In late December, the highest court in Europe made a ruling that “general and indiscriminate” data retention, or collection of communications information, is not in line with existing EU law. The ruling means that governments and companies can no longer conduct sweeping surveillance and indiscriminate collection of information (an activity also referred to as data retention) as they previously were under EU’s Data Retention Directive. The ruling states the Data Retention Directive, which was passed in 2006, violates two of citizens’ basic rights – “respect for private life and protection of personal data.” You can view the full ruling here.
This ruling is seen as a victory for privacy advocates and anyone concerned about the privacy of their personal communications information. The ruling combats bulk data collection and limits surveillance activities, while still allowing for “targeted” retention of data for use in fighting crime is allowable. The EU is reportedly working on a new data protection law as a result.
Implications for the Snooper’s Charter
As many outlets are reporting, this ruling could have serious implicates for the United Kingdom and their recently-passed “Snooper’s Charter.” Often referred to as a surveillance bill, the Snooper’s Charter includes sweeping data retention provisions which have now been invalidated by the EU ruling.