Feeds

European Court of Justice rips up Data Retention Directive

Rules 'interfering' measure to be 'invalid'

Securing Web Applications Made Simple and Scalable

A European Union directive that required ISPs to retain data for two years has been deemed "invalid", Brussels' highest court ruled today.

The measure "entails a wide-ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary," said (PDF) the European Court of Justice.

It added that the fact that information could be held and subsequently used without the subscriber or registered user being aware of such "constant surveillance" actions from spooks and police could intrude on an individual's private life.

Late last year, Court of Justice Advocate General Pedro Cruz Villalón said that the seven-year-old EU directive requiring telecoms outfits to retain details of phone calls and emails - such as traffic and location - clashed with the 28-member bloc's privacy rights for citizens.

He opined at the time that the 2006 Data Retention Directive "constitutes a serious interference with the fundamental right of citizens to privacy".

The ECJ has today agreed with that assessment of the EU measure. It said:

[T]he retention of data for the purpose of their possible transmission to the competent national authorities genuinely satisfies an objective of general interest, namely the fight against serious crime and, ultimately, public security.

However, the Court is of the opinion that, by adopting the Data Retention Directive, the EU legislature has exceeded the limits imposed by compliance with the principle of proportionality.

Damningly, the court added that the directive failed to offer sufficient safeguards "against the risk of abuse and against any unlawful access to use of the data".

Worst of all for Brussels' officials nervous about information carelessly spilling out of the EU into the hands of the US in the wake of master blabbermouth Edward Snowden's state spying revelations, the directive was found by the court not to require data to be retained within the 28-nation bloc.

"The directive does not fully ensure the control of compliance with the requirements of protection and security by an independent authority, as is, however, explicitly required by the Charter," it concluded. "Such a control, carried out on the basis of EU law, is an essential component of the protection of individuals with regard to the processing of personal data." ®

The Essential Guide to IT Transformation

More from The Register

next story
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
FLAPE – the next BIG THING in storage
Find cold data with flash, transmit it from tape
Seagate chances ARM with NAS boxes for the SOHO crowd
There's an Atom-powered offering, too
Intel teaches Oracle how to become the latest and greatest Xeon Whisperer
E7-8895 v2 chips are best of the bunch, and with firmware-unlocked speed control
Gartner: To the right, to the right – biz sync firms who've won in a box to the right...
Magic quadrant: Top marks for, er, completeness of vision, EMC
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.