[Chapter-delegates] Stalking or reasonable traffic analysis?

Thu Jul 5 02:54:21 PDT 2012

On Thu, 5 Jul 2012, Narelle Clark wrote:

> 
> This interview with Geoff is even more illustrative:
> http://www.zdnet.com/hands-off-our-packets-its-the-law-7000000082/
> 
> Keen to hear people's thoughts!
> 
> What would your chapter members think? Would this fly in your
> jurisdiction? Would they be prosecuted? Or not?

Narelle,

We would challenge it on similar basis as already listed in the
Geoff's article - we provisions for secrecy
of telecommunications, but also we have extensive e-commerce
privacy legislation on the E.U. level as well.

The latter might be better as we keep telling that the Internet !=
telecommunication services.

The European Union has a directive, 2002/58/EC, that deals with the
subject of privacy and e-commerce. After its recent ammendments
it's being called sometimes "cookie directive". So now the shift
is more towards consumer-protection-style e-commerce regulation
vs. traditional telecommunications.

Some summary of the regulatory framework in Europe:

http://europa.eu/legislation_summaries/internal_market/single_market_services/l24120_en.htm

Here's a text of the EU directive 2002/58/EC:

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32002L0058:EN:NOT

> Article 5
>
> Confidentiality of the communications
>
> 1. Member States shall ensure the confidentiality of communications
> and the related traffic data by means of a public communications
> network and publicly available electronic communications services,
> through national legislation. In particular, they shall prohibit
> listening, tapping, storage or other kinds of interception or
> surveillance of communications and the related traffic data by
> persons other than users, without the consent of the users concerned,
> except when legally authorised to do so in accordance with Article
> 15(1). This paragraph shall not prevent technical storage which is
> necessary for the conveyance of a communication without prejudice to
> the principle of confidentiality.
>
> 2. Paragraph 1 shall not affect any legally authorised recording
> of communications and the related traffic data when carried out in
> the course of lawful business practice for the purpose of providing
> evidence of a commercial transaction or of any other business
> communication.
>
> 3. Member States shall ensure that the use of electronic
> communications networks to store information or to gain access to
> information stored in the terminal equipment of a subscriber or user
> is only allowed on condition that the subscriber or user concerned is
> provided with clear and comprehensive information in accordance with
> Directive 95/46/EC, inter alia about the purposes of the processing,
> and is offered the right to refuse such processing by the data
> controller. This shall not prevent any technical storage or access
> for the sole purpose of carrying out or facilitating the transmission
> of a communication over an electronic communications network, or as
> strictly necessary in order to provide an information society service
> explicitly requested by the subscriber or user.

The last one is about cookies, among others.

//Marcin