Feeds

European Court of Justice rips up Data Retention Directive

Rules 'interfering' measure to be 'invalid'

HP ProLiant Gen8: Integrated lifecycle automation

A European Union directive that required ISPs to retain data for two years has been deemed "invalid", Brussels' highest court ruled today.

The measure "entails a wide-ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary," said (PDF) the European Court of Justice.

It added that the fact that information could be held and subsequently used without the subscriber or registered user being aware of such "constant surveillance" actions from spooks and police could intrude on an individual's private life.

Late last year, Court of Justice Advocate General Pedro Cruz Villalón said that the seven-year-old EU directive requiring telecoms outfits to retain details of phone calls and emails - such as traffic and location - clashed with the 28-member bloc's privacy rights for citizens.

He opined at the time that the 2006 Data Retention Directive "constitutes a serious interference with the fundamental right of citizens to privacy".

The ECJ has today agreed with that assessment of the EU measure. It said:

[T]he retention of data for the purpose of their possible transmission to the competent national authorities genuinely satisfies an objective of general interest, namely the fight against serious crime and, ultimately, public security.

However, the Court is of the opinion that, by adopting the Data Retention Directive, the EU legislature has exceeded the limits imposed by compliance with the principle of proportionality.

Damningly, the court added that the directive failed to offer sufficient safeguards "against the risk of abuse and against any unlawful access to use of the data".

Worst of all for Brussels' officials nervous about information carelessly spilling out of the EU into the hands of the US in the wake of master blabbermouth Edward Snowden's state spying revelations, the directive was found by the court not to require data to be retained within the 28-nation bloc.

"The directive does not fully ensure the control of compliance with the requirements of protection and security by an independent authority, as is, however, explicitly required by the Charter," it concluded. "Such a control, carried out on the basis of EU law, is an essential component of the protection of individuals with regard to the processing of personal data." ®

Eight steps to building an HP BladeSystem

More from The Register

next story
THUD! WD plonks down SIX TERABYTE 'consumer NAS' fatboy
Now that's a LOT of porn or pirated movies. Or, you know, other consumer stuff
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
FLAPE – the next BIG THING in storage
Find cold data with flash, transmit it from tape
Apple fanbois SCREAM as update BRICKS their Macbook Airs
Ragegasm spills over as firmware upgrade kills machines
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.