{"change_dates":[],"dossier":{"amendments":[],"changes":{"2014-11-10T01:56:05":[{"data":[{"body":"EC","commission":[{"DG":[{"title":"Justice","url":"http://ec.europa.eu/justice/"}]}],"date":"2005-09-21T00:00:00","docs":[{"celexid":"CELEX:52005PC0438:EN","text":["
PURPOSE : to harmonise provisions concerning\n processing and retention of data regarding publicly available electronic\n communications services or public communications for the purpose of\n preventing and investigating serious criminal offences, and amending Directive 2002/58/EC
PROPOSED\n ACT : Directive of the European Parliament and of the Council.
CONTENT : Citizens increasingly perform\n daily activities using electronic communications networks and services. These\n communications generate 'traffic data' or 'location data' which include\n details about the location of the caller, the number called, the time and\n duration of the call. When combined with data
enabling the identification of\n the user of the service, the availability of such traffic data is important\n for purposes related to law enforcement. However, with changes in service\n offerings, such as the growth of flat rate tariffs, pre-paid and free\n electronic communications services, traffic data may not always be stored by\n all operators to the same extent as they were in recent years, depending on\n the services they offer. This trend is reinforced by recent offerings of\n Voice over IP communication services, or even flat rate services for fixed\n telephone communications. Under such arrangements, the operators would no\n longer have the need to store traffic data for billing purposes. If traffic\n data are not stored for billing or other business purposes, they will not be\n available for public authorities whenever there is a legitimate case to\n access the data. These developments are making it much harder for public\n authorities to fulfil their duties in preventing and combating organised\n crime and terrorism.
It has now become urgent to\n adopt harmonised provisions at EU level on this subject. A certain number of\n Member States have adopted national measures requiring some or all operators\n to retain given types of data so that they can be used for the purposes\n identified above when necessary. Differences in the legal, regulatory, and\n technical provisions in Member States concerning the retention of traffic\n data present obstacles to the Internal Market for electronic communications\n as service providers are faced with different requirements regarding the\n types of data to be retained.
This Directive aims to harmonise the\n provisions of the Member States concerning obligations on the providers of\n publicly available electronic communications services or of a public\n communications network with respect to the processing and retention of\n certain data, in order to ensure that the data is available for the purpose\n of the prevention, investigation, detection and prosecution of serious\n criminal offences, such as terrorism and organised crime. The Directive\n applies to traffic and location data of both private and legal persons, as\n well as the related data necessary to identify the subscriber or registered\n user. It shall not apply to the content of electronic communications,\n including information consulted using an electronic communications network.\n The following categories of data must retained:
-data necessary to trace and identify the\n source of a communication;
-data necessary to trace and identify the\n destination of a communication;
-data necessary to identify the date, time\n and duration of a communication;
-data necessary to identify the type of\n communication;
-data necessary to identify the communication\n device;
-data necessary to identify the location of\n mobile communication equipment.
The types of data to be retained under\n these categories of data are specified in the Annex.
These categories of data must be retained\n for a period of one year from the date of the communication, with the\n exception of data related to electronic communications taking place using\n wholly or mainly the Internet Protocol. The latter shall be retained for a\n period of six months.
Statistics on the retention of data must be\n provided to the European Commission on a yearly basis. Such statistics shall\n not contain personal data.
Lastly, the Directive must be evaluated\n three years after transposition.
