28 April 2014

The European Court of Justice brings telecommunication providers' data logging duty to an end

On 8 April 2014, the ECJ declared that the controversial logging directive implemented in Danish law by the Executive Order on logging was invalid.

The ECJ found that the directive violated the Community Charter on the protection of privacy and that the EU legislative had exceeded its authority, and the directive was therefore declared invalid all the way back from the adoption i 2006. 

DATA LOGGING DUTY 

By way of national legislation, the directive orders telecommunication providers to log certain data on persons and companies and to store the data for minimum six months and maximum two years. 

The data concerns telephone calls, text messages, Internet traffic and the whereabouts at the time of the communication, but not the actual content of the communication. 

The ECJ ruled that, based on such data,, it is possible to make precise conclusions as to persons' private life, including everyday habits, whereabouts and social relations. 

The purpose of data logging is for the data to be passed on to the police in connection with investigation of serious criminal offences, and in Denmark, the directive was implemented with the result that data must be stored for one year. 

EXPENSIVE FOR THE INDUSTRY

In 2013, the Danish telecommunication companies registered the digital behaviour of 3.5 billion customers. According to the industry, the providers' logging duty has cost approx. DKK 200 million in equipment, and the annual operating expenses amounted to approx. DKK 50 million in 2007. Data logging is therefore a substantial financial burden on the providers. 

VIOLATION OF HUMAN RIGHTS?

The ECJ states that data logging may affect the use of communication, thereby restricting the freedom of speech as laid down in the Community Charter. 

Further, the ECJ states that logging, in itself, constitutes a violation of the protection of privacy, irrespective of whether the registration concerns sensitive information or has caused inconvenience to the person affected. 

The same applies to the basic right of protection of personal data as laid down by the Community Charter. 

The ECJ states that the violation of the rights is both far-reaching and particularly serious. 

Even though the violation of these rights is serious, it is not the opinion of the ECJ that it has negative impact on the actual essence of the rights when the logging does not concern the content of the communication. 

In principle, the directive is therefore justifiable as the purpose is in the interest of the public - protection of public security as long as this is in proportion to this purpose. The ECJ found that no such proportionality existed.

THE SURVEILLANCE IS TOO FAR-REACHING

The directive was primarily criticized for being very far-reaching as it applied to all forms of electronic communication, especially when the use thereof has increasing impact on peoples' everyday life, thus  violating all EU citizens' right to privacy. 

The violation takes place under the directive without taking into consideration differentiation, restrictions or exemptions and it therefore affects persons in situations where there is no proof of direct or indirect involvement in a serious offence. 

According to the ECJ, there is therefore no connection between the data stored and the specific threat to security as no requirements are made to restrict the logging, either geographically, in terms of time or aimed at a certain group of people.

RISK OF ABUSE OF DATA

Another criticism was that the directive lists no objective criteria laying down when an authority may gain access to logged data, or when a crime is considered serious enough to justify access. 

Further, the directive does not require a court order or a prior administrative hearing and, according to the ECJ, this opens up for a potential abuse of the collected data. 

RANDOM STORAGE DURATION

The directive prescribed that the data were to be stored for minimum six months and maximum two years, but it was up to the individual member states to decide the interval of the national legislation without any requirement that there had to be a distinction between the types of data collected. The ECJ found that this term made the storage of data random and thereby also worrying. 

A NEW DIRECTIVE?

Due to the directive's far-reaching requirements as to surveillance and the risk of abuse, the ECJ concluded that the logging directive went far beyond what was necessary. The directive is therefore contrary to the principle of proportionality of the Community Charter. 

The logging directive was thereby held invalid, and the EU legislative is expected to present a new, revised directive taking the criticism of the ECJ into consideration. 

DANISH RULES TO BE AMENDED?

In connection with the abolishment of the logging directive, there is a need for revising the Danish rules implementing the directive through the Executive Order on logging. 

In some respects, the Danish rules are more far-reaching than the directive and are therefore also to be considered disproportional and contrary to the protection of privacy of the Community Charter. 

Initially, the Minister of Justice has stated that the rules will now be investigated and amended if they do not comply with EU law.

Gambling news from Denmark October 2017

17 October 2017

A brief update on current affairs on the Danish gambling market.

Compliance: E-leaning in competition law

20 September 2017

Horten now offers e-learning in competition law tailored to each company.

The edtech company Labster announces Series A investment

7 September 2017

Labster recently announced a Series A investment round of $ 10 million with the participation of the venture capital funds Balderton Capital and Northzone.

The world’s largest e-sports tournament is coming to Denmark

14 August 2017

In December 2017 and for the next two years, Arena Fyn in Odense will host the finals of the world’s largest e-sports tournament - ESL Pro League - in the computer game Counter Strike. Horten has assisted Odense municipality in connection with the legal framework of the tournament.

