Data and securityCyber SecurityEU rules against UK data retention law

EU rules against UK data retention law

Blow for 'snooper's charter' as European Court of Justice rules that “general and indiscriminate” data retention is against EU law

The European Court of Justice (ECJ) has ruled that “general and indiscriminate” data retention is against EU law.

The decision, which is a significant blow to governments and organisations who have been pushing for stronger surveillance and data collection, was delivered after EU judges said communications data could only be retained if it was used to fight serious crime.

The ECJ ruling stated that countries are not allowed to impose laws requiring internet service providers to retain all their customers’ data, restricting the practice to specific (single) cases of “serious crime”.

The ruling said: “In today’s judgment, the Court’s answer is that EU law precludes national legislation that prescribes general and indiscriminate retention of data.

“The interference by national legislation that provides for the retention of traffic data and location data with that right must therefore be considered to be particularly serious.

“The fact that the data is retained without the users of electronic communications services being informed of the fact is likely to cause the persons concerned to feel that their private lives are the subject of constant surveillance. Consequently, only the objective of fighting serious crime is capable of justifying such interference.”

The decision was made on a case originally brought to court by IPS Tele2 in Sweden. The case was later joined by UK MPs Tom Watson, David Davis and with support from others as they built up opposition to data surveillance by the GCHQ and the UK government’s IP Act and were turning to the EU to get involved.

Commenting on the ruling, Watson said: “This ruling shows it’s counter-productive to rush new laws through Parliament without a proper scrutiny.”

The Home Office added it would be putting forward “robust arguments” to the Court of Appeal.

It added: “Given the importance of communications data to preventing and detecting crime, we will ensure plans are in place so that the police and other public authorities can continue to acquire such data in a way that is consistent with EU law and our obligation to protect the public.”

Related Articles

Government and tech industry hold roundtable on IoT security

Cyber Security Government and tech industry hold roundtable on IoT security

2y Jay Ashar
New Army cyber operations centres for MOD

Cyber Security New Army cyber operations centres for MOD

2y Jay Ashar
Competing priorities biggest roadblock to cybersecurity

Cyber Security Competing priorities biggest roadblock to cybersecurity

2y Jay Ashar
Cybersecurity is a market for lemons

Cyber Security Cybersecurity is a market for lemons

2y Bernard Parsons
Compulsory cyber awareness training for Cardiff council staff

Cyber Security Compulsory cyber awareness training for Cardiff council staff

2y Jay Ashar
UK government to assess the cyber security capability landscape

Cyber Security UK government to assess the cyber security capability landscape

2y Jay Ashar
New capability to help organisations fight cyber threats

Cyber Security New capability to help organisations fight cyber threats

2y Jay Ashar
Room for more cybersecurity over and above GDPR

Cyber Security Room for more cybersecurity over and above GDPR

2y Jay Ashar