Overview of national data retention policies: Unterschied zwischen den Versionen
(→Turkey) |
|||
Zeile 151: | Zeile 151: | ||
=== Belgium === | === Belgium === | ||
− | | valign="top" | | + | | valign="top" | no (no implementing decree) |
− | | valign="top" | | + | | valign="top" | |
| valign="top" | [http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:72006L0024:EN:NOT#FIELD_BE Reported]: | | valign="top" | [http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:72006L0024:EN:NOT#FIELD_BE Reported]: | ||
#Loi du 21 mars 1991 portant réforme de certaines entreprises publiques économiques. Loi; Moniteur Belge , date pub: 27/03/1991 ; ref.: (MNE(2007)58028)<br> | #Loi du 21 mars 1991 portant réforme de certaines entreprises publiques économiques. Loi; Moniteur Belge , date pub: 27/03/1991 ; ref.: (MNE(2007)58028)<br> | ||
#Arrêté royal du 9 janvier 2003 portant exécution des articles 46bis, § 2, alinéa 1er, 88bis, § 2, alinéas 1er et 3, et 90quater, § 2, alinéa 3, du code d'instruction criminelle ainsi que de l'article 109ter, E, § 2, de la loi du 21 mars 1991 portant réforme de certaines entreprises publiques économiques. Arrêté royal; Moniteur Belge , date pub: 10/02/2003 ; ref.: (MNE(2007)58029) <br> | #Arrêté royal du 9 janvier 2003 portant exécution des articles 46bis, § 2, alinéa 1er, 88bis, § 2, alinéas 1er et 3, et 90quater, § 2, alinéa 3, du code d'instruction criminelle ainsi que de l'article 109ter, E, § 2, de la loi du 21 mars 1991 portant réforme de certaines entreprises publiques économiques. Arrêté royal; Moniteur Belge , date pub: 10/02/2003 ; ref.: (MNE(2007)58029) <br> | ||
− | | valign="top" | | + | | valign="top" | |
− | | valign="top" | | + | | valign="top" | |
− | | valign="top" | | + | | valign="top" | |
− | | valign="top" | | + | | valign="top" | |
− | | valign="top" | | + | | valign="top" | |
| valign="top" | <br> | | valign="top" | <br> | ||
| valign="top" | <br> | | valign="top" | <br> |
Version vom 1. Februar 2012, 11:12 Uhr
Overview of national data retention policies
Please update this table by entering information on data retention in your country:
Data retention transposition schedule
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
(EU directive) |
- |
6-24 months |
directive, 15 March 2006 |
Directive's requirements:
|
Directive's requirements:
|
Directive's requirements:
|
Directive's requirements:
|
Directive's requirements:
|
- |
providers of publicly available electronic communications services or of a public communications network |
competent national authorities in specific cases for the purpose of the investigation, detection and prosecution of serious crime, as defined by each Member State in its national law |
referral announced by Irish High Court | ||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Austria |
yes | 6 months as of April 2012 | AK Vorrat | |||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Belgium |
no (no implementing decree) | Reported:
|
Judicial coordination unit, examining magistrates, public prosecutor, criminal police for the investigation and prosecution of criminal offences, the prosecution of abuse of emergency services telephone number, investigation into malicious abuse of electronic communications network or service, for the purposes of intelligence-gathering missions undertaken by the intelligence and security services | |||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Bulgaria |
yes |
12 months |
Reported:
|
Providers of public communications networks and/or publicly available electronic communications services | The head officer of the:
1. Specialized departments, the local units and the independent territorial directorates within the State Agency for National Security; 2. Directorate General “Criminal Police”, Directorate General “Fight against organized crime” and its local units, Directorate General “Security”, Directorate General “Border Police”, directorate “Internal security”, Sofia Directorate of Internal affairs, the regional directorates within the MoI; 3. The Military Information Service and the “Military Police” within the Ministry of Defence; 4. National Intelligence Service The data is retained for the purposes of detection and investigation of serious crimes and crimes under Art. 319a - 319e of the Penal Code (cybercrimes), and for the location of missing or wanted persons. Access id granted only after a court warrant. |
completed | Access to Information Programme (AIP) | |||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Cyprus |
yes | 6 months |
Ο Περί Διατήρησης Τηλεπικοινωνιακών Δεδομένων με Σκοπό τη Διεύρηνση Σοβαρών Ποινικών Αδικημάτων Νόμος του 2007. Νόμος , no.: Ν. 183(Ι)/2007; Cyprus Gazette , no.: 4154 , date pub: 31/12/2007 , page: 01466-01483 ; date into force/en vigueur: 31/12/2007 ; ref.: (MNE(2008)50638) |
