In March 2006, the European Union enforced the European data retention directives. This directive is directed to the Member states for the purpose of combating terrorism and to synchronize their national lawful agendas and framework for retaining data. The retained data includes the records of call details, location, network traffic data, and transaction information.
Previously, the Norwegian law was not developed thus, no such legislation was adopted but the work was being in progress and the telecoms companies were likely to meet new requirements and obligations. In this situation, the ISPs and telecom service providers were compelled to this new law and all service providers would be aided with the implementation.
Norway’s Data Retention Directives:
After a lot of discussions and public debates, on April 4th, 2011, the Norwegian data retention directives were accepted in the Parliament with a slight margin of 89 votes in favour of the enforcement of the directives in contrast to 80 votes against the implementation of the law. The newly approved Norwegian legislation was to get into effect on April 1st, 2012, but it was postponed till July 1st.
Later the directives were further adjourned up to January and until this point, it was indeterminate whether these deadlines will be met or not. According to a report which was made by the Norwegian Department of Communication, it was made clear that even the Norwegian government have no clue about the overall cost of the directive neither how to decide the issue on who will take on the expenditures of the directives.
According to the newly approved legislation, the internet service providers and the telecom companies are compelled to retain the user’s communication data for a period of six months. The data is stored for the purpose of investigation, uncovering, and hearing of various serious criminal infractions. Under, the directives, only the court has the right to disclose the retained communication data to higher authorities and law enforcement agencies if only it must be expected that the provided information is for an important criminal investigation.
There are many private organizations in Norway who are very much worried and concerned about the effects of the directives on privacy. Moreover, a group which is led by the ex-director of Norwegian data inspectorate have already started fundraising to bring the directives to the Norwegian Supreme Court and if necessary so, to the European Court of Human Rights.
According to the Norwegian law, the communication data of the users is retained for six months. In Norway, the weighed of privacy consideration is more than the consideration to the investigation. The retention period in Norway is much proportionate because longer retention periods provides little or no added information to the law enforcement organizations.
How to get access to retained data?
In Norway, there is no delegated legislation for the implementation of the DRD’s. The higher authorities and law enforcement agencies if assured to have the reasonable grounds of suspicion so, can get the warrant from the court and can get access to the retained data.
In Norway, till now there haven’t been any implemented mandatory data retention directives. The implementation is still adjourned but the proposed and approved legislation for using and accessing the stored data is attuned with the fundamental human rights preserved in Article 8, although the British approach is not.