you're reading...
Institutional and Legal Affairs, PUBLICATIONS

A new chapter in the data retention controversy

In December 2013, Advocate-General Pedro Cruz Villalón delivered his opinion in a highly publicised case before the Court of Justice of the EU (CJEU) concerning the Data Retention Directive. This has reignited the debate over this controversial measure, described by the European Data Protection Supervisor as “the most privacy-invasive instrument ever adopted by the EU”.

The adoption and implementation of the Directive

The Data Retention Directive (Directive 2006/24/EC) was adopted in March 2006. It requires internet service providers and telephone companies to retain traffic and location data for a period of between six months and two years, for the purpose of investigating, detecting and prosecuting serious crime. This obligation does not extend to the content of communications, but relates to data indicating the source, destination, date, time, duration and type of communication, as well as the communication equipment used and the location of mobile communications equipment.

A new chapter in the data retention controversy

© F.Schmidt / Fotolia

The Member States (MS) were supposed to transpose the Directive by September 2007, but could postpone its application to the retention of data relating to internet access, e-mail and telephony until March 2009. The implementing laws differ considerably across the EU (e.g. as regards the seriousness of crime that can trigger a data request), as does the extent to which retained data are requested by competent authorities. The Constitutional Courts of Romania, Germany and the Czech Republic annulled the relevant national legislation (respectively in 2009, 2010 and 2011) on various grounds related mainly to privacy and the protection of personal data concerns. New transposition measures have yet to be adopted by the three MS. In 2012, the Commission referredGermany to the CJEU for failure to transpose the Directive.

Points of contention

The Directive sparked a heated debate, as illustrated by a 2010 joint letter sent by 106 civil society and professional organisations to the three European Commissioners in charge of digital-rights-related portfolios. The recent CPDP2014 conference in Brussels, showed that the very idea of blanket data retention still has strong opposition among civil society groups and academics. The instrument is widely seen as disproportionate, unnecessary and unbalanced, given the extent to which it impedes on fundamental rights, while arguably of limited use for law enforcement (e.g. due to criminals easily circumventing its provisions, using anonymous SIM cards). Many commentators favour so-called data preservation (‘quick freeze’) provided for by the Council of Europe Convention on Cybercrime. This more limited investigative tool requires data concerning specific criminal suspects to be retained only from the date of the court order.

However, the Commission which evaluated the Directive in 2011 concluded that data retention should continue, though within a revised EU framework. It pointed to evidence presented by some MS supporting the claim that the tool is valuable, if not indispensable, for preventing and combating crime.

Advocate-General’s opinion

In joint cases C-293/12 and C-594/12 the CJEU is considering references for preliminary rulings from Irish and Austrian courts concerning the Directive’s validity. In his recent opinion, Cruz Villalón took the view that the Directive is incompatible with Articles 52(1) and 7 of the EU Charter of Fundamental Rights. This is because it interferes seriously with the right to privacy, without offering appropriate guarantees on the regulation of access to retained data and its use. Moreover, he found that setting the upper limit of data retention at two years (which in his view should be less than one year) is excessive. Nonetheless, he proposes the Court should allow data retention to continue until new EU instruments can be adopted. His opinion is not binding on the CJEU whose judgment is awaited.

About EPRSauthor

European Parliamentary Research Service of the European Parliament. The EPRS offers the best available research and analytical support to Members of the European Parliament, their staff, parliamentary committees and, of course, to you!

Discussion

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Download the EPRS App

EPRS App on Google Play
EPRS App on App Store
What Europe Does For You
EU Legislation in Progress
Topical Digests
EPRS Podcasts

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 3,409 other followers

Disclaimer and Copyright statement

The content of all documents (and articles) contained in this blog is the sole responsibility of the author and any opinions expressed therein do not necessarily represent the official position of the European Parliament. It is addressed to the Members and staff of the EP for their parliamentary work. Reproduction and translation for non-commercial purposes are authorised, provided the source is acknowledged and the European Parliament is given prior notice and sent a copy.

For a comprehensive description of our cookie and data protection policies, please visit Terms and Conditions page.

Copyright © European Union, 2014-2019. All rights reserved.

%d bloggers like this: