[pp.int.general] illegal use of retained data?

Sat May 17 22:31:01 CEST 2008

Hi Reinier,

and again...

Reinier Bakels schrieb:

> Well, playing devils advocate, in a way it is not illogical to provide such 
> data also for civil law suits, especially as (at least Dutch) criminal 
> authorities leave infringement handling to civil procedures (which is 
> fortunate because then the rights owners pay the cost of prosecution and the 
> police is not involved). BUT it ought to be based on the law, and there is 
> obviously no basis in § 103b Telekommunikationsgesetz. In The Netherlands 
> perhaps such a thing may be hineininterpretiert - but definitely not in the 
> German legal culture!

No, this is not the complete truth, as I tried to explain in my other 
answer: § 100g StPO alsoallows access in cases of "crimescommitted by 
telecommunications".

The german adoption is not only written into TKG 
(Telekommunikationsgesetz), but also into StPO (Strafprozessordnung) and 
some other legal bases.

Large parts of the terms for wiretapping etc. (TKUe) have also been 
rewritten with it.

> 
>> Well, what data do they want to give the rights owners then? There are a 
>> few
>> providers (Deutsche Telekom is one of them) which do not collect data
>> according to the data retention law. (They won't be forced to do this 
>> until
>> 2009) Instead they collect the whole data for a week or so "to keep their
>> infrastructure safe". And this data of course might be accessed by rights
>> owners organizations to sue file sharers.

As I also wrote in my other mails, this is not the whole truth.

In germany, the storage of internet traffic data and email data ist
postponed until 1/1/2009.

This is, because the stakeholders group (Recital 14 working group) of
the european commission and thus the german equivalent have not yet
finished talking about technical standards for how and which data
exactly to store (VOIP, IM, Ports? and others).

The technical guidelines of our Bundesnetzagentur and the ETSI (European 
Telecommunication Standardization Institution) are not ready, yet.

> 
> I found in the Dutch law proposal that there is only an obligation to 
> *retain* data (that is collected in course of the regular service process), 
> not to *collect* data specifically for legal purposes pursuant from this 
> directive. And actually that is what is written in art. 3(1) of the 
> Directive:
> 
> Obligation to retain data 1. By way of derogation from Articles 5, 6 and 9 
> of Directive 2002/58/EC, Member States shall adopt measures to ensure that 
> the data specified in Article 5 of this Directive are retained in accordance 
> with the provisions thereof, to the extent that those data are generated or 
> processed by providers of publicly available electronic communications 
> services or of a public communications network within their jurisdiction *** 
> in the process of supplying the communications services *** concerned.
> 
> § 113a German TkG also says: (1) Wer öffentlich zugängliche 
> Telekommunikationsdienste für Endnutzer erbringt, ist verpflichtet, von ihm 
> *** bei der Nutzung seines Dienstes erzeugte oder verarbeitete *** 
> Verkehrsdaten ... sechs Monate ... zu speichern. Between asterisks is the 
> essence: no obligation to collect data, only data .
> 
> I personally have an ADSL connection for which a pay a flat fee per month. 
> If my analysis is right, Data Retention would only be effective for 
> telephone calls. Unless internet providers collect unneeded information for 
> "your never know" purposes (and it may be illegal to *collect* data without 
> a proper need, even with the DR directive!)

No. I explained the specific points regarding the german adoption in my 
former mail.

The german adoptions exceeds the directive in many ways:

1. more date are stored, than before used for billing. This is 
specifically true for flatrates, but also for incoming connections (!) etc.

2.Anonymizers and other services not mentioned by the directive will 
have to store data.

And you can bet, that the german adoption is one of the most

> 
> Now I am not saying Data Retention is no problem at all, after all, but 
> there is a strange paradox. It seems he succes of "DR" depends on illegal 
> interpretation? It is weird.

No. Simply, some people didn't know, what it means; other knew and 
wanted the directive as broad, as possible. :-D

Stupid politicians, clever intelligence services and recording industry 
lobbyists.

And you, as most of techies, oversee the most important problem 
regarding DR: it is not about filesharing and it is,of course, even 
possible to circumvent it for pros, but: data retention make human 
networks and relationships transparent as never before.

That's why the intelligence wants it.

>> -- 
>> Bitte beachte, dass dem Gesetz zur Vorratsdatenspeicherung zufolge
>> jeder elektronische Kontakt mit mir sechs Monate lang gespeichert wird.
>> Please note that according to the German law on data retention,
>> information on every electronic information exchange with me is retained
>> for a period of six months.
>>
> 
> So this may actually not be true??????

Yes and no. As also written before, storage of internet and 
email-connections are postponed until 1/1/2009.
Telephone, mobile phone, fax and SMS-data are stored.

best regards,
Ricardo Cristof

-- 
Arbeitskreis Vorratsdatenspeicherung
c/o Humanistische Union e.V.
Haus der Demokratie und Menschenrechte
Greifswalder Strasse 4
D-10405 Berlin

Fon: +49-30-94881297
Fax: +49-700-25808789
Mobile: +49-170-2487266
Jabber: rcrf at jabber.org
E-Mail: rcrf at vorratsdatenspeicherung.de
Web: http://www.vorratsdatenspeicherung.de

My GnuPG-Key:
http://cristof.remmert-fontes.de/downloads/pgpkey_rcrf.zip
Key-ID: 25038B2F
Fingerprint: 5EA8 EF99 1B99 04DF 70C8 5F6E 85BC CA54 2503 8B2F