Although the European Court of Justice (EUCJ) declared as recently as December 2016 that blanket data retention without cause is incompatible with European fundamental rights, the EU Council has not deviated from its plans for European data retention. A paper already in circulation in the media shows just how concrete the plans to be discussed at the Council meeting are: the concept set out in the paper is based on proposals from Europol and the counter-terrorism coordinator (CTC) Gilles de Kerchove.
However, Oliver Süme, Chairman of the Board at eco, warns against renewed discussions on European reporting and retention obligations for the Internet industry. "The very discussions concerning implementation of Europe-wide storage infrastructures represent a burden for the Internet industry, as well as an attack on the privacy of citizens, and carry a huge security risk. Ultimately, such collections of personal communications data could serve as a rich source of data for espionage and abuse of all kinds." The EUCJ has also made it abundantly clear that the use of data and the duration of retention must be limited to what is absolutely necessary.
“The EUCJ has already expressly stated on several occasions that a law to introduce a retention obligation and a maximum retention requirement for data traffic infringes on fundamental European rights. Every new discussion represents a direct threat to a stable digital single market in Europe and will not add any appreciable value to the fight against crime," adds Süme.