LAST WEEK in Sydney, APC Asian members endorsed the following
statement supporting Jinbonet's struggle against compulsory data
retention in South Korea.

As far as i understand, the South Korean parliament has postponed
discussion about the legislation for some days, but we'll need to
hear from patcha as to how things are developing.

In the interim, tarrata has posted information in the apc.asia list
noting that they are dealing with very similar proposed legislation in
Japan.

For those of us in Europe, implemenation of the the EU Directive on
Mandatory Retention of Communications at national level is a reality
in several EU states.

Please add your name here, if you would like to support the jinbonet
statement, - we will probably develop a part of the APC site to
monitor data retention campaigns in general and will let you know
when the section is ready.

karen

========================================================
South Korea : Opposition to draft Legislation on "Communication Data
Retention"
International Civil Society Organizations Endorse Letter of Protest
to   South Korean Parliament

The South Korean Parliament is discussing a dangerous revision of
the   "Protection of Communications Secrets Act".
The revision would legally enforce telecommunications companies and
internet service providers (ISPs) to retain 'communications data' for
at least three months to one year and would require mobile phone
service providers to redesign their networks to permit wiretapping.
Currently, data retention is voluntary.

Communication data includes the following:

12 month retention
- date and time of user's telecommunication
- date and time of the start (or end) of the connection session
- telephone numbers of caller and receiver
- location information for telecommunications base station to confirm
the location of network access

3 month retention
- communications data for use of and access to the internet or
log-files of internet user
- information to trace or confirm the location of user's equipment
used to access a network or the internet

We are concerned that this revision will severely jeopardize the
Korean's people's   right to privacy and freedom of expression, and
therefore support their actions against this legislation, request
that the Parliament halt the revision process and conduct a public
hearing or consultation to solicit the opinions of the public,
including those of civil society and human rights organizations.

April 17th 2007

Endorsements
APC.au , Australia
Bangladesh Friendship and Education Society (BFES), Bangladesh
BytesForAll , India
BytesForAll , Pakistan
Foundation For Media Alternatives (FMA), Philippines
Japan Computer Access for Empowerment (JCAFE), Japan
JCA-NET, Japan
Institute For Popular Democracy (IPD), Philippines
Open Institute, Cambodia
VOICE, Bangladesh

Further background information
=======================
Of particular concern, is retention of internet logfiles which record
every detail of an individual's internet activities including

- the online transactions conducted
- websites visited
- time of access
- people they communicate with, and people they meet with
- files downloaded, edited, read and uploaded and so on.

This information will disclose people's friends and colleagues,
political and religious interests, hobbies, medical
information.  This information will be at risk of abuse from hackers,
while increasing the cost of using these services.

The IP address is a unique location identifier of the computer
location within a network and sometimes geographically. If the
communications data and IP addresses become available, it is very
easy to locate the physical location and the real identity of internet
users.

The revision requires legal retention of communications data and
installation of a system of wire-tapping mobile phone calls on the
grounds that these would be requested for the purposes of effective
crime investigations. In other words, if law enforcement authorities
request communications data, ISPs and telecommunications companies
should provide them immediately in order not to incur any penalties.

This data should be protected for the users' privacy and
correspondent rights which are guaranteed by Article 12 of the
Universal Declaration of Human Rights and constitutional law. The
government should uphold these basic rights, not infringe them.

Retaining user's communications data as a normal procedure is
contrary to the aim of the 'Protection of Communications Secrets
Act'. Data retention means that governments may interfere with your
private life and private communications regardless whether you are
suspected of a crime or not. If this revision is passed, severe
surveillance regime "BigBrother" on people's communication by the
government will start. It will infringe not just the human rights,
but destroy people's democracy. It also interferes with the right to
free expression as people who are lawfully accessing and
communicating are placed under indiscriminate surveillance.

Furthermore Data retention policy is useless without more draconian
measures.  First it is likely that the retention periods will expand,
as some countries have already moved to three, five and even ten-year
retention periods without any consideration of the risks to privacy
or costs to industry. Second, the purposes for which data is accessed
are always increased, removing judicial and constitutional safeguards
and permitting government officials to gain access to the personal
and sensitive information about our habits without any protection
against inevitable abuse. Third, it leads to governments passing laws
requiring the identification of all users of communication services.

For several years, law enforcement agencies in various countries have
tried to establish similar data retention policies, however every
attempt has been criticized by diverse entities including
international civil societies, human rights organizations, opposition
parties, legal experts, and industry. Petitions against data
retention act have been conducted continually for a long time. The
European Digital Rights and XS4ALL petition against data retention
has attracted over 58,000 signatures from citizens from across
Europe. Privacy officials in governments across Europe have come out
in opposition to data retention.  Most recently, the Dutch Data
Protection Authority published an opinion advising against the draft
Dutch data retention law purporting to implement the EU Directive on
Mandatory Retention of Communications Traffic Data. International
Civil society organizations participating in the World Summit on the
Information Society (WSIS) process also warned strongly about the
problems of data retention.