By Edward Malnick
Experts have lambasted new laws to collect information about prepaid cellphone users, citing their "severe" privacy implications.
One academic described existing rules that forced operators to retain personal call data for a minimum of three years as "excessive".
And as of last Wednesday the government will collect more data. Operators now have to obtain the full name, address and identity number of customers buying SIM cards for prepaid services. MTN, Vodacom and Cell C have been given 18 months to get this information from customers.
| 'It is, after all, ultimately tracking a SIM, not a person' |
However, only Cell C has been able to commit to this period, while the other two main operators could not confirm they would be able to meet the target.
The law on user registration arose in amendments to the 2002 Regulation of Interception of Communication-Related Information Act, to be known as Rica, which came into force this week.
Continues Below ↓
Gus Hosein, a senior fellow of human rights watchdog Privacy International and at the London School of Economics, described the retention of users' information as "an absolutely useless policy that introduces more problems than it solves".
Charles Goredema, the head of organised crime research at the Institute of Security Studies in Cape Town, said he failed to see "any link between (the legislation) and combating organised crime".
He said the new law "contravened the right to privacy" and that the idea was to widen the amount of information accessible to police with no specific end other than to hoard as much data as possible.
Hosein suggested that the new measures could increase crime. Criminals might be able to conduct business hiding behind the identity of the owner of the cellphone they had stolen.
Jerry Fishenden, Microsoft UK's lead chief technology adviser, also raised concerns about the extent to which the information would be available.
He was commenting on Vodacom's explanation to the Sunday Tribune of the way in which data would be handled. "All information is entered into a central data base, so all Rica agents will access this data base via their mobile devices or via PCs in Vodacom outlets, retail stores and the informal trade, and capture the required information on the central database."
Fishenden argued that this wide accessibility of the data could undermine a court case. "If this evidence is admissible in court, a good defendant could potentially reasonably argue that the data cannot be trusted if too many people have access and the controls are not adequate."
He also pointed out the confusion that would be caused if users swopped SIM cards en masse. "The system would then have no idea who it is actually tracking. It is, after all, ultimately tracking a SIM, not a person."
Cellphone operators under Rica must also keep records of all calls for a minimum of three years and a maximum of five, and the legal amendments impose hefty fines on operators who fail to retain this information. These details are, according to the legislation, "switching, dialling or signalling information that identifies the origin, destination, termination, duration and equipment". This does not cover recordings of calls or SMSes.
Hosein views the three to five-year period as excessive.
"All the studies have shown that a minimum period of three months tends to be sufficient, with nine months at the maximum, three years is excessive. In fact, any retention period is excessive. Canada, the US, Australia, New Zealand, and a host of other countries have no retention period at all.
"And they all face the same challenges, so why the difference?"
- This article was originally published on page 5 of Tribune on July 05, 2009
|
StumbleUpon
Reddit
Digg
Delicious
Newsvine
Facebook
muti
Twitter
