A court in Austria has ruled that the country's data retention law is unconstitutional as it violates fundamental European privacy rights.
The decision by the Constitutional Court of Austria comes in the wake of a recent ruling of the EU's top court that found EU laws requiring communications providers to retain metadata to be invalid.
Austria's data retention law violates article 8 of the European Convention on Human Rights that covers the right to respect of private and family life, the Constitutional Court ruled Friday.
This means that the law will be officially invalidated once the verdict is published by the Austrian chancellor, which will probably happen within a week, court spokesman Christian Neuwirth said. "So you could say this is effective immediately," he added.
Austrian and other European telecommunications and Internet providers are required by the EU's Data Retention Directive to retain traffic and location data as well as related data necessary to identify the user. This is done in order to help law enforcement fight organized crime and terrorism.
However, the Constitutional Court of Austria and the High Court of Ireland doubted the validity of the directive and asked the Court of Justice of the EU (CJEU) if it violated fundamental privacy rights. The CJEU ruled in April that the data retention directive is indeed illegal.
However, this does not mean that all data retention laws in European member states are automatically void. The CJEU's ruling is binding though for national courts who have to dispose of cases in accordance with its decision.
That is what happened Friday in Austria, Neuwirth said.
Regulations such as the data retention law could be used to fight serious crime, but only if they are in line with data protection and the convention on human rights, the Constitutional Court ruled.
New communication technologies provide new challenges for the fight against crime. However, new technical possibilities also lead to potential