VPN Articles and News

Dutch Court Quashes Data Retention Law Citing Privacy Concerns

Friday, August 14th, 2015

The District Court of Hague has scrapped Netherlands’ controversial data retention law which required Dutch telecom companies and ISPs to store usage data of their customers’ activities for up to a year. While admitting that the legislation helped the authorities in solving serious crimes, Judge G.P. van Ham also highlighted that the law breached privacy of ordinary Dutch citizens. The verdict is effective immediately which means Dutch telecom companies and Internet Service Providers are no longer required to collect any kind of usage data from their customers.

The Dutch Data Retention Law was modeled on the lines of European Union’s data collection directive which was unveiled in the year 2006. As per the legislation, all Dutch telecom companies were required to store call logs of their fixed and mobile phone subscribers for one whole year. In addition, the law made it compulsory for Dutch ISPs to collect and store internet usage information from their subscribers for a period of six months.

It is noteworthy here that while the legislation was drafted to fight serious crimes and identify home grown extremists, it was often misused to solve petty crimes (including bicycle theft). This was also highlighted by the Judge who noted that although the authorities had promised not to misuse the law, there was no mechanism in place which ensured that the captured information was used only to fight serious crimes. Moreover, the legislation allowed the authorities to access data without taking permission from a court or a competent administrative authority thus violating articles 7 and 8 of European Union’s Charter of Fundamental Rights.

The Dutch court order comes soon after Germany and Austria scrapped similar legislations citing human right violations and privacy concerns. And let’s not forget that EU’s data retention directive, the driving force behind these laws, was struck down by European Union Court of Justice last year since it was deemed to be violating privacy rights of European citizens. Despite that verdict, the Dutch government continued with a modified version of its data collection program and even called the practice as indispensable which assisted in investigation and prosecution of crimes. This prompted several civil liberty and privacy groups, including Privacy First, Dutch Association of Journalists, Dutch Association of Criminal Defense Lawyers, International Commission of Jurists (Dutch section); as well as telecom companies like SpeakUp and VOYS to file a case against the Dutch government in the court.

Privacy First welcomed District Court’s verdict and stated that the ruling will effectively put an end to the massive privacy breaches that have occurred in Netherlands over the last one decade. The Dutch Security and Justice Ministry, on the other hand, regretted the decision and even hinted that the government may appeal against the decision. The ministry also warned that the verdict would have a serious impact on ongoing investigations and may even hamper the fight against organized crime and terrorism. Since the Court has not set a date for stopping data collection or deletion of data collected over the last one year, the Dutch telecom companies are expected to stop their data collection activities only after studying the legal ramifications of the order.

August 14, 2015

Leave a Reply

Your email address will not be published. Required fields are marked *

5 + 6 =