EU court rules that Berlin data regime violates GDPR

Germany’s general law on data retention violates EU law, Europe’s highest court ruled yesterday, dealing a blow to member states that rely on blanket data collection to fight crime and protect national security.

The law may only be applied in circumstances where there is a serious threat to national security under strictly defined conditions, the Court of Justice of the European Union (ECJ) said.

The verdict comes after serious attacks by militant Islamists in France, Belgium and Great Britain in recent years.

Governments argue that access to data, particularly that collected by telecom operators, can help prevent such incidents, while operators and civil rights activists oppose such access.

The latest case was sparked after Deutsche Telekom unit Telekom Deutschland and internet service provider SpaceNet AG challenged Germany’s data retention law on the grounds that it violated EU rules.

The German court then sought advice from the ECJ, which said that such data retention could only be allowed under strict conditions.

“The Court confirms that EU law excludes the general and indiscriminate storage of traffic and location data, except in the case of a serious threat to national security,” the judges said.

“However, in order to combat serious crime, Member States may, while strictly respecting the principle of proportionality, provide for, inter alia, the targeted or accelerated storage of such data and the general and indiscriminate storage of IP addresses.”

According to ECO – the Association of the Internet Industry – which is behind SpaceNet, Germany’s nationwide data storage obligation is costing the industry millions of euros.

In another case, the ECJ said financial market regulators cannot use EU anti-insider dealing and market manipulation laws to force telecoms providers to hand over the personal data of traders suspected of these breaches.

The case was sparked by two people who challenged the French Financial Markets Authority after it ordered telecom operators to transfer personal data from phone calls between the two, based on French law.

“The general and arbitrary storage of traffic data by operators providing electronic communications services for one year from the date on which they were recorded is not permissible as a preventive measure to combat market abuse offences, including insider dealing,” the ECJ said. EU court rules that Berlin data regime violates GDPR

Fry Electronics Team

Fry is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – The content will be deleted within 24 hours.

Related Articles

Back to top button