EU Lawyers Confirm 'General And Blanket Data Retention Is No Longer Possible' In European Union

from the take-that,-David-Cameron dept

As we commented back in June, one of the key questions posed by the important ruling of Europe's highest court that the EU's current data retention requirements were "invalid" is: so what will the EU's Member States do now? Will they simply repeal their national legislation that was passed to implement the EU Directive, or will they claim that broad-based data retention is nonetheless still possible, as the UK has done? Although the UK government will doubtless try, it's going to be much harder to argue that the European Union's Court of Justice ruling leaves any room for the kind of broad-based data retention that David Cameron's government wants in the wake of the following news:

civil liberties campaigners AK Vorrat have now obtained internal documents showing that at a recent closed meeting of EU Justice and Home Affairs ministers the Council's Legal Services stated that paragraph 59 of the European Court of Justice's ruling on the Data Retention Directive "suggests that general and blanket data retention is no longer possible".
Here's what paragraph 59 of the ruling says:
Moreover, whilst seeking to contribute to the fight against serious crime, [the Data Retention] Directive 2006/24 does not require any relationship between the data whose retention is provided for and a threat to public security and, in particular, it is not restricted to a retention in relation (i) to data pertaining to a particular time period and/or a particular geographical zone and/or to a circle of particular persons likely to be involved, in one way or another, in a serious crime, or (ii) to persons who could, for other reasons, contribute, by the retention of their data, to the prevention, detection or prosecution of serious offences.
That admission is likely to strengthen legal challenges to the UK's new DRIP law. It also undercuts claims by the Australian Attorney General George Brandis that data retention is "very much the way in which Western nations are going". Since EU lawyers have said that any kind of excessive data retention is illegal in European Union nations, Brandis will find it harder to paint his own extreme retention plans as nothing to get worked up about and simply part of a wider trend. Whether or not they were before, now, they're certainly not.

Follow me @glynmoody on Twitter or identi.ca, and on Google+

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: blanket data retention, data retention, eu, privacy, uk


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    ethorad (profile), 12 Aug 2014 @ 12:44am

    ELI5?

    I'm not a lawyer so I don't really understand that para 59 quote above. I had a look at the link but the longer document is just as confusing.

    To me, para 59 says that the data retention directive doesn't require a link between the data and threat to public security, and then gives a couple of examples in particular.

    Why does that suggest blanket collection is prohibited? Saying a link isn't required doesn't seem to close off anything. Saying a link must or must not be present would start to close off options, but just saying a link could be there but doesn't need to be isn't helpful?

    Can someone explain like I'm 5?

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 12 Aug 2014 @ 2:02am

    Re: ELI5?

    My understanding is that is saying that the DRD required drag-net surveillance of everyone everywhere, rather than a targeted search of selected individuals, and that generalised surveillance is not justified for criminal investigation purposes.

    link to this | view in thread ]

  3. icon
    orbitalinsertion (profile), 12 Aug 2014 @ 2:03am

    what will the EU's Member States do now?


    The data retentive will proceed to have a cow.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 12 Aug 2014 @ 3:03am

    the problem the UK has is that it wants to be a member of two clubs. it wants to stay in the EU, while spying on every other member nation and their governments and peoples, earning as much distrust as it deserves. then it wants to be in the other club with the USA. both Cameron and May are so far up the USA's arse, it's almost impossible to see them at all! the problem is that the USA wants the UK to stay in the EU too so it can gather intel and pass to the USA but the USA wants it to be part of it's club as well, gathering as much momentum to have the spying extended so that everyone, everywhere is under that umbrella. problem is, the EU is on the side of the people over data retention and you can bet your arse that both of these fuckers will fight tooth and nail to keep the DRIP law in place or will go the NSA route and do it subversively. either way, it's gonna be a real pain if there is an 'Ed Snowden' in the UK because if there is another 'leak' it's gonna do a whole lot of damage to both the Conservatives and the Lib Dems!

    link to this | view in thread ]

  5. icon
    DaveHowe (profile), 12 Aug 2014 @ 3:21am

    GCHQ has always been "NSA Lite"

    And more so; much of the law that the NSA is struggling to get passed is already in force here, and many laws that have passed are simply to work around the EU demands that the UK *stop* doing such things unless they have a law that explicitly permits it...

    The UK is often more of a test lab for US policies than a country in its own right.

    link to this | view in thread ]

  6. identicon
    Anonymous Coward, 12 Aug 2014 @ 4:37am

    Re:

    Mr. Cameron is trying to bribe the voters with a vote on EU membership after next election. Seems they have chosen their side already.

    link to this | view in thread ]

  7. identicon
    Anonymous Coward, 12 Aug 2014 @ 4:52am

    There's nothing in this world more concrete and certain in this world than when a lawyer "suggests" something.

    link to this | view in thread ]

  8. identicon
    Anonymous Coward, 12 Aug 2014 @ 5:21am

    It just means that the UK-GCHQ will not be doing the collecting , It doesn't stop them from collaborating with the NSA who will now be doing the task for them, The same will applied to the US if our Constitutional Rights are ever re-applied.

    link to this | view in thread ]

  9. icon
    ethorad (profile), 12 Aug 2014 @ 8:50am

    Re: Re: ELI5?

    Ah ok, think I have it.

    The Data Retention Directive 2006/24 (DRD) said that member states have to store everyone's data

    However Article 7 of the Charter of Fundamental Rights of the EU says that "Everyone has the right to respect for his or her private and family life, home and communications".

    In June the DRD was found to be invalid due to the conflict with Article 7, so member states are busy constructing ways to still do mass surveillance without breaching Article 7.

    These latest documents however suggest that (one of) the key points why the DRD breached Article 7 was it didn't require a link between the person being surveilled and a threat to security, or a particular place/time.

    Therefore in order to avoid breaching Article 7, any new data retention measures have to be targeted in some way.

    Therefore, no blanket surveillance of everyone.

    Yes?

    I'm sure our "security" services are busy working out loopholes. GCHQ could define "the world" as a specified geographic area but that would let those terrorists on the ISS go uncaught - and they sound like they are linked to the ISIS guys in Iraq. Instead GCHQ could take a leaf from copyright and define a limited time to be forever less a day.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 12 Aug 2014 @ 3:10pm

    Re: Re: Re: ELI5?

    Yes, that sounds right. I think the court is only likely to allow the specific geographic area to be within the jurisdiction of the authority concerned, at least for EU member-areas (so GCHQ could still spy on the USA for the NSA).

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.