Brussels, 18 April 2011
Commission evaluates the Directive on retention of telecommunications data
Today the European Commission adopted an evaluation report of the Data Retention Directive outlining the lessons learned since its adoption in 2006. The Directive established data retention as a response to urgent security challenges, following major terrorist attacks in Madrid in 2004 and in London in 2005. The report concludes that retained telecommunications data play an important role in the protection of the public against the harm caused by serious crime. They provide vital evidence in solving crimes and ensuring justice is served. However, transposition of the Directive has been uneven and the remaining differences between the legislations of Member States create difficulties for telecommunication service providers. The Directive also does not in itself guarantee that data are stored, retrieved and used in full compliance with the right to privacy and protection of personal data, and this has led courts to annul the legislation transposing the Directive in some Member States. The Commission will now review the current data retention rules, in consultation with the police and the judiciary, industry, data protection authorities, and civil society with a view to proposing an improved legal framework.
"Our evaluation shows the importance of stored telecommunications data for criminal justice systems and for law enforcement. Such data are used as evidence not only to convict the guilty of serious crimes and terrorism, but also to clear the innocent of suspicion. Retained data was for example crucial to the success of Operation Rescue which helped reveal the identities of 670 suspected members of an international paedophile network and protect children from abuse in Member States where the directive has been transposed. But the evaluation report also identifies serious shortcomings. We need a more proportionate, common approach across the EU to this issue. I therefore intend to review the Directive to clarify who is allowed to access the data, the purpose and procedures for accessing it", said Cecilia Malmström, Commissioner for Home Affairs.
The evaluation report analyses how Member States have transposed the Directive and assesses the use of retained data and the impact on operators and consumers.
Its main findings are:
Telecommunications data retained by telecommunications operators is used by police and prosecutors in the investigation, detection and prosecution of serious crime and terrorism.
The EU, through a number of directives in the last 10-15 years, has sought to regulate the requirement for telecommunications service providers to retain data for a specific period of time.
The Data Retention Directive (Directive 2006/24/EC) requires Member States to ensure that these operators retain certain categories of data (for identifying identity and details of phone calls made and emails sent, excluding the content of those communications) for the purpose of the investigation, detection and prosecution of serious crime, as defined by national law. The data must be retained for a minimum of six months to a maximum of two years (to be decided by Member State in transposing the Directive into national laws).
Law enforcement authorities in most Member States have reported to the Commission that retained data plays a central role in protecting the public against harm through effective criminal investigation. These data provide valuable leads and evidence which have resulted in convictions for criminal offences and in acquittals of innocent suspects in relation to crimes which, without data retention, might never have been solved.
Data protection authorities have criticised the directive on the grounds that it does not provide enough limitation of data retention and safeguards for how the data is stored, accessed and used.
Article 14 of the Directive requires the Commission to provide an evaluation of the application of this instrument and its impact on economic operators and consumers.
Building on this evaluation, the Commission will prepare a proposal to amend the Directive. Over the coming months, it will consult law enforcement authorities, the judiciary, data protection authorities, industry and civil society on options for a future legal framework. The results of the consultation will feed into an impact assessment as a basis for the future proposal.
For more information
Homepage of Cecilia Malmström, Commissioner for Home Affairs:
Homepage of DG Home Affairs: