40 kansalaisjärjestöä, Effi mukana, lähettivät Euroopan komissiolle kirjeen ja vaativat tunnistietojen yleisen säilyttämisen kieltämistä. Euroopan Unionin tuomioistuimesta on tullut tuoreita päätöksiä tietojen säilyttämistä koskevissa oikeusjutuissa (EDRin tiedote aiheesta). Sisäasioista vastaava komissaari on aiemmin ilmaissut haluavansa uutta lainsäädäntöä asiasta, ja jäsenvaltiot ovat pitkään olleet innokkaita uusiin unionin laajuisiin toimiin.
Joint letter of 6 October 2020 to
Ylva Johansson, European Commissioner for Home Affairs,
Thierry Breton, European Commissioner for the Internal Market,
Didier Reynders, European Commissioner for Justice and
Margrethe Vestager, European Commission Vice-President
We are deeply concerned over announcements [1] that the Commission intends to assess the need for further action on communications data retention once the judgments in pending cases are delivered. On 9 December 2019 Commissioner Johansson said [2]: “I do think that we need legislation for data retention.” A study on “possible solutions for retaining data” has been commissioned. The German digital rights NGO Digitalcourage regards the study’s design [3] as biased as it does not reflect on the threats of telecommunications data retention.
Blanket and indiscriminate telecommunications data retention is the most privacy-invasive instrument and possibly the least popular surveillance measure that was ever adopted by the EU. The EU Data Retention Directive mandated the indiscriminate collection of sensitive information about social contacts (including business contacts), movements and the private lives (e.g. contacts with physicians, lawyers, workers councils, psychologists, helplines, etc.) of 500 million Europeans that are not suspected of any wrongdoing.
In its judgment of 8th April 2014 the European Court of Justice (ECJ) annulled the data retention directive 2006/24 which had required telecommunications companies to store data about all of their customers’ communications. But it is still implemented into national law in various member states of the European Union.
We believe that such invasive surveillance of the entire population is unacceptable. With a data retention regime in place, sensitive information about social contacts (including business contacts), movements and the private lives (e.g. contacts with physicians, lawyers, workers councils, psychologists, helplines, etc) of millions of Europeans is collected without regard to individual suspicion. Blanket and indiscriminate telecommunications data retention has proven harmful to many sectors of society. Telecommunications data retention undermines professional confidentiality, creates the permanent risk of data losses and data abuses and deters citizens from making confidential communications via electronic communication networks. It undermines the protection of journalistic sources and thus compromises the freedom of the press. Overall it damages foundations of our open and democratic society. In the absence of a financial compensation scheme in most countries, the enormous cost of a telecommunications data retention regime must be borne by the thousands of affected telecommunications providers. This leads to price increases and to the discontinuation of services, creating indirect burdens on consumers.
Studies [4] prove that the communications data available without data retention are generally sufficient for effective criminal investigations. Blanket data retention has proven to be superfluous, harmful or even unconstitutional in many states across Europe, such as Austria, Belgium, Germany, Greece, Romania and Sweden. These states prosecute crime just as effectively using a targeted collection of traffic data that is needed for a specific investigation, such as the data preservation regime agreed in the Council of Europe Convention on Cybercrime.
We argue that the current German telecommunications data retention law must not be taken as a model law for the EU. Firstly, there are various constitutional complaints pending against the law and secondly, the German law follows the same fundamentally hazardous approach of collecting data about every citizen continually and without any regard to individual suspicion, threat or need.
There is no proof that telecommunications data retention provides for better protection against crime. On the other hand, we can see that it costs billions of euros, puts the privacy of innocent people at risk, disrupts confidential communications and paves the way for an ever-increasing mass accumulation of information about the entire population.
As representatives of the citizens, the media, professionals and industry we collectively reject the blanket retention of telecommunications data. We urge you not to pursue any attempts to reintroduce telecommunications data retention. At the same time we urge you to open infringement procedures to ensure that national data retention laws are repealed in all member states concerned. Furthermore we appeal to you to work towards an EU-wide ban on blanket and indiscriminate data retention practices that capture peoples activities. We call on you to develop the European way so that it leads to an EU free of invasive surveillance.We should be happy to discuss the matter with you personally at your convenience.
Yours faithfully,
•Access Now
•ARTICLE 19, UK
•Associação D3 – Defesa dos Direitos Digitais, Portugal
•Association for Technology and Internet / Asociatia pentru Tehnologie si Internet (ApTI), Romania
•Chaos Computer Club e.V., Germany
•Citizen D/ Državljan D, Slovenia
•Dataskydd.net, Sweden
•Datenschutzraum e.V., Germany
•Deutsche Aidshilfe, Germany
•Deutsche Vereinigung für Datenschutz (DVD) e.V., Germany
•dieDatenschützer Rhein Main, Germany
•Die Neue Richtervereinigung – Zusammenschluss von Richterinnen und Richtern, Staatsanwältinnen und Staatsanwälten e.V., Germany
•Digitalcourage e.V., Germany
•Digitale Gesellschaft, Germany
•Digital Freedom (Digitale Freiheit e.V.), Germany
•Digital Freedom and Rights Association / DFRI – Föreningen för digitala fri- och rättighjeter, Sweden
•Digital Rights Ireland; Ireland
•Dr. Thilo Weichert, Netzwerk Datenschutzexpertise, Germany
•eco – Verband der Internetwirtschaft e.V. , Germany
•European Digital Rights (EDRi), EU-wide network
•Electronic Frontier Finland, Finland
•Electronic Frontier Foundation, U.S.A.
•Electronic Frontier Norway, Norway
•epicenter.works – Plattform Grundrechtspolitik, Austria
•FREELENS e.V., Germany
•Freifunk Hamburg, Germany
•Forum Computer Professionals for Peace and Societal Responsibility, Germany / Forum InformatikerInnen für Frieden und gesellschaftliche Verantwortung e.V., FIfF, Germany
•Hermes Center for Transparency and Digital Human Rights, Italy
•Homo Digitalis, Greece
•Internet Society, German Chapter (ISOC.DE) e.V., Germany
•IT-Political Association of Denmark (IT-Pol), Denmark
•Iuridicum Remedium, z. s., Czech Republic
•Komitee für Grundrechte und Demokratie, Germany
•Mike O’Neill, Director of Baycloud Systems, UK
•Netzwerk Datenschutzexpertise, Germany
•Panda Mery
•quintessenz – Verein zur Wiederherstellung der Bürgerrechte im Informationszeitalter, Austria
•Republikanischer Anwältinnen- und Anwälteverein e. V., Germany
•Selbstbestimmt.Digital, Germany
•Statewatch, UK
•Vereinigung Demokratischer Juristinnen und Juristen e.V. (VDJ), Germany
•Vrijschrift, Netherlands
•Working Group on Data Retention (Arbeitskreis Vorratsdatenspeicherung), Germany
•Xnet, Spain
More and more organizations are joining this letter. Please visit digitalcourage.de for the updated list of signatories.
[1]: https://www.europarl.europa.eu/RegData/questions/reponses_qe/2020/000389/P9_RE(2020)000389_EN.pdf
[2]: https://www.europarl.europa.eu/RegData/questions/reponses_qe/2019/004385/P9_RE(2019)004385_EN.pdf
[3]: https://digitalcourage.de/blog/2020/data-retention-biased-study-by-the-eu-commission
https://digitalcourage.de/blog/2020/vorratsdatenspeicherung-einseitige-studie-der-eu-kommission
[4]: EDRi: Data Retention Booklet: https://edri.org/our-work/launch-of-data-retention-revisited-booklet/