The problem of implementing the EU Data Retention Directive

I Norway there is now a lot of debate about the EU Directive for Data Retention. The question is if Norway should implement this or not. The Government in Norway is split on this question, even thou both The Data Inspectorate and Art.29 Data Protection Working Party has warned against it.

Why shouldn’t we implement the Data Retention Directive if it can help us solve and fight crime?

Because we can’t implement it in a secure manner!

When we start storing these types of data it must be stored with the following three principles in mind:

• Only authorized personnel has access
• The information only is used for authorized purposes
• The person is informed when information about him/here is used.

This will never be implemented because it costs a lot of money and the companies holding that data hasn’t got enough interest in doing it. (And the government will surely not pay for it.)

The Data needed to implement the Directive will be stored by hundreds of different tele-companies. These companies are storing data today, but only for the purpose of billing. The laws of today are actually quite strict on this, telling the tele-companies to store as little personnel information as possible. This means that these companies don’t have a lot of smart authorization rules built into their systems today. They don’t have the need.


If the EU Directive for Data Retention is implemented, the different tele-companies will be required to store personnel information along side with the everything else. The goverment will not support them with money in this process but just require them to comply.

The result:

• Hundreds of different insecure systems collecting personell information about you.

See the articles about this topic at: The Data Inspectorate.

From private to public without questions.

You trust your bank. They protect your personally information (and your money of course), and you pay them to do so.  Every time you would like to see your financially data your notice how they protect it with their strong two-way authentication. It’s sometimes a pain, but you like it, because you don’t want strangers to access your banking data.

But what happens when it comes to the 31. Of December? Then the banks in Norway send your balance information to the state. In Norway you don’t have to do anything with your tax return, everything can go automatically between the state, your employer and the bank. This is a great and easy service, and people are using it.

In Norway we live in a transparent society where the principle of a open public sector is one of the major corner stones. All agencies in the public sector are instructed to make as much information publicly available as possible. This is a very important principle that makes in much easier to hold the different agencies accountable for its actions.

Ok, back to your financial information, what happens to it? The tax agency publishes this information without asking you and without any restrictions of the use of this information. They give out your name, age, postal adress, yearly income and yearly tax.
The news papers makes this into freely available databases that is advertised on their front page.

My little project is a integration of gooogle maps, the news paper tax information database and twitter. This will give me a searchable map with all houses with a known fortune of more than ten million and that has published on twitter that they are on holiday.

I love just love free information publish without restrictions.


I urge The Norwegian Tax Administration to protect my data better. I would like to be asked before they publish my information. They could publish the information behind the public sector authentication solution.

Sharing gives value

Sharing experience and information with other companies will benefit you is my experience.

Companies sharing knowledge and experience with others earn a lot both internally in the company and externally in the community.

Internal earnings:

• Knowledge sharing between teams and departments.
• More faithful employees

External earnings:

• Company reputation
• More possibilities when it comes to customers and partners
• Bigger marked for new employees

Through knowledge sharing you will get a more well known company that is has employees that is prouder, better welded and with more knowledge.

Wouldn't everybody want a company like that?


So is there possibly a downside off sharing?