[Air-L] Details on data retention in Turkey?

Seda Gurses seda at nyu.edu
Thu Sep 11 13:18:45 PDT 2014


Yes, the situation in Turkey is depressing, and may help envision what other governments may do one day.
The Swedish DPI companies are netclean and procera. Apparently they received app. 40 million euros for the purchase of their DPI software. 
The new law that centralizes data retention may explain the price tag. Given recent revelations about NSA cooperation with Turkish government [1], there are now rumors that in developing the centralized repository the Turkish government may get some help from the US intelligence agencies, too. I haven’t seen anything concrete about this, though.

What is nice is to support local initiatives, especially support from Swedish colleagues would be much appreciated. 
For example, a local initiative called “Alet Etme” (don’t use us) organized by digital rights and children’s organizations are demanding that children’s rights are not used as a fig leaf for censorship [2]. 

Finally, many of us are very happy with the dismantling of the EU data retention law by the courts. Yet, it is not like the Turkish government is logical about these things. What is worse is that as long as the UK performs the way it does with respect to censorship and surveillance, crazy governments like the Turkish one will use their failings to justify their own. See news about the DRIP Act introduced on the 18. of July of this year [3]:

"The DRIP Act replaces previous UK regulations on data retention that had implemented an EU law which earlier this year was ruled to be invalid by the EU's highest court. The Court of Justice of the EU (CJEU) ruled that the EU Data Retention Directive disproportionately infringed on privacy rights enjoyed by EU citizens.
"If we had not acted immediately, investigations could have suddenly gone dark overnight," May said. "Criminals and terrorists would have been able to go about their work unimpeded, and innocent lives would have been lost. The Data Retention and Investigatory Powers Act will ensure the job of those who protect us does not get even more difficult and that they can maintain the use of vital powers to solve crime, save lives and protect the public from harm.”"

Don’t want to finish on a depressing note. So, let’s say regardless of the borders that we live in, it would be timely to be very aware of these developments and to react against them, both with our work but also otherwise.
Cheers,
seda



[1] http://www.spiegel.de/international/documents-show-nsa-and-gchq-spied-on-partner-turkey-a-989011.html
[2] https://www.aletetme.org/en/#aciklama
[3] http://www.out-law.com/en/articles/2014/july/new-uk-data-retention-laws-come-into-force/

On Sep 11, 2014, at 2:15 PM, Oliver Leistert <leistert at mail.uni-paderborn.de> wrote:

