ENDitorial: Advocate General on Data Retention: Strange answer&question

By EDRi · November 30, 2011

This article is also available in:
Deutsch: [ENDitorial: Generalanwalt zur Vorratsdatenspeicherung – Seltsame Fragen & Antworten | https://www.unwatched.org/EDRigram_9.23_ENDitorial_Generalanwalt_zur_Vorratsdatenspeicherung_Seltsame_Fragen_und_Antworten?pk_campaign=edri&pk_kwd=20111130]

The Advocate General of the European Court of Justice recently issued an
opinion on the case of Bonnier Audio vs Perfect Communication Sweden (case
no. C-461/10). The question to be answered was whether data retention
Directive and/or articles 3, 4, 5 and 11 of the E-Privacy Directive prevent
Member States from permitting internet service providers in civil
proceedings to be ordered to give copyright holders information on
subscribers that allegedly infringed intellectual property rights, as
foreseen by Article 8 of the IPR Enforcement Directive. The
question partly seeks to answer itself, by explicitly demanding an
assumption that the measure is proportionate and that evidence has been
“adduced” evidence of an infringement.

The answer from the Advocate General is, “no”, there is nothing in the Data
Retention Directive nor the E-Privacy Directive which would prevent a
national administration from imposing a measure requiring stored data to
be used to identify people within the scope of the IPR Enforcement
Directive. However, such information should be stored for the purpose of
possible disclosure to IPR holders, according to detailed national
provisions and compliant with EU law on data protection.

He bases this view on various elements. Firstly, regarding the Data
Retention Directive, he explains that this is not relevant in the context of
this specific case.

However, his views on the E-Privacy Directive are the most interesting and
difficult to comprehend. This analysis explains that Member States may
impose data retention for purposes outside the scope of the legal basis of
the Directives. This analysis was confirmed by the European Commission in a
declaration at the time of adoption of the Directive. As the Commission
explained in its position on the common position, “the present Directive
based on Article 95 of the Treaty cannot include substantive provisions on
law enforcement measures. It should neither prohibit nor approve any
particular measure Member States may deem necessary.”

Article 15 of the E-Privacy Directive does explain that such an infringement
of the fundamental right to privacy must be adequately
justified – namely that any such measure be “necessary, appropriate and
proportionate measure within a democratic society to safeguard national
security (i.e. State security), defence, public security, and the
prevention, investigation, detection and prosecution of criminal offences or
of unauthorised use of the electronic communication system, as referred to
in Article 13(1) of Directive 95/46/EC.” However, the Advocate General is
clear that the restrictions described in Article 15.1 of the E-Privacy
Directive must be respected for any data storage to be legal.

The Advocate General makes no effort to explain why such a measure would or
could be “necessary” as well as being proportionate (the question attempts
to preempt the court by explaining that proportionality is assumed). This is
surprising when we bear in mind the only position taken so far on long-term,
suspicionless retention of data on innocent citizens – the
Telefonica/Promusicae case. In that case, the Advocate General argued that
“(i)t may be doubted whether the storage of traffic data of all users
without any concrete suspicion – laying in a stock, as it were – is
compatible with fundamental rights.” How did we move from a situation before
the adoption of the Charter of Fundamental Rights where an Advocate General
said that data retention per se is of questionable legality, to a position
now, under the Charter, where an Advocate General believes it is permissible
for narrow business interests – ignoring the fact that data retention was
explicitly implemented under the condition that it was for fighting “serious
crime”? Maybe the answer lies in the fact that the question demands that the
ECJ makes the very dubious assumption that the measure being imposed is
“proportionate”.

Having ignored the part of the Telefonica/Promusicae case that highlighted
the serious dangers of data retention for fundamental rights, perhaps the
oddest interpretation is the one that relies on analysis in that case. The
Advocate General explains that, during the implementation of Directives in
national law, a fair balance of different fundamental rights must be
respected. This is odd because the case in question does not concern
implementation of EU Directives into national laws, it concerns the question
whether new, additional and unforeseen implementations of data retention are
forbidden by the relevant legislation or not.

Starting from this questionable logical basis, the Advocate General treats
private property “rights” of narrow business interests as fully equal to the
rights of citizens as a whole. While this is unfortunately, in abstract
terms, correct, he then fails to address the fact that, in specific terms,
it is not appropriate to treat narrow business interests as of equal value
as the privacy of the entire society. This position has, thankfully, already
been contradicted by the Court in last week’s Scarlet/Sabam case, where the
judges ruled that “The protection of the right to intellectual property is
indeed enshrined in Article 17(2) of the Charter of Fundamental Rights of
the European Union. There is, however, nothing whatsoever in the wording of
that provision or in the Court’s case-law to suggest that that right is
inviolable and must for that reason be absolutely protected.”

However, the ultimate conclusion that the Advocate General comes to is
probably the only possible one as a result of the very leading way in which
the question was posed. Having been asked to assume that any such measure
was proportionate (and assuming that intellectual property breaches are
criminal offences), there is nothing in the Directives mentioned in the
question which would prevent a Member State from introducing a new law to
require data retention for intellectual property enforcement purposes – as
long as the minimum criteria set out in the E-Privacy Directive are
respected.

It is to be hoped that the Court will not restrict itself to the very
questionable assumption of proportionality and address necessity and
proportionality as well. If it does, the result should be quite different,
as Advocate General Kokott already pointed out in the Telefonica/Promusicae
case.

Commission Declaration
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52002PC0338:EN:HTML

Data Retention Directive
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2006:105:0054:0063:EN:PDF

E-Privacy Directive
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32002L0058:EN:NOT

ECJ Cases:
Telefonica/Promusicae: Case C-275/06
Scarlet/Sabam: Case C-70/10
Bonnier Audio/Perfect Communications: Case: 461/10
all accessible at
http://curia.europa.eu/jcms/jcms/j_6/

(Contribution by Joe McNamee – EDRi)