Less than a week after Europe’s top court, the European Court of Justice (EJC) declared the heinous EU-wide Data Retention Directive invalid, and even though the local implementation of the law is still in in force in Sweden, Swedish ISP Bahnhof has deleted all the records it was forced to store by the directive.
The highly controversial Directive required communications providers (such as ISPs) to collect and store all their customers’ data (emails, texts messages, websites visited etc.) for at least a year, and make them available to ‘competent’ national authorities ‘for the purpose of the investigation, detection and prosecution of serious crime, as defined by each Member State in its national law’.
Bahnhof, Sweden’s first independent ISP, is no stranger to controversy, and in 2010 it hosted the Wikileaks whistleblowing website following its removal from Amazon’s servers. Often regarded as ‘the free speech ISP’, Bahnhof’s CEO Jon Karlung explained his decision,
‘We have followed this verdict and from our point of view it is more important to protect the privacy and integrity of our customers. I strongly suggest that other ISPs and service providers would follow our example.’
Karlung also seemed unconcerned by the fact that the DRD, transposed into national law last year after Sweden was fined €3 million (aprox. US$4 million) for dragging its heels over the issue, is still in force,
‘We have made a thorough legal analysis. The Secretary General of the Swedish Bar Association has even written a fiery article where she praises Bahnhof’s action.’
This view appears to be supported by both Swedish Prosecution Authority who, although confirming that it had the power to investigate Bahnhof’s actions even in the absence of a formal police report, had no plans to do so., and the Swedish Post and Telecom Authority (PTS), who also said they have no plans to act against Bahnhof.
Here at BestVPN we applaud this bold action, and hope that other ISP’s, VPN providers, and communications companies across Europe follow suit.