ECJ to strike down Data Retention Directive

The European Court of Justice declared the Data Retention Directive to be invalid in the judgment issued on 8 April 2014 in Joined Cases C-293/12 and C-594/12. According to the Directive telecommunications services providers were obliged to retain data of phone calls made by citizens of the European Union, including traffic and location data. The enactment also allowed courts, law enforcement authorities and secret services to access such data.

The Court noted that the retention of telecommunication data may seriously interfere with the rights to respect for private life and to the protection of personal data. A review of collected telecommunication data enables authorities to examine a person’s social relationships, places of residence occupied over a given time or daily movements.

The Court took the view that the measure itself may be admissible in certain circumstances, but only with appropriate safeguards put in place to protect citizens against a disproportionate interference with their rights and freedoms. However, the ECJ ruled that the existing Data Retention Directive did not meet this requirement as it failed to set a sufficiently strict legal framework which would guarantee that law enforcement and secret services could use telecommunication data only to the extent necessary and only for the purpose of prosecuting the most serious crimes. Moreover, the Directive has not made access to data subject to judicial review or established a set of precise criteria governing the data retention period. In setting out conditions for access to retained data, it makes no distinction between different categories of telecommunication data. Also, the Directive fails to ensure the irreversible destruction of data after expiry of the retention period. The Court also criticised the EU lawmakers for failing to impose an obligation to retain telecommunication data within the European Union.

“All these issues appear in the Polish telecommunication data retention laws”, says Dorota Głowacka, a lawyer with the HFHR. “The regulations currently in force enable different agencies to freely access the data and may create an environment for abuse. The Helsinki Foundation has long called for legislative reform of data retention laws. The HFHR has advocated for the establishment of an effective mechanism for supervising access to retained data; we proposed to create a closed list of serious crimes which may be prosecuted with the use of retained telecommunication data and requested the introduction of a legal duty to notify a person whose data has been accessed”, says Ms Głowacka.

Dr Adam Bodnar, HFHR Deputy President, adds: “The judgment of the European Court of Justice will undoubtedly influence the outcome of a case, currently pending before Polish Constitutional Tribunal, which involves the constitutionality of law enforcement agencies’ and prosecution service’s access to phone records. The Tribunal should now rule the case according to the Luxembourg Court’s interpretation of the right to privacy and the principle of proportionality”.

Telecommunication data retention laws have so far been deemed unconstitutional in a number of countries including Germany, Romania and the Czech Republic.