What's the problem?
The mass retention of individuals' communications records, outside the context of any criminal investigation or business purpose, amounts to the compilation of dossiers on each and every one of us, our friends, family and colleagues.
Under the justification of tackling terrorism and crime, several countries worldwide have implemented regulation that obliges providers of communication services or networks to retain traffic and location data generated by mobile and landline phones, fax and email. For example, the Data Retention Directive, approved by the European Union in 2006, requires that every telecommunications company in Europe must retain their customers’ records for a period of between six months and two years.
The mass collection and retention of information creates challenges for the right to privacy. Broad-ranging data retention policies result in the indiscriminate creation of vast dossiers of information on everyone’s activities, including location data and communications with friends, families and work colleagues. There are alternative methods of surveillance that are less disproportionate, for example, requiring a court order to allow operators to retain data related just to a specific individual suspected of criminal activity.
What's PI doing about it?
We scrutinize the deployment and abuses of data retention policies, and oppose certain policies when we believe them to be dangerous. We work closely with civil society groups and industry to minimize harm, and we closely monitor attempts to expand the reach of data retention policy into new forms of communications, e.g. search engines and social networking. We also support legal action against such policies.