A couple of developments recently on the Communications data retention front – one EU institution is unhappy that the case has not yet been comprehensively made for a EU-wide retention standard, while another EU institution is planning to take legal measures against the Member States that have not yet implemented it. The 2006 Data Retention Directive requires telecoms operators to store traffic and location data of the communications of all EU citizens for possible law enforcement purposes.
It’s a familiar argument – one where individual EU Member States question the wisdom of a measure that has been passed by the mighty EU itself. Interestingly, in this case, Sweden is on the naughty step for not having implemented it, which is ironic as it was one of the four Member States (along with the UK, Ireland and France) who actually proposed the initiative back in April 2004. And, the national constitutional courts of the Czech Republic, Germany and Romania have not yet ruled that the Directive is in accordance with their respective constitutions.
So, in the Not sure corner, step forward the European Data Protection Supervisor, Peter Hustinx, who has recently drawn attention to the Commission’s evaluation report, published on 18 April. As far as he is concerned, despite the obvious attractions of the measure, in that it is a useful instrument in the fight against terrorism and serious crime, some serious privacy and fundamental rights issues have yet.
On various occasions, Peter Hustinx has said that the availability of traffic and location data can play an important role in criminal investigations. However, he has also repeatedly expressed serious doubts about the necessity for retaining data on such a large scale in light of the rights to privacy and data protection.
After careful analysis of the evaluation report, Peter takes the view that the directive does not meet the requirements imposed by the fundamental rights to privacy and data protection, mainly for the following reasons: - the necessity for data retention as provided in the directive has not been sufficiently demonstrated; - data retention could have been regulated in a less privacy-intrusive way; - the Directive leaves too much scope for member states to decide on the purposes for which the data might be used, and also for establishing who can access the data and under which conditions.
Peter says: Although the Commission has clearly put much effort into collecting information from the Member States, the quantitative and qualitative information provided by the Member States is not sufficient to draw a positive conclusion on the need for data retention as it has been developed in the Directive. Further investigation of necessity and proportionality is therefore required, and in particular the examination of alternative, less privacy-intrusive means.
So, it is not clear whether this report will have much of an impact on those who are working on various options that will amend the Directive. Although Peter has called for the Commission to seriously consider all options, including the possibility of repealing it, whether or not combined with a proposal for an alternative, more targeted EU measure, I really wonder whether many will heed his views. He has exercised his right to speak. But, of course, the European Commission is not obliged to act in accordance with his views.
And, in the Get on and implement it corner is Cecilia Malmström, European Commissioner for Home Affairs. Several weeks ago she announced that Austria, Sweden, the Czech Republic, Romania and Germany would face legal action if they did not implement the law.
Our evaluation shows the importance of stored telecommunications data for criminal justice systems and for law enforcement, she said in a statement in April. But the evaluation report also identifies serious shortcomings. We need a more proportionate, common approach across the E.U. to this issue.
So there you have it. The Directive is likely to be changed, but despite that, some Member States may well face sanctions from the European Commission for not having already implemented a not-fit-for-purpose version of it.
It’s a topsy turvey world.
Sources:
http://www.edps.europa.eu/EDPSWEB/edps/EDPS
http://www.dw-world.de/dw/article/0,,15120172,00.html
Image credit:
Many thanks to Vicky Pollard, from the hit BBC television comedy show “Little Britain” whose catchphrase is “yes but no but yes but no but ...”
.
Posts
