How did extended data retention become 'restricted'?

Data storage Privacy

On Friday, data storage was discussed in Studio Ett on Swedish Radio P1, in response to Heuman's report "Datalagring - brottsbekämpning och integritet" (Data storage - law enforcement and integrity ), which was submitted to Minister of Justice Morgan Johansson on October 11. The discussion, in which both the police and Jon Karlung from Bahnhof participated, was interesting and well worth listening to afterwards for those who are interested in better understanding why we think the issue is important.

However, it is unfortunate that the feature is presented on SR's website with the description "...According to the government's investigation into the matter - the requirements for data retention should be removed or relaxed". The fact that it is described in the media (both on Swedish Radio and by other broadcasters) as if the inquiry is proposing that data retention should be limited gives an inaccurate picture, as the inquiry's proposal actually involves continued general retention, which in key parts is even more extensive than that already rejected by the European Court of Justice.

When the investigators, before the investigation was handed over to the Minister of Justice and published to the public, presented their conclusions on DN Debatt , they said that they "propose ... a more limited model for data retention than today's", so that the media in their reporting interprets it that way is of course no coincidence. It is also not surprising that journalists who are supposed to cover all areas find it difficult to thoroughly familiarize themselves with and understand the consequences of a 400-page long and very legal investigation. Nevertheless, it is unfortunate that the issue is being discussed and debated on the wrong basis, and with very simplistic arguments.

We pointed out the remarkable nature of what the investigators presented, and the way in which they did it, the very next day in a reply to the debate. Now the inquiry has gone reply to public consultation and IT&Telekomföretagen will express the same views, with well-substantiated arguments, in our response.

In short, we mean that:

The investigator's proposal involves a general storage that is more extensive in key areas than the one rejected by the European Court of Justice. The terms of reference state that the investigator is to consider various alternatives for changes and highlight their advantages and disadvantages. Despite this, the investigator has not presented the alternative identified by the European Court of Justice as a proportionate solution, namely what is known as targeted storage.

For the members of IT&Telecom, the proposal poses a significant risk that we will once again end up in a legal uncertainty where companies are imposed new obligations that drive costs and block development resources for a long time to come, until it will most likely be found that the new storage obligation also violates EU law and must be torn up. This will hamper industry investment in the digitization of Sweden, but it will also mean that law enforcement authorities will not have the predictable access to data they need for effective law enforcement.

Sweden cannot afford to make the same mistake and once again implement an overly general data retention that violates EU law. We therefore urge the government to revise the proposal and propose to the Parliament a regulation on data retention that is sustainable in the long term and that meets the needs of both law enforcement authorities and the public's need for protection of their privacy in accordance with the requirements of EU law.