Indiscriminate data retention to be allowed only on grounds of national security
The indiscriminate collection of mobile phone data will only be allowed where a judge agrees there are national security grounds to do so, under new legislation which follows a successful EU court challenge brought by convicted murderer Graham Dwyer.
The Department of Justice yesterday published the general scheme of the Communications (Retention of Data) (Amendment) Bill 2022, which will significantly amend the Communications (Retention of Data) Act 2011.
In April, the Grand Chamber of the Court of Justice of the European Union (CJEU) held that the “general and indiscriminate” retention of electronic communications data for the purpose of combating serious crime is precluded by EU law.
The CJEU ruling followed a referral by the Irish Supreme Court in February 2020, which was hearing a leapfrog appeal from the State against a High Court ruling in December 2018 which agreed with Mr Dwyer that the Communications (Retention of Data) Act 2011 was incompatible with EU law.
The new bill will provide that general and indiscriminate retention of communications traffic and location data can only be permitted on national security grounds, where approved by a designated judge.
It also provides for a system of preservation and production orders to facilitate preservation of and access to specified communications data held by service providers for both national security and for the investigation of serious crime, where permitted by an authorising judge.
A preservation order will act as a “quick freeze” requiring service providers to retain any specified data they hold at a particular point in time for a period.
A production order will allow access to specified data held by a service provider for commercial or other reasons, where such access is necessary for national security or law enforcement purposes. The effect of a production order will be that a service provider must immediately take steps to produce and hand over to the relevant state agency the data described in the order made by an authorised judge.
Both traffic and location data retained for national security purposes and subscriber data, retained for national security or law enforcement purposes, will be retained for 12 months.
The government has said the general scheme is consistent with EU court rulings in this area.
Justice minister Helen McEntee said: “As I stated last month when I received Cabinet permission to draft this legislation, it is vital that we do not have a situation where An Garda Síochána have their hands tied behind their backs and gardaí must be fully equipped with strong laws and modern technology.
“There should always be safeguards and protections when it comes to accessing data, but we must not allow the balance to shift too far away from keeping people safe and fighting crime and the government is taking urgent action to ensure that the appropriate legislation is in place.”
She added: “It is my intention, with the assistance of the Attorney General and his officials, to return to government next week seeking approval to publish the bill.”
“This urgency is unavoidable given the need for legal certainty for communications service providers and state agencies on what obligations apply to the retention of communications data, which is vital for law enforcement and national security.
“In addition to this urgent bill, I intend to bring forward a more comprehensive proposal later in the year to address wider reforms and a more consolidated legal framework in this area.”