Looks like it’s about to end.
:eek:
The strange thing is that the EU Commission has been recommending the use of cryptography tools like PGP for years. If it supports those plans, it will render itself unreliable.
- having worked for an European ISP for the last two and a half years, I’ve seen how politicians and law enforcement committees like to make lists of what they’d really, really want to have and then fall flat on their stupid faces when people with the technical know-how tell them what they actually can have in the real world.
Data retention as it’s known today means police access (with due process, i.e. a court order) to the data that a company already stores when running normally.
The data that an ISP must hand over to the police is what the ISP needs in order to operate, anyway: Passwords, assigned IP addresses, date/time, calling phone# (CLID) etc. We need those data to write bills and fight abuse. Keeping them on record and handing them over when a court orders us to does not strike me as a severe invasion of privacy.
The new suggestions as they’re lined up in the leaked document http://www.gilc.org/europol.pdf - mention just those data sets, at least for ISPs.
The webserver logs are a ridiculous and utterly unenforceable concept… How many people have a small webserver on their DSL line ? How many of those will even keep a log ? How can something that’s so easy to tamper with ever be admissible in court ?
The mail logs, even more so. How many people access their company e-mail over VPN, and does that mean that every 5-person company has to store a log for 5 years on the chance that it could be ordered to hand it over ? Fat chance.
The bozos who wrote this apparently think of the Internet as the telephone network - big and imposing, run by by major corporations with lots of big 19" racks in airconditioned rooms. Ain’t so. And someone really ought to tell them.
Unless, of course, this is just an attempt at mentioning everything they can think of and then appear to have compromised when the industry hands over everything that’s feasible. Except content (content isn’t named in their document as far as I can see), because they’ve realized that they’ve lost the encryption battle. PGP has to have the snoops crying in their beer 
The Europol is under the third pillar of the EU. It means it has no supra-national powers. It’s basically a group of policemen from different countries sitting in Brussels thinking up stuff and helping fellow policemen in other countries with international crime fighting.
So I wouldn’t draw any conclusions from this especially since I’ve seen nothing official from the EU.