EU data laws struck down by court ruling

Andrew Rettman and Damien McElroy write in the Daily Telegraph:

The European Union’s Court of Justice said an EU law on data surveillance constitutes a “particularly serious interference” with individual “rights to respect for private life”.

The court said collection of data to combat crime was a legitimate exercise but that the 2006 rules did not limit the scope of information stored.

The ruling marks a victory for privacy campaigners who had argued that the European Union was sanctioning an intrusive regime of snooping across the eurozone. The ruling comes as European leaders face demands for tougher data protection measures following revelations that US spies eavesdropped on continental politicians in revelations leaked by the former NSA contractor Edward Snowden.

The court verdict added the existing law’s loose wording means Europeans will feel “their private lives are the subject of constant surveillance” if the measures are left intact.

The 2006 “data retention directive” forces internet and phone companies to store information on who contacts whom, when, how often, and from which locations, for between six months and two years so that government agencies can use it to prevent “serious crime”.

The vast majority of EU countries, including the UK, but not Belgium or Germany, have already transcribed it into national legislation.

Britain alone used the measures to access people’s data 724,751 times in 2012.

An EU court official told The Telegraph member states are free to keep the national measures in place despite the EU annulment. But they risk a flood of legal challenges emboldened by the Luxembourg ruling if they do.

Glyn Moody analyses the ruling on his blog here.