> Hi Seda,
> 
> 
>> 
>> 1) the Presidency of Telecommunications and Communications (I am not
>> joking about the repetition! See here [1]) is now responsible for
>> data retention, meaning all “traffic data” will be provided to them
>> directly. From the vague description in the newspapers it sounds like
>> they want real time transfer of the data to TIB. 2) The traffic data,
>> also known in the Anglophone world as metadata will consist of url
>> visited and duration of stay. 3) The law that was introduced in
>> February and that extended the Turkish Internet Law 5651 required
>> data retention between 6 months and 2 years, I do not see any
>> limitations brought to how long TIB will retain the data in the new
>> law. However, I did not study the original document, I am translating
>> from newspaper articles. I can get back to you about this next week.
> 
> 6 months to 2 years is the same as in the EU Directive. One huge
> difference though is the place of retention. To have it all centralized
> at one place (TIB). What a honey pot!
> 
>> 
>> The same extension to 5651 in February also introduced a committee of
>> ISPs that would respond to data retention and censorship needs. From
>> a competition law perspective this requirement was a disaster, also
>> because of the cost of installing expensive DPI (which is currently
>> being purchased from Sweden).
>> 
> 
> Ah! What companies are delivering?
> 
>> I did not hear of any resistance on the side of the ISPs since the
>> new law in February. Large corporations are very aware in Turkey that
>> if they resist the government very soon after they will be audited to
>> death. See what happened to Dogan Holding, the local media mogul, a
>> couple of years ago. So, resistance is futile, it just means you are
>> ready to give up your market place. But, let us be surprised.
> 
> Sure. The costs will be given to the people, I guess.
> 
>> 
>> If you don’t mind robot translations, you may want to follow Fusun
>> Nebil’s writings at turk-internet. It is a mainstream outlet but she
>> knows her stuff. Here is her commentary for today: 
>> http://www.turk-internet.com/portal/yazigoster.php?yaziid=47863 In
>> her final paragraph she is hoping that the constitutional court will
>> stop the new additions to the law.
>> 
> 
> Thank you for your response (and all the other, too!). In that article,
> according to google translate, she states that data retention is being
> done in the EU. But this is at least misleading if not wrong since the
> courts said that data retention is unlawful. It was stated on different
> national levels, but finally on the EU level, too. Sure, some data is
> being collected, but not officially according to the Directive.
> 
> So, one argument against DR in Turkey might be that the highest European
> Court has ruled it invalid:
> 
> "It entails a wide-ranging and particularly serious interference with
> the fundamental rights to respect for private life and to the protection
> of personal data, without that interference being limited to what is
> strictly necessary"
> 
> http://curia.europa.eu/jcms/upload/docs/application/pdf/2014-04/cp140054en.pdf
> 
> 
> 
> Best,
> Oliver
> 
> 
>> cheers, s.
>> 
>> 
>> 
>> 
>> 
>> [1] http://www.tib.gov.tr/en/ On Sep 10, 2014, at 10:49 AM, Ogan,
>> Christine L. <ogan at indiana.edu> wrote:
>> 
>>> Dear Oliver:  Those are all excellent questions and I hope someone
>>> on the list can answer those definitively.  I do not have access to
>>> that information and could only provide my opinion. Chris 
>>> ________________________________________ From: Oliver Leistert
>>> [leistert at mail.uni-paderborn.de] Sent: Wednesday, September 10,
>>> 2014 10:42 AM To: Ogan, Christine L.; air-l at listserv.aoir.org 
>>> Subject: Re: [Air-L] Details on data retention in Turkey?
>>> 
>>> Thank you, Ogan. But still: for a proper data retention scheme,
>>> like the one the EU was after with its Directive 2006/24/EC, a lot
>>> of changes would have to be done on the hardwareside, too. The
>>> European Internet Provder's protested against the Directive amongst
>>> other things because of rising costs for them to provide such
>>> storage capacities. Can we expect this from Turkish providers now,
>>> too?
>>> 
>>> Or will all the data be stored at some state organisation?
>>> 
>>> And then: what are the storage durations? You can just not store 
>>> everything without limit in duration.
>>> 
>>> And finally: what is it precisely that is being stored? Mobile
>>> phone meta-data, classic internet traffic, etc.? A law itself does
>>> not implement these capacities.
>>> 
>>> Finally, who has access to this data under which conditions?
>>> Although the answer to this question by studying the bill and its
>>> implementation documents does not tell much about the practice to
>>> expect.
>>> 
>>> -Oliver
>>> 
>>> 
>>> 
>>> On 09/10/2014 04:07 PM, Ogan, Christine L. wrote:
>>>> I think you could safely say that everyone is watched for any
>>>> reason on all their devices regardless of the reasonable decision
>>>> to obtain court orders for shutting down web sites.
>>>> 
>>>> See this website for a list of the documented 50,918 sites that
>>>> have been shut already (but by the time you check it out, that
>>>> number may have increased). http://engelliweb.com I hope that
>>>> helps,
>>>> 
>>>> But don't take my word.  Here is a quote from Turkish Internet
>>>> Rights activists Yaman Akdeniz and Kerem Altiparmak. "“Between
>>>> May 2007 and July 2014 Turkey blocked access to approximately
>>>> 48,000 websites,” based on a recently updated law. Akdeniz and
>>>> Altiparmak added that “Although the law is ostensibly aimed to
>>>> protect children from harmful content, from the very beginning it
>>>> has been used to prevent adults’ access to information.” It came
>>>> from a Forbes web site.  And here is a website they manage:
>>>> http://privacy.cyber-rights.org.tr   Also a link to more
>>>> information by someone who was covering the Internet Governance
>>>> Forum in Istanbul that was held this month:
>>>> http://www.dw.de/turkey-faces-criticism-as-host-of-the-internet-governance-forum/a-17899512
>>>> 
>>>> 
>>>> 
> Best regards,
>>>> 
>>>> Christine Ogan Prof. Emerita School of Informatics and Computing 
>>>> School of Journalism Indiana University
>>>> 
>>>> 
>>>> 
>>>> ________________________________________ From: Air-L
>>>> [air-l-bounces at listserv.aoir.org] on behalf of Oliver Leistert
>>>> [leistert at mail.uni-paderborn.de] Sent: Wednesday, September 10,
>>>> 2014 6:44 AM To: air-l at listserv.aoir.org Subject: [Air-L] Details
>>>> on data retention in Turkey?
>>>> 
>>>> Hi,
>>>> 
>>>> so Turkey passed a bill to shut down websites without court
>>>> orders. This is what makes the headlines:
>>>> 
>>>> http://online.wsj.com/articles/turkey-tightens-grip-over-the-internet-1410279325
>>>> 
>>>> 
>>>> 
> But the news also state that data of users will be retained. Has anyone
>>>> on this list futher details about this Turkish data retention
>>>> scheme?
>>>> 
>>>> Thank you, Oliver 
>>>> _______________________________________________ The
>>>> Air-L at listserv.aoir.org mailing list is provided by the
>>>> Association of Internet Researchers http://aoir.org Subscribe,
>>>> change options or unsubscribe at:
>>>> http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
>>>> 
>>>> Join the Association of Internet Researchers: 
>>>> http://www.aoir.org/
>>>> 
>>> 
>>> 
>>> -- Dr. Oliver Leistert Graduiertenkolleg "Automatismen" University
>>> of Paderborn Warburger Str. 100 D-33098 Paderborn Tel:+49-5251 / 60
>>> - 3230 www.upb.de/gk-automatismen http://nomedia.noblogs.org 
>>> _______________________________________________ The
>>> Air-L at listserv.aoir.org mailing list is provided by the Association
>>> of Internet Researchers http://aoir.org Subscribe, change options
>>> or unsubscribe at:
>>> http://listserv.aoir.org/listinfo.cgi/air-l-aoir.org
>>> 
>>> Join the Association of Internet Researchers: http://www.aoir.org/
>> 
>> 
> 
> 
> -- 
> Dr. Oliver Leistert
> Graduiertenkolleg "Automatismen"
> University of Paderborn
> Warburger Str. 100
> D-33098 Paderborn
> Tel:+49-5251 / 60 - 3230
> www.upb.de/gk-automatismen
> http://nomedia.noblogs.org




More information about the Air-L mailing list