JRB - Fotolia

UK privacy groups join call on EU to halt comms data collection

UK-based privacy groups have joined calls for a halt to the collection of communications data by European Union member states

UK-based Privacy International, Liberty, and Open Rights Group have joined more than 60 non-governmental organisations (NGOs), community groups and academics across Europe in calling for a halt to the collection of communications data.

The groups have filed complaints to the European Commission calling for EU governments to stop requiring companies to store all communications data.

They note that the practice was ruled unlawful by the Court of Justice of the European Union (CJEU) in two separate judgments in 2014 and 2016.

“Blanket and indiscriminate retention of communications data — who we interact with, as well as when, how, and where — is a very intrusive form of surveillance,” the UK groups said in a joint statement. “Communications data is no less sensitive than the content of communications.”

Despite the two major rulings by the CJEU, which made blanket and indiscriminate retention of personal data unlawful, the groups said the majority of EU member states have yet to stop this form of surveillance.

“While member states continue to discuss behind closed doors how to address the implications of the CJEU rulings, there is an urgent need to implement the jurisprudence of the CJEU by reforming national data retention laws,” the groups said.

Privacy International expressed particular concern about attempts by some EU member states to circumvent the jurisprudence of the CJEU. “We are also concerned by the lack of transparency of the process thus far,” it said.

The groups say it is clear that current data retention regimes in Europe violate the right to privacy and other fundamental human rights.

“In particular, the CJEU has made clear that general and indiscriminate retention of communications data is disproportionate and cannot be justified,” they said.

Complaints have been filed in 11 EU member states: Belgium, the Czech Republic, France, Germany, Ireland, Italy, Poland, Portugal, Spain, Sweden and the UK.

The complaints specifically call for the protection of fundamental rights enshrined in Articles 7, 8 and 11 of the Charter of Fundamental Rights of the European Union, as interpreted by the Grand Chamber of the CJEU.

The complaints also call for the application of sanctions for non-compliant member states by referring to the CJEU, which they say “should logically strike down all current data retention national frameworks”.

Tomaso Falchetta, head of advocacy and policy at Privacy International, said governments have already been told “clearly and unequivocally” through two key rulings that they must stop blanket and indiscriminate retention of personal data.

“In a world where more and more data can be generated, collected, shared and exploited by governments and companies alike, strong privacy protections must be enforced,” he said.

Corey Stoughton, advocacy director at Liberty, said the UK government knows full well that it is breaking the law.

“Every single day, intelligence agencies collect details of thousands of our calls and messages in arrogant defiance of the courts,” she said. “By invading our privacy, they undermine our free press, our freedom of speech and our ability to explore new ideas.”

In a democratic society, Stoughton said no one is above the law, including politicians in power. “Our client Tom Watson won his case in January,” she said. “It’s time the government stopped spying on innocent people and built a surveillance system that targets those who pose a genuine threat.

Jim Killock, executive director at Open Rights Group, said: The courts were completely clear: no blanket retention. Governments do not get to pick and choose what courts tell them. When they do, they undermine the rule of law itself.”

Read more on Privacy and data protection

CIO
Security
Networking
Data Center
Data Management
Close