ORGCon14 Report – Data retention takedown

OrgCON14 Logo

At 12pm a talk chaired by Elizabeth Knight the Legal Director of the Open Rights Group took place in one of the smaller side rooms of ORGCon14. The presentation focused on the Data retention takedown by Digital Rights Ireland.

Simon McGarr was the main speaker of the event, representing McGarr Solicitors who represented Digital Rights Ireland in the court case that ensued. A case that centred around data retention.

McGarr started off explaining that Ireland, a small country, which for cases such as this is not always a disadvantage. The organisation Digital Rights Ireland have no paid staff and no office. Data retention is the retention of landline calls, mobile phone calls, location data etc. In essence it is the massive wall of information that you leave behind you.

The issue with this is as the data is stored, anybody can come back and check up later due to the length of time the information is retained.

McGarr continued explaining how it was discovered that data retention existed in Ireland and that it was by accident. One day the Data Protection Commissioner in Ireland went to visit a number of telephone companies. While he was there he asked why they were keeping all the billing data for years. Under data protection laws there was no reason to store it and he explained it should be thrown away.

The particular telephone company responded that they can’t, to which it was questioned, why can’t they? The response was evasive. The commissioner explained that if they don’t tell him, he will prosecute for breaches.

It turns out that they had a Ministerial Order that was secret, instructing them to hold the data. As the information started to develop, the state felt that it could come in useful some time and decided they should just store it in a box.

An order was sent out with no legislative basis under a communications directive act. The commissioner was not happy so he basically blew the whistle.

What makes Ireland unique is they have a written constitution and a common law tradition making it the only country in the EU with both factors. Due to this the Irish government has a long history of having its laws completely struck down. The courts in Ireland will strike down laws that are unconstitutional.

An important factor of the constitution is Ireland has a right of privacy.

Digital Rights Ireland (DRI) came in to being at the same time as these issues coming to light, they are not a charity and in fact Irish law forbids charities from making policy changes. The organisation is run by volunteers and one of the actions they decided was litigation.

DRI took the decision to challenge the order as it was unconstitutional. The state did not make an argument why it would be constitutional, it was just assumed that you have to let the police and revenue commissioners have access to this data.

The Government was scared it would lose the case as it would be seen as unconstitutional so the solution was to start pushing for a European directive. This would be useful from an Irish point of view because a European directive would trump the constitution.

Sweden, Ireland and the UK were the primary proposers of what eventually became the Data Retention Directive (2006). Another law was brought in and blame pushed on Europe, this was sold as if there was nothing they could do about it.

DRI started their court case in 2006 and as of 2014 the case is still going on.

It was realised that they could not win the case, the Government tried every angle to discredit the group, from questioning who DRI were to if they could pay the legal costs when the case eventually went in the Governments favour. DRI realised that to win they would have to defeat the directive, even if they won the original case, another law would be introduced to put in place the European directive.

When the case went to the European court, the individual states were against it plus the other associated departments represented.

The outcome of the case was in favour of removing the directive, they struck down the entire directive as though it had never happened because it was a complete breach and they were not going to stand for it.

For countries such as the UK this caused problems because they brought in the directive directly without any primary legislation. Due to this the UK then rushed in an emergency legislation to cover up the hole.

Christopher Seward

Author: Christopher Seward

After 25 years of using the internet, Christopher launched one of the very first VPN comparison websites in 2013. An expert in the field his reviews, testing and knowledge have helped thousands of users get the correct VPN for their needs.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sign up to our newsletter

Get the latest privacy news, expert VPN guides & TV unblocking how-to’s sent straight to your inbox.