Blow for Snoopers Charter as EU court bans mass data collection

A legal challenge brought against DRIPA could take out its successor

The Snoopers Charter has a had a major setback with a court ruling saying that mass collection of emails and other communications data is illegal.

Last year, MP David Davis and MP Tom Watson -- respectively of the Conservatives and Labour -- brought a legal challenge regarding mass collection of data against the Data Retention and Investigatory Powers Act (DRIPA), which is set to expire at the end of the year and be replaced by the Investigatory Powers Act.

The duo won a high court challenge against DRIPA, but that was appealed by the government, leading the case to head to European courts. In the meantime, the government hurried to write a new law, ahead of the end-of-year sunset clause on DRIPA. Davis has since withdrawn from the case after being named Brexit minister.

That law was the Investigatory Power Act (IPA) -- commonly referred to as the Snoopers Charter -- that was waved through parliament by the Tories and Labour last month. The new laws included provisions requiring all communications firms to keep records of so-called metadata -- who we talk to online and when -- as well as a year of browsing history.

Advertisement - Article continues below
Advertisement - Article continues below

The European Court of Justice (CJEU) has ruled on the issue of bulk data collection in DRIPA, saying "general and indiscriminate retention" of such data is illegal, and traffic and location data can only be collected in a targeted manner to fight serious crime.

That ruling is bad news for the newly passed law. "The CJEU has sent a clear message to the UK Government: blanket surveillance of our communications is intrusive and unacceptable in a democracy," ORG executive director Jim Killock said. "The Government knew this judgment was coming but Theresa May was determined to push through her snoopers' charter regardless. The Government must act quickly to re-write the IPA or be prepared to go to court again."

The ruling highlights issues around the blanket collection of data, pointing out that the retained data is "liable to allow very precise conclusions to be drawn concerning the private lives of the persons whose data has been retained."

The judges conclude that fighting serious crime is the only justification for collecting such invasive data, saying "legislation prescribing a general and indiscriminate retention of data does not require there to be any relationship between the data which must be retained and a threat to public security."

"Such national legislation, therefore, exceeds the limits of what is strictly necessary and cannot be considered to be justified within a democratic society, as required by the directive, read in the light of the charter," the summary of the judgement reads.

Ruling response

Advertisement - Article continues below

Liberal Democrat Shadow Home Secretary Brian Paddick said: "This ruling proves that this Conservative Government has overstepped the mark. The legality of the Investigatory Powers Act - passed into law with Labour's full support - has now been called into question."

He added: "This dreadful piece of legislation will cost millions to implement and unless the Government reconsider, they will inevitably face further embarrassment in the courts."

A Home Office spokesperson said: "We are disappointed with the judgment from the European Court of Justice and will be considering its potential implications."

"It will now be for the court of appeal to determine the case. The government will be putting forward robust arguments to the court of appeal about the strength of our existing regime for communications data retention and access."

Advertisement - Article continues below

"Given the importance of communications data to preventing and detecting crime, we will ensure plans are in place so that the police and other public authorities can continue to acquire such data in a way that is consistent with EU law and our obligation to protect the public."

The MPs' legal challenge was backed by the Law Society, Liberty, Open Rights Group and Privacy International. 

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020

Dell XPS 13 (New 9300) hands-on review: Chasing perfection

14 Jan 2020
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020