Metadata Retention Law in Germany

In 2010, one of the German courts declared German mandatory data retention law as unconstitutional after strong opposition. Later, European Commission issued an ultimatum to Germany to transpose the Data Retention Directive. And in January 2016, the German law on data retention came into effect as a mean to ‘strengthen’ national cyber security mandate after Bundestag (lower house of German parliament) voted in factor of data retention law.

Metadata is like a digital footprint of who you called, where you are from, and for how long did you call that person, etc. Where messages are retained in full and the data would be retained that would be available for government officials with a warrant.

Metadata Retention in Germany: Timeline

In 2010, Federal Constitutional Court (FCC) ruled the old 2006 EU’s Data Retention Directive (DRD) and Germany’s Implementation Act (which enacted DRD as national law) as invalid on the grounds of fundamental rights violation.

In 2014, European Court of Justice ruled that the data retention of web users “without any distinction, restriction or exception” was indeed against the fundamental human rights.

In April 2015, German Justice Minister, Heiko Mass drafted a new proposal for data retention law to assist both – the national security and address the issues in data retention policy. After all, FCC never ruled data retention as unconstitutional rather the Data Implementation Act did not comply with the rights of secrecy of communication and informational self-determination.

The amendments in the new proposal included how long data would be stored, excluded e-mail traffic and access to such data would require a judicial order. SMS content, timestamp of webpage access, and IP address would be stored for 10 weeks and the phone calls would be stored for 4 weeks.

In June 2015, the political party SPD (Social Democrats) approved the proposal and the legislation, and moved it forward for the parliament discussion.

In October 2015, The Bundestag (lower house) passed the bill with the majority of 404 votes in favor of data retention law.

In between 2015 and January 2016, The Bundesrat (upper house) passed the bill and moved it forward for the consideration of the President to sign or send it in Germany’s constitutional court for review to check compliance with the basic law of Germany.

German Metadata Retention: Opposition

Civil liberties organizations have opposed this similar law arguing that it will undermine the privacy of people and instill the false sense of security. Here’s a closer look at the opposition from the groups:

  • Free Democratic Party (FDP) could legally challenge the data retention law before constitutional court judges. They argue that the data retention law would not protect privacy of citizens with professional secrets which is a guarantee under EU law.
  • European single market regulations might get exploited because of data retention law, as it might provide Germany an unfair advantage over other countries if it forces organizations to use German servers for easy access.
  • It is unclear what will happen if a ‘digital footprint’ raises a suspicion. Would the data be used for digital surveillance or phone wire warrant issue?

How to Protect From German Metadata Retention

You can encrypt your metadata by following some security measures to prevent ISPs and Telecommunication providers from tapping onto your sensitive information. You can follow our guide on How To Prevent Metadeta Retention.

Leave a Comment