Overview of national data retention policies
Overview of national data retention policies
Please update this table by entering information on data retention in your country:
Data retention transposition schedule
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
(EU directive) |
- |
6-24 months |
directive, 15 March 2006 |
Directive's requirements:
|
Directive's requirements:
|
Directive's requirements:
|
Directive's requirements:
|
Directive's requirements:
|
- |
providers of publicly available electronic communications services or of a public communications network |
competent national authorities in specific cases for the purpose of the investigation, detection and prosecution of serious crime, as defined by each Member State in its national law |
yes, action brought by Administrative Court of Wiesbaden (Germany) | ||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Austria |
not yet, draft law available | |||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Belgium |
no |
Reported:
|
||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Bulgaria |
yes |
12 months |
Reported:
|
Providers of public communications networks and/or publicly available electronic communications services | The head officer of the:
1. Specialized departments, the local units and the independent territorial directorates within the State Agency for National Security; 2. Directorate General “Criminal Police”, Directorate General “Fight against organized crime” and its local units, Directorate General “Security”, Directorate General “Border Police”, directorate “Internal security”, Sofia Directorate of Internal affairs, the regional directorates within the MoI; 3. The Military Information Service and the “Military Police” within the Ministry of Defence; 4. National Intelligence Service The data is retained for the purposes of detection and investigation of serious crimes and crimes under Art. 319a - 319e of the Penal Code (cybercrimes), and for the location of missing or wanted persons. Access id granted only after a court warrant. |
yes, Supreme Administrative Court Challenge brought by Access to Information Programme |
Access to Information Programme (AIP) | |||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Cyprus |
yes | 6 months |
Ο Περί Διατήρησης Τηλεπικοινωνιακών Δεδομένων με Σκοπό τη Διεύρηνση Σοβαρών Ποινικών Αδικημάτων Νόμος του 2007. Νόμος , no.: Ν. 183(Ι)/2007; Cyprus Gazette , no.: 4154 , date pub: 31/12/2007 , page: 01466-01483 ; date into force/en vigueur: 31/12/2007 ; ref.: (MNE(2008)50638) |
Supreme Court ruled 1 Feb 2011 that retained data can only be accessed "in cases of convicted and unconvicted prisoners and business correspondence and communication of bankrupts during the bankruptcy administration" (Art. 17 of Constitution) | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Czech Republic |
yes | 12 months |
Act on Electronic Communications No. 127/2005 Coll. as amended by law 247/2008 Coll. |
1. pre-paid phone card identificator 2. public phone box identification (number and geographic position data) |
1. IP adresses of terminals from which were sent SMS (service od sending SMS from web form, quite widespread service in the Czech Rep.) 2. every link between MSISDN and IMEI used together in the network 3. ID of mobile phone credit coupon and its link to mobile phone number (at anonymous SIMs) 4. "additional information" not more specified. |
1. amount of data transferred 2. use of secured communication 3. identificator of user´s device
|
1. status of event (e.g.fail/success, usual/unusual termination of connection) 2. amount of uploaded/downloaded data 3. "identificators of interest" (except IP adress is named as example port number) 4. method and status requests for service 5. URI identificators and its parametres requirements
|
1. transport protocol 2. amount of data transferred |
Providers of public communication network or of publicly accessible services of electronic communications |
Police, public prosecutors and courts in penal proceedings. Provisions in Police Act enable to forward the data to Interpol, SIS and Europol or foreign policies in case of "serious danger". Similar vague backdoor for transfer of rrtained data to intelligence services are in current and also in proposed new Police Act.
