Peter Power (Limerick East, Fianna Fail)

I welcome the opportunity to contribute at the end of this debate and thank all Deputies who contributed to it. In his opening speech the Minister for Justice, Equality and Law Reform, Deputy Dermot Ahern, conveyed the importance of data information in the investigation of serious crime, including gangland and transnational crime, and in safeguarding our country against terrorist activity. As data retention is a tried and tested valuable tool in the investigation of crime and in safeguarding the security of the State, it has not received as much attention as some of the more recent high profile initiatives from my colleague, the Minister, Deputy Ahern, for fighting crime, in particular gangland crime. These include the Criminal Justice (Amendment) Act and the Criminal Justice (Surveillance) Act, which passed into law as recently as July. It is ironic that criticism of this legislation, indeed criticism generally of the need to retain and disclose data, even if only coming from a small number of sources, comes as we are ensuring that the practice has a firm statutory backing with real and credible safeguards which have been called for all around the House.

I would like to refer to the memorandum of understanding, mentioned in the debate, that is being negotiated between the Garda Síochána, the Permanent Defence Force, the Revenue Commissioners and the representative associations of the vast majority of telephony operators and Internet service providers in the State. There have been recent misleading references to the memorandum in the press and the media. It is neither secret nor sinister. It is a work in progress and will not be finalised until the Bill is enacted. As the legislation will come into operation on the day it is signed into law, it is very important that the providers are in a position to comply with their responsibilities under it and the only way that can be achieved is for advance discussions to take place with the law enforcement authorities that are entitled under the legislation to make disclosure requests.

The negotiations in Brussels on the directive took place at a time of very rapid developments in technology. This was recognised by the Commission and the member states. It was clear that the directive could soon become out of date and less useful as an investigatory tool for law enforcement agencies if it tried to over-interpret the data which it was intended should be retained and disclosed. For that reason, the Commission established two committees for the purpose of identifying problems in implementing the directive. One of the Committees consists of national experts from a number of member states, including Ireland. The types of problems the committees addressed were related to matters such as the obligation to retain data, who should retain it and the type of data that need not be retained, such as spam. These issues fed into the discussions on the memorandum of understanding. All sides involved in those discussions recognise that it is to the benefit of all of them, and ultimately to the benefit of law enforcement in this country, if the Garda, Revenue Commissioners and the Defence Forces know what the providers can reasonably retain, within the parameters established in the directive, and that the providers know what is required of them under the directive by the law enforcement authorities.

Far from being a sinister or arrogant development, the purpose of the memorandum is to simply ensure that the directive operates as intended and it is a very welcome initiative by all concerned in its negotiations. It does what would not be feasible in the Bill, that is, set out in more detail what is required to be retained under the directive. For example, there has been some comment on which provider should retain a particular piece of data. Recital 13 of the directive states that data should be retained in such a way as to avoid it being retained more than once. Accordingly, if more than one service provider is in possession of particular data, only one need retain it for the purposes of the directive. The detail on which provider retains duplicated data can only be agreed in discussions between the service providers and the law enforcement authorities.

The question of human rights and privacy rights always arises when legislation such as this Bill is proposed. I have already mentioned that the intrusion into persons' privacy is minimal. No content is retained or disclosed under the directive or the legislation, contrary to what might be taken from Deputy Ó Snodaigh's contribution when he referred to my fellow Limerick man, Deputy Collins. Deputy Collins was merely making the point that he, like any other person, is entitled to his privacy and should not have all his telephone data and records open for public scrutiny. That is a certainly a matter of privacy, but it is not unreasonable to expect it. This is what Deputy Collins referred to - I heard the interview to which Deputy Ó Snodaigh referred. Deputy Collins stated very clearly that if he was a suspect in a serious criminal investigation it is not unreasonable that his telephone records and the contacts he may have had with particular alleged criminals would be available to the Garda. There is a real distinction between having one's private records open to the public and one's specific telephone calls to alleged perpetrators of crime being available to the gardaí and the Bill reflects that distinction.

What is meant, for example, regarding the content of a telephone call or e-mail or websites visited is that what is retained could be compared to an envelope with a note inside. What is required to be retained is the address on the envelope with the note inside being destroyed. That is the correct analogy.

The directive itself addresses the human rights implications in recital 9. The directive states:

Public authorities may interfere with the exercise of that right only in accordance with the law and where necessary in a democratic society, inter alia, in the interests of national security or public safety, for the prevention of disorder or crime, or for the protection of the rights and freedoms of others. Because retention of data has proved to be such a necessary and effective investigative tool for law enforcement in several Member States, and in particular concerning serious matters such as organised crime and [transnational] terrorism, it is necessary to ensure retained data are made available to law enforcement authorities for a certain period, subject to the conditions provided for in the Directive [and which are obviously now enshrined in this legislation]. The adoption of an instrument on data retention that complies with the requirements of Article 8 of the ECHR is therefore a necessary measure.

It can be deduced, therefore, that the directive has been fully examined and cleared from a human rights perspective.