\n The committee adopted the report by Alexander Nuno ALVARO (
- Article 1 (purpose of the directive) was amended so that data could be retained for the investigation, detection and prosecution, but not the \"prevention\", of serious criminal offences, on the grounds that the concept of prevention was too vague and could lead to abuse of the system. Moreover, whereas the proposal had simply given examples of serious offences (\"such as terrorism and organised crime\"), the committee preferred to refer to the definition given in Article 2(2) of the European Arrest Warrant;
\n- new provisions in Article 1 specified that one of the aims of the directive should be to ensure \"respect for private life\" and the protection of personal data when data is retained. The scope of the directive should be limited to traffic and location data and the data necessary to identify the subscriber or registered user. It should not apply to \"related\" data;
\n- data retained under the directive should only be provided to the competent national authorities responsible for the investigation, detection and prosecution of serious criminal offences \"following the approval of the judicial authorities and of other competent authorities according to national legislation\";
\n- two new articles introduced provisions governing access to retained data and data protection and data security. These sought to ensure inter alia that access to retained data would be granted only for specific purposes, on a case-by-case basis, and would be restricted to the \"relevant and proportionate\" data necessary for a specific investigation. It should not include \"large-scale data mining in respect of travel and communications patterns\" of people unsuspected by the competent national authorities. Data should be erased when no longer necessary and also when inaccurate. Any accessing of data should be recorded. Lastly, the data should only be forwarded to third countries (such as the
- another new article provided for Member States to lay down \"effective, proportionate and dissuasive\" sanctions for infringements of the national provisions adopted to implement the directive;
\n- MEPs wanted all data (i.e. from telephony and internet) to be retained for a period of 6-12 months and then erased, whereas the proposal had simply provided for telephony data to be retained for one year and internet data for 6 months;
\n- the committee restructured the proposal so as to place the Annex (listing the types of data to be retained) into the main body of the text (in Article 4);
\n- while supporting the registration of location data on successful calls, SMS and internet use, MEPs preferred to leave it up to the Member States to decide whether to request telecom companies to retain data on unsuccessful calls. They introduced a new definition - \"unsuccessful call attempt\" - into the directive;
\n- telecom companies should be fully reimbursed by the Member States for all extra costs incurred in order to comply with obligations imposed on them as a result of the directive, including investment and operational costs as well as the extra costs resulting from further modifications of the directive, whereas the proposal had only provided for the reimbursement of \"demonstrated additional costs\";
\n- finally, the directive should be reviewed after 2 years, and every 3 years thereafter, with attention being focused in particular on the types of data retained and the retention periods.
\n\n\n\n
The Council\n agreed to reach a \"first reading deal\" with the European Parliament\n on a Directive on data retention by the end of the year in spite of\n reservations made by Ireland, Slovakia and Slovenia.
Some of the\n elements agreed are as follows :
- serious\n criminal offences : a reference to serious crime is included in the text of\n the Directive, as defined by each Member State in its national law. Member\n States shall have due regard to the crimes listed in Article 2(2) of the\n Framework Decision on the European Arrest Warrant (2002/534/JHA) and crime\n involving telecommunications;
- retention\n periods : Member States should ensure that the categories of data referred to\n in the draft Directive are retained for periods of not less than 6 months and\n for a maximum of two years from the date of the communication.
- Internet\n data : the Council is in favour of an obligation to retain data on Internet\n access, Internet e-mail and Internet telephony;
- unsuccessful\n calls : the Council is in favour of including the retention of data in\n relation to unsuccessful call attempts where that data is generated or\n processed, and stored (as regards telephony data) or logged (as regards\n Internet data) by providers of publicly available electronic communications\n services or of a public communications network within their jurisdiction in\n the process of supplying the communication services concerned. This Directive\n shall not require the retention of data in relation to unconnected calls;
- flexibility\n : Article 15(1) of Directive 2002/58/EC would continue to apply in relation\n to data, including data related to unsuccessful calls, which are not\n specifically required to be retained under the present Directive and\n therefore fall outside the scope of this Directive, and for retention for\n purposes, including judicial purposes, other than that covered by this\n Directive.
\nThe European Parliament adopted\n a resolution on data retention by 378\n votes in favour, 197 against and 30 abstentions. The final text negotiated\n beforehand with the Council aims to facilitate judicial co-operation in\n criminal matters by approximating Member States' legislation on the retention\n of data processed by telecommunications companies.The\n amendments finally adopted were a compromise between the PES and EPP groups\n with the Council and differed in some key points to the draft directive\n adopted initially by the Civil Liberties Committee. (Please see the document\n dated 24/11/2005.) The GUE, Greens and UEN groups and some members from\n the ALDE group voted against the directive in the final vote. Alexander\n Nuno ALVARO (ALDE, DE) was unhappy with the result of the compromise\n adopted and withdrew his name as rapporteur.
The main amendments are as\n follows:
-Purpose: the aim is to ensure that the data are available for the purpose of the\n investigation, detection and prosecution of serious crime, as defined by each\n Member State in its national law. The Commission had included the objective\n of “prevention” which was deleted by Parliament. Members felt that the concept of prevention is too vague and\n could lead to abuse of the system from national authorities. Parliament also\n deleted the words “serious criminal offences such as terrorism and organised\n crime” preferring to use the term “serious crimes”.