White Paper concerning the data protection regulation has arrived

29 May 2017

The Ministry of Justice has now published the long awaited White Paper concerning the data protection regulation and the legal framework for Danish legislation in this respect.

Honors to M&A partner Lise Lotte Hjerrild

25 April 2017

Partner Lise Lotte Hjerrild is appointed to the Steering Group of the International M&A and Joint Venture Committee of the American Bar Association and Women in Law Awards 2017.

Horten advances in new Chambers and Legal 500 rankings

19 April 2017

In 2017, the leading international ranking agencies, Legal 500 and Chambers, are once again ranking Horten among the best law firms in Denmark.

Gambling news - April 2017

1 April 2017

This is a brief update on current affairs at the Danish gambling market. This update addresses the status on the new Danish Anti Money Laundering Act and update on the Swedish liberalization.

Four new specialised attorneys at Horten

7 March 2017

Horten has appointed four new specialised attorneys having in-depth professional and commercial expertise within personal data law, environmental and planning law, energy and supply law and tax law.

Gambling news - March 2017

1 March 2017

This is a brief update on current affairs on the Danish gambling market.

New action plan for the implementation of the regulation on data protection

30 January 2017

The Article 29 group has adopted a new action plan listing which subjects the group will prioritise in 2017 to ensure an effective implementation of the regulation on data protection.

Data protection officer – who, when, what?

12 January 2017

The so-called Article 29 group has adopted a set of guidelines covering data protection officers, which will provide more clarity with regard to the data protection officer's assignments, position and liability.

Global Leaders in Law appoints Horten as exclusive partner for Denmark

10 January 2017

Global Leaders in Law, the leading global general counsel forum based in London, and Horten has announced partnership. Appointed as a global bronze partner, Horten will sponsor the activities of Global Leaders in Law in 2017.

Gambling news - December 2016

1 December 2016

This is a brief update on current affairs on the Danish gambling market.

Greenland adopts personal data act

22 November 2016

From 1 December 2016, the Personal Data Act became effective in Greenland at the request of the Greenland Home Rule. The Act replaces the data protection legislation from 1978, which has applied in Greenland until now.

Dynamic IP addresses may constitute personal data

19 October 2016

The European Court of Justice recently ruled in C-582/14 that a dynamic IP address may constitute personal data.

The Data Protection Agency: Understand the requirements for employees' processing of personal data

7 October 2016

In a recent decision, the Data Protection Agency criticised a municipality's control of the data security based on unauthorised persons' access to sensitive personal data stored on an employee's private IT equipment.

Horten on two committees at the Confederation of Danish Industry, DI

3 October 2016

DI has re-appointed Søren Hornbæk Svendsen as member of the Energy and Climate Policy Committee and Nina Henningsen as member of the Media Policy Committee.

Internet media under pressure because of new EU ruling

15 September 2016

The latest ruling on hyper links and copyright confirms previous case law and adds a new rule of presumption, which may threaten the existence of some Internet media.

New agreement on municipalities' economy in 2017

13 June 2016

The day after the Government and the Danish Regions presented an agreement on the regions' economy in 2017, it was published that the Government had also concluded an agreement with KL on the municipalities' economy in 2017.

New ratings from the international reference book Legal 500

4 May 2016

There are several good news for Horten in the new rankings, among these to new Tier 1-ratings in Media & entertainment and Telecoms.

Final adoption of the new personal data regulation

14 April 2016

The European Parliament has adopted the new personal data regulation together with the rest of the data protection reform.

New association: The Danish association for marketing law

13 April 2016

11 of Denmark's leading experts within marketing law have established the Danish Association for Marketing Law. The association's first arrangement will take place on 3 May and focus on hidden advertising.

International women lawyers discuss the future of the legal profession

6 April 2016

Horten participates when 150 lawyers from all over the world meet in Berlin on 7-8 April under the headline "Law in a changing world – how women can contribute to innovation of the legal profession".

Gambling news - April 2016

1 April 2016

This is a brief update on current affairs at the Danish gambling market.

Horten Corporate Day 2016 - Danish companies at the forefront

18 March 2016

At Horten's Corporate Day 2016 on 16 March, Danish and foreign executives and experts gave their views on the trends and opportunities of the Danish business sector. Horten will repeat the success next year with Horten Corporate Day 2017.

Publication of draft Privacy Shield between the EU and the USA

8 March 2016

At the beginning of February 2016, it was reported that the European Commission and the USA had politically agreed on a new scheme replacing the Safe Harbour scheme concerning transfer of personal data from the EU to the USA.

Gambling news - March 2016

1 March 2016

This is a brief update on current affairs at the Danish gambling market.

New online dispute portal and requirements for web shops

19 January 2016

In the future, all Danish and EU web shops must link to the pan-European online dispute portal ODR (Online Dispute Resolution). ODR will be available from 15 February 2016.