According to German law, Germany’s ISPs and phone services had to retain data about every citizen’s phone calls and emails for six months. Today, however, Germany’s Federal Constitution Court suspended this law and ordered that all the data stored to date must be deleted immediately. According to German news magazine Der Spiegel, the court said that it wasn’t sufficiently clear that the data storage was secure enough and what exactly the data would be used for.
Suspended, But Not Dead
It’s important to note that this isn’t necessarily the end of this law and that the court hasn’t ruled the law unconstitutional – the court only ruled that the implementation of the law was severely flawed. The German constitution, according to the judges, doesn’t disallow saving this information. The European Union issued guidelines for data retention in 2006 that requires all E.U. member states to implement national data retention laws. According to the guidelines, all ISPs and phone carriers have to keep a record of all their customers’ phone calls and emails on a rolling six-month basis. The actual implementation of these guidelines remains up to the E.U. members, however.
For now, the court has suspended the law until it has been amended and its scope has been limited by the German government. The court recommends that the data will be stored by the ISPs and phone companies, but argues that there shouldn’t be a central, government-controlled repository for this data. In addition, the court also recommends that the data should be encrypted.
For ISPs, keeping all these records is a significant burden and many ISPs and phone companies had hoped that the court would rule the law unconstitutional so that they wouldn’t have to store this data anymore.
The next stop for the opponents of this law is the E.U., though it remains to be seen if there is enough support among E.U. countries to fight these guidelines.