-Period:The directive will\n provide for data to be retained by the telecommunications companies for a\n minimum of 6 months and a maximum of 24 from the date of communication. The\n Commission had proposed the period of one year
-Unsuccessful\n calls: An \"unsuccessful call\n attempt\" is defined as a communication where a telephone call has been\n successfully connected but is unanswered or there has been a network\n management intervention. This will include the retention of data in relation\n to unsuccessful call attempts where that data is generated or processed, and\n stored (as regards telephony data) or logged (as regards Internet data) by\n providers of publicly available electronic communications services or of a\n public communications network within their jurisdiction in the process of\n supplying the communication services concerned. The Directive shall not\n require the retention of data in relation to unconnected calls. Data on an\n unsuccessful call attempt only has to be\n retained if the company already stores such data. In a recital, Parliament\n stated that, “considering that the obligations on providers of electronic\n communications services should be proportionate, the Directive requires that\n they only retain such data which are generated or processed in the process of\n supplying their communications services; to the extent that such data is not\n generated or processed by those providers, there can be no obligation to\n retain it. This Directive is not intended to harmonise the technology for\n retaining data, the choice of which will be a matter to be resolved at\n national level.”
Reimbursement of costs: Parliament decided to delete the paragraph in which it\n was mandatory for Member States to reimburse telecom companies for all\n additional costs of retention, storage and transmission of data. In the\n draft directive adopted by the Civil Liberties Committee, Members had\n initially called for the full reimbursement of costs.
-Content:\n A new clause is inserted stating that no data revealing the content of the\n communication can be retained pursuant to this Directive.
-Type of data: Parliament tightened up the provisions on types of data\n to be retained, in Article 4. This includes the registration of location data\n on calls, SMS and internet use.
-Supervisory\n authority: There is a new clause on supervisory\n authority. Each Member State must designate one or more public authorities to\n be responsible for monitoring the application within its territory of the\n provisions adopted by the Member States regarding the security of the stored\n data. These authorities must act with complete independence in exercising\n their functions.
-Data\n protection and data security: A new clause states that\n each Member State shall ensure that providers of publicly available\n electronic communications services or of a public communications network\n respect, as a minimum, certain prescribed data security principles with\n respect to data retained in accordance with the Directive.
-Push system:Member\n States must ensure that data retained in accordance with the Directive are\n only provided to the competent national authorities, in specific cases and in\n accordance with national legislation.
-Sanctions: Unauthorised access or\n transfer of data will be punished by “effective, proportionate or dissuasive”\n penalties, either administrative or criminal.
-Future\n measures: A new clause has been introduced\n permitting derogation from the time period. A Member State facing particular\n circumstances warranting an extension for a limited period of the maximum\n retention period may take the necessary measures. The Member State shall immediately notify the Commission and inform the other Member States of the\n measures and indicate the grounds for introducing them. The Commission shall,\n within six months after the notification, approve or reject the national\n measures involved after having verified whether or not they are a means of\n arbitrary discrimination or disguised restriction of trade between Member States and whether or not they shall constitute an obstacle to the functioning of\n the internal market. In the absence of a decision by the Commission within\n this period the national measures shall be deemed to have been approved.
\nThe Council\n adopted a Directive of the European Parliament and of the Council on data\n retention,
amending\n Directive 2002/58/EC. The decision follows an agreement reached by the\n Council at its meeting on 1 and 2 December 2005.
The Irish and\n Slovak delegations voted against.
To recall,\n this Directive aims to harmonise Member States' provisions concerning the\n obligations of the providers of publicly available electronic communications\n services or of public communications networks with respect to the retention\n of certain data which are generated or processed by them, in order to ensure\n that the data are available for the purpose of the investigation, detection\n and prosecution of serious crime, as defined by each Member State in its\n national law.
This Directive\n shall apply to traffic and location data on both legal entities and natural\n persons and to the related data necessary to identify the subscriber or\n registered user. It shall not apply to the content of electronic\n communications, including information consulted using an electronic communications\n network.
