must in principle only be used for reactive investigation, and not for proactive investigation (except specific procedures) -the instances that can access the data for those purposes must be well defined -the procedures that have to be followed (a.o. authorization by judicial authorities) must be specified

5 Frank RobbenBrussels, 5th October 2006 Proportionality n principle -data must be adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed -data must be kept no longer than is necessary for the purposes for which the data were collected or for which they are further processed n consequences -the list of data that has to be kept has to be well specified (no content !) -the retention period has to be defined in relation to the periods of prescription -data have to be really destroyed after the retention period -a division of tasks has to be defined between the parties involved in order to prevent superfluous multiple storage of data (preferentially no central DB) -the persons regarding to whom data are accessed have to be suspected of involvement in crime in the fight against which the data can be processed

6 Frank RobbenBrussels, 5th October 2006 Accuracy n principle -data must be accurate and, where necessary, kept up to date n consequences -data must guarantee a sufficiently correct identification of the parties involved in the communication – what about dynamic IP-addresses ?

7 Frank RobbenBrussels, 5th October 2006 Transparency n principle -the data subject has to be informed about a.o. the purposes of the processing for which the data are intended or used the (categories of) recipients of the data the existence of the right of access to and the right to rectify the data regarding his person n consequences -the clients of the service providers need to be informed about which categories of data can be processed for the fight against which types of crime the possible recipients of those data and the procedures according to which they can be processed the right of access and the right to rectify the data regarding their person -either in the contract or via collective information procedures

8 Frank RobbenBrussels, 5th October 2006 Security n principle -appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and all other unlawful forms of processing -having regard to the state of the art and the cost of their implementation, such measures shall ensure a level of security appropriate to the risks represented by the processing and the nature of the data to be protected n consequences -service providers need to take sufficient measures in order to guarantee the availability of the data the confidentiality of the data (only accessible when appropriate procedures have been applied) the integrity of the data the traceability of the processing of the data

9 Frank RobbenBrussels, 5th October 2006 Export to non-EU-countries n principle -the transfer to a third country of personal data which are undergoing processing or are intended for processing after transfer may take place only if the third country in question ensures an adequate level of protection n consequences -service providers must check whether it has been decided according to the procedures foreseen in Directive 95/46/EC that the third country ensures an adequate level of protection -if not, service providers must meet the conditions provided by the Directive 95/46/EC

10 Frank RobbenBrussels, 5th October 2006 Conclusion n need for clarification of the scope of the Data Retention Directive n transposition of the Data Retention Directive into Belgian law needs quite concrete regulation n need to coordinate the concrete regulation in an international perspective: most appropriated consultative body ? n Belgian Privacy Commission should be involved

11 Frank RobbenBrussels, 5th October 2006 More information n Belgian Privacy Commission n Crossroads Bank for Social Security n personal website of the speaker

you ! Questions ? 12 Frank RobbenBrussels, 5th October 2006