At the beginning of 2003, in the Swedish Parliament, the Data Retention Act was accepted which compels the country’s internet service providers and telecom companies to retain users metadata for six months.
The European Court of Justice (ECJ) in one of its decision declared that these directives violate the privacy rights while one of the Stockholm Administrative District Court upheld the country’s DRD debating that Swedish laws are clearer and exact than the directives had been.
However, on customers, the Swedish ISP stopped to collect user’s data and appealed the decision of district administrative court in Sweden’s Administrative Court of Appeal.
Sweden is an EU member state thus it adopted the EU data retention directives of 2006 after six years after the EU implementing the DRD’s. The Swedish government had adopted the mandatory data retention laws in 2012 by following the Data Retention Act.
The law was adopted after getting the majority of votes in the Swedish Parliament. However, the Left Party and the Green Party voted against the law. Both the parties raised constitutional provisions permitting the entry into force new measures to be overdue by one-sixth members of Parliament.
The directives state that the country’s internet service providers and telecom companies were compelled to retained user’s data over a period of six months.
The retained data contains login times, email logs, and websites visited. The Swedish ISP’s are forced to store the user’s personal information so that the data can be transferred to higher authorities and law enforcement agencies without any interval.
The basic purpose behind it is to assist police in combating crime. The Swedish government is struggling against the data retention laws due to privacy concerns.
The European Court of Justice’s Verdict:
In May 2013, the European Court of Justice imposed a pay of €3 million fine on Sweden for delaying the implementation of the laws. The court also refused to accept the request regarding the domestic controversy upon the implementation of laws.
In December 2016, the European Court of justice presented a decision in which they cancelled Sweden’s Data Retention Act for being varying with the provisions of the Charter of Fundamental Rights of the European Union.
The Swedish ISP Tele 2 stopped collecting data of the users and found it was breaking the Act by the District Administrative Court of Appeal. The Tele 2 urged the decision to Sweden’s Administrative Court of Appeal. The Administrative Court referred the case to the ECJ.
The ECJ in their decision declared that the Swedish laws were violating Articles 7 of privacy and Article 8 regarding protection of personal data of the Charter of Fundamental Rights of the European Union. Also, these laws were being in possible violation of Article 11 freedom of expression of the said Charter.
Current Situation in Sweden:
In April 2014, the same court declared the European Data Retention Directives as an infringement of privacy rights under the European law and thus, this legislation was declared as invalid and illegal.
The Swedish government ignore the decision by the ECJ on the grounds that the Swedish laws were well written than the EU directives. Also, the government was of the opinion that the EU directives were not successfully implemented in all members’ states.
A total of ten EU countries have either chosen to not to implement these directives or have implemented it but had appropriate laws which later overturned in the respective country’s constitutional court.
back to: Data Retention Law Page