Menu
Proposal for altered data retention law is still unlawful, Dutch DPA says

Proposal for altered data retention law is still unlawful, Dutch DPA says

Obliging telecom companies to retain customer data for months to help the police catch criminals is disproportionate, the DPA said

The Dutch government's proposed revision of the country's data retention law is not enough to bring it into compliance with a recent European Union court ruling, the Dutch privacy watchdog said Monday.

An effort by the Dutch government to adjust a law requiring telecommunications and Internet companies to retain their customers' location and traffic metadata for investigatory purposes should be dropped, as the infringement of the private life of virtually all Dutch citizens is too great, the Dutch Data Protection Authority (DPA) said on Monday.

The Dutch government is looking to change data retention obligations for telephone and Internet communications operators following a decision last year by the Court of Justice of the European Union (CJEU). The court invalidated the European data retention directive, on which the Dutch law is based, because it violates fundamental privacy rights.

The Dutch data retention law has been under pressure since the CJEU's ruling. The Council of State, a constitutional advisory body, last year already concluded that the law should be withdrawn because it violates fundamental privacy laws. But despite this advice, the government decided to amend it instead of annul it.

The government sees the law as indispensable for the investigation and prosecution of serious criminal offenses, and proposed maintaining it with minor adjustments to who will have access to the data and under what circumstances to bring it in line with the CJEU ruling.

But the Dutch DPA thinks the bill should not even be presented to Parliament as there is no proven necessity for such a law, it said in a letter to the government published Monday.

Retaining the telephony and Internet data of virtually all citizens for six to 12 months is a far-reaching measure which requires an irrefutable demonstration of necessity, it said, adding that during the 4.5 years this data has been retained, law enforcement authorities have not been able to show why data retention is necessary.

Moreover, the draft bill does not address the question whether less far-reaching alternative measures would be available to obtain the same result. If the bill was to go ahead, "the infringement of the private life of virtually all Dutch citizens is too big and disproportionate," it found

The government for instance proposed to retain telephony data for 12 months but only make it accessible to law enforcement for six to 12 months depending on the crime. However, this distinction between the retention and the use of the data does not alter the disproportionality between the purpose of the data collection and the infringement on the private life. Therefore, this general data retention obligation is unlawful, the DPA said.

The DPA's opinion is one of several that will have to be taken into account, said a spokesman for the Dutch government, who added that the government will comment on every suggestion in detail when the bill is submitted to the Parliament.

A DPA spokeswoman said the bill could still be altered before it will be discussed in parliament based on the advice.

Although the government has refused to annul the law, others are seeking to force its hand. On Wednesday, the District Court of the Hague is scheduled to hear a legal challenge to it, filed by a broad coalition of organizations who want the law invalidated because it violates fundamental privacy rights.

Other data retention laws in EU countries have already been ruled unconstitutional, In Austria for instance, the local law was invalidated in the wake of the CJEU ruling. In Germany, the local data retention law was ruled unconstitutional in 2010, long before the ruling.

In Sweden though, the government is looking to maintain a data retention obligation for telecommunication data on much the same grounds as in the Netherlands.

Loek is Amsterdam Correspondent and covers online privacy, intellectual property, online payment issues as well as EU technology policy and regulation for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to loek_essers@idg.com

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags securitydata protectionlegislationgovernmentprivacy

Featured

Slideshows

Educating from the epicentre - Why distributors are the pulse checkers of the channel

Educating from the epicentre - Why distributors are the pulse checkers of the channel

​As the channel changes and industry voices deepen, the need for clarity and insight heightens. Market misconceptions talk of an “under pressure” distribution space, with competitors in that fateful “race for relevance” across New Zealand. Amidst the cliched assumptions however, distribution is once again showing its strength, as a force to be listened to, rather than questioned. Traditionally, the role was born out of a need for vendors and resellers to find one another, acting as a bridge between the testing lab and the marketplace. Yet despite new technologies and business approaches shaking the channel to its very core, distributors remain tied to the epicentre - providing the voice of reason amidst a seismic industry shift. In looking across both sides of the vendor and partner fences, the middle concept of the three-tier chain remains centrally placed to understand the metrics of two differing worlds, as the continual pulse checkers of the local channel. This exclusive Reseller News Roundtable, in association with Dicker Data and rhipe, examined the pivotal role of distribution in understanding the health of the channel, educating from the epicentre as the market transforms at a rapid rate.

Educating from the epicentre - Why distributors are the pulse checkers of the channel
Kiwi channel reunites as After Hours kicks off 2017

Kiwi channel reunites as After Hours kicks off 2017

After Hours made a welcome return to the channel social calendar last night, with a bumper crowd of distributors, vendors and resellers descending on The Jefferson in Auckland to kickstart 2017. Photos by Maria Stefina.

Kiwi channel reunites as After Hours kicks off 2017
Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow exclusively introduces Tenable Network Security to A/NZ channel

Arrow Electronics introduced Tenable Network Security to local resellers in Sydney last week, officially launching the distributor's latest security partnership across Australia and New Zealand. Representing the first direct distribution agreement locally for Tenable specifically, the deal sees Arrow deliver security solutions directly to mid-market and enterprise channel partners on both sides of the Tasman.

Arrow exclusively introduces Tenable Network Security to A/NZ channel
Show Comments