I would like to respond to some of the points that were made during this debate. Deputy Ó Snodaigh suggested that the accidental dialling of wrong numbers could lead to a criminal investigation. If a person is found to have made ten telephone calls to the same person, accidentally or otherwise, that could not form the basis of a criminal investigation. However, it could be used as corroborative evidence of a pattern that might lead to the building of a case. The Deputy's suggestion that such a pattern could form the basis of a criminal investigation calls into question his support for the concept underpinning the legislation. The retention of data of this nature is a real and effective investigative tool, as it can provide the sort of alibis and exculpatory evidence that can lead to people being cleared. It is ironic that the Deputy mentioned the case of the Birmingham Six because if this legislation had been in force and in effect when that case was first considered, and if the technology necessary for it had been available, it is distinctly possible that the Birmingham Six would not have been convicted.

Deputies Charles Flanagan and Sherlock questioned the need to retain data for two years, given that most other countries have provided for periods of six or 12 months. It is clear that the directive allows data to be retained for between six months and two years. The Minister has been advised by this country's law enforcement authorities that the minimum period required for the retention of telephony data is two years. Similarly, he has been advised that the minimum period in the case of Internet data should be 12 months. As the Minister explained in his opening speech, the provision of a two-year period for telephony data represents a reduction of one year on the law that pertains in this country at present. The majority of data is requested within six months of it first being generated. However, the quality and potential of older data makes its retention for a longer period essential. When a gangland criminal is charged with an offence, it may be necessary to request telephony data that is up to two years old as it might help to identify other members of the gang. Similarly, if a person is arrested in this State on suspicion of being a member of an international terrorist organisation, telephony data from the previous two years may help to identify whether the organisation in question has been preparing a major terrorist outrage.

I remind Deputy Charles Flanagan that it is not very long ago since an innocent member of the public was gunned down in my home city of Limerick, a number of years after a member of his family had given evidence in a criminal case. We have introduced legislation to try to deal with such cases. I can easily foresee circumstances in which data retained for longer than 12 months might prove to be relevant when a prosecution is brought. While such examples make the case for a longer period to be provided for in this legislation, I accept that an appropriate balance needs to be struck. As Deputy Sherlock correctly pointed out, we need to retain a sense of reality in this regard. Law-abiding members of the community who are not expected to be the subject of requests by gardaí under these provisions have nothing to fear from the legislation. Instead, their rights and freedoms will be protected by effective legislation that helps to track down those criminals who are prepared to threaten the freedoms and rights of ordinary citizens. The proposed two-year retention period for telephony data would be one of the longest retention periods in the EU. Most member states have legislated for a retention period of 12 months, with two or three opting for a mere six months. It is understandable that member states which are legislating for data retention for the first time would wish to steer a middle course. The 12-month retention period for Internet data seems to be consistent with the mainstream approach taken by other member states when implementing this aspect of the directive. Issues such as the retention periods are likely to be addressed in the Commission's review of the operation of the directive, which will take place towards the end of 2010.

When Deputy Ó Snodaigh spoke about the security of retained data, he questioned whether Members of this House might be under surveillance. I hope I understood his point correctly. It would be odd if Members of this House had some form of immunity from prosecution or investigation by this country's authorities. The Italian constitutional court ruled yesterday that the idea that those in public life - members of the government, parliamentarians and legislators - might be treated differently is offensive to that country's constitutional position. I suggest that the same applies in Ireland. Deputy Ó Snodaigh's suggestion, if I understood it correctly, was an odd one. The Deputy also raised concerns about the security of retained data. I assure him that the Minister and I, like all Deputies, are concerned about recent high-profile lapses in security, many of which have been due to computers being mislaid. The directive obliges the providers of such services to attach the same security measures to retained data that they would attach to all other data. In light of recent stories about data being lost, service providers and public bodies have been reviewing and tightening their security measures, particularly those relating to encryption. In his opening speech, the Minister mentioned that he established a data protection review group about a year ago on foot of lapses in data security. The review group called for submissions from the public and various interested parties. Given his interest in the matter, I assume Deputy Ó Snodaigh made a submission to that forum. The Minister called for submissions on the website and by invitation to parties that had previously expressed an interest in this issue. The group is putting together a consultative document that will describe the various issues from legal, technical and regulatory perspectives. The options identified by the group will be outlined in the document, which is almost ready for publication. A final call for contributions will be made when that document has been published, before work commences on the review group's final report. The Deputy will have an opportunity to make comments at that stage.

I have dealt with most of the issues that were raised while I was in the Chamber. The important legislation before the House has to be examined in the overall context of recent surveillance Bills and other Bills that have been introduced to tackle gangland crime. It responds to the fact that we are living in an era of highly organised crime. It has been mentioned that we have all been familiar with organised crime over many years, but it should be stressed that the modern version of such crime is organised on a much more technically sophisticated level.

It behoves us as legislators to respond to these new technologies by introducing effective tools to deal with them while at the same time protecting the rights and freedoms enshrined in the Constitution.

See this speech in context