The European Court of Justice Overturns Data Storage Directive
The judges in Luxembourg declared on Tuesday that the mass storage of telephone and Internet connection data from citizens for no specific reason is a serious encroachment on the fundamental rights of citizens. They confirmed that this is a violation of the right to data privacy and respect for personal privacy.
"We welcome the fact that the European Court has given a clear signal for more data protection," says Thomas Kremer, Board member for Data Privacy, Legal Affairs and Compliance at Deutsche Telekom. "Security requirements must be carefully balanced against freedom and identity rights. Citizens need to feel free and unobserved in their communications. This is about people's trust." Now it remains to be seen how the EU Commission adapts the directive and what action the German legislature takes.
The storage of data is intended to assist in the investigation of serious of-fenses, such as organized crime and terrorism. Investigators have access to the collected data. According to the court in Luxembourg, the EU Directive from 2006 does not restrict data storage to what is absolutely necessary because it doesn’t establish any objective criteria for the retention period of up to two years.
Data storage is highly controversial in the EU. In Germany, for example, there are no legal provisions for this purpose. The German Federal Constitutional Court overturned the German guidelines in 2010.
Since the decision, Deutsche Telekom only stores the data it needs for business processes such as invoicing. The company reduced its stored data in areas where it can: The storage period of mobile data traffic has been reduced from 30 to seven days. Deutsche Telekom complies with the storage periods mandated by statutory provisions and recommendations from the German Federal Data Protection Commissioner and is substan-tially below the required and suggested limit.