Feeds

European Court of Justice rips up Data Retention Directive

Rules 'interfering' measure to be 'invalid'

Secure remote control for conventional and virtual desktops

A European Union directive that required ISPs to retain data for two years has been deemed "invalid", Brussels' highest court ruled today.

The measure "entails a wide-ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary," said (PDF) the European Court of Justice.

It added that the fact that information could be held and subsequently used without the subscriber or registered user being aware of such "constant surveillance" actions from spooks and police could intrude on an individual's private life.

Late last year, Court of Justice Advocate General Pedro Cruz Villalón said that the seven-year-old EU directive requiring telecoms outfits to retain details of phone calls and emails - such as traffic and location - clashed with the 28-member bloc's privacy rights for citizens.

He opined at the time that the 2006 Data Retention Directive "constitutes a serious interference with the fundamental right of citizens to privacy".

The ECJ has today agreed with that assessment of the EU measure. It said:

[T]he retention of data for the purpose of their possible transmission to the competent national authorities genuinely satisfies an objective of general interest, namely the fight against serious crime and, ultimately, public security.

However, the Court is of the opinion that, by adopting the Data Retention Directive, the EU legislature has exceeded the limits imposed by compliance with the principle of proportionality.

Damningly, the court added that the directive failed to offer sufficient safeguards "against the risk of abuse and against any unlawful access to use of the data".

Worst of all for Brussels' officials nervous about information carelessly spilling out of the EU into the hands of the US in the wake of master blabbermouth Edward Snowden's state spying revelations, the directive was found by the court not to require data to be retained within the 28-nation bloc.

"The directive does not fully ensure the control of compliance with the requirements of protection and security by an independent authority, as is, however, explicitly required by the Charter," it concluded. "Such a control, carried out on the basis of EU law, is an essential component of the protection of individuals with regard to the processing of personal data." ®

Internet Security Threat Report 2014

More from The Register

next story
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
The DRUGSTORES DON'T WORK, CVS makes IT WORSE ... for Apple Pay
Goog Wallet apparently also spurned in NFC lockdown
Cray-cray Met Office spaffs £97m on VERY AVERAGE HPC box
Only 250th most powerful in the world? Bring back Michael Fish
Microsoft brings the CLOUD that GOES ON FOREVER
Sky's the limit with unrestricted space in the cloud
'ANYTHING BUT STABLE' Netflix suffers BIG Europe-wide outage
Friday night LIVE? Nope. The only thing streaming are tears down my face
Google roolz! Nest buys Revolv, KILLS new sales of home hub
Take my temperature, I'm feeling a little bit dizzy
IBM, backing away from hardware? NEVER!
Don't be so sure, so-surers
prev story

Whitepapers

Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.