Belgian 'Royal Decree' Requires ISPs To Log All Sorts Of Info For A Year

Privacy

from the invest-in-encryption-now dept

Wed, Oct 9th 2013 8:42am — Mike Masnick

Theo Lietaert alerted us to the very troubling news out of Belgium, that a "royal decree" has been passed requiring Belgian telcos, internet service providers, information service providers, email providers, etc. to log a ridiculous amount of metadata for a year. The full decree (in French) includes an awful lot of information that will be tracked (though it's been published in a manner that's nearly impossible to read). Among the examples listed: how many emails you send, if you use a VoIP provider (like Skype), how long your calls are, how you pay your bills -- basically any and all (non-content) data that ISPs can collect, they are required to keep. And then they need to make it available to basically all law enforcement. That is, this is not just for anti-terrorism purposes, but for any government purpose under the sun, allowing them to troll through basically all of your internet activity.

The justification for all of this? Because law enforcement "needs" this data do their job better. This is not all that different than the excuses we've heard from those defending NSA surveillance, that this data is somehow "needed" because it might stop "bad guys." But that turns the privacy questions upside down entirely. As we've noted, law enforcement would, most likely, be able to stop a lot more crime if we were all required to have video cameras hooked up to a giant database installed in every room in every home. But we don't do that because it's a massive breach of privacy.

The ministers behind this abomination, Johan Vande Lanotte and Annemie Turtelboom appear to recognize that this goes "far beyond" what's allowed under the European privacy directive, but they don't seem to care, claiming that the privacy directive is "obsolete." The whole situation is fairly sketchy as well, since it was done by royal decree, allowing them to totally bypass Parliament, but is equally binding. I guess they're worried that Parliament (*gasp*) might actually protect the rights of the people.

This seems like a horrifyingly broad attack on privacy rights in Belgium, and while the Privacy Commission is reviewing the issue, it's possible that this will be considered the law in Belgium. If you're a VPN vendor, it would seem like a marketing campaign in Belgium might be appropriate just about now.

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: belgium, data collection, data retention, eu, metadata, privacy, privacy directive, royal decree

12 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

Anonymous Coward, 9 Oct 2013 @ 9:17am

"(though it's been published in a manner that's nearly impossible to read)"

Duh! It's French.

/ducks
[ link to this | view in chronology ]
Cyrus Farivar, 9 Oct 2013 @ 9:22am

Aren't Belgian telcos required to keep this data under EU data retention policy anyway?
[ link to this | view in chronology ]
Zaphod B., 9 Oct 2013 @ 9:25am

My Response
Belgian man, Belgian!
[ link to this | view in chronology ]
Anonymous Coward, 9 Oct 2013 @ 9:35am

NSA spies on Belgium politicians. Suddenly Belgium politicians become compliant to NSA demands. The royal decree can't expand laws, it can only implement agreed ones, yet this does. It's supposed to implement the data retention directive and instead installs mass surveillance on Belgium by removing the warrant on access to the data.

As VRT puts it, "Has big brother arrived in Belgium"

http://www.deredactie.be/cm/vrtnieuws.english/News/131009_BigBro
[ link to this | view in chronology ]
DOlz (profile), 9 Oct 2013 @ 10:30am

That's it
I am so tired of power junky control freaks in a position of authority. Since they think privacy is obsolete and we if we're doing nothing wrong we shouldn't care about these privacy violations, then I propose the following. Before they can put these type of policies in effect for one year prior they must do the following:

1) Post all personnal financial data and metadata of all communications updated in real time.

2) Have a real time audio and video feed of their all activities all the time.

3) Have to go naked (for some of these folks that will be a hardship on us) all the time.

If they think their policies are so important to public safety that they agree to these immodest proposals, I might rethink my objections to them.
[ link to this | view in chronology ]
Zakida Paul (profile), 9 Oct 2013 @ 10:48am

If law enforcement needs all this data to do their job, their training must be piss poor.
[ link to this | view in chronology ]
Anonymous Coward, 9 Oct 2013 @ 11:41am

all the crap that is associated with this type of 'decree' is thanks to the friggin' USG and USA security agencies. the whole aim is to make, not a police state, but a total police world, where no one has any privacy or freedom and no ordinary citizen has a single right for anything. by God, whoever is behind this needs to be found and dealt with severely! we arte heading fast towards an abyss and there is no way to stop us from falling over the edge. the ridiculous thing is, those that are forcing us to go over that precipice, will be going over with us!!!
[ link to this | view in chronology ]
Anonymous Coward, 9 Oct 2013 @ 12:01pm

Brilliant and tech savvy - not
Not only is this proposal crazy, the Belgian justice departpment runs on Netscape Enterprise server 4 (remember that? 13 years old), and they have their old FTP logs exposed.

http://www.ejustice.just.fgov.be/wet/WS_FTP.LOG
[ link to this | view in chronology ]
Anonymous Coward, 9 Oct 2013 @ 12:08pm

Gets better if you look deeper
Openinging http://www.ejustice.just.fgov.be/tsv_pub/ gives

#!/usr/local/bin/perl

window.location='http://www.just.fgov.be/';

Hmm, a 13-year old ultrasparc web server quite likely to be running PERL, that will keep your metadata secure.
[ link to this | view in chronology ]
- Crusty the Ex-Clown, 9 Oct 2013 @ 8:09pm
  
  Re: Gets better if you look deeper
  That sounds just like my web server, you insensitive clod!
  [ link to this | view in chronology ]
Niall (profile), 10 Oct 2013 @ 7:46am

Why bother?
I don't know why NSA would bother, they can just get GCHQ to hack into Belgium at will...
[ link to this | view in chronology ]
Anonymous Coward, 10 Oct 2013 @ 8:04am

VPN here we go.
[ link to this | view in chronology ]