State of play of the revision of the EU Data Retention Directive

On 7 September EU Commission official Cecilia Verkleij presented the state of play of the revision of the EU Data Retention Directive in Berlin. Ms Verkleij is head of the sector „Access to information“ (A.3.002) within the EU Commission’s home affairs directorate general. Her team is dealing with the revision of the EU’s unpopular 2006 data retention directive which requires the blanket and indiscriminate collection of telephone records, and mobile phone location and Internet data, revealing sensitive information about the movements and social contacts of 500 million Europeans not suspected of any wrongdoing.

Ms Verkleij started by jokingly pointing out that hers was the „most criminal unit in the Commission“, dealing with all issues such as the retention of communications data, of passenger data (PNR) and of financial data (SWIFT). „If you want to know about surveillance, please call us. We can advise you“, she suggested.

Heading the unit on law enforcement access to information, it did not come as a surprise to hear that the first policy objective the Commission is pursuing in revising the data retention directive is ensuring „access to the communications information which is necessary for combating serious crime“. (The European Court of Justice has pointed out though that the sole legal purpose of the directive is „the functioning of the internal market“ on telecommunications.)

The unit is mainly considering amending the data retention directive in three areas: 1) define more precisely the purpose for which retained data can be used (e.g. list of crimes), 2) define more precisely the mode of access to retained data, 3) regulate the security of retained data. The Commission also intends to pursue the idea of cost reimbursement for providers (which was rejected by member states and parliament in 2006). Another idea they are considering is exempting business to business communications from retention obligations as such data is rarely requested. On the other hand the speaker noted that „data generated via the Internet“ was becoming „increasingly important“ for law enforcement. Ms Verkleij spoke out against the opinion that retaining such data was unnecessary. This thinking, she felt, was due to a „lack of experience“ of law enforcement authorities with Internet data. Ms Verkleij did not consider relevant the fact that most traffic data is accessed within the first three months, as this may concern only the first request in the context of a criminal investigation and more data may be needed at a later stage of the investigation.

In regard to the impact of blanket retention on the fundamental right to privacy, Ms Verkleij said that other fundamental rights needed to be considered as well, namely the rights of victims of crime. Ms Verkleij interpreted Article 52 of the Fundamental Rights Charta to say „don’t kill a fundamental right, but don’t abstain [from int…