|
Yes, submitted in March 2010, Constitutional Court file no. Pl. ÚS 24/10, more info | Iuridicum Remedium (IuRe) | ||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Denmark |
yes |
12 months |
|
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Estonia |
yes | 12 months |
ELEKTROONILISE SIDE SEADUSE JA RAHVATERVISE SEADUSE MUUTMISE SEADUS. seaduse parandus , no.: RTI, 07.12.2007, 63, 397 ; Elektrooniline Riigi Teataja , no.: RTI, 07.12.2007, 63, 397 ; ref.: (MNE(2007)58607) |
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Finland |
yes | 12 months | Reported:
|
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
France |
yes | 12 months |
Décret no 2006-358 du 24 mars 2006 relatif à la conservation des données des communications électroniques. Décret , no.: 2006-358; Journal Officiel de la République Française (JORF) , date pub: 26/03/2006 ; date into force/en vigueur: 27/03/2006 ; ref.: (MNE(2007)56763) |
No. A challenge was rejected by the Constitutional Court (decision of 07/08/2007). However, the Court decided providers must be reimbursed (decision of 07/08/2007). | ||||||||||
Member State | EU directive transposed? | Data Retention Period | Legal instruments and date of entry into force | Data to be retained beyond the directive's requirements: fixed line telephony | Data to be retained beyond the directive's requirements: mobile telephony | Data to be retained beyond the directive's requirements: E-Mail | Data to be retained beyond the directive's requirements: Internet access | Data to be retained beyond the directive's requirements: Internet telephony | Data to be retained beyond the directive's requirements: other | Who is compelled to retain data? | Who is authorised to access retained data and for what purposes? | Legal challenges pending? | Competent NGO | |
Germany |
no (declared unconstitutional on 2 March 2010) |
- |
- |
- |
- |
- |
- |
- |
Any person providing or assisting in providing telecommunications services and in so doing allocating subscription IDs or providing telecommunications connections for IDs allocated by other parties (applies to telephony and DSL lines, including prepaid services, but not e-mail services) is to collect, prior to activation, and store the name and address of the allocation holder, the date of birth and in the case of fixed lines, additionally the address for the line, even if such data are not required for operational purposes (§ 111 TKG). The subscriber directories are electronically accessible by all German law enforcement and intelligence agencies (§ 112 TKG). |
|||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Greece |
not yet |
|||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Hungary |
yes | 12 months | Reported: 15 acts |
yes, Constitutional Court challenge brought by theHungarian Civil Liberties Union (HCLU) |
Hungarian Civil Liberties Union (HCLU) | |||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Ireland |
Yes. |
25 months phone records, 13 months Internet records (may be kept for up to 25 months). | Communications (Retention of Data) Act 2011. | Unsuccessful calls to be retained | Unsuccessful calls to be retained |
|
yes, High Courtchallenge brought by DRI (latest updates) |
See background on Irish law here. | ||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Italy |
yes |
Telephony: six months (24 in case of judicial proceedings), Internet: 12 months |
Reported: Attuazione della direttiva 2006/24/CE riguardante la conservazione dei dati generati o trattati nell'ambito della fornitura di servizi di comunicazione elettronica accessibili al pubblico o di reti pubbliche di comunicazione e che modifica la direttiva 2002/58/CE. |
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Latvia |
yes | 18 months |
|
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Lithuania |
yes |
6 months |
Reported:
|
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Luxemburg |
not transposed | 0 |
|
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Malta |
yes |
12 months, Internet 6 months |
Reported:
|
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Netherlands |
Yes. |
12 months. | Wet bewaarplicht telecommunicatiegegevens, passed Senate on 7 July 2009. Plus law to be proposed by government that will reduce period for Internet to 6 months. |
No. |
||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Poland |
yes |
24 months for all sorts of data required by the Directive |
1. The Telecommunication Law Amendment of 24 April 2009 (Journal Od Laws of 2009, No.85 item 716). 2.The Regulation of the Minister of Infrastructure of 28 December 2009 on a detailed specification of data and types of operators of public telecommunications networks or providers of publicly available telecommunications services obliged for its retention and storage, Journal of Laws of 2009, No 226 item 1828, went into force on 1 January 2010. |
data identifying beam and working range of antenna of BTS | ||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Portugal |
yes |
12 months |
Reported: Assembleia da República-Transpõe para a ordem jurídica interna a Directiva n.º 2006/24/CE, do Parlamento Europeu e do Conselho, de 15 de Março, relativa à conservação de dados gerados ou tratados no contexto da oferta de serviços de comunicações electrónicas publicamente disponíveis ou de redes públicas de comunicações |
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Romania |