Following\n entry into force of the Directive, Member States will have as a general rule\n 18 months in which to comply with its provisions.
\nPURPOSE : to harmonise Member States’\n provisions concerning the obligations of providers of publicly available electronic\n communications services with respect to the retention of certain data.
LEGISLATIVE ACT : Directive 2006/24/EC of\n the European Parliament and of the Council on the retention of data generated\n or processed in connection with the provision of publicly available\n electronic communications services or of public communications networks and\n amending Directive 2002/58/EC.
CONTENT : the Council adopted this Directive with the Irish and Slovak delegations voted against. The Directive aims to\n harmonise Member States’ provisions concerning the\n obligations of the providers of publicly available electronic communications\n services or of public communications networks with respect to the retention\n of certain data which are generated or processed by them, in order to ensure\n that the data are available for the purpose of the investigation, detection\n and prosecution of serious crime, as defined by each Member State in its\n national law. The Directive applies to traffic and location data on both\n legal entities and natural persons and to the related data necessary to\n identify the subscriber or registered user. It does not apply to the content\n of electronic communications, including information consulted using an\n electronic communications network.
The following categories of data must retained with regard to fixed network telephony and mobile telephony, as well as Internet\n access, Internet e-mail and Internet telephony:
- data necessary to trace and identify the source of a\n communication;
- data necessary to trace and identify the destination of a\n communication;
- data necessary to identify the date, time and duration of a\n communication;
- data necessary to identify the type of communication;
- data necessary to identify the communication device;
- data necessary to identify the location of mobile communication\n equipment.
The types of data to be retained under these categories of data\n are specified in the Directive. With regard to an \"unsuccessful call attempt\", this is defined as\n a communication where a telephone call has been successfully connected but is\n unanswered or there has been a network management intervention. This will\n include the retention of data in relation to unsuccessful call attempts where\n that data is generated or processed, and stored (as regards telephony data)\n or logged (as regards Internet data) by providers of publicly available\n electronic communications services or of a public communications network within\n their jurisdiction in the process of supplying the communication services\n concerned. The Directive shall not require the retention of data in relation\n to unconnected calls. Data on an unsuccessful call attempt only\n has to be retained if the company already stores such data.
No data revealing the content of the communication may be retained\n pursuant to this Directive.
Member States must ensure that the categories of data specified\n are retained for periods of not less than six months and not more than two years\n from the date of the communication. A Member State facing particular\n circumstances that warrant an extension for a limited period of the maximum\n retention period may take the necessary measures. That Member State shall immediately notify the Commission and inform the other Member States of the\n measures taken and state the grounds for introducing them. The Commission\n shall, within a period of six months after the notification, approve or\n reject the national measures concerned, after having examined whether they\n are a means of arbitrary discrimination or a disguised restriction of trade\n between Member States and whether they constitute an obstacle to the\n functioning of the internal market. In the absence of a decision by the Commission\n within this period the national measures shall be deemed to have been\n approved.
The Directive goes on to make provision for data protection and\n data security. Each Member State shall ensure that providers of publicly available electronic communications\n services or of a public communications network respect, as a minimum, certain\n prescribed data security principles with respect to data retained in\n accordance with the Directive. Each Member State must designate a supervisory authority to be responsible for monitoring the\n application within its territory of the provisions adopted by the Member\n States regarding the security of the stored data. Those authorities may be\n the same authorities as those referred to in Article 28 of Directive\n 95/46/EC. The supervisory authority must act with complete independence.
No later than\n 15 September 2010, the Commission must submit an evaluation of the\n application of the Directive and its impact on economic operators and\n consumers, taking into account further developments in electronic communications\n technology and the statistics provided to the Commission with a view to\n determining whether it is necessary to amend the provisions of this\n Directive, in particular with regard to the list of data and the periods of\n retention.
TRANSPOSITION\n : 15 September 2007. Until 15 March 2009, each Member State may postpone application of the Directive to the\n retention of communications data relating to Internet Access, Internet\n telephony and Internet e-mail. Any Member State that intends to make use of\n this provision must notify the Council and the Commission to that effect by\n way of a declaration. The following Member States have made such a\n declaration postponing application for differing lengths of time: the\n Netherlands, Austria, the United Kingdom, Estonia, Cyprus, Greece,\n Luxembourg, Slovenia, Sweden, Lithunia, Latvia, Czech Republic, Belgium,\n Poland, Finland, Germany.
