The European Court of Justice is to hand down a judgment on 8 April 2014 on the retention of data. The court is currently assessing whether the EU’s data retention directive is compatible with the Charter of Fundamental Rights and in particular with the protection of family life and communications, personal data, freedom of thought and the right to “good administration”.
What is data retention?
The retention of data refers to the storage of personal data, more specifically telecommunication connection data, without a specific reason. This means that data is stored as a precaution. The purpose of such data retention is to make it easier for public authorities to pursue criminal activity.
The European Union’s data retention directive
The European Union’s data retention directive came into force on 3 May 2006. It provides that certain data, produced through the use of communication services, must be stored without a reason by service providers for at least 6 months. After 2 years at the latest, any stored data must be deleted. Data to be saved includes traffic and location data.
Under EU law, directives must be transposed by the member states into national law.
In March 2010 Germany’s constitutional court ruled that the law implementing the directive in Germany was unconstitutional.
The law had been in effect since 2008 and provided that telecommunications providers with more than 10,000 customers were required to save their connection data for 6 months. Such connection data includes communications by telephone, text message or e-mail.
The court ruled that the law violated article 10(1) of the German constitution, which guarantees the privacy of correspondence. Following the judgment, telecommunications providers had to delete all data collected up to that point.
Advocate General’s opinion
In relation to the EU’s data retention directive, complaints have been brought by privacy advocates in Ireland and Austria. They argue that the provisions allowing for data retention infringe citizens’ right to privacy. And they have also expressed concern about the potential for abuse.
In an opinion handed down following the applications for a preliminary ruling (case ref. C 293/12; C-594/12), the ECJ’s Advocate General considered that the directive to be incompatible with fundamental rights.
He declared the directive to be disproportional and said it does not show sufficient respect for the private life of individuals. The directive is also ill-defined and it lacks provisions on deletion and disclosure obligations, the Advocate General stated.
The opinion continues to say that the member states cannot be left to fill in the gaps left by the directive. As the subject matter concerns a violation of fundamental rights and because the EU has legislative competence in relation to such violations, it is the EU that must lay down minimum standards for the protection of fundamental rights.
The ECJ usually follows the opinion of the Advocate General.
Data retention legislation
The coalition agreement between the Christian Democrats (CDU), Christian Social Union (CSU) and the Social Democrats (SPD) and CSU), envisages the introduction of amendments to the legislation on data retention, however, the government chose to await the ECJ’s judgment before adopting relevant legislation.