5 June 2002. Thanks to Anonymous and D.
See Statewatch on EU data retention legislation: http://www.statewatch.org/
http://195.62.53.42/pressreleases/press_release.php?func=detail&par=1705
31/05/2002 | PRIVACY/EU: CONFIDENTIAL EUROPOL DOCUMENT ON DATA RETENTION: NATIONAL LAW ENFORCEMENT EXPERTS ARE WORKING A WISH LIST OF CITIZENS' COMMUNICATIONS DATA TO BE RETAINED IN THE EU
After the European Parliament vote of yesterday on data retention, and after rumors of a EU legal instrument on harmonised data retention measures, a confidential Europol document confirms EU activities on the issue. The document reveals that national law enforcement experts are working in the framework of Europol to draft a wish list of citizens' communications data to be retained in the EU. This document contains the agenda of the April Europol meeting of national experts, and one of the issues that was discussed was the directive on privacy in electronic communcations, that after the EP vote will contain an explicit authorisation for Member States to adopt legislative measures of data retention. It contains also a list of communications data, and an invitation to Member States to provide comments.
You can find the Europol confidential document on the
http://www.radicalparty.org/europol/europol.pdf
webpage. [HTML version below.]
Declaration by Marco Cappato, Radical MEP of the Lista Bonino, and Ottavio Marzocchi, of the Transnational Radical Party Board:
"This document appears to fit in a more general EU strategy to develop Europeanwide data retention and surveillance measures. A first step has been the success of the Council pressures on the Commission and the EP to insert in the EU directive on privacy in electronic communications provisions authorising data retention at the national level. A second step is the development of national laws and European harmonised Third Pillar measures on data retention. It is extremely worrying that on those issues secrecy and silence are kept by EU governments and by the Council, while a proper public debate should take place, since those measures infringe the fundamental humanright to privacy and civil liberties in general. We shall keep on being vigilant on this issue, since the damage to democracy could be extremely serious. We will table in the next days a question to the Commission and to the Council on this document and on the issue of data retention."
Source: http://servizi.radicalparty.org/europol/europol.pdf
[11 pages.]
| Date | Start: 11 April 2002 h. 10:00 | End: 11 April 2002 h. 17:00 |
| Place | Europol Building, Raamweg 47, The Hague | |
| Chair | Europol (to be decided) | |
| No. | Subject | Document reference |
| 1 | Welcom and introduction | |
| 2 | Adoption of the agenda | 5121-20020411 Agr1 |
| 3 | High Tech Crime Centre at Europol - Brief presentation of outcome of
HENU meeting 12-13 April 202
Experts to comment |
2565-50r3 - Project Initiation Document |
| 3 | Data retention:
Experts to comment and agree to proposal when appropriate |
5121-20020411 - Summary Questionnaire |
| 4 | Creating a common and standard template for asking information to
ISP/Telephone companies
Experts to comment and agree to proposal when appropriate |
Template to be provided |
| 5 | List of contact points -- including both Member States and Industry
Experts to agree when appropriate |
2570-40rev3 |
[Footer all following pages: Questionnaire after replies Rev1.doc
10 April 2002]
The Hague, 28 December 2001
File no 5121-20020411LR-Questionnaire
Data that must be retained by Internet Service Providers
1. Network Access Systems |
||
| (NAS) Access logs specific to authentication and authorization servers such as TACACS+ (Terminal Access Controller Access Control System) or RADIUS (Remote Authentication Dial in User Service) used to control access to IP routers or network access servers | Member State Comments | |
| A
Minimum List |
Date and time of connection of client to server
User-id and password Assigned IP address NAS Network attached storage IP address Number of bytes transmitted and received Call Line Identification (CLI) |
|
| B
Optional |
User's credit card number / bank account for the subscription payment | |
2. Email servers |
||
| SMTP (Simple Mail Transfer Protocol) | Member States comments: | |
| Minimum
List |
Date and time of connection of client to server
IP address of sending computer Message ID (msgid) Sender (login@domain) Receiver (login@domain) Status indicator |
|
| POP (Post Office protocol) log or IMAP (Internet Message Access Protocol) log | Member States comments: | |
| Minimum
List |
Date and time of connection of client to server
IP address of client connected to server User-id In some cases identifying information of email retrieved |
