This article is also available in:
Deutsch: ENDitorial: Generalanwalt zur Vorratsdatenspeicherung – Seltsame Fra...

The Advocate General of the European Court of Justice recently issued an opinion on the case of Bonnier Audio vs Perfect Communication Sweden (case no. C-461/10). The question to be answered was whether data retention Directive and/or articles 3, 4, 5 and 11 of the E-Privacy Directive prevent Member States from permitting internet service providers in civil proceedings to be ordered to give copyright holders information on subscribers that allegedly infringed intellectual property rights, as foreseen by Article 8 of the IPR Enforcement Directive. The question partly seeks to answer itself, by explicitly demanding an assumption that the measure is proportionate and that evidence has been "adduced" evidence of an infringement.

The answer from the Advocate General is, "no", there is nothing in the Data Retention Directive nor the E-Privacy Directive which would prevent a national administration from imposing a measure requiring stored data to be used to identify people within the scope of the IPR Enforcement Directive. However, such information should be stored for the purpose of possible disclosure to IPR holders, according to detailed national provisions and compliant with EU law on data protection.

He bases this view on various elements. Firstly, regarding the Data Retention Directive, he explains that this is not relevant in the context of this specific case.

However, his views on the E-Privacy Directive are the most interesting and difficult to comprehend. This analysis explains that Member States may impose data retention for purposes outside the scope of the legal basis of the Directives. This analysis was confirmed by the European Commission in a declaration at the time of adoption of the Directive. As the Commission explained in its position on the common position, "the present Directive based on Article 95 of the Treaty cannot include substantive provisions on law enforcement measures. It should neither prohibit nor approve any particular measure Member States may deem necessary."

Article 15 of the E-Privacy Directive does explain that such an infringement of the fundamental right to privacy must be adequately justified - namely that any such measure be "necessary, appropriate and proportionate measure within a democratic society to safeguard national security (i.e. State security), defence, public security, and the prevention, investigation, detection and prosecution of criminal offences or of unauthorised use of the electronic communication system, as referred to in Article 13(1) of Directive 95/46/EC." However, the Advocate General is clear that the restrictions described in Article 15.1 of the E-Privacy Directive must be respected for any data storage to be legal.

The Advocate General makes no effort to explain why such a measure would or could be "necessary" as well as being proportionate (the question attempts to preempt the court by explaining that proportionality is assumed). This is surprising when we bear in mind the only position taken so far on long-term, suspicionless retention of data on innocent citizens - the Telefonica/Promusicae case. In that case, the Advocate General argued that "(i)t may be doubted whether the storage of traffic data of all users without any concrete suspicion - laying in a stock, as it were - is compatible with fundamental rights." How did we move from a situation before the adoption of the Charter of Fundamental Rights where an Advocate General said that data retention per se is of questionable legality, to a position now, under the Charter, where an Advocate General believes it is permissible for narrow business interests - ignoring the fact that data retention was explicitly implemented under the condition that it was for fighting "serious crime"? Maybe the answer lies in the fact that the question demands that the ECJ makes the very dubious assumption that the measure being imposed is "proportionate".

Having ignored the part of the Telefonica/Promusicae case that highlighted the serious dangers of data retention for fundamental rights, perhaps the oddest interpretation is the one that relies on analysis in that case. The Advocate General explains that, during the implementation of Directives in national law, a fair balance of different fundamental rights must be respected. This is odd because the case in question does not concern implementation of EU Directives into national laws, it concerns the question whether new, additional and unforeseen implementations of data retention are forbidden by the relevant legislation or not.

Starting from this questionable logical basis, the Advocate General treats private property "rights" of narrow business interests as fully equal to the rights of citizens as a whole. While this is unfortunately, in abstract terms, correct, he then fails to address the fact that, in specific terms, it is not appropriate to treat narrow business interests as of equal value as the privacy of the entire society. This position has, thankfully, already been contradicted by the Court in last week's Scarlet/Sabam case, where the judges ruled that "The protection of the right to intellectual property is indeed enshrined in Article 17(2) of the Charter of Fundamental Rights of the European Union. There is, however, nothing whatsoever in the wording of that provision or in the Court's case-law to suggest that that right is inviolable and must for that reason be absolutely protected."

However, the ultimate conclusion that the Advocate General comes to is probably the only possible one as a result of the very leading way in which the question was posed. Having been asked to assume that any such measure was proportionate (and assuming that intellectual property breaches are criminal offences), there is nothing in the Directives mentioned in the question which would prevent a Member State from introducing a new law to require data retention for intellectual property enforcement purposes - as long as the minimum criteria set out in the E-Privacy Directive are respected.

It is to be hoped that the Court will not restrict itself to the very questionable assumption of proportionality and address necessity and proportionality as well. If it does, the result should be quite different, as Advocate General Kokott already pointed out in the Telefonica/Promusicae case.

Commission Declaration
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52002PC033...

Data Retention Directive
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2006:105:00...

E-Privacy Directive
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:32002L0058...

ECJ Cases: Telefonica/Promusicae: Case C-275/06 Scarlet/Sabam: Case C-70/10 Bonnier Audio/Perfect Communications: Case: 461/10 all accessible at
http://curia.europa.eu/jcms/jcms/j_6/

(Contribution by Joe McNamee - EDRi)