fresnel6 - Fotolia

European Court of Justice ruling on Snoopers' Charter delayed until July 2016

The European Court of Justice (ECJ) will not rule on the legality of the so-called Snoopers’ Charter legislation until after the UK’s June 2016 EU referendum

The European Court of Justice (ECJ) will not rule on the legality of the so-called Snoopers’ Charter legislation until after the UK’s June 2016 EU referendum.

The ECJ held an emergency hearing on Tuesday 12 April 2016 about the UK’s Data Retention and Investigatory Powers Act 2014 (DRIPA), but the Danish advocate-general Claus Christian Gulmann – who is responsible for the case – will not issue his advice until 19 July and a full court ruling is not expected until several months after that.

While the Investigatory Powers Bill – intended to supersede DRIPA – was being debated in Westminster, Conservative MP David Davis and Labour deputy leader Tom Watson took their complaint to the highest European court, after winning a challenge at the UK High Court in July 2015.

DRIPA – which forces communications companies to store information about all communications for 12 months – treats “the entire nation as suspects” said Davis. However, lawyers for the UK government said that intercepted communications were central to investigating terror threats.

“We have multiple examples of communications data being critical in securing convictions. It has also been used to prove people innocent and to find missing victims. The measures are, at most, simply extending the time of retention, preventing digital footprints being washed away,” said Dan Beard QC, on behalf of the government.

The key question is whether DRIPA is proportionate. In April 2014, the ECJ struck down the European Data Retention Directive in a landmark judgment, known as Digital Rights Ireland, ruling that “blanket data retention” was illegal.

Read more about the Snoopers' Charter

Bulk data retention

However, many countries have re-instigated their own version of the law. The latest hearing also heard from Swedish telecom company, Tele2 Sverige, which is challenging the Swedish obligation to retain traffic data covering all persons, all means of electronic communication and all traffic data without any distinctions – just as DRIPA does. The court must decide whether this is compatible with the Charter of Fundamental Rights.

Camilla Graham Wood, legal officer for Privacy International, told the court: “The effect of DRIPA is to use bulk data retention to create a dossier on every person in the UK. It includes every internet and mobile phone transaction you undertake, every location will be filed, every meeting noted, every website indexed and every call marked.”

Davis added that, although individuals can challenge unlawful access of their data, it’s unlikely they would bring a complaint, given that individuals have no right to be informed if their information was accessed.

Terrorism trumps civil liberties

In representations to the court, Denmark, Sweden, Germany, Estonia and Finland all argued that data retention must be “general” to be effective as a crime-fighting tool.

“We cannot know in advance what data is necessary and valuable,” said UK lawyers. France went even further, saying that a minimum one-year retention period for data was essential to combat crime and terrorism.

“We live in troubled times, do we really want to constrain the member states in this way?” asked the Czech representative.

Ireland claimed that access to such data is not directly governed by EU law – a view that was quickly challenged by German MEP Jan Philipp Albrecht: “Rubbish! The ePrivacy Directive regulates use of personal telecom data, therefore [it is] governed by EU law,” he said on Twitter.

Although the 15 judges of the court are under no obligation to follow the advocate general’s opinion in July 2016, it is usually a good indication of the eventual ruling.

Read more on Privacy and data protection