|
3. File upload and download servers |
||
| FTP (File Transfer Protocol) log | Member States comments: | |
| A
Minimum List |
Date and time of connection of client to server
IP source address User-id and password Path and filename of data object uploaded or downloaded |
|
| B
Optional List |
||
4. Web servers |
||
| HTTP (HyperText Transfer Protocol) log | Member States comments: | |
| A
Minimum List |
Date and time of connection of client to server
IP source address Operation (i.e. GET command) Path of operation (to retrieve html page or image file) Those companies which are offering their servers to accommodate web pages should retain details of the users who inserts these web pages (date, time, IP, User ID, etc.) |
|
| B
Optional List |
"Last visited page"
Response codes |
|
5. Usenet |
||
| NNTP (Network News Trasnfer Protocol) log | Member States comments: | |
| Minimum
List |
Date and time of connection of client to server
Protocol process ID (nnrpd[NNN...N]) Hostname (DNS name of assigned dynamic IP address) Basic client activity (no content) Posted message ID |
|
6. Internet Relay Chat |
||
| IRC Log | Member States comments: | |
| A
Minimum List |
Date and time of connection of client to server
Duration of session Nickname used during IRC connection Hostname and/or IP address |
|
| B
General Optional List |
Copy of the contract
Bank account / credit card for the payment |
|
7. Data that must be retained by telephone companies for fixed numbers' users: |
||
| Member States comments: | ||
| A
Minimum List |
Called number even if the call was not successful
Calling number even if the call was not successful Date and time of the start and the end of the communication Type of communication (incoming, outgoing, link through, conference) In case of conference calls or call to link through services, all intermediate numbers Information both on the subscriber and on the user (name, date of birth, address) Address where the bill is sent Both dates (starting and ending) from when the subscription has been signed and dismissed Type of connection the user has (normal, ISDN, ADSL, etc., and whether it is for in-out calls or for incoming only) The forwarded called number The time span of the call Bank account number/other means of payment |
|
| B
Optional List |
Copy of the contract
For a better investigative purpose Telcos should be able to know the nature of the telecommunication: voice/modem/fax etc. |
|
8. Data that must be retained by telephone companies for mobile / satellite numbers' users: |
||
| Member States comments: | ||
| A
Minimum List |
Called number even if the call was not successful
Calling number even if the call was not successful Date and time of the start and the end of the communication Type of communication (incoming, outgoing, link through, conference) For conference calls or call to link through services, all intermediate numbers Information both on the subscriber and on the user (name, date of birth, address) IMSI and IMEI numbers Address where the bill is sent Both dates (starting and ending) from when the subscription has been signed and dismissed The identification of the end user device The identification and geographical location of the cells that were used to link the end users (caller, called user) to the telecommunication network Geographical llocation (coordinates) of the mobile satellite ground station Type of communication (incoming, outgoing, link through, conference) [duplicate item] GPRS service For conference calls or call to link through services, all intermediate numbers [duplicate item] The forwarded called number The time span of the call Bank account number/other means of payment As GPRS and UMTS work on Internet base, thus all the data above mentioned (as IP address) should be preserved |
|
| B
Optional List |
Copy of the contract
For a better investigative purpose Telcos should be able to know the nature of the telecommunication: voice/modem/fax etc. |
|
9. Numbers format: |
||
| All telephone numbers (for both ISP and telephone companies) should be composed by: | Member States comments: | |
| Country number
Area number Subscribers number All information in ASCII code with tab separators and carriage return As some services allow users to connect to a foreigner IPS through the use of a national toll free number, thus the structure of this number is required |
||
10. Time synchronisation: |
||
| Telecommunication operators, internet access providers and internet service providers have to synchronise their servers with a time server of their countries with the specification of GMT | Member States comments: | |
Transcription and HTML by Cryptome.