Brussels, 18/04/2011 (Agence Europe) - On Monday 18 April, in an assessment report, the Commission indicated that the 2006 European directive on the retention of data for fighting crime and terrorism would finally be amended. This directive has been challenged by a number of courts in Germany, Romania and more recently in the Czech Republic where the Constitutional Court ruled on 1 April that the retention of a broad range of private data was contrary to the constitution. The commissioner for home affairs, Cecilia Malmström, said that this amendment might still be passed this year.
This amendment is necessary due to the very divergent application or indeed non-application of the text by member states. Among the five member states that have not applied the directive, Austria and Sweden have still not completed transposition of the directive and Germany, Romania and the Czech Republic have had their transposition law quashed by the Constitutional Court. The European directive does not sufficiently guarantee respect for fundamental rights, particularly respect for privacy and rules regarding personal data protection.
The Commission's assessment had to be postponed to a later date, because of the slowness of the member states in supplying the necessary information, and is taking place at a time when the Commission has opened infringement proceedings against Austria and Sweden to get them to transpose the directive into national law. The Commission has even decided to fine Sweden for late transposition.
The Data Retention Directive (2006/24/EC) requires member states to ensure that telecoms operators retain certain categories of “data (for identifying identity and details of phone calls made and emails sent, excluding the content of those communications) for the purpose of the investigation, detection and prosecution of serious crime, as defined by national law”, explains the Commission. The directive states that data must be retained for a minimum of six months and a maximum of two years (to be decided by member states).
Commissioner Malmstrom said that most member states agreed that data retention was a necessary measure and useful for preventing and fighting crime, but the diverse manners in which the directive is applied reduces its effectiveness and raises questions about respect of fundamental rights. The EU27 disagree, for example, on the reasons for keeping information, some of them, like the UK, saying it is to prevent unspecified forms of serious crime and others talking about preventing crime and for national security. They also vary in the length of time data is retained and legal procedures governing access to the data. The heterogeneous nature of how the directive is applied makes life difficult for service providers, some of which are small businesses, and the Commission points out that the cost of data retention and data access are refunded to varying degrees in the different member states.
The Commission is more critical of protection of privacy, explaining that data retention amounts to a serious restriction on privacy and although no tangible examples of serious violations of privacy have been reported, there is the danger of such violations occurring and there are questions about the security of information, unless further guarantees are introduced. The Commission therefore wants stricter legislation on data storage, access to sorted data and how the information is used. The report states that national data protection authorities criticise the directive for failing to lay down sufficient limitations on data retention and guarantees on how data is used and stored and access to the information. At a press conference, Commissioner Malmstrom refused to say exactly which areas the revision would be focusing upon, such as the duration of data retention, simply commenting that it would be trying to achieve greater harmonisation in all problematic areas. (S.P./transl.fl)