Dutch Court Sets Aside National Data Retention Law
from the provisionally-enforceable dept
Back in January, we wrote about a legal challenge to the Netherlands' data retention law by a group of civil rights organizations. This was because the Dutch government had decided to ignore the important ruling by Europe's highest court, the Court of Justice of the EU (CJEU), that blanket data retention was "invalid." Now, a court in The Hague has ruled the government was wrong to do so:
Dutch providers are no longer required to retain internet and phone traffic data. The telecommunications data retention law, that was fought in court by various privacy groups and small ISPs, is invalid.
As that report from Nu.nl, translated by Matthijs R. Koot on his blog, makes clear, the court's judgment affects all kinds of telecoms -- both Internet and phone traffic data -- and all communication providers. This is the judge's reasoning:
That was ruled (.pdf, in Dutch) by the court of The Hague on Wednesday. The data retention law violated the Charter of Fundamental Rights of the European Union, specifically regarding the right to protection of private life and protection of personal data.The judge finds that the collected data are too easily accessible for crimes that are not serious. The plaintiffs stated that, technically, theft of a bicycle could lead to access to data, although the government stated this does not happen.
The judge's ruling is only "provisonally enforeable", and the Dutch government may appeal against it. But even if it does, it has a larger problem with its policy in this area. Although it claims a new data retention bill will be compatible with the CJEU ruling, the Netherlands' Data Protection Authority has already said that it is still too intrusive for a number of reasons. Clearly, the European debate over what is a reasonable and proportionate level of data retention -- if any -- has a long way to go yet, both in the Netherlands and elsewhere.
"Fact of the matter is that the possibility exists and that no safeguards exist to limit access to the data to what is strictly necessary to fight (only) serious crime", according to the judge.
The court also finds it to be incorrect that no prior court approval is needed to access the data.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: data retention, eu, netherlands
Reader Comments
Subscribe: RSS
View by: Time | Thread
https://www.security.nl/posting/421576/Justitie+overweegt+hoger+beroep+tegen+uitspraak+bewaa rplicht
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]