‘The directive interferes in a particularly serious manner with the fundamental rights to respect for private life and to the protection of personal data. Furthermore, the fact that data are retained and subsequently used without the subscriber or registered user being informed is likely to generate in the persons concerned a feeling that their private lives are the subject of constant surveillance.’
Despite this, no European government has yet removed local implementation of the DRD from their legislation, and the UK has even gone so far as to hurriedly push through emergency legislation of dubious legality to shore up its right to force ISPs to maintain logs of their user’s actions on the internet.
In Sweden, which was never very keen on the DRD, and which resisted implementing the law locally until its hand was forced in 2012, the situation looked more promising. The ISP Bahnhof, quickly followed by ISPs Telia, Tele2, and Three, on their own initiative not only stopped collecting customers’ data, but also permanently deleted all old records.
At the time, neither the Swedish Prosecution Authority or the Swedish Post and Telecom Authority (PTS) showed any interest in pursuing the matter further, with the PTS saying there would be ‘big problems’ with enforcing data retention rules in light of the ECJ ruling.
In August however, the PTS performed an about-turn and ordered Bahnhof and Tele2 to resume keeping logs of customer’s data, something it says it was instructed to do by the Swedish government,
‘They appointed a commissioner to investigate if the Swedish national legislation could still be applied. The commissioner came to the conclusion that the national legislation stands, and from that point on, the PTS has been enforcing the law again.’
Tele2 responded by complying with the order, but Bahnhof, together with the 5th of July Foundation (a Swedish online rights organization), have instead sent an official complaint to the European Commission (EC), asking it to intervene and ‘initiate proceedings against the Kingdom of Sweden for blatantly ignoring’ the ECJ ruling.
Bahnhof CEO Jon Karlung explains,
‘It is a crazy situation. Since we are a member state we have to comply with the European justice system. We cannot have laws that contradict what happens in the European Union.’
Karlung added that he hoped the EC would fine the Swedish Government for non-compliance of EU law, despite the fact that the EC has so far shown little sympathy for such cases.
Bahnhof is also fighting Sweden’s data retention laws in the Swedish courts, and has yet to be fined for refusing to carry out logging.
To avoid logging by services other than Bahnhof, and for an in-depth discussion about surveillance, censorship, and copyright issues in Sweden, check out our article on 5 Best VPNs for Sweden.