The year 2010 opens focusing on the German Federal Court, yet again. The Court has been called upon to rule on the compatibility of the fundamental right to data protection with the Directive imposing providers of communication services to retain data generated by phone calls and other public networks communication activities for at least six months to a maximum of 2 years .
This Directive adopted in just over three months under British presidency at the end of 2005 as an essential measure to prevent and fight terrorism, had already been strongly criticised during the phase that led to its adoption.
Initially, it was presented as a measure aimed at enhancing the cooperation of police authorities as well as th cooperation between police and telecommunications providers.
This is demonstrated by the fact that in principle this measures should ahve been adopted applying the unanimity rule. However, due to the opposition of some Member States, the British presidency in concert with the European Parliament and the European Commission decided to apply the qualified majority rule.
Thereof, the directive aimed at providing a common framework for telecommunications providers as to avoid unfair treatment between those forced to retain huge amount of data for several years and those exempted from this obligation was adopted despite several objections.
The solution adopted bonded all service providers to retain traffic data from a minimum of six months to a maximum of two years, provided that internal security matters fell under the responsibility of national legislators.
This solution has been criticised both at the national and European levels.
At the European level Ireland (subsequently supported by Slovakia) has appealed to the Court of Justice. It argued that the provision is illegitimate because it was inappropriate to proceed by way of a directive based on the EC Treaty instead of a framework decision based on the EU Treaty related to police cooperation.
However, the Court dismissed the action in its ruling in February 2009 arguing that the European Directive was a necessary measure to ensure the functioning of the internal market. However, the Luxembourg judges did not discuss what limits to the protection of data might have been laid down vis à vis public security.
Further controversies emerged at the national level in relation to the transposition of the Directive, to the point that the Commission had to take in front of the European Court of Justice some Member States (such as Austria) which failed to transpose Community law.
What is more, also when the community law had been correctly transposed, further appeals took place coming from NGOs and national constitutional courts.
For example, the Supreme Administrative Court of the Republic of Bulgaria has revoked Article 5 of the transposition norm on 11 December 2008. Furthermore, on 23 November 2009 the Romanian Constitutional Court published its first ruling related to data protection, declaring unconstitutional the whole transposition norm because it violated the principle of confidentiality related to correspondence and privacy. In this specific case, it is relevant to underline the reference made to Article 20 of the Romanian legislation which entitles the national secret services to access to the data without any kind of jurisdictional control.
The lights have now turned to the German Federal Court which, on 15 December 2009, held a hearing where a coalition of more than 34.000 people representative of the civic society presented a motion for a class action together with the German Working Group on Data Retention (AK Vorrat) against representatives of the federal government.
Awkwardly enough, the new Justice Minister Sabine Leutheusser-Schnarrenberger has joined the action against the law as a member of the opposition.
According to the press, during the hearing the complaints raised fundamental questions to which the representative of the government replied conceding that the legislation restricted the basic rights by the retention of telecommunication data.
Indeed, the applicants affirmed that the retention of communications data threatened and weakened significantly the democratic society (criteria set up article 8 of the CEDU).
The German Federal Court has already partially suspended the applicability of the norm and if the Court will accept during the judicial proceedings the position of the applicants stating that the systematic and indiscriminate retention of data (although time limited) violates a fundamental right, the credibility of the European norm would be seriously undermined in German territory.
The possibility that Karlshrue judges will refrain from contrasting the European legislator shoudl not be given for granted. In fact, they already challenged the role and competences of the European legislator in the field of fundamental rights in the “Lisbon Urteil ” ruling dated 30 June 2009, when they strongly re-asserted the competnce of the national court in this regard.
It is also necessary to point out that the arguments used to defend this Directive are the same used to justify the adoption of other measures such as the agreement on Passengers Name Record, on the basis of which American authorities may access a record in the database of a Computer Reservation System (CRS) of airlines company that contains the itinerary for a passenger, or a group of passengers traveling together. Therefore a negative ruling on the Data Retention Directive will question the validity of the whole strategy in this field.
Would this be science fiction, especially now that the Lisbon Treaty has entered into force and the Charter of Fundamental Rights has acquired a legally binding value?
Who knows, maybe these simply represent additional arguments to speed up the adoption of an adequate European legislative framework for the data protection when public security is at stake (art. 16 TFUE)