European Court of Justice rules data retention directive too invasive

European Court of Justice rules data retention directive too invasive

[JURIST] The European Court of Justice (ECJ) [official website] on Tuesday struck down [judgment; press release, PDF] an EU-wide law that stipulates how private data must be collected and stored. The ECJ ruled the collection of traffic and location data via the Data Retention Directive [EU backgrounder] by public electronic service companies “interferes in a particularly serious manner with the fundamental rights to respect for private life and to the protection of data,” despite its usefulness in combating organized crime and terrorism. The 2006 law required ISP’s in the 28 member states to retain transmission data for at least six months and up to two years, in order to facilitate the prevention, investigation, direction and prosecution of serious crime and terrorism. The ECJ decision followed requests from Irish and Austrian courts [Guardian report] to have the law overturned.

The revelations surrounding the US National Security Agency’s (NSA) surveillance programs such as PRISM [JURIST backgrounder] have sparked worldwide debate and controversy. On Monday the US Supreme Court denied early review [JURIST report] of a constitutional challenge to PRISM. In January US President Barack Obama announced [JURIST report] detailed plans to change surveillance policy, with the hope of curbing the abilities of intelligence agencies to collect and use American phone data. Also in January the Department of Justice (DOJ) filed an appeal [JURIST report] to a federal district court ruling that held the NSA program of collecting phone call data is likely unconstitutional. In November, Germany and Brazil proposed [JURIST report] a draft resolution within the UN General Assembly calling for member states to take measures to put an end to “gross invasions of privacy” such as excessive electronic surveillance and data collection. The debate over security versus privacy has sparked much debate in the academic community as well, and JURIST Guest Columnist Khaliah Barnes of the Electronic Privacy Information Center argues [JURIST op-ed] that federal agencies’ data collection and disclosure activities are marred by a deficiency of meaningful oversight and accountability.