ECJ and data retention: reboot or burial

Germany has been arguing about data retention for 20 years. The ECJ will now decide on Tuesday. Does he take the law?

Demonstration with a large banner.

The resistance has lasted for a long time: Demo against data retention in Berlin in 2007 Photo: imago

BERLIN taz | This Tuesday will be European Court of Justice (ECJ) presumably the German law on data retention complain. And he will thus rekindle a central debate in German domestic policy.

Interior Minister Nancy Faeser (SPD) is already in favor of one Data retention relaunched in order to be able to take better action against depictions of abuse by children. She wants to introduce everything that is still possible after the ECJ ruling. Justice Minister Marco Buschmann (FDP), on the other hand, considers the instrument to be “dead”. He insists on the coalition agreement that excludes data retention without cause. So far, the Greens have backed the FDP, but have said little.

Data retention is the storage of all telephone and Internet connection data for the entire population without cause. Providers such as Telekom have to record who called, chatted or texted whom and who logged on to the Internet when and where with which IP address.

In the case of mobile phones, the location is also saved. However, content is not recorded. This is intended to create a huge pool of data that the police can access if necessary.

Introduced in 2007, phased out three years later

Data retention was first introduced in Germany in 2007. The then grand coalition thus implemented an EU directive. However, the data was only saved from 2008 to 2010. The Federal Constitutional Court declared this in 2010 law void. Among other things, FDP politicians around Sabine Leutheusser-Schnarrenberger had complained. As Minister of Justice, she made sure that no new attempts were made in the next few years.

The current law was not passed until 2015 in the next grand coalition. Minister of Justice at the time was Heiko Maas (SPD). The compromise at the time: Instead of six months, the connection data and IP addresses would only be stored for ten weeks, and the cell phone location data for just four weeks. E-mail connection data should no longer be stored at all.

But in 2017 – shortly before the beginning of the storage obligation – that started Higher Administrative Court of Munster the law in the case of individual providers because it presumably violates EU fundamental rights. The Federal Network Agency has therefore been refraining from enforcement for years. So the current law has not been applied for a single day.

Strict case law of the ECJ

The Federal Constitutional Court does not cause legal problems. In Karlsruhe, data retention is generally accepted if certain requirements are met, in particular to secure the data. The judicial resistance comes from the ECJ, which initially considered any form of mass storage without cause to be disproportionate. In 2014 the ECJ eliminated it hence the EU directive. In 2016, he also objected to national regulations in Sweden and Great Britain.

Because of the angry reactions of the EU states the ECJ backtracked significantly in 2020. It now allows the data retention of IP addresses without cause. In the case of connection and location data, “targeted” data retention is possible for certain groups of people and in certain areas. Exceptions should also be possible in the event of a threat to national security. But even with these weakened requirements, the German law is clearly incompatible because it also provides for the storage of all connection and location data without cause.

The Federal Administrative Court nevertheless submitted the German law to the ECJ in 2019 submitted for examination. The Leipzig judges hope that the ECJ will continue to soften its strict requirements. So far, however, there are no signs of this. The Independent Advocate General Manuel Campos Sanchez Bordona recommended to the ECJ in November 2021 to stick to its case law.

Source link