I’ll let Digital Rights Ireland tell the story:
The European Court of Justice has given its decision today in the Irish Government challenge to the Data Retention Directive – [Case C-301/06] Ireland v. Parliament and Council (Press Release | Judgment). Unsurprisingly (in light of the Advocate General’s Opinion) it has held that the directive was properly adopted as an internal market measure (by qualified majority voting) rather than as a criminal matter (requiring unanimity). Where does this leave us and our case?
While it’s a pity to see the Directive upheld, the Government’s challenge was a very narrow one, dealing only with the essentially technical matter of the legal basis for the Directive. The Government didn’t raise and the ECJ wasn’t asked to decide on the fundamental rights issues. Indeed it expressly stated:
The Court notes at the outset that the action brought by Ireland relates solely to the choice of legal basis and not to any possible infringement by the directive of fundamental rights resulting from interference with the exercise of the right to privacy.
Consequently, the decision doesn’t affect the core of our challenge to the Directive, which will still go ahead on the basis that it infringes the rights to privacy and freedom of expression. At the moment we’re waiting on a decision from the High Court on our application to refer these issues to the ECJ – we’re confident that when these issues reach the ECJ that they will decide in our favour.
I am nonplussed that both the Advocate General and the Court were so sanguine that a directive primarily directed at issues of crime and terrorism could so easily be accommodated within the internal market provisions. But that is simply a function of how commodious a legal basis those provisions afford. But, as DRI make clear, this is simply round one. The ECJ held that the EU has the competence to adopt a directive relating to traffic data retention as a matter of principle. Subsequent rounds will determine whether the directive which was in fact adopted is invalid on other grounds, such as whether it infringes fundamental rights. That is what DRI’s litigation is about.
I also can’t make up my mind whether it’s ironic or not that the ECJ upheld the directive on the day when the terms of the consequent Irish legislation have begun to become public. A story on the front page of today’s Irish Times depressingly proclaims that the New Bill will allow data obtained outside legal guidelines to be used. Karlin Lillington writes:
PHONE CALL, e-mail and internet information obtained outside legal guidelines could still be used for investigations under proposals in a new Bill on storing and accessing electronic data.
In the heads of a Bill seen by The Irish Times, a proposed clause on “Disclosure Requests” allows data that is later deemed to have been obtained outside the remit of the legislation to be used. …
Updates: DRI have the full text of the heads of the Bill here; and Karlin adds her tuppenceworth here. As for the ECJ decision, see also European Court rules against Ireland in data row (Dearbhail McDonald, Irish Independent) Phone, internet use details now to be kept for two years (Jamie Smyth, Irish Times); Digital rights activists vow to fight Big Brother directive (SiliconRepublic.com); Europe court dismisses challenge to data retention directive (Jurist); Bill to give guidelines on data has bizarre features (Karlin Lillington, Irish Times); Data Retention Directive has sound legal basis, rules ECJ (The Register).
Altogether now: “An old man turned ninety-eight / He won the lottery and died the next day / It’s a black fly in your Chardonnay / It’s a death row pardon two minutes too late / And isn’t it ironic … don’t you think
It’s like rain on your wedding day / It’s a free ride when you’ve already paid / It’s the good advice that you just didn’t take / Who would’ve thought … it figures …”