27 November 2017
EU Counter-Terrorism Coordinator: "additional data retention obligations are necessary"
Follow us: | | Tweet
See: EU Counter-Terrorism Coordinator: Contribution to the discussion on data retention (WK 9699/2017 INIT, LIMITE, 15 September 2017, pdf)
The Coordinator's paper was produced for the 18 September meeting of the ad-hoc Council working group, 'Friends of the Presidency - Data Retention', and argues for the adoption of an:
"EU instrument on data retention, to have a level playing field across the EU and find a common solution, while allowing for sufficient flexibility for Member States to tailor national solutions to their specific needs."
According to the CTC:
"An EU data retention instrument has to fulfil the needs of law enforcement and other competent authorities as well as the requirements of the ECJ and could have three parts:
(1) obligation to retain restricted traffic and location data for 6 months maximum, where access of competent authorities is limited for the purposes of counter-terrorism, organized and serious crime, including cyber attacks,
(2) with storage of the data in the EU in an encrypted fashion,
(3) with all the strict conditions for access suggested by the ECJ."
The CTC is keen to argue that it would be possible to meet the requirements of the ECJ (as set out in the Digital Rights Ireland and Tele2/Watson judgments) by limiting the categories of data to be retained; excluding certain telecoms providers from the scope of retention rules (such as "a small provider just offering WIFI in pizza restaurants); and excluding certain categories of people "linked to professional secrecy" (such as lawyers, journalists, doctors and so on).
This, says the Coordinator, means that "data retention would not be generalised" - although it would arguably not be far off from being generalised, particularly as many Member States already excluded smaller telecoms providers from retention obligations under the 2006 Directive.
The response from Member States to the CTC's paper is currently unknown. A "common reflection process" amongst national and EU authorities on how EU-wide rules on data retention could be reintroduced is still ongoing.
Despite it being three-and-a-half years ago that the Schrems judgment was handed down by the ECJ, it did not have the effect many campaigners hoped for - rather than putting a halt to generalised telecoms surveillance schemes across the EU, many Member States have continue to keep their retention obligations in force. See: Member State data retention regimes - what's changed? The answer is very little so far (Statewatch News Online)
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: 10 Queen Street Place, London EC4R 1BE. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.