Belgian 'Royal Decree' Requires ISPs To Log All Sorts Of Info For A Year
from the invest-in-encryption-now dept
Theo Lietaert alerted us to the very troubling news out of Belgium, that a “royal decree” has been passed requiring Belgian telcos, internet service providers, information service providers, email providers, etc. to log a ridiculous amount of metadata for a year. The full decree (in French) includes an awful lot of information that will be tracked (though it’s been published in a manner that’s nearly impossible to read). Among the examples listed: how many emails you send, if you use a VoIP provider (like Skype), how long your calls are, how you pay your bills — basically any and all (non-content) data that ISPs can collect, they are required to keep. And then they need to make it available to basically all law enforcement. That is, this is not just for anti-terrorism purposes, but for any government purpose under the sun, allowing them to troll through basically all of your internet activity.
The justification for all of this? Because law enforcement “needs” this data do their job better. This is not all that different than the excuses we’ve heard from those defending NSA surveillance, that this data is somehow “needed” because it might stop “bad guys.” But that turns the privacy questions upside down entirely. As we’ve noted, law enforcement would, most likely, be able to stop a lot more crime if we were all required to have video cameras hooked up to a giant database installed in every room in every home. But we don’t do that because it’s a massive breach of privacy.
The ministers behind this abomination, Johan Vande Lanotte and Annemie Turtelboom appear to recognize that this goes “far beyond” what’s allowed under the European privacy directive, but they don’t seem to care, claiming that the privacy directive is “obsolete.” The whole situation is fairly sketchy as well, since it was done by royal decree, allowing them to totally bypass Parliament, but is equally binding. I guess they’re worried that Parliament (gasp) might actually protect the rights of the people.
This seems like a horrifyingly broad attack on privacy rights in Belgium, and while the Privacy Commission is reviewing the issue, it’s possible that this will be considered the law in Belgium. If you’re a VPN vendor, it would seem like a marketing campaign in Belgium might be appropriate just about now.
Filed Under: belgium, data collection, data retention, eu, metadata, privacy, privacy directive, royal decree
Comments on “Belgian 'Royal Decree' Requires ISPs To Log All Sorts Of Info For A Year”
“(though it’s been published in a manner that’s nearly impossible to read)”
Duh! It’s French.
/ducks
Aren’t Belgian telcos required to keep this data under EU data retention policy anyway?
My Response
Belgian man, Belgian!
NSA spies on Belgium politicians. Suddenly Belgium politicians become compliant to NSA demands. The royal decree can’t expand laws, it can only implement agreed ones, yet this does. It’s supposed to implement the data retention directive and instead installs mass surveillance on Belgium by removing the warrant on access to the data.
As VRT puts it, “Has big brother arrived in Belgium”
http://www.deredactie.be/cm/vrtnieuws.english/News/131009_BigBro
That's it
I am so tired of power junky control freaks in a position of authority. Since they think privacy is obsolete and we if we’re doing nothing wrong we shouldn’t care about these privacy violations, then I propose the following. Before they can put these type of policies in effect for one year prior they must do the following:
1) Post all personnal financial data and metadata of all communications updated in real time.
2) Have a real time audio and video feed of their all activities all the time.
3) Have to go naked (for some of these folks that will be a hardship on us) all the time.
If they think their policies are so important to public safety that they agree to these immodest proposals, I might rethink my objections to them.
If law enforcement needs all this data to do their job, their training must be piss poor.
all the crap that is associated with this type of ‘decree’ is thanks to the friggin’ USG and USA security agencies. the whole aim is to make, not a police state, but a total police world, where no one has any privacy or freedom and no ordinary citizen has a single right for anything. by God, whoever is behind this needs to be found and dealt with severely! we arte heading fast towards an abyss and there is no way to stop us from falling over the edge. the ridiculous thing is, those that are forcing us to go over that precipice, will be going over with us!!!
Brilliant and tech savvy - not
Not only is this proposal crazy, the Belgian justice departpment runs on Netscape Enterprise server 4 (remember that? 13 years old), and they have their old FTP logs exposed.
http://www.ejustice.just.fgov.be/wet/WS_FTP.LOG
Gets better if you look deeper
Openinging http://www.ejustice.just.fgov.be/tsv_pub/ gives
#!/usr/local/bin/perl
window.location=’http://www.just.fgov.be/’;
Hmm, a 13-year old ultrasparc web server quite likely to be running PERL, that will keep your metadata secure.
Re: Gets better if you look deeper
That sounds just like my web server, you insensitive clod!
Why bother?
I don’t know why NSA would bother, they can just get GCHQ to hack into Belgium at will…
VPN here we go.