For investigation of a serious criminal offence | Supreme Court ruled 1 Feb 2011 that retained data can only be accessed "in cases of convicted and unconvicted prisoners and business correspondence and communication of bankrupts during the bankruptcy administration" (Art. 17 of Constitution) | |||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Czech Republic |
No, transposition law annulled by Constitutional Court on March, 31st 2011 | Iuridicum Remedium (IuRe) | ||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Denmark |
yes |
12 months |
|
For the investigation and prosecution of criminal acts | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Estonia |
yes, as of 01/01/2008 (Internet 15/03/2009) | 12 months |
ELEKTROONILISE SIDE SEADUSE JA RAHVATERVISE SEADUSE MUUTMISE SEADUS. seaduse parandus , no.: RTI, 07.12.2007, 63, 397 ; Elektrooniline Riigi Teataja , no.: RTI, 07.12.2007, 63, 397 ; ref.: (MNE(2007)58607) |
for criminal proceedings of a criminal offence [in the first degree or an intentionally committed criminal offence in second degree with a penalty of imprisonment of at least three years] | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Finland |
yes, as of 23/05/2008 (Internet 15/03/2009) | 12 months | Reported:
|
For investigating, detecting and prosecuting serious crimes as set out in Chapter 5a, Article 3(1) of the Coercive Measures Act | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
France |
yes, as of 24/03/2006 | 12 months |
Décret no 2006-358 du 24 mars 2006 relatif à la conservation des données des communications électroniques. Décret , no.: 2006-358; Journal Officiel de la République Française (JORF) , date pub: 26/03/2006 ; date into force/en vigueur: 27/03/2006 ; ref.: (MNE(2007)56763) |
For the detection, investigation, and prosecution of criminal offences, and for the purpose of providing judicial authorities with information needed, and for the prevention of acts of terrorism and protecting intellectual property | No. A challenge was rejected by the Constitutional Court (decision of 07/08/2007). However, the Court decided providers must be reimbursed (decision of 07/08/2007). | |||||||||
Member State | EU directive transposed? | Data Retention Period | Legal instruments and date of entry into force | Data to be retained beyond the directive's requirements: fixed line telephony | Data to be retained beyond the directive's requirements: mobile telephony | Data to be retained beyond the directive's requirements: E-Mail | Data to be retained beyond the directive's requirements: Internet access | Data to be retained beyond the directive's requirements: Internet telephony | Data to be retained beyond the directive's requirements: other | Who is compelled to retain data? | Who is authorised to access retained data and for what purposes? | Legal challenges pending? | Competent NGO | |
Germany |
no (declared unconstitutional on 2 March 2010) |
- |
- |
- |
- |
- |
- |
- |
Any person providing or assisting in providing telecommunications services and in so doing allocating subscription IDs or providing telecommunications connections for IDs allocated by other parties (applies to telephony and DSL lines, including prepaid services, but not e-mail services) is to collect, prior to activation, and store the name and address of the allocation holder, the date of birth and in the case of fixed lines, additionally the address for the line, even if such data are not required for operational purposes (§ 111 TKG). The subscriber directories are electronically accessible by all German law enforcement and intelligence agencies (§ 112 TKG). |
|||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Greece |
yes | 12 months | Data retention law no. 3917 dated 21-02-2011 | providers of publicly available electronic communications services or public communications networks | For the purpose of detecting particularly serious crimes | |||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Hungary |
yes | 12 months | Reported: 15 acts |
To enable investigating bodies, the public prosecutor, the courts and national
security agencies to perform their duties, and to enable police and the National Tax and Customs Office to investigate intentional crimes carrying a prison term of two or more years |
yes, Constitutional Court challenge brought by theHungarian Civil Liberties Union (HCLU) |
Hungarian Civil Liberties Union (HCLU) | ||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Ireland |
Yes. |
25 months phone records, 13 months Internet records (may be kept for up to 25 months). | Communications (Retention of Data) Act 2011. | Unsuccessful calls to be retained | Unsuccessful calls to be retained | For the prevention of serious offences [i.e. offences punishable by imprisonment
for a term of 5 years or more, or an offence in schedule to the transposing law], safeguarding of the security of the state and the saving of human life. Data may be accessed
|
yes, High Courtchallenge brought by DRI (latest updates) |
See background on Irish law here. | ||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Italy |
