Retention of communications data needs clearer limits
Communications data can give as sensitive a picture of a person’s private life as the content of a message. NAMM attorneys Sander Potisepp and Kristjan Tuul wrote in ERR that the state has not sufficiently brought the rules on communications data retention into line with the case law of the Court of Justice of the European Union and the Supreme Court of Estonia.
Communications data shows who a person communicates with, where they move and what their habits are. The Court of Justice of the European Union has explained in several judgments that collecting everyone’s data without distinction is not compatible with the protection of fundamental rights. In the lawyers’ view, the same principle has been postponed in Estonian law for too long.
What does this mean for a person?
If communications data is retained about everyone just in case, it affects not only suspects but every phone and internet user. The question is not whether the state may use data to investigate serious crime. The question is whether data may be collected in advance about everyone.
What should the law specify?
The law should clearly state for the investigation of which serious crimes communications data may be used, whose data is retained and who authorises access to the data. General and unlimited collection gives certainty neither to the person nor to the investigative authority, because evidence collected under unclear rules may later become unusable in court.
Can communications data be used in criminal proceedings? Yes, but its use must be lawful, justified and reviewable. The investigation of a serious crime does not automatically justify the blanket retention of everyone’s data.