Bulk collection of data from phone calls and emails by carriers acting under government orders could be permissible in the pursuit of “serious crime”.
That’s the preliminary ruling in a case brought by Brexit chief minister David Davis against PM Theresa May before the European Union’s highest court.
The ruling suggests bulk collection and retention of customer data might not be in breach of the EU Charter of Fundamental Rights - if it’s done legally and with safeguards.
Davis with Labour Party deputy leader Tom Watson and others brought their case to the European Court of Justice in February.
They had sought a ruling that the “emergency” Data Retention and Investigatory Powers Act (DRIPA) surveillance legislation rushed through Parliament in 2014 went against sections of the Charter. The Act was led by the then Home Secretary May.
Specifically, that Section 1 of DRIPA constituted a “serious interference with the fundamental rights laid down in in Articles 7 and 8”.
Back, then Davis – a former shadow home secretary – was a backbencher.
Since the June 23 vote to leave the EU and the switch of PMs, leading Brexit campaigner Davis has been elevated to secretary of state for exiting the European Union and is now a serving member of PM Theresa May’s cabinet.
It seems Davis has withdrawn from the action as it is Watson and others who are named in the preliminary ruling. While Watson is listed in the European Court's preliminary ruling, Davis’s name is absent.
The Register contacted the Department for Exiting the EU for clarification but hadn’t received a response at the time of writing.
Davis and Watson took their case to the British High Court claiming that DRIPA sections 1 and 2 were incompatible with the public’s right to respect for private life and communications and for protection of personal data under Articles 7 and 8 of the Charter.
The court found for Davis and Watson in July 2015 but the ruling was not upheld on appeal, so Davis and Co. took their case to the European Court of Justice in Luxembourg.
A preliminary ruling by advocate general Henrik Saugmandsgaard released today says it may not be incompatible with the EU law for carriers and service providers to be asked to retain data.
According to Saugmandsgaard Øe: “The general obligation to retain data must be strictly necessary to the fight against serious crime,” the advocate general wrote.
“He [the advocate general] considers that solely the fight against serious crime is an objective in the general interest that is capable of justifying a general obligation to retain data.”
The opinion notes it is “imperative” that data collection and retention is “circumscribed by strict safeguards." Importantly, that data collection rules are laid down by proper legislative process and that they respect the essence of the right to respect for privacy and data protection as laid down by the Charter.
Also, there must be adequate protection against arbitrary interference. ®