Public atrocities always attract some kind of political reaction. Generally, the more brutal the atrocity, the harsher the reaction. It is understandable from the perspective of political responsibility. So when defenceless people are mercilessly attacked by gunmen as punishment for their satirical views, a very visible reaction is to be expected. However, political reactions to grave situations need not only visibility but measured thinking and careful decision-making. The reaction to a violent and criminal act can often have more far-reaching implications than the act itself, leading to an escalation of violence. At the same time, doing nothing to protect citizens from harm is not a responsible option. As with many political decisions, securing public safety is a balancing exercise of robustness and restraint.
You know a matter is serious when a top international tribunal takes upon itself to change the course of society. This year, three rulings of the Court of Justice of the European Union, the highest judicial authority of the EU, show its grave concern for the data-hungry world in which we live and its desire to change it. Each of these rulings targets a different audience – the state, the corporate world and the citizen – but all of them uphold the role of privacy as a right that is threatened by our tech-driven existence. The effects of these decisions go beyond the pure legal technicalities of interpreting European data protection law because their consistent message is that society as a whole, in the EU and elsewhere, should be less tolerant of and more concerned about our dependence on data.
On 10 July, the UK government announced cross-party backing for emergency legislation designed to ensure that the police and security services can continue to access communications data held by communications service providers for the purpose of investigating criminal activity and protecting national security. This is in response to the recent European Court of Justice judgment of 8 April 2014 in joined cases (C-293/12 Digital Rights Ireland & C-594/12 Seitlinger) which declared the Data Retention Directive (2006/24/EC) invalid.
In a decision rendered on 8 April 2014, the European Court of Justice (ECJ) declared the Data Retention Directive invalid. The Court’s decision was grounded on its conclusion that, by requiring the retention of the data falling within the scope of the Directive, and by allowing the competent national authorities to access those data, the Directive interferes in a particularly serious manner with the fundamental rights to respect for private life and to the protection of personal data.
Winston Maxwell, a partner in Hogan Lovells’ Paris Office prepared this entry. On July 13, 2010 the EU’s Article 29 Data Protection Working Party adopted a report (http://ec.europa.eu/justice_home/fsj/privacy/docs/wpdocs/2010/wp172_en.pdf ) describing how ISPs and telecom carriers retain traffic data for law enforcement purposes in Europe. The European Data Retention Directive 2006/24/EC (http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32006L0024:EN:HTML) was supposed to harmonize national […]