The communication basically acknowledges that both, the data retention directive (DRD) and the corresponding legislation in the member states to the EU have missed their target.
for the above may easily be obtained by the communication itself, however you need not read it in its entirety, since I have prepared a short summary for you:
- The EU Commission complains it has received qualitative response to its questions from only 11 out of 27 member states.
- There is next to no evidence on the value of data retention in terms of public security and criminal justice. It is unclear whether data requested would be available anyway without the retention obligation and Data Protection Authorities do not know what is being kept or deleted by operators.
- While law enforcement agencies would love to know who communicated with whom, when, where and how, they can hardly make it happen, since unclear definitions in the DRD have encouraged heterogeneous interpretations of the scope so the agents find it very difficult to get this data on time for their investigations.
- The so-called ‘serious crime‘ are not defined at EU level and this leads to even more legal uncertainty – e.g. the entertainment industry calls upon the extension of DRD’s purpose to include copyright infringements, which may include illegal downloads / piracy.
- Telco operators complain about the considerable costs of compliance which are disproportionately high and hence discriminatory for smaller enterprises.
Putting it all together
it turns out that the DRD in its current form is useless because
- it does not solve legal uncertainties, but creates rather new ones;
- its scope is open to a debate and the EU Commission is keen to extend it (to cover also intellectual property infringements);
- it has failed in fulfilling its purpose – the harmonisation of the Internal Market.
the only reasonable step
of the EU Commission would be to immediately facilitate the revocation of the DRD!