Its a strange world where governments in EU collectively decide to infringe basic human rights, and then have to deal with being told that they did it. I am thus happy that PTS recognize the absurdity, and allow ISPs to stop now rather than later.
Here in the U.S., we don't have rules that require ISPs to retain such data, yet many ISPs (especially the largest ones) happily do so for months or years.
One of the first things I did shortly after going to work for an ISP was to create a formal retention policy. We certainly don't "record" user traffic (with the exception of a tcpdump if I'm troubleshooting, for example) anyways, but nearly nothing is kept for more than seven days. I wish more ISPs operated this way.
I know of other ISPs that do the same. It's interesting because prior to the DMCA it was all about getting more log space to help with diagnostics and troubleshooting, or running interesting stats. Now that it's fairly common for requests of dubious legal quality to be made for user information, it's really the jobs of any reputable ISP to protect their customers by limiting retention of this information.
And this ironically one of the reasons why the EU data retention directive came about in the first place: privacy laws would make retaining that data illegal.
This particular Swedish ISP is not being a rebel, they're doing what they would be legally obliged to do.
Sadly, it's not strange. And there are still quite a few countries where the retention requirements were implemented in the local law so it remains a problem.
This makes me think of Brazil's "Marco Civil da Internet", which is on its way to the senate and if approved without changes will require ISPs to retain customer data for up to 12 months. Hopefully this EU Supreme Court decision will influence the removal of that requirement from the draft before it passes.
In case the reason you link to the cached version is because you can't access the site, the issue might be the HTTPS-Everywhere addon. I had to disable the "PC World"-entry a few days ago to access their articles.
Not a chance. The only party that seems to care is the Pirate Party, and they've basically only been on the news when the party leader was locked into her bathroom by her cat.
And what does this tell you? Someone thought that was more worthwhile writing about than telling voters about what PP's representatives in the Europarl have been up to.
I'm not seeing how these questions are relevant to very many swedes right now, with regard to ongoing world-wide & european political development.
We seem to have the same confused politics in Sweden as usual. Womens rights & equality is important and seeing some progress locally, while from a more global perspective we can actually expect this trend to go backwards.
A substainable economy is left to the "industry", and the government are selling out the last parts of the welfare.
We have a strong right-wing movement in Sweden now, which we didnt have since the early 90's. A movement whose european cooperatives are open fascists.
One of our negihbour counties are being invaded by Russia.
Sweden is in bed with USA and the UK with regards to signal spying (https://en.wikipedia.org/wiki/National_Defence_Radio_Establi...
which puts Sweden in quite a bad spot against Russia.
Russian cables go through Sweden and wiretapping of these cables is what the FRA are supplying to NSA / GCHQ.
This is not even discussed in the Swedish media.
And still, you believe the Pirate Party's ideas are relevant for this year's election?
I'm only going to vote Pirate Party for the European Parliament, not the Riksdag election.
I didn't say PP was relevant for the Riksdag election. But I do hope that their issues get exposure. I didn't say I hope their issues are the only issues discussed.
Don't tell me that you think the issues around FRA and DLD are irrelevant.
Privacy, and other matters, seem to have become non-issues since that report [1] came out stating kids at school are doing worse than ever compared to the rest of the world. People are freaking out.
Sweden was among the last EU nations to make the retention a national law, and from what I have read most ISPs are still in the process of developing/negotiating a long-term solution for storing the data. Since they were to pay the entire cost themselves, this should save them quite a lot of money. Especially if you were prepared to believe their estimated implementations costs of one billion SEK.
There are two types of data here: traffic data, and data used to identify a customer given their IP address. The former seems obviously excessive to me. However, identifying customers from their IPs is pretty much only useful when there's a specific crime being investigated, which greatly reduces the potential for abuse. I think it's worth discussing the privacy implications of these two types of data separately.
I run a chat Web site. On multiple occasions, my moderation team has found people raping children live on webcam and reported them. People have been arrested, and children have been saved from abuse. That was only possible because they could be tracked down via their IP address. This isn't a hypothetical "think of the children" argument; it's something that has actually happened, multiple times, in the course of running my site.
I don't see the big issue with storing IPs as long as the only way to getting the data is through a court order. My problem is that I don't trust most ISPs not to hand over the data to the police if they simply show up and ask for it "in the interest of the children/national security/etc". Also, the data should be stored for a relatively short amount of time (the EU data retention directive called for a period between six months and twenty-four months, that's way too long).
Of course, when you hear about how the French DGSE was getting raw data from Orange anyway, it's clear that it's not the police overstepping you should feel the most worried about, it's these agencies whose entire purpose involves breaking the law.
For this, one could introduce a "quick freeze" scheme: providers don't store anything (or, if needed for billing etc., delete after 7 days).
Only if police knocks up and tells you "we might need the data from IP address x.y.z.a in the foreseeable future", you store the requested data on secure material.
Then, police goes to court and gets a formal warrant for the data, which the provider then needs to provide the data to the police.
The need is to identify a subscriber given an IP address they used in the past (to commit a crime). Knowing who is using a dynamic IP address now doesn't necessarily tell you who was previously using it.
A moderation team catching a criminal act while it is happening is certainly not the same as storing everybody's IP address for up to 2 years so third parties can access it.
A moderation team catching a criminal act and reporting the IP address of the criminal doesn't do much good if there's no way to determine whose IP it is.