ENTRY INTO FORCE : 03/05/2006.
\nPURPOSE : to harmonise provisions concerning\n processing and retention of data regarding publicly available electronic\n communications services or public communications for the purpose of\n preventing and investigating serious criminal offences, and amending Directive 2002/58/EC
PROPOSED\n ACT : Directive of the European Parliament and of the Council.
CONTENT : Citizens increasingly perform\n daily activities using electronic communications networks and services. These\n communications generate 'traffic data' or 'location data' which include\n details about the location of the caller, the number called, the time and\n duration of the call. When combined with data
enabling the identification of\n the user of the service, the availability of such traffic data is important\n for purposes related to law enforcement. However, with changes in service\n offerings, such as the growth of flat rate tariffs, pre-paid and free\n electronic communications services, traffic data may not always be stored by\n all operators to the same extent as they were in recent years, depending on\n the services they offer. This trend is reinforced by recent offerings of\n Voice over IP communication services, or even flat rate services for fixed\n telephone communications. Under such arrangements, the operators would no\n longer have the need to store traffic data for billing purposes. If traffic\n data are not stored for billing or other business purposes, they will not be\n available for public authorities whenever there is a legitimate case to\n access the data. These developments are making it much harder for public\n authorities to fulfil their duties in preventing and combating organised\n crime and terrorism.
It has now become urgent to\n adopt harmonised provisions at EU level on this subject. A certain number of\n Member States have adopted national measures requiring some or all operators\n to retain given types of data so that they can be used for the purposes\n identified above when necessary. Differences in the legal, regulatory, and\n technical provisions in Member States concerning the retention of traffic\n data present obstacles to the Internal Market for electronic communications\n as service providers are faced with different requirements regarding the\n types of data to be retained.
This Directive aims to harmonise the\n provisions of the Member States concerning obligations on the providers of\n publicly available electronic communications services or of a public\n communications network with respect to the processing and retention of\n certain data, in order to ensure that the data is available for the purpose\n of the prevention, investigation, detection and prosecution of serious\n criminal offences, such as terrorism and organised crime. The Directive\n applies to traffic and location data of both private and legal persons, as\n well as the related data necessary to identify the subscriber or registered\n user. It shall not apply to the content of electronic communications,\n including information consulted using an electronic communications network.\n The following categories of data must retained:
-data necessary to trace and identify the\n source of a communication;
-data necessary to trace and identify the\n destination of a communication;
-data necessary to identify the date, time\n and duration of a communication;
-data necessary to identify the type of\n communication;
-data necessary to identify the communication\n device;
-data necessary to identify the location of\n mobile communication equipment.
The types of data to be retained under\n these categories of data are specified in the Annex.
These categories of data must be retained\n for a period of one year from the date of the communication, with the\n exception of data related to electronic communications taking place using\n wholly or mainly the Internet Protocol. The latter shall be retained for a\n period of six months.
Statistics on the retention of data must be\n provided to the European Commission on a yearly basis. Such statistics shall\n not contain personal data.
Lastly, the Directive must be evaluated\n three years after transposition.