yes |
24 months, Internet 12 months |
Reported: Attuazione della direttiva 2006/24/CE riguardante la conservazione dei dati generati o trattati nell'ambito della fornitura di servizi di comunicazione elettronica accessibili al pubblico o di reti pubbliche di comunicazione e che modifica la direttiva 2002/58/CE. |
For detecting and suppressing criminal offences | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Latvia |
yes, as of 07/06/2007 (Internet 15/02/2009) | 18 months |
|
To protect state and public security or to ensure the investigation of criminal offences, criminal prosecution and criminal court proceedings | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Lithuania |
yes |
6 months |
Reported:
|
For the investigation, detection and prosecution of serious and very serious crimes, as defined by the Lithuanian Criminal Code | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Luxemburg |
yes | 6 months |
Loi concernant la protection de la vie privée dans le secteur des communications électroniques |
For the detection, investigation, and prosecution of criminal offences carrying a criminal sentence of a maximum one year or more | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Malta |
yes |
12 months, Internet 6 months |
Reported:
|
For investigation, detection or prosecution of serious crime | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Netherlands |
Yes | 12 months | Wet bewaarplicht telecommunicatiegegevens, passed Senate on 7 July 2009. Plus law to be proposed by government that will reduce period for Internet to 6 months. |
No. |
For investigation and prosecution of serious offences for which custody may be imposed | |||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Poland |
yes |
24 months | 1. The Telecommunication Law Amendment of 24 April 2009 (Journal Od Laws of 2009, No.85 item 716). 2.The Regulation of the Minister of Infrastructure of 28 December 2009 on a detailed specification of data and types of operators of public telecommunications networks or providers of publicly available telecommunications services obliged for its retention and storage, Journal of Laws of 2009, No 226 item 1828, went into force on 1 January 2010. |
unsuccessful call attempts | unsuccessful call attempts, data identifying beam and working range of antenna of BTS | No court order required. Six secret services, police, courts and prosecution have a right to request data. For the prevention or detection of crimes, for prevention and detection of fiscal offences, for use by prosecutors and courts if relevant to the court proceedings pending, for the purpose of the Internal Security Agency, Foreign Intelligence Agency, Central Anti-Corruption Bureau, Military Counter-intelligence Services and Military Intelligence Services to perform their tasks | yes, complaint of 28 January 2011 concerning data access | Panoptykon | ||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Portugal |
yes, as of 08/2009 | 12 months |
Reported: Assembleia da República-Transpõe para a ordem jurídica interna a Directiva n.º 2006/24/CE, do Parlamento Europeu e do Conselho, de 15 de Março, relativa à conservação de dados gerados ou tratados no contexto da oferta de serviços de comunicações electrónicas publicamente disponíveis ou de redes públicas de comunicações |
For the investigation, detection and prosecution of serious crime | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Romania |
yes, but declared unconstitutional |
APTI | ||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Slovakia |
yes | 12 months, 6 months for Internet services | For the prevention, investigation, detection and prosecution of criminal offences | |||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Slovenia |
yes, as of 12/04/2008 (Internet 13/01/2010) | 14 months, 8 months for Internet data |
Zakon o spremembah in dopolnitvah Zakona o elektronskih komunikacijah. Zakon; Uradni list RS , no.: 129/2006 , date pub: 12/12/2006 , page: 14113-14128 ; date into force/en vigueur: 27/12/2006 ; ref.: (MNE(2007)50469) |
For ensuring national security, constitutional regulation and the security,
political and economic interests of the state and for the purpose of national defence |
||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Spain |
yes, as of 09/11/2007 | 12 months; can be reduced or extended to a minimum of 6 months and a maximum of 24 months, on request of the compentent authorities |
LEY 25/2007, de 18 de octubre, de conservación de datos relativos a las comunicaciones electrónicas y a las redes públicas de comunicaciones. Ley , no.: 25/2007; Boletín Oficial del Estado ( B.O.E ) , no.: 251/2007 , date pub: 19/10/2007 , page: 42517-42523 ; date into force/en vigueur: 08/11/2007 ; ref.: (MNE(2007)57464) |
None |
None |
None |
None |
None |
None |
same as the Directive: telecomunications providers; los operadores que presten servicios de comunicaciones electrónicas disponibles al público o exploten redes públicas de comunicaciones (art.2) |
