Yesterday 15.05 2008.

   Yesterday the Dutch law implementing the data retention directive was discussed in the Dutch parliament (“Tweede Kamer” = “lowerhouse”). Government proposed 24 months, left wing opposition proposes six months (= minimum), government coalition parties are divided: Christian Democrats 24, socialists 6, Christian Union 12. Last mentioned party is small, but its support for either 6 or 24 could be decisive. Its spokesman was unwilling to decide yesterday “if and when”.

   Despite excellent contributions from several parliament members, the government believes “more is better”. The Max Planck Istitute study was cited saying that a longer data retention period would have been useful only in 0,01% of cases, but the Minister (a former law professor, christian democrat) said that quantity is not the only decisive factor:

     if one single high-profile case could be solved by a longer retention period, that would count as well. (As an example, the disappearance of Natalee Holoway on Aruba was mentioned, a case that made headlines in the (Dutch) newspapers).

   As you know, the Irish have submitted a case to the ECJ because they believe the Data Retention Directive has no proper ground in the EU treaties but the Dutch minister(/professor) said that this is irrelevant for NL, at least it is not a reason to delay the implementation (which is overdue anyway). Asked what if the Directive is implemented in Dutch law, and subsequently declared invalid by the ECJ, he said “that could theoretically happen to any Directive”.

   It struck me that various member states have chosen various periods (as allowed by the directive, from 6-24 months) and also have different compensation schemes. In NL, the upfront investment is to the provider, while they get paid per request from the police, This would be a disadvantage for smaller providers, that perhaps never get a request from the police, while the larger providers could even make a profit from such requests. Anyway, the typical purpose of Directives to create a level playing field on the “common market” is not met here, on the contrary. Incidentally, allegedly the marginal cost of retaining the
data 6 months more would be only 10%.

   The minister said that the relevant data is collected anyway for billing purposes – its only retained longer. I believe this is not true. Yes, I pay per telephone call, but I pay a flat rate for ADSL Internet.

   The parliament noted that major communication facilities such as Hotmail, Gmail and Skype are not covered by the data retention obligation. Left wing parties argued that the Directive therefore is useless anyway, as criminals would switch to those services, and only stupid criminals would be caught by “data retention”. Right wing and christian democrats asked the minister to consider future steps to include such services also in “data retention” (which imho is unrealistic as it requires the US to cooperate).

   The vote will be later, but before 22/5, because then the law proposal is sumitted to the Eerste Kamer, the Dutch “upper house”. One of its members is renowned former information law professor Franken, christian
democrat, who is very critical on the directive.

   Background: some years ago, a majority in the parliament asked the (previous) minister of Justice (Donner) _not_ to agree with the Directive Proposal in the European Council, but he chose to ignore the will of the parliament.

  Unfortunately, no one on the parliament yesterday said that (perhaps?) the only purpose Directive is to help record companies to fight MP3 file sharers. Data retention would only be used to fight “severe crime”, but at the same time IPRED2 makes sure that copyright infringement is designated as “severe crime”.