Security Police want to retain telecommunications data for two years
Finland's Security Police (SUPO) is demanding that telecommunications operators should be obliged to retain records of all their clients’ phone and internet traffic for two years, to enable the data to be used in potential criminal investigations.
A new directive by the European Union states only that all telephone and internet records have to be retained for a minimum period of six months and a maximum period of 24 months.
The National Research and Development Centre for Welfare and Health (STAKES) fears that the longer retention time called for on such records would endanger the confidentiality of personal information, particularly in the social services and health care sectors.
"Crime prevention is not a sufficient reason for the gathering of official information relating to citizens’ health and social care", STAKES argues.
Until now the Finnish telecoms companies have generally retained phone and internet identification data for a period from a few months up to more than a year, in order to facilitate potential criminal investigations after the fact.
However, the current Finnish legislation does not prescribe any maximum period for the retention of phone and internet traffic records.
According to a draft proposal for new legislation outlined by the Ministry of Transport and Communications, the retention period would be 12 months.
SUPO argues that a longer period would be required as police could need such identification data in the future.
The police and other officials investigating potential crimes are already now allowed to examine phone and internet traffic identification data, provided that they have acquired a court order to do so.
However, the contents of SMS messages and e-mails will not be recorded even in the future. Only the phone numbers, names, and addresses of the caller and the receiver of a call, as well as the time of the call, will be recorded. Similarly, the names and e-mail addressses of both the sender and receiver of e-mails, as well as the name and address of the user, and the time of logging in and out will be recorded.
National Research and Development Centre for Welfare and Health (STAKES)
Ministry of Transport and Communications
Information security and privacy protection