Data retention violates EU law

2 min
Tags: EU law Data retention data stored data collection

Data retention violates EU law

The regulation regarding data retention violates European law. This means that data related to the Internet or telephone may not be stored if it is not based on suspicion. This approach violates the currently applicable European law. This has now been determined by the European Court of Justice.

The following user data is stored particularly frequently:

  • Connection data
  • Location data
  • IP addresses

There are firm guidelines on this in the German Telecommunications Act. Now there has been a new twist from the European Court of Justice. The previous case law was once again confirmed by the ruling. Data may only be collected and stored if they meet the following criteria:

  • Preventive to combat serious crime
  • Prevention of serious threats to public security
  • When national security is threatened

Therefore, the general rule is to restrict to what is absolutely necessary. The restrictions on the data of specific individuals or of specific environments are not so strict. If IT addresses are to be stored, then indiscriminate and general retention is considered legally acceptable, provided that the procedure is limited to what is absolutely necessary. This retention of data must also comply with the above-mentioned criteria. Therefore, if there is no reason to do so, data retention in Germany is unlawful.

Definition data retention

Telephone providers and Internet providers are required by the German Telecommunications Act to record and store all their customers' traffic data. One example of this is who is communicating with whom via the telephone or IP address, or who is surfing the Internet. This should be traceable for investigators. Data on devices is also particularly relevant. The same has been true for the typically popular location data.

In accordance with court rulings in recent years, however, the above-mentioned companies were not required to retain such data. This regulation was suspended by the Federal Network Agency, so that no provider had to store such traffic data any longer. The extent to which this ruling can be reconciled with European law has now finally been clarified. Therefore, such a ruling by the European Court of Justice is not unexpected.

As far as combating child abuse is concerned, however, the Federal Ministry is still calling for IP addresses to be stored at the very least. This is the only way to identify online users. An idea for this has been thrown into the room: The Quick Freeze method is supposed to provide a remedy.

The idea of data retention

Basically, data retention is supposed to help prevent child abuse. There are numerous online platforms that use cunning concealment techniques in this regard. Therefore, data retention seems to be a solution. Unfortunately, many perpetrators move anonymously in the darknet. In everyday life, newer investigation methods for law enforcement are used for such cases anyway.