Profile image
By Big Brother Watch
Contributor profile | More stories
Story Views

Last Hour:
Last 24 Hours:

CJEU judgment says UK Government’s bulk retention of our communications data is illegal

Monday, February 27, 2017 10:48
% of readers think this story is Fact. Add your two cents.

(Before It's News)

The Court of Justice of the European Union today published the final judgment in relation to the Tom Watson MP (and formerly David Davis MP) case regarding the lawfulness of the Data Retention and Investigatory Powers Act (DRIPA).

The court has ruled that:

  • Communications data (the who, when, what and where of our telephone and internet activity) cannot be retained in a “general and indiscriminate” way.
  • Communications data can be accessed for the objective of maintaining national security or investigating serious crime only.
  • Any request for access to communications data must be “subject to prior review by a court or an independent administrative authority”.
  • Only data held in the EU can be requested.

This Judgment strikes a massive blow not just to DRIPA but to the recently passed Investigatory Powers Act (IP Act).

The Government have today issued a statement stating that they are “disappointed with the judgment” and no wonder because today’s ruling effectively challenges the legality of the IP Act in four particular areas:

  1. The ability for the police to internally sign off on requests for access to communications data will need to be rewritten to ensure that any warrant request is reviewed and approved by a judicial commissioner.
  2. The need for “an objective criteria in order to define the circumstances and conditions” under which communications data can be accessed. This is set out as “access can, as a general rule , be granted in relation to the objective of fighting crime, only to the data of individuals suspected of planning, committing or having committed a serious crime or being implicated in one way or another in such a crime”.
  3. The requirement that any national authority accessing retained data “must notify the persons affected….as soon as the notification is no longer liable to jeopardise the investigations being undertaken.
  4. The need for “electronic communications services…to ensure the full integrity and confidentiality” of data and that they must be able to “guarantee a particularly high level of protection and security”. This implies that any weakening of encryption or building of backdoors into services providing communications will not be lawful.

But the ruling will also raise issue and serious questions with regard to the bulk powers in the IP Act which fall seriously short of adhering to today’s ruling, notably:

  • Bulk personal datasets on each and every one of us living or dead.
  • The use of bulk equipment interference (hacking), when the necessity and proportionality cannot be determined.

The judgment will now go before the UK Court of Appeal. No doubt the Government will continue to assert that they have adequately ticked all the right boxes. But what the ruling makes abundantly clear is that there is still a great deal of work to be done to ensure that the laws which are designed to keep us safe don’t remove our privacy in the process.

You can read the judgment here

And for the history behind the case check our earlier blogs here and here


Report abuse


Your Comments
Question   Razz  Sad   Evil  Exclaim  Smile  Redface  Biggrin  Surprised  Eek   Confused   Cool  LOL   Mad   Twisted  Rolleyes   Wink  Idea  Arrow  Neutral  Cry   Mr. Green

Top Stories
Recent Stories



Email this story
Email this story

If you really want to ban this commenter, please write down the reason:

If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.