Data Retention Directive


The Data Retention Directive was passed on the 15 March 2006 and regulated data retention, where data has been generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks. It amended the Directive on Privacy and Electronic Communications. According to the Data Retention Directive, EU member states had to store citizens' telecommunications data for a minimum of six months and at most 24 months.
Under the directive the police and security agencies would have been able to request access to details such as IP address and time of use of every email, phone call and text message sent or received. A permission to access the information could be granted only by a court. On 8 April 2014, the Court of Justice of the European Union declared the Directive invalid in response to a case brought by Digital Rights Ireland against the Irish authorities and others because blanket data collection violated the EU Charter of Fundamental Rights, in particular the right of privacy.

History

In September 2005, during the United Kingdom's presidency of the European Council, a plenary session was held concerning the retention of telecommunications data, chaired by the UK's Home Secretary. This led to an agreement reached by the Council at its meeting on the 1 and 2 December that was then adopted in March 2006, under the Austrian presidency.

Implementation

Romania

The EU directive has been transposed into Romanian law as well, initially as Law 298/2008. However, the Constitutional Court of Romania subsequently struck down the law in 2009 as violating constitutional rights. The court held that the transposing act violated the constitutional rights of privacy, of confidentiality in communications, and of free speech. The European Commission subsequently sued Romania in 2011 for non-implementation, threatening Romania with a fine of 30,000 euros per day. The Romanian parliament passed a new law in 2012, which was signed by president Traian Băsescu in June. The Law 82/2012 has been nicknamed "the Big Brother law" by various Romanian non-governmental organisations opposing it, as well as the Romanian media. On 8 July 2014 this law too was declared unconstitutional by the CCR.

Criticism

The Data Retention Directive had sparked serious concerns from physicians, journalists, privacy and human rights groups, unions, IT security firms and legal experts.

Annullment

On 8 April 2014, in the landmark Digital Rights Ireland and Ors case, the Court of Justice of the European Union declared the Directive 2006/24/EC invalid for violating fundamental rights. The Council's Legal Services have been reported to have stated in closed session that paragraph 59 of the European Court of Justice's ruling "suggests that general and blanket data retention is no longer possible".
A legal opinion funded by the Greens–European Free Alliance in the European Parliament found that the blanket retention of data of unsuspicious persons generally violates the EU Charter of Fundamental Rights, both in regard to national telecommunications data retention laws and to similar EU data retention schemes.