All Police/Security forces when acting under an order of the Attorney General or Courts of Justice
Miembros de las Fuerzas y Cuerpos de Seguridad del Estado, cuando desempeñen funciones de Policia Judicial (art.6.2.a) Funcionarios de la Dirección Adjunta de Vigilancia Aduanera, en el desarrollo de sus competencias como policía judicial (art.6.2.b) El personal del Centro Nacional de Inteligencia en el curso de investigaciones de seguridad sobre personas o entidades (art.6.2.c) For the detection, investigation and prosecution of the serious crimes considered in the Criminal Code or in the special criminal laws |
None (as yet) |
Access Info Europe (http://www.access-info.org/en/civil-liberties) |
|
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Sweden |
no | New Renaissance | ||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
United Kingdom |
yes, as of 26/07/2007 (Internet 06/04/2009) | 12 months |
The Data Retention (EC Directive) Regulations 2007. Statutory instrument (SI) , no.: Statutory Instrument 20; Her Majesty's Stationery Office (HMSO) , no.: ISBN 978 0 11 078328 4 ; date into force/en vigueur: 01/10/2007 ; ref.: (MNE(2007)57200) The Data Retention (EC Directive) Regulations 2009. Statutory instrument (SI), number: 2009 no 859; Official Journal: Her Majesty's Stationery Office (HMSO), number: SI 2009 no 859, Entry into force: 06/04/2009; Reference: (MNE(2010)53135) |
For the investigation, detection and prosecution of serious crime | ||||||||||
Non-EU- State |
Data retention implemented ? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Iceland |
yes | Telecommunication Act 81/2003 (as amended in April 2005) | ||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Liechtenstein |
yes | 6 months | Telekommunikationsgesetz (2006) | |||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Norway |
yes, as of April 2012 | 6 months | planned | digitaltpersonvern.no | ||||||||||
Non-EU-State |
Data retention implemented ? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Switzerland |
yes, as of 2002 | 6 months | Buyers of prepaid mobile phone cards must be identified and registered by ID document (name, address, date of birth) | operators of fixed line and mobile telephony, public ip-based telecommunications services | no | |||||||||
Non-EU-State |
Data retention implemented ? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Turkey |
Censorship & Data retention regulated by Law 5651 in 2007 | 6 months to 2 years |
|
Phone lines are tapped by police and used as 'evidence' for prosecuting activities vaguely associated with 'terrorist organizations', based on anti-terror law TMK. |
Mobile phones are tapped for the same reason. They also secretly record 'audio surveillance' from meetings of legal parties, unions, even mayor's office, state institutions. |
E-mails can also be used as 'evidence', but not used as much as audio surveillance and phone tapping, yet. ICTA develops DPI systems, considers it 'state secret'. |
Law 5651 requires every ISP to block any illegal content of any user upon being informed, if technically possible. It has to inform ICTA 3 months before closing down, and give the traffic records to ICTA (state authority) |
Same with e-mail. Yet to come. |
MOBESE is the system of police department where they collect all kinds of data for every citizen. They randomly make 'identity controls' on the street. Officers gain 'points' for doing so. | Internet service providers, GSM operators. internet publishers, if they don't want to take responsibility. | 'Data protection law' is being 'prepared' for over 10 years, so god knows who. Law 5397 authorizes the national intelligence agency MIT to request data and documents about "issues in its field of duty" |
Social challenges pending! More so than legal challenges. | Alternative Informatics Association english presentation in CCC |
Please update this table by entering information on data retention in your country:
See also
- European Commission: National provisions on data retention communicated by the member states
- European Commission: Evaluation report, April 2011
- Ludwig Boltzmann Institut für Menschenrechte: Rechtsvergleichende Analyse im Hinblick auf die Umsetzung der Richtlinie 2006/24/EG über die Vorratsdatenspeicherung (in German: details on data retention in BE, DK, DE, FR, GR, GB, IR, IT, NL, PT, ES, SE, CZ as of 2008-03-10)
- German Ministry of Justice: Übersicht zum Umsetzungsstand und zu Gerichtsverfahren (2009-11-27)
- Article 29 Working Party: Analysis of implementation of data retention in EU member states (2010-07-13)
- European Commission: Overview of Data Retention Periods Per EU Country (2010-08-02)
- European Commission: Progress Report on the Single European Electronic Communications Market (15th Report) (2010-08-25) including data retention
- EPIC: Implementation of Dir. 2002/58 in EU Member States