\n The committee adopted the report by Alexander Nuno ALVARO (
- Article 1 (purpose of the directive) was amended so that data could be retained for the investigation, detection and prosecution, but not the \"prevention\", of serious criminal offences, on the grounds that the concept of prevention was too vague and could lead to abuse of the system. Moreover, whereas the proposal had simply given examples of serious offences (\"such as terrorism and organised crime\"), the committee preferred to refer to the definition given in Article 2(2) of the European Arrest Warrant;
\n- new provisions in Article 1 specified that one of the aims of the directive should be to ensure \"respect for private life\" and the protection of personal data when data is retained. The scope of the directive should be limited to traffic and location data and the data necessary to identify the subscriber or registered user. It should not apply to \"related\" data;
\n- data retained under the directive should only be provided to the competent national authorities responsible for the investigation, detection and prosecution of serious criminal offences \"following the approval of the judicial authorities and of other competent authorities according to national legislation\";
\n- two new articles introduced provisions governing access to retained data and data protection and data security. These sought to ensure inter alia that access to retained data would be granted only for specific purposes, on a case-by-case basis, and would be restricted to the \"relevant and proportionate\" data necessary for a specific investigation. It should not include \"large-scale data mining in respect of travel and communications patterns\" of people unsuspected by the competent national authorities. Data should be erased when no longer necessary and also when inaccurate. Any accessing of data should be recorded. Lastly, the data should only be forwarded to third countries (such as the
- another new article provided for Member States to lay down \"effective, proportionate and dissuasive\" sanctions for infringements of the national provisions adopted to implement the directive;
\n- MEPs wanted all data (i.e. from telephony and internet) to be retained for a period of 6-12 months and then erased, whereas the proposal had simply provided for telephony data to be retained for one year and internet data for 6 months;
\n- the committee restructured the proposal so as to place the Annex (listing the types of data to be retained) into the main body of the text (in Article 4);
\n- while supporting the registration of location data on successful calls, SMS and internet use, MEPs preferred to leave it up to the Member States to decide whether to request telecom companies to retain data on unsuccessful calls. They introduced a new definition - \"unsuccessful call attempt\" - into the directive;
\n- telecom companies should be fully reimbursed by the Member States for all extra costs incurred in order to comply with obligations imposed on them as a result of the directive, including investment and operational costs as well as the extra costs resulting from further modifications of the directive, whereas the proposal had only provided for the reimbursement of \"demonstrated additional costs\";
\n- finally, the directive should be reviewed after 2 years, and every 3 years thereafter, with attention being focused in particular on the types of data retained and the retention periods.
\n\n\n\n
The Council\n agreed to reach a \"first reading deal\" with the European Parliament\n on a Directive on data retention by the end of the year in spite of\n reservations made by Ireland, Slovakia and Slovenia.
Some of the\n elements agreed are as follows :
- serious\n criminal offences : a reference to serious crime is included in the text of\n the Directive, as defined by each Member State in its national law. Member\n States shall have due regard to the crimes listed in Article 2(2) of the\n Framework Decision on the European Arrest Warrant (2002/534/JHA) and crime\n involving telecommunications;
- retention\n periods : Member States should ensure that the categories of data referred to\n in the draft Directive are retained for periods of not less than 6 months and\n for a maximum of two years from the date of the communication.
- Internet\n data : the Council is in favour of an obligation to retain data on Internet\n access, Internet e-mail and Internet telephony;
- unsuccessful\n calls : the Council is in favour of including the retention of data in\n relation to unsuccessful call attempts where that data is generated or\n processed, and stored (as regards telephony data) or logged (as regards\n Internet data) by providers of publicly available electronic communications\n services or of a public communications network within their jurisdiction in\n the process of supplying the communication services concerned. This Directive\n shall not require the retention of data in relation to unconnected calls;
- flexibility\n : Article 15(1) of Directive 2002/58/EC would continue to apply in relation\n to data, including data related to unsuccessful calls, which are not\n specifically required to be retained under the present Directive and\n therefore fall outside the scope of this Directive, and for retention for\n purposes, including judicial purposes, other than that covered by this\n Directive.
\nThe European Parliament adopted\n a resolution on data retention by 378\n votes in favour, 197 against and 30 abstentions. The final text negotiated\n beforehand with the Council aims to facilitate judicial co-operation in\n criminal matters by approximating Member States' legislation on the retention\n of data processed by telecommunications companies.The\n amendments finally adopted were a compromise between the PES and EPP groups\n with the Council and differed in some key points to the draft directive\n adopted initially by the Civil Liberties Committee. (Please see the document\n dated 24/11/2005.) The GUE, Greens and UEN groups and some members from\n the ALDE group voted against the directive in the final vote. Alexander\n Nuno ALVARO (ALDE, DE) was unhappy with the result of the compromise\n adopted and withdrew his name as rapporteur.
The main amendments are as\n follows:
-Purpose: the aim is to ensure that the data are available for the purpose of the\n investigation, detection and prosecution of serious crime, as defined by each\n Member State in its national law. The Commission had included the objective\n of “prevention” which was deleted by Parliament. Members felt that the concept of prevention is too vague and\n could lead to abuse of the system from national authorities. Parliament also\n deleted the words “serious criminal offences such as terrorism and organised\n crime” preferring to use the term “serious crimes”.
