There has been some coverage recently of the case of Mr Spitz. Malte Spitz is a German green party politician and privacy advocate. He went to court to obtain details of the location information stored by his mobile phone provider and discovered that over a six month period that they had stored over 35,000 items of geographic information. He was concerned enough to ask a newspaper to help him map the data – you can see the results here.
For those familiar with the amount and type of information stored by mobile networks it is not perhaps surprising, but it graphically demonstrates the amount of information stored.
What has not been picked up widely in the reports is that the requirement to store this type of information exists across Europe as a result of the implementation of the Data Retention Directive, which was in the wake of 9/11 to address national security concerns. Whilst the Directive gives Members States some latitude on its implementation, article 5 (f) requires the retention of:
‘…data necessary to identify the location of mobile communication equipment:
(1) the location label (Cell ID) at the start of the communication; and
(2) data identifying the geographic location of cells by reference to their location labels (Cell ID) during the period for which communications data are retained.’
Details of how this requirement has been implemented in the UK can be found here.