Volkskrant.nl, 19 February 2015: 'Retention obligation: disproportionate or necessary evil?'

"A new chapter can be added to the debate on mandatory retention that has been going on for almost a decade. Yesterday, the summary proceedings of interest groups against the Dutch state on the retention of communication data were heard. This violates the privacy of Dutch citizens disproportionately, the organisations said. No way, insists the government.

The rights of Dutch citizens are being knowingly violated with the Dutch state's 'mass surveillance'. The Telecommunications Data Retention Act that makes this possible must be immediately repealed. That is freely translated the claim of a consortium of interest groups Privacy First, the Dutch Association of Criminal Law Lawyers, the Dutch Association of Journalists and some telecom and internet providers yesterday in court in The Hague.

Meta-data
The lawsuit against the state is yet another twist in a debate that has been going on for almost a decade. May governments force telecom and internet providers to store the communication data of all their customers? The Dutch government believes that so-called meta-data are needed to fight crime and prevent terrorism.

Providers have therefore been keeping records of all Dutch citizens since 2009 of who calls whom, where they do so, as well as the unique ip address they use to connect to the internet and who they subsequently e-mail. Telecom data providers must keep one year, internet data six months. Without a court order, the data may then be claimed.
(…)
The summary proceedings brought by the consortium follow a ruling by the European Court of Justice. In April 2014, the highest European court concluded that the European data retention obligation is a serious invasion of privacy and thus violates fundamental human rights.

That the data can be useful for judicial investigation is also indisputable for the European Court of Justice, but there are no guarantees that interference in someone's life is limited to what is strictly necessary. The fact that authorities keep such data on every citizen - without any suspicion of a criminal offence - is too great an intrusion into private life.

And so the interest groups have been agitating against the Dutch law since last year. After all, it would violate the rights enshrined in the Charter of Fundamental Rights. Although the cabinet has long maintained that it sees no reason to amend the law, in November last year Minister Opstelten (Security & Justice) nevertheless confirmed that the retention obligation violates that Charter. Sufficient reason for him to now tighten the law.
(…)

'Almost reprehensible'
How often telecom and internet providers have been asked for data and how often this has led directly to a conviction is unclear to date. Jacob Kohnstamm, chairman of privacy regulator College Bescherming Persoonsgegevens (CBP), in late January already called it "almost reprehensible" that the effectiveness of the data retention obligation has not been demonstrated. The same CBP this week also made mincemeat of a legislative amendment announced by Opstelten.

The draft version of that amendment contains some new safeguards with which it tightens the law and addresses the concerns of privacy advocates, among others. After adoption of the amendment, a judge must first give permission before a prosecutor may request communication data. In addition, the seriousness of the suspicion will also count: serious crimes will be allowed to be searched further into the past.

The CBP - which was asked for its opinion by the Ministry of Justice - called the adjustments insufficient. 'The investigative authorities have gained years of experience, but it has apparently not been possible to live a substantiation of the necessity of this retention obligation.' A disproportionate invasion of privacy, the CBP summarised on Monday.

Immediately out of operation
Vincent Böhre of Privacy First suspects that the amendment will not be passed by the Lower House for the same reason. Therefore, precisely because this will maintain the current situation, it called on Wednesday for the retention obligation to be immediately suspended.

Böhre: 'Regardless of what the government does with it, storing data is a violation of privacy. The European court also says so. If the court suspends enforcement of the law, providers may at least offer their customers the choice. Store or not.'

Whether the law is indeed off the table will be seen on 11 March. That is when the District Court of The Hague will give its verdict."

Source: http://www.volkskrant.nl/tech/bewaarplicht-buitenproportioneel-of-noodzakelijk-kwaad~a3854766/ , 19 February 2015.