-Period:The directive will\n provide for data to be retained by the telecommunications companies for a\n minimum of 6 months and a maximum of 24 from the date of communication. The\n Commission had proposed the period of one year
-Unsuccessful\n calls: An \"unsuccessful call\n attempt\" is defined as a communication where a telephone call has been\n successfully connected but is unanswered or there has been a network\n management intervention. This will include the retention of data in relation\n to unsuccessful call attempts where that data is generated or processed, and\n stored (as regards telephony data) or logged (as regards Internet data) by\n providers of publicly available electronic communications services or of a\n public communications network within their jurisdiction in the process of\n supplying the communication services concerned. The Directive shall not\n require the retention of data in relation to unconnected calls. Data on an\n unsuccessful call attempt only has to be\n retained if the company already stores such data. In a recital, Parliament\n stated that, “considering that the obligations on providers of electronic\n communications services should be proportionate, the Directive requires that\n they only retain such data which are generated or processed in the process of\n supplying their communications services; to the extent that such data is not\n generated or processed by those providers, there can be no obligation to\n retain it. This Directive is not intended to harmonise the technology for\n retaining data, the choice of which will be a matter to be resolved at\n national level.”
Reimbursement of costs: Parliament decided to delete the paragraph in which it\n was mandatory for Member States to reimburse telecom companies for all\n additional costs of retention, storage and transmission of data. In the\n draft directive adopted by the Civil Liberties Committee, Members had\n initially called for the full reimbursement of costs.
-Content:\n A new clause is inserted stating that no data revealing the content of the\n communication can be retained pursuant to this Directive.
-Type of data: Parliament tightened up the provisions on types of data\n to be retained, in Article 4. This includes the registration of location data\n on calls, SMS and internet use.
-Supervisory\n authority: There is a new clause on supervisory\n authority. Each Member State must designate one or more public authorities to\n be responsible for monitoring the application within its territory of the\n provisions adopted by the Member States regarding the security of the stored\n data. These authorities must act with complete independence in exercising\n their functions.
-Data\n protection and data security: A new clause states that\n each Member State shall ensure that providers of publicly available\n electronic communications services or of a public communications network\n respect, as a minimum, certain prescribed data security principles with\n respect to data retained in accordance with the Directive.
-Push system:Member\n States must ensure that data retained in accordance with the Directive are\n only provided to the competent national authorities, in specific cases and in\n accordance with national legislation.
-Sanctions: Unauthorised access or\n transfer of data will be punished by “effective, proportionate or dissuasive”\n penalties, either administrative or criminal.
-Future\n measures: A new clause has been introduced\n permitting derogation from the time period. A Member State facing particular\n circumstances warranting an extension for a limited period of the maximum\n retention period may take the necessary measures. The Member State shall immediately notify the Commission and inform the other Member States of the\n measures and indicate the grounds for introducing them. The Commission shall,\n within six months after the notification, approve or reject the national\n measures involved after having verified whether or not they are a means of\n arbitrary discrimination or disguised restriction of trade between Member States and whether or not they shall constitute an obstacle to the functioning of\n the internal market. In the absence of a decision by the Commission within\n this period the national measures shall be deemed to have been approved.
\nThe Council\n adopted a Directive of the European Parliament and of the Council on data\n retention,
amending\n Directive 2002/58/EC. The decision follows an agreement reached by the\n Council at its meeting on 1 and 2 December 2005.
The Irish and\n Slovak delegations voted against.
To recall,\n this Directive aims to harmonise Member States' provisions concerning the\n obligations of the providers of publicly available electronic communications\n services or of public communications networks with respect to the retention\n of certain data which are generated or processed by them, in order to ensure\n that the data are available for the purpose of the investigation, detection\n and prosecution of serious crime, as defined by each Member State in its\n national law.
This Directive\n shall apply to traffic and location data on both legal entities and natural\n persons and to the related data necessary to identify the subscriber or\n registered user. It shall not apply to the content of electronic\n communications, including information consulted using an electronic communications\n network.
Following\n entry into force of the Directive, Member States will have as a general rule\n 18 months in which to comply with its provisions.
\nPURPOSE : to harmonise Member States’\n provisions concerning the obligations of providers of publicly available electronic\n communications services with respect to the retention of certain data.
