State agencies target Irish
phone and internet records
Up to 10,000 requests for information made annually in Ireland - compared with just 326 for Austria
Irish authorities made 27 times as many requests for people’s stored phone and internet use data compared to law enforcement agencies in comparably sized Austria, according to submissions to the European Court of Justice (ECJ) in Luxembourg.
The information was supplied in a day-long
hearing on July 9th by parties to an ECJ case which is considering the legality
of the European Data Retention Directive (2006/24/ EC), which allows member
states to store data on daily call and internet activity for the EU’s 500
million residents.
The case originates in a challenge to the
constitutionality of Ireland’s data-retention laws, taken by privacy advocates
Digital Rights Ireland.
The case was referred by the Irish High Court
to the ECJ.
Ireland, which stores Irish residents’ landline
and mobile call access data, as well as some data related to internet usage,
for two years, told a panel of ECJ judges that “6,000 to 10,000” requests were
made annually under Irish law.
The directive limits the use of such data to
combating serious crime and terrorism.
Retention statistics
Counsel representing Austria said authorities there had made 326 requests for data in a recent one-year period.
Counsel representing Austria said authorities there had made 326 requests for data in a recent one-year period.
The UK refused to disclose figures at the
hearing.
It is not clear to what the figure of “6,000 to
10,000” requests presented by Irish counsel to the ECJ refers.
According to statistics released in a 2012 European
Commission report by member states on data requests made in 2010,
and cited at the hearing as evidence in support of the directive’s
implementation, Irish authorities – comprising the Garda, Revenue Commissioners
or Defence Forces – made 14,928 data orders.
The Department of Justice released 2011 figures
last week, confirming 12,675 data requests.
Asked this week by The Irish Times to
clarify whether the figures presented were an average or if they referred to as
yet unreleased 2012 data request figures, a spokesman for the Department of
Justice said: “The communications data retention statistics for Ireland for
2012 are in the order of 9,000 requests.”
The spokesman declined to offer further detail
on the nature of the requests, stating: “It is not the practice nor would it be
in the public interest to go into further detail of the provision of the data
to the relevant authorities.”
Asked whether Ireland had a much higher rate of
serious crime than Austria, the department responded: “The operation of data
retention regimes in other EU member states is a matter for the authorities of
those states.”
The European Court of Justice is focused on
whether the European Union’s Data Retention Directive, which allows states to
choose a retention period of six months to two years, represents a proportional
approach to ensuring that some call and internet data are available for law
enforcement and security needs.
Data requests
Unusual for the ECJ, the hearing concentrated on human rights aspects of data retention, in particular how the directive fits with articles 7 and 8 of the Charter of Fundamental Rights of the European Union.
According to the European Commission’s 2010
study, for those countries that supplied (often incomplete) information, the
vast majority of data requests were made within the first three months of the
data being created, and most of the remainder in the first six months.
