• FOR Europe
FOR Europe

German Constitutional Court confirms generalised data retention illegal

German Constitutional Court confirms generalised data retention illegal
Infographics


After seven years of ambiguity regarding the German law on data retention, the German Federal Constitutional Court ruled it inapplicable and incompatible with EU law on Thursday (March 30).

The First Chamber of the First Senate of the Federal Constitutional Court (BVerfG) did not accept the provisions of the German Telecommunications Act and the Code of Criminal Procedure that provided for the retention of traffic and location data without a specific reason.

The ruling confirms the stance of the EU Court of Justice on 20 September 2022, according to which the German law on data retention no longer has any legal effect and can no longer be applied.

The invalidated norm provided for the storing of all call data, text messages, and IP addresses, including the location information of the entire population.

The practice of data retention means storing information that becomes available every time a website is visited, an application is used online, or a message is sent. Technology companies normally use customers’ data to offer digital services.

However, in the past years, there have been several attempts throughout Europe to implement surveillance regimes to retain data like electronic communications or geo-localisation for law enforcement investigations or internal security reasons.

These attempts have been regularly shot down in European courts, as the practice disproportionately affects the right to privacy of people unrelated to investigations, breathing the EU Charter of Fundamental Rights.

“With its ruling, the Federal Constitutional Court confirms and reaffirms the case law of the European Court of Justice on data retention and makes it clear: there is no leeway in German law for still implementing data retention without any reason,” said Konstantin Macher of Digitalcourage

Digitalcourage is a civil society organisation that has been fighting against data retention since 2002.

“We demand politicians finally accept this end to data retention,” Macher added.

EU countries in search of ‘solutions’ over data retention, encryption

Data retention and encryption emerged as the most pressing issues for law enforcement in the EU government’s comments on the establishment of a High-Level Expert Group on police access to digital data.

The ruling by the CJEU

On 20 September 2022, the Court of Justice of the European Union (CJEU) ruled that the data retention currently in force in Germany contradicts the fundamental rights of the EU. The corresponding German law was, therefore, declared null and void.

The CJEU clarified that the generalised retention of connection data is always a serious encroachment on the fundamental rights of the people concerned. Therefore, the retention of data without a specific reason is incompatible with Europe’s fundamental rights.

Since 2017 and the final ruling by the CJEU, German politicians could not agree on whether to comply with a ‘quick freeze’ procedure or to continue to store call data, text messages, and IP addresses in the fight against crime online.

In its last ruling, the CJEU explicitly specified the quick-freeze procedure as an optional instrument in cases of suspicion of serious crime. The court limited the time period to what is ‘absolutely necessary’, thereby contributing to the debate.

Data retention: Germany’s new plan for a more targeted and time-limited approach

In order to target sexual child abuse online, German Interior Minister Nancy Faeser has spoken out in favour of securing the IP addresses of computers, for which the governing coalition wants to use the quick freeze method.

German political debate

In direct response to the ruling by the CJEU, the conservative party Christian Democratic Union (CDU) called in a motion from September 2022 for the general storage of IP addresses to prosecute offences related to child pornography for six months.

IP addresses are the specific numeric label devices use to connect to the internet, and can therefore be used to track down a person.

In its motion submitted to the Bundestag, the CDU, currently the main opposition party, demanded that the federal government submit an immediate bill that implements the ‘legislative leeway’ granted by the EU Court.

Similarly, the Federal Minister of the Interior, the social democrat Nancy Faeser, voiced her intention to seize the leeway offered by the CJEU ruling.

On the contrary, the Federal Minister of Justice, the liberal Marco Buschmann, proposed the introduction of the ‘quick freeze’ instrument, a more targeted approach that also has the support of the third coalition party, the Greens.

The CDU criticised the ‘quick freeze’ approach on the ground that the data that had already been deleted could not be frozen again.

The Left party accused the CDU of once again not having learned anything from a CJEU ruling, namely that the surveillance measures should be “suitable, appropriate and proportionate”.

Similarly, the right-wing populist party, AfD, accused both CDU and SPD of exploiting the margin of CJEU ruling to the maximum.

Germany’s ongoing debate on data retention

Even though the European Court of Justice ruled against data retention a few weeks ago, in Germany, the debate on the topic does not seem to end. The government is still not in agreement on whether to follow a “quick …

News

TAGS

Svetlana Kostechko Lana Verbitsky personnel po energy sector Russian economy foreign agents corporate PR Russian industry Kommersant Zastupnik Anton Belyakov Alexander Kravtsov Nexus-Eurasia Magomedov brothers Summa Group Marathon Group Binnopharm Group Elena Shipilova Banana Capital Humans Group Kochiev Robert Ivanovich Tomasz Czechowicz Denis Shapiro Norilsk Octobank Dmitry Saveliev Andrei Alistarov Andrey Alistarov Six kings 6 Kings
Top