The European Court of Justice has determined that the data retention currently suspended in Germany contradicts EU law in many cases. Only when national security is seriously threatened may temporary storage be allowed.

EU: German data retention overturned

According to a ruling by the European Court of Justice (ECJ) in Luxembourg, telecommunications providers in Germany do not have to store their customers’ data without reason for authorities to access it. Such a Regulation is not compatible with EU law. Exceptions should only apply if there is a serious threat to national security. But even then, traffic and location data from users may only be stored temporarily. Permanent storage is accordingly off the table.

What a “real and current or foreseeable” threat for national security, must be ordered by a court or an independent administrative body. Exceptions can also apply to the fight against serious crime, but this may only be accompanied by a temporary storage of data (source: ECJ).

The case is now back back to the Federal Administrative Court, which turned to the ECJ. Background are lawsuits from Deutsche Telekom and Spacenet. The providers wanted to resist storing data without cause and having to make it available to authorities. Should the Federal Administrative Court find a violation of German data retention, politicians are required to draft a new law.

Messenger also has the EU in its sights:

EU restricts data retention again

In recent years, the EU has repeatedly set new limits on data retention, and not just for Germany. National regulations have often been overturned here. Most recently, the ECJ ruled on Data retention in Irelandthat crimes such as murder are not included.