HOME

TheInfoList



Click Here for Items Related To - Data Retention Directive
OR:
Data Retention Directive on:   [Wikipedia]   [Google]   [Amazon]

The Data Retention Directive (Directive 2006/24/EC), later declared invalid by the European Court of Justice, was at first passed on 15 March 2006 and regulated
data retention Data retention defines the policies of persistent data and records management for meeting legal and business data archival requirements. Although sometimes interchangeable, it is not to be confused with the Data Protection Act 1998. The differe ...
, where data has been generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks. It amended the Directive on Privacy and Electronic Communications. According to the Data Retention Directive,
EU member states The European Union (EU) is a supranational political and economic union of member states that are located primarily in Europe. The union has a total area of and an estimated population of over 449million as of 2024. The EU is often de ...
had to store information on all citizens' telecommunications data (phone and internet connections) for a minimum of six months and at most twenty-four months, to be delivered on demand to police authorities. Under the directive, the police and security agencies would have been able to request access to details such as
IP address An Internet Protocol address (IP address) is a numerical label such as that is assigned to a device connected to a computer network that uses the Internet Protocol for communication. IP addresses serve two main functions: network interface i ...
es and time of use of every
email Electronic mail (usually shortened to email; alternatively hyphenated e-mail) is a method of transmitting and receiving Digital media, digital messages using electronics, electronic devices over a computer network. It was conceived in the ...
, phone call and text message sent or received. There was no provision in the directive that permission to access the data must be confirmed by a court. On 8 April 2014, the
Court of Justice of the European Union The Court of Justice of the European Union (CJEU) ( or "''CJUE''"; Latin: Curia) is the Judiciary, judicial branch of the European Union (EU). Seated in the Kirchberg, Luxembourg, Kirchberg quarter of Luxembourg City, Luxembourg, this EU ins ...
declared the Directive invalid in response to a case brought by Digital Rights Ireland against the Irish authorities and others because blanket
data collection Data collection or data gathering is the process of gathering and measuring information on targeted variables in an established system, which then enables one to answer relevant questions and evaluate outcomes. Data collection is a research com ...
violated the EU Charter of Fundamental Rights, in particular the right of
privacy Privacy (, ) is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. The domain of privacy partially overlaps with security, which can include the concepts of a ...
enshrined in Article 8(1).


History

In September 2005, during the United Kingdom's presidency of the European Council, a plenary session was held concerning the retention of
telecommunication Telecommunication, often used in its plural form or abbreviated as telecom, is the transmission of information over a distance using electronic means, typically through cables, radio waves, or other communication technologies. These means of ...
s data, chaired by the UK's
Home Secretary The secretary of state for the Home Department, more commonly known as the home secretary, is a senior minister of the Crown in the Government of the United Kingdom and the head of the Home Office. The position is a Great Office of State, maki ...
. This led to an agreement reached by the Council at its meeting on the 1 and 2 December that was then adopted in March 2006, under the Austrian presidency.


Implementation


Romania

The EU directive has been transposed into Romanian law as well, initially as Law 298/2008. However, the Constitutional Court of Romania (CCR) subsequently struck down the law in 2009 as violating constitutional rights. The court held that the transposing act violated the constitutional rights of privacy, of confidentiality in communications, and of free speech. The
European Commission The European Commission (EC) is the primary Executive (government), executive arm of the European Union (EU). It operates as a cabinet government, with a number of European Commissioner, members of the Commission (directorial system, informall ...
subsequently sued Romania in 2011 for non-implementation, threatening Romania with a fine of 30,000 euros per day. The Romanian parliament passed a new law in 2012, which was signed by president Traian Băsescu in June. The Law 82/2012 has been nicknamed "the Big Brother law" (using the untranslated English expression) by various Romanian non-governmental organisations opposing it, as well as the Romanian media. On 8 July 2014 this law too was declared unconstitutional by the CCR.


Criticism

The Data Retention Directive had sparked serious concerns from physicians, journalists, privacy and human rights groups, unions, IT security firms and legal experts.


Annullment

On 8 April 2014, in the landmark ''Digital Rights Ireland and Ors'' case, the Court of Justice of the European Union declared the Directive 2006/24/EC invalid for violating fundamental rights. The council's Legal Services have been reported to have stated in closed session that paragraph 59 of the European Court of Justice's ruling "suggests that general and blanket data retention is no longer possible". A legal opinion funded by the Greens–European Free Alliance in the
European Parliament The European Parliament (EP) is one of the two legislative bodies of the European Union and one of its seven institutions. Together with the Council of the European Union (known as the Council and informally as the Council of Ministers), it ...
found that the blanket retention of data of unsuspicious persons generally violates the EU Charter of Fundamental Rights, both in regard to national telecommunications data retention laws and to similar EU data retention schemes (
Passenger name record A passenger name record (PNR) is a record in the database of a computer reservation system (CRS) that contains the itinerary for a passenger or a group of passengers travelling together. The concept of a PNR was first introduced by airlines that ...
s, Terrorist Finance Tracking Programme, Terrorist Finance Tracking System, law enforcement access to the Entry-Exit-System, Eurodac, Visa Information System).Boehm/Cole
Data Retention after the Judgement of the Court of Justice of the European Union
.


See also

* Data Protection Directive * Telecommunications data retention


References


External links


Text of the directive and national provisions on data retention communicated by the member states
(HTML and PDF) {{Authority control European Union data protection law European Union directives 2006 in European Union law Mass surveillance