yes, but declared unconstitutional |
6 months |
Reported: Lege privind reținerea datelor generate sau prelucrate de furnizorii de serv icii de comunicații electronice destinate publicului sau de rețele publice de comunicații, precum și pentru modificarea Legii nr. 506/2004 privind prelucrarea datelor cu caracter personal și protecția vieții private în sectorul comunicațiilor electronice |
Electronic communication providers (same definition as in the telecom laws) |
Prosecutors, with Judicial authorisation. Competent National Security Instututions (?!?) Only for serious crimes = defined as crimes agains t the State, organized crimes and terrorism crimes |
APTI | ||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Slovakia |
yes | 6 months for Internet services, 12 months for another types of communication | ||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Slovenia |
yes | 24 months |
Zakon o spremembah in dopolnitvah Zakona o elektronskih komunikacijah. Zakon; Uradni list RS , no.: 129/2006 , date pub: 12/12/2006 , page: 14113-14128 ; date into force/en vigueur: 27/12/2006 ; ref.: (MNE(2007)50469) |
|||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Spain |
yes |
12 months; This timeline could be reduced or extended to a minimum of 6 months and a maximum of 24 months, on request of the compentent authorities |
LEY 25/2007, de 18 de octubre, de conservación de datos relativos a las comunicaciones electrónicas y a las redes públicas de comunicaciones. Ley , no.: 25/2007; Boletín Oficial del Estado ( B.O.E ) , no.: 251/2007 , date pub: 19/10/2007 , page: 42517-42523 ; date into force/en vigueur: 08/11/2007 ; ref.: (MNE(2007)57464) |
None |
None |
None |
None |
None |
None |
same as the Directive: telecomunications providers; los operadores que presten servicios de comunicaciones electrónicas disponibles al público o exploten redes públicas de comunicaciones (art.2) |
All Police/Security forces when acting under an order of the Attorney General or Courts of Justice
Miembros de las Fuerzas y Cuerpos de Seguridad del Estado, cuando desempeñen funciones de Policia Judicial (art.6.2.a) Funcionarios de la Dirección Adjunta de Vigilancia Aduanera, en el desarrollo de sus competencias como policía judicial (art.6.2.b) El personal del Centro Nacional de Inteligencia en el curso de investigaciones de seguridad sobre personas o entidades (art.6.2.c) |
None (as yet) |
Access Info Europe (http://www.access-info.org/en/civil-liberties) |
|
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Sweden |
Not yet |
New Renaissance | ||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
United Kingdom |
partial |
12 months |
The Data Retention (EC Directive) Regulations 2007. Statutory instrument (SI) , no.: Statutory Instrument 20; Her Majesty's Stationery Office (HMSO) , no.: ISBN 978 0 11 078328 4 ; date into force/en vigueur: 01/10/2007 ; ref.: (MNE(2007)57200) |
|||||||||||
Non-EU- State |
Data retention implemented ? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Iceland |
yes | |||||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Liechtenstein |
yes | 6 months | Telekommunikationsgesetz (2006) | |||||||||||
Member State |
EU directive transposed? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Norway |
not yet |
The leading government party Arbeiderpartiet wants the policy implemented and has proposed to the parliament at 2010-12-17. |
||||||||||||
Non-EU-State |
Data retention implemented ? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Switzerland |
||||||||||||||
Non-EU-State |
Data retention implemented ? |
Data Retention Period |
Legal instruments and date of entry into force |
Data to be retained beyond the directive's requirements: fixed line telephony |
Data to be retained beyond the directive's requirements: mobile telephony |
Data to be retained beyond the directive's requirements: E-Mail |
Data to be retained beyond the directive's requirements: Internet access |
Data to be retained beyond the directive's requirements: Internet telephony |
Data to be retained beyond the directive's requirements: other |
Who is compelled to retain data? |
Who is authorised to access retained data and for what purposes? |
Legal challenges pending? |
Competent NGO | |
Switzerland | yes, as of 2002 | 6 months | Buyers of prepaid mobile phone cards must be identified and registered by ID document (name, address, date of birth) | operators of fixed line and mobile telephony, public ip-based telecommunications services | no |
Please update this table by entering information on data retention in your country:
See also
- European Commission: National provisions on data retention communicated by the member states
- Ludwig Boltzmann Institut für Menschenrechte: Rechtsvergleichende Analyse im Hinblick auf die Umsetzung der Richtlinie 2006/24/EG über die Vorratsdatenspeicherung (in German: details on data retention in BE, DK, DE, FR, GR, GB, IR, IT, NL, PT, ES, SE, CZ as of 2008-03-10)
- German Ministry of Justice: Übersicht zum Umsetzungsstand und zu Gerichtsverfahren (2009-11-27)
- Article 29 Working Party: Analysis of implementation of data retention in EU member states (2010-07-13)
- European Commission: Overview of Data Retention Periods Per EU Country (2010-08-02)
- European Commission: Progress Report on the Single European Electronic Communications Market (15th Report) (2010-08-25) including data retention
- EPIC: Implementation of Dir. 2002/58 in EU Member States