Hearing of European Court of Justice on Data Retention Directive
July 1st, 2008Heisse reports about the hearing of the ECJ in Ireland v. Council and Parliament, a case about the legal base for the data retention directive (2006/24/EC). Interestingly, the Dutch government also defends the legal base. And also EDPS’s EU data protection guru Hustinx. He argues that the legal base (Art 95 EC Treaty) is appropriate and points to the fact that otherwise the retained data would not fall under the EU Privacy Directives. These reasons are pragmatic and without doubt EDPS argued similarly when the Council was still pursuing a Framework Decision in the Third Pillar. The reasons why the European Parliament wanted to have data retention in the First Pillar was because they wanted to have a co-decision procedure, in which they have more powers. Unfortunately the Parliament, after having been highly critical of data retention, decided to make a compromise in December 2005. The idea that something will turn out to be better if you are involved in the process is probably inherent to politics. So much for democracy:
“The European Commission Vice-President Franco Frattini hailed a “victory for democracy” - and EU compromise, meanwhile Mr. Alvaro said : “By voting as we (the Parliament) did today we create a precedent where Council need only say ‘jump!’ and Parliament cries ‘how high?‘”, 18 January 2006, edrigram.
The compromise has resulted not only in one of the worst directives from a digital rights perspective, but also fails to provide a European standard for data retention. All over the EU different data retention regimes are being put in place, between 6 and 24 months and sometimes longer, often extending the scope of obligations significantly. The Directive is, however, an amendment to the ePrivacy Directive which provides for FULL harmonization. You do not have to be a European Law expert to understand that this does not fit. And no, the Lisbon Treaty will not fix this.