Since April 2014 data retention has been a high-profile topic in counter-terrorism. This is because the decision by the CJEU to strike down the Data Retention Directive (summary) brought to the fore a tension between (some) states’ desire for wide-reaching data retention powers, and concerns about the implications of such an approach for privacy and other civil liberties. In the meantime some non-EU states–notably the US and Australia–have been exploring ways of having telecommunications companies or other entities retain ‘metadata’ that the state could then access for investigatory reasons in particular situations. Data retention was one of the early ‘desk’ case studies in the SECILE project, and the report is available here. Since April, I have also written a number of blog commentaries on data retention for The Conversation and Oxford Human Rights Hub:
As the surge for data retention powers seems to continue, and to be presented as a core counter-terrorism power, it is apposite to bear in mind the Court of Justice’s warning on metadata. The Court note that such data retention constitutes a prima facie interference with fundamental rights, not least because so-called ‘metadata’ “may allow very precise conclusions to be drawn concerning…private lives”. The question facing policy makers now is how to limit collection of and access to data effectively in order to ensure that countering terrorism does not gives states the power to intrude on the privacy of all.