The European Union’s supervisory authority for data protection has declared that the EU’s data retention directive does not adequately meet privacy and data protection requirements.
On Tuesday, the office of the European Data Protection Supervisor (EDPS) issued an opinion saying that the 2006 directive, which requires all Internet providers, telecom firms and mobile phone companies to store extensive traffic and location data for six months has “failed to meet its main purpose,” and that “the necessity of data retention as provided for in the Data Retention Directive has not been sufficiently demonstrated.” […]
Privacy and Internet advocates across Europe have spoken out repeatedly against the directive. Most recently, earlier this year, German parliamentarian Malte Spitz revealed his own six months’ of mobile phone calling and tracking data in a data visualization project in collaboration with the German newspaper Die Zeit. […]
The 2006 directive was created in the wake of terrorist attacks in London and Madrid, and were designed to give European law enforcement easy access to all telecommunications data, including who, when and where a call was made, and any relevant GPS location information.