Certain civil liberties groups are opposing the law on the grounds that it could threaten the fundamental right to privacy. Current data protection rules do not permit communications data to be kept longer than necessary for billing purposes. The new law means governments could ask telecom companies and ISPs to retain data for an unspecified "limited time" to safeguard national security.
The directive said such use must be a, "necessary, appropriate and proportionate measure within a democratic society," and it must also respect the European Convention on Human Rights, which has not been incorporated into Irish law.
Cormac Callanan, chairman of the Internet Service Providers Association of Ireland, said ISPs were neutral on the issue of data retention but were concerned about the cost of storing increased amounts of communications data.
Several members of the European Parliament, including the Liberal Democrat group, criticised the vote, saying the law hands too much power to member state's to control individuals. Before the vote an alliance of 40 civil liberties groups warned that the law could have, "disastrous consequences for the most sensitive and confidential types of personal data."
Yaman Akdeniz, director of Cyber-Rights and Cyber-Liberties, told ElectricNews.Net that the directive encourages governments to develop legislation that might damage a fundamental right to privacy.
"I don't think the EU spent much time thinking about this issue. It is a hotly debated topic but they rushed into it," he said. "Since September 11 governments are more anxious about fighting terrorism. We now have to watch what individual governments will allow."
German left-wing MEP Ilka Schroeder said in a statement, "From today on, the fundamental right to privacy is questioned for everyone using electronic means of communication. Western democracies have surpassed the surveillance achievements of the East German Stasi."
The European Parliament has often acted as the champion for civil liberties and privacy issues. The Parliament was the first government institution to acknowledge the existence of Echelon, the global surveillance network run by state intelligence agencies in the US and Britain.
The European Commission said it expected the new directive to become law across the EU before the end of 2003. The directive must now be approved from the Commission and each of the 15 member state governments.