The Austrian Constitutional Court [official website, in German] ruled [text, PDF, in German; press release, PDF, in German] Thursday that the EU Data Retention Directive [text, PDF] may violate EU law. The court has referred the case to the European Court of Justice (ECJ) [official website] for additional review. The Directive calls on telecommunications and Internet companies to retain data such as e-mails, text messages and cell phone records for use by law enforcement and government officials. The court expressed concern that this retention violates Article 8 of the European Convention on Human Rights [text, PDF]. Commentators have discussed the link between privacy and freedom of expression under the Convention, and noted [JURIST op-eds] that EU privacy laws and regulations often have an impact on the US.
Since its approval [JURIST report] in 2006, the data retention law has been criticized by numerous countries. In May the European Commission [official website] referred [JURIST report] Germany to the ECJ for not complying with the Directive. In March 2011 the Czech Republic's Constitutional Court [official website, in Czech] overturned [JURIST report] parts of the law reasoning that it is unconstitutional. In February 2009, the ECJ dismissed [JURIST report] a challenge to the data retention law. The court only addressed the issue of whether the law was valid in light of the ECT's trade provision and found that the law was valid because it standardized costs associated with retaining the data across the EU. Data retention policy has received attention in the US as well. In March US Attorney General Eric Holder [official profile] signed new guidelines [JURIST report] which permit the US government to gather data on American citizens to search for "terrorism information" which it can keep permanently. Commentators have warned [JURIST op-ed] that these types of data retention policies can lead to the creation of "mass dossiers" that have significant privacy impacts.