By Guest author

On 18 November, the Dutch government finally issued its response to the Court of Justice of the European Union (CJEU) ruling in April 2014 that invalidated the data retention directive 2006/24/EC. Despite all the debate about the legality of data retention practices, the government wants to retain its current data retention legislation. The Ministry of Security and Justice wrote in a letter to the parliament that the CJEU’s judgements doesn’t affect the Dutch law on data retention directly.

The government wants to remedy the problems that the ruling creates for the Dutch law by making a few cosmetic changes to the national legislation. A request for data now needs to be approved by a judge, while until now the approval of the public prosecutor was sufficient. In addition to that, a request for data older than six months may only be made for “the most serious category of offences with very long prison sentences”. The retention periods, twelve months for phone-related data, six months for internet-related data, are to be kept unchanged.

The Dutch government’s response to the CJEU’s decision to invalidate the data retention directive is shocking.

“The retention of specific data regarding all citizens is therefore necessary, because during retention we cannot differentiate beforehand between suspicious and non-suspicious citizens,” writes Ivo Opstelten, the Dutch Minister of Security and Justice, in his response. “We will retain data about everybody because we cannot predict who might later turn out to be a bad guy.”

The comments of Mr Opstelten, as well as Dutch government’s position on data retention go against one of the basic principles of our rule of law: You are innocent until proven guilty. Everyone has the right to privacy, and only when there is a targeted and concrete suspicion of an unlawful act, can the government suspend this right temporarily, with strict safeguards.

On 1 December, the Dutch EDRi-member Bits of Freedom heated up the public debate by showing the Dutch law may not be executed by the government, nor by providers. The Dutch Constitution stipulates that a law which violates international treaties, such as the EU Charter of fundamental rights, is invalid. The government was quick to respond by saying it would nevertheless enforce this law. Bits of Freedom is expecting heavy pressure on the government by the Dutch parliament, the providers and the general public.

Press release: Government should to drop data retention (only in Dutch, 18.11.2014)
https://www.bof.nl/2014/11/18/persbericht-regering-moet-bewaarplicht-juist-ongedaan-maken/

Government says: data retention should be kept virtually unchanged (only in Dutch, 20.11.2014)
https://www.bof.nl/2014/11/20/kabinet-zegt-eigenlijk-bewaarplicht-vrijwel-ongewijzigd-behouden/

Someone is wrong (not just on the Internet) (24.11.2014)
https://www.bof.nl/2014/11/24/someone-is-wrong-not-just-on-the-internet-2/

Government should stop enforcement data retention immediately (only in Dutch, 01.12.2014)
https://www.bof.nl/2014/12/01/kabinet-moet-per-direct-handhaving-bewaarplicht-stopzetten/

Providers should take government to court over enforcement of data retention (only in Dutch, 2.12.2014)
https://www.bof.nl/2014/12/02/providers-moeten-staat-voor-rechter-slepen/

(Contribution by Rejo Zenger, EDRi-member Bits of Freedom, Netherlands)

EDRi-gram_subscribe_banner

Twitter_tweet_and_follow_banner