A study of German police statistics, published today, finds telecommunications data retention ineffective for the prosecution of serious crime.
The EU data retention directive 2006/24 requires telecommunications companies to store data about all of their customers' communications in order to facilitate "the investigation, detection and prosecution of serious crime, as defined by each Member State in its national law". Germany implemented the directive as of 2008. Law enforcement authorities were permitted to access retained data for the investigation of serious crime. They could also request Internet users to be identified for the investigation of any type of crime. In 2010 the German Constitutional Court annulled the German data retention law for interfering disproportionately with fundamental rights.
An analysis of Federal Crime Agency (BKA) statistics published today by civil liberties NGO AK Vorrat reveals that data retention, while in force, did not make the prosecution of serious crime any more effective. With data retention in effect, more serious criminal acts (2009: 1,422,968) were registered by police than before (2007: 1,359,102), and a smaller proportion were cleared up (2009: 76.3%) than before the introduction of blanket retention of communications data (2007: 77.6%). Likewise, after the additional retention of Internet data began in 2009, the number of registered Internet offences surged from 167,451 in 2008 to 206,909 in 2009, while the clear-up rate for Internet crime fell (2008: 79.8%, 2009: 75.7%).
According to AK Vorrat, user avoidance behaviour can explain the counterproductive effects of blanket data retention on the investigation of crime. In order to avoid the recording of sensitive information under a blanket data retention scheme, users begin to employ Internet cafés, wireless Internet access points, anonymization services, public telephones, unregistered mobile telephone cards, non-electronic communications channels and such like. This avoidance behaviour can not only render retained data meaningless but also frustrate more targeted investigation techniques that would otherwise have been available to law enforcement. Overall, blanket data retention can thus be counterproductive to criminal investigations, facilitating some, but rendering many more futile.
As the EU Commission is currently considering changes to the controversial EU data retention directive, a coalition of more than 100 civil liberties, data protection and human rights associations as well as crisis line and emergency call operators, professional associations of journalists, jurists and doctors, trade unions, consumer organisations and industry associations is urging the Commission to "propose the repeal of the EU requirements regarding data retention in favour of a system of expedited preservation and targeted collection of traffic data". The German example proves that such targeted investigations can, overall, be more effective than collecting information on the entire population's contacts, movements and Internet use. In several Member States, lawsuits challenging the proportionality of blanket data retention are pending. The EU Court of Justice is expected to decide the matter in 2012.
The directive's critics have recently been joined by the German Minister of Justice Sabine Leutheusser-Schnarrenberger who is also advocating shifting the directive to a targeted investigative approach, involving the collection of data on suspect communications only. Leutheusser-Schnarrenberger told the press last week: "Six member states have not transposed the directive since it came into force. Therefore the Commission has failed to a certain degree to achieve harmonised standards throughout the EU for internal market purposes, this having been the legal basis for passing the directive. The directive was not enacted for law enforcement purposes in the 'third pillar' framework as it lacked unanimity. Therefore the Commission should have a great interest in examining in the context of this evaluation how to provide more flexibility to Member States. Six member states have not transposed the directive, Sweden and Austria have been convicted twice [...] This goes to show that this is not a successful project for the EU Commission and the European Union."
Secretary of Justice Max Stadler concurred in saying after the informal meeting of EU justice and home affairs ministers last week: "One aspect of protecting fundamental rights when prosecuting crime is interfering with citizens' privacy no more than strictly necessary. The current EU data retention directive in our opinion goes beyond this objective. There is no doubt that law enforcement agencies need data to secure evidence. Therefore, the storage of telecommunications data is justified to a certain extent, but – in our opinion – not without a specific reason. We welcome EU Commissioner of Justice Viviane Reding calling the proposal put forward by the German Minister of Justice [of introducing a quick freeze mechanism in Germany] a 'promising approach'".