LEGISLATIVE ACT : Directive 2006/24/EC of\n the European Parliament and of the Council on the retention of data generated\n or processed in connection with the provision of publicly available\n electronic communications services or of public communications networks and\n amending Directive 2002/58/EC.
CONTENT : the Council adopted this Directive with the Irish and Slovak delegations voted against. The Directive aims to\n harmonise Member States’ provisions concerning the\n obligations of the providers of publicly available electronic communications\n services or of public communications networks with respect to the retention\n of certain data which are generated or processed by them, in order to ensure\n that the data are available for the purpose of the investigation, detection\n and prosecution of serious crime, as defined by each Member State in its\n national law. The Directive applies to traffic and location data on both\n legal entities and natural persons and to the related data necessary to\n identify the subscriber or registered user. It does not apply to the content\n of electronic communications, including information consulted using an\n electronic communications network.
The following categories of data must retained with regard to fixed network telephony and mobile telephony, as well as Internet\n access, Internet e-mail and Internet telephony:
- data necessary to trace and identify the source of a\n communication;
- data necessary to trace and identify the destination of a\n communication;
- data necessary to identify the date, time and duration of a\n communication;
- data necessary to identify the type of communication;
- data necessary to identify the communication device;
- data necessary to identify the location of mobile communication\n equipment.
The types of data to be retained under these categories of data\n are specified in the Directive. With regard to an \"unsuccessful call attempt\", this is defined as\n a communication where a telephone call has been successfully connected but is\n unanswered or there has been a network management intervention. This will\n include the retention of data in relation to unsuccessful call attempts where\n that data is generated or processed, and stored (as regards telephony data)\n or logged (as regards Internet data) by providers of publicly available\n electronic communications services or of a public communications network within\n their jurisdiction in the process of supplying the communication services\n concerned. The Directive shall not require the retention of data in relation\n to unconnected calls. Data on an unsuccessful call attempt only\n has to be retained if the company already stores such data.
No data revealing the content of the communication may be retained\n pursuant to this Directive.
Member States must ensure that the categories of data specified\n are retained for periods of not less than six months and not more than two years\n from the date of the communication. A Member State facing particular\n circumstances that warrant an extension for a limited period of the maximum\n retention period may take the necessary measures. That Member State shall immediately notify the Commission and inform the other Member States of the\n measures taken and state the grounds for introducing them. The Commission\n shall, within a period of six months after the notification, approve or\n reject the national measures concerned, after having examined whether they\n are a means of arbitrary discrimination or a disguised restriction of trade\n between Member States and whether they constitute an obstacle to the\n functioning of the internal market. In the absence of a decision by the Commission\n within this period the national measures shall be deemed to have been\n approved.
The Directive goes on to make provision for data protection and\n data security. Each Member State shall ensure that providers of publicly available electronic communications\n services or of a public communications network respect, as a minimum, certain\n prescribed data security principles with respect to data retained in\n accordance with the Directive. Each Member State must designate a supervisory authority to be responsible for monitoring the\n application within its territory of the provisions adopted by the Member\n States regarding the security of the stored data. Those authorities may be\n the same authorities as those referred to in Article 28 of Directive\n 95/46/EC. The supervisory authority must act with complete independence.
No later than\n 15 September 2010, the Commission must submit an evaluation of the\n application of the Directive and its impact on economic operators and\n consumers, taking into account further developments in electronic communications\n technology and the statistics provided to the Commission with a view to\n determining whether it is necessary to amend the provisions of this\n Directive, in particular with regard to the list of data and the periods of\n retention.
TRANSPOSITION\n : 15 September 2007. Until 15 March 2009, each Member State may postpone application of the Directive to the\n retention of communications data relating to Internet Access, Internet\n telephony and Internet e-mail. Any Member State that intends to make use of\n this provision must notify the Council and the Commission to that effect by\n way of a declaration. The following Member States have made such a\n declaration postponing application for differing lengths of time: the\n Netherlands, Austria, the United Kingdom, Estonia, Cyprus, Greece,\n Luxembourg, Slovenia, Sweden, Lithunia, Latvia, Czech Republic, Belgium,\n Poland, Finland, Germany.
ENTRY INTO FORCE : 03/05/2006.
\n