EU Data Retention Directive Invalid
The EU’s highest court, the Court of Justice has ruled the EU Data Retention Directive invalid. The full ruling can be found here.
“It entails a wide – ranging and particularly serious interference with the fundamental rights to respect for private life and to the protection of personal data, without that interference being limited to what is strictly necessary”
Which seems like a clear victory for common sense.
Why Data Retention?
The directive was introduced as a knee-jerk reaction to the 2006 bombings in London and Madrid. Having failed to get the required legislation through in the UK, Mr Brown took it to Europe. If I recall correctly it was heavily defeated here in the UK.
Sadly given the views of current politicians it would be unlikely to be defeated again in the UK. A British government spokesman said the retention of communications data was absolutely fundamental to allowing law enforcement authorities to investigate crime and ensure national security.
He would, of course, be unable to point to a single case where such retention had helped.
Damningly, the court added that the directive failed to offer sufficient safeguards “against the risk of abuse and against any unlawful access to use of the data”.
No doubt the directive would not apply to GCHQ et al, but it’s the first pushback of significance against mass surveillance.
One ISP in Sweden has already done exactly this. Bahnhof CEO Jon Karlung said he deleted all retained data on Wednesday after consulting with lawyers.
So now we await the first UK ISP to announce their removal of this incorrectly retained data. I’m not holding my breath mind you.
It is interesting to note that just at the time the EU has the lowest reputation ever here in the UK, there is a lot of common sense coming from Europe regarding surveillance and privacy. For the first time in a very long time Europe seems to be considering the rights of the individual.