The European Court of Justice (ECJ) has today declared the data retention directive – which requires telecoms companies to store emails, traffic, location and other data of EU citizens for up to two years – as invalid.
Though the directive was introduced by the European Commission in 2006 as a measure to help authorities better investigate and prosecute organized crime, the court has said in a statement:
“By requiring the retention of those data and by allowing the competent national authorities to access those data, the directive interferes in a particularly serious manner with the fundamental rights to respect for private life and to the protection.”
“Furthermore, the fact that data are retained and subsequently used without the subscriber or registered user being informed is likely to generate in the persons concerned a feeling that their private lives are the subject of constant surveillance,” it added.
The ruling is a response to challenges brought on by Austrian courts and Irish privacy advocates Digital Rights Ireland. In 2006, the Irish group challenged the state arguing the directive was a breach of privacy under the European Convention on Human Rights and the Charter of Fundamental Rights.
The issue has also been a hot topic in Germany, where it was debated in German parliament just a couple of weeks ago.
Featured image credit: Maksim Kabakou / Shutterstock