Ireland: High Court strikes down Ireland's data retention regime

Support our work: become a Friend of Statewatch from as little as £1/€1 per month.

High Court strikes down Ireland's data retention regime
Follow us: | | Tweet

The Irish High Court has ruled that Irish law on the retention of telecommunications data contravenes EU law and the European Convention on Human Rights.

The data retention rules were introduced by the Communications (Retention of Data) Act 2011, which was brought in to meet the requirements of the EU's 2006 Data Retention Directive. The EU law was struck down by the Court of Justice in 2014.

Regarding the retention of telecoms data, the Irish High Court found that:

"s. 3 of the 2011 Act which requires all service providers to retain the telephony data for two years is indeed general and indiscriminate."

When it comes to accessing retained data, the judgment says:

"the provisions set out in s. 6(1) of the 2011 Act contravene EU law and the ECHR because there is no prior review by a court or an independent administrative authority for access to the telephony data. In addition, there are no adequate legislative guarantees against abuse. Too much is left to those who implement and utilise the access provisions."


"the demands of a modern day democratic society to guarantee the fundamental right to privacy prescribed by EU and ECHR law for access to retained telephony data have not been met by the 2011 Act."

See: Graham Dwyer v Commissioner for An Garda Síochána, Minister for Communications, Energy and Natural Resources, Ireland and Attorney General ([2018] IEHC 685, pdf)

The case was brought by Graham Dwyer, a convicted murderer who sought to challenge the use of mobile phone data in the evidence against him.

Statistics recently released by Irish state agencies following requests from the Irish Examiner have revealed the scale on which the authorities have made use of their powers under the law:

"More than 50 disclosures of private communication data were provided every day, on average, to gardaí and agencies over the last five years, figures show.

The Irish Examiner can reveal that more than 92,000 disclosures were made to State agencies by phone and internet firms from 2013 to 2017 — around 18,450 on average per year."

See: Personal data shared 92,000 times to State agencies by phone and internet firms (Irish Examiner, link)

Further reading

Convicted murderer Graham Dwyer wins legal action over phone data (RTÉ, link)

'Many warnings' over Irish data retention laws (RTÉ, link)

Gardai trawl through cases in aftermath of Graham Dwyer's court victory (Irish Independent, link)

Search our database for more articles and information or subscribe to our mailing list for regular updates from Statewatch News Online.


Our work is only possible with your support.
Become a Friend of Statewatch from as little as £1/€1 per month.


Spotted an error? If you've spotted a problem with this page, just click once to let us know.

Report error