29.11.2006
News

Electronic communications and data retention

Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC.

Directive 2006/24/EC of the European Parliament and of the Council of 15March 2006, on the retention of data generated or processed in connection withthe provision of publicly available electronic communications services or publiccommunications networks, and amending Directive 2002/58/EC aims to harmonizeMember States’ provisions concerning the obligations of the providers ofpublicly available electronic communications services and public communicationsnetworks to retain certain data generated or processed by them, to ensure thedata is available for investigation, detection and prosecution of serious crime,as defined by each Member State in its national law.

The reason for the adoption of this Directive is the current state concerningnational regulations in this area. Several Member States have adoptedlegislation providing for the retention of data by service providers tosafeguard their various public interests. Due to the fact that these nationalprovisions vary considerably, service providers are faced with differentrequirements regarding the types of traffic and location data to be retained andthe conditions and periods of retention. These legal and technical differencespresent obstacles to the internal market for electronic communications.

This Directive thus harmonizes the scope of data to be retained, themandatory time period for retaining data, the data security principles andstorage requirements.

The Directive applies to data generated or processed by providers of publiclyavailable electronic communications services or by public communications networksupplying the concerned communications services, including data related tounsuccessful call attempts. But it does not require any retention of datarelating to unconnected calls.

The Directive imposes the obligation to retain the data necessary to traceand identify: (a) the source of a communication; (b) the destination of acommunication; (c) the date, time and duration of a communication; (d) the typeof communication; (e) users’ communication equipment or what purports to betheir equipment; and (f) the location of mobile communication equipment. Howeverno data revealing the content of the communication may be retained pursuant tothis Directive.

These data are to be retained for periods of not less than six months and notmore than two years from the date of the communication. Further they are to beprovided only to the competent national authorities in specific cases and inaccordance with national law. The Directive sets up the procedures to befollowed and the conditions that must be fulfilled to gain access to retaineddata, which must be in accordance with necessity and proportionalityrequirements.

In order to protect end-user’s privacy, providers of publicly availableelectronic communications services and public communications networks arerequired to respect, at minimum, the following data security principlesconcerning retained data:

  1. the retained data must be of the same quality and subject to the samesecurity and protection as the data on the network;
  2. the data must be subject to appropriate technical and organizationalmeasures to protect the data against accidental or unlawful destruction,accidental loss or alteration, or unauthorized or unlawful storage,processing, access or disclosure;
  3. the data must be subject to appropriate technical and organizationalmeasures to ensure they can be accessed by only specially authorizedpersonnel; and finally
  4. the data, except those that have been accessed and preserved, are to bedestroyed at the end of the period of retention.

Concerning the storage of retained data, the Directive requires that they bestored in such a way that the data and any other necessary information relatingto such data can be transmitted on request to the competent authorities withoutundue delay.

This Directive entered into force on 3 May 2006 and Member States arerequired to comply with the Directive by no later than 15 September 2007. Incase of retention of communications data relating to Internet Access, Internettelephony and Internet e-mail, a Member State that makes a declaration maypostpone application of this Directive until 15 March 2009.


Other articles

8.8.2025
News

Project Financing of a Strategic Logistics Complex in Nymburk

KŠB provided legal advice to Facility Develop Group in securing two separate financings granted by Trinity Bank. The funds will be used for the development and expansion of a large logistics park in Nymburk, which is of key importance to the infrastructure of the entire Central Bohemian Region.
5.8.2025
News

Legal Advisory to Japanese Group Ushio on the Acquisition of a Division of ams-OSRAM

The KŠB team, led by partner Dagmar Dubecká and attorney Jana Guričová, provided legal advisory to Japanese company Ushio Inc., a global leader in semiconductor technologies and specialized lighting for the automotive and industrial sectors, in connection with its acquisition of the Entertainment& Industrial Lamps segment from the Austrian-based ams-OSRAM Group, a company with over a century of history.
28.7.2025
News

Smetanova Litomyšl Comes to a Close with Music and a Message of Solidarity

This year’s edition of the Smetanova Litomyšl festival concluded with the concert Grand Finale – An American Story, held under the patronage of our firm. In addition to delivering a remarkable musical experience, the evening also served a charitable purpose: proceeds supported the Olga Havel Foundation (Výbor dobré vůle – Nadace Olgy Havlové), helping young people from disadvantaged backgrounds pursue their education.