The European Court of Justice (ECJ) decided to scrap the data retention directive on Tuesday, declaring it to be in violation of Europeans rights to a private life and protected personal data. In place since March 2006 the data retention directive required member states to store citizens’ telecommunications data for six months to two years to serve the needs of police and National security agencies.
The ECJ observed that the directive makes possible the discernment of the means, time, place, and frequency of communication between a subscriber or registered user of a site as well as the identity of the person they’re messaging. The ability to collect this information is considered disproportionate to the objectives of the directive and therefore counter to the EU proportionality principle.
The removal of the directive creates it’s own set of issues, questions and grey areas. What will happen to National regulations drafted in accordance with the directive? Can Telecom and Internet Service Providers still store personal data for over six months or is it now to be considered outright illegal? How about ongoing contracts in favour of such data retention? Both governments and the companies involved have got some fast thinking and acting to do. The responses of governments to this move will reveal much about the future of the way European Directives are handled at national scale. Read Simon and Alexandra’s full analysis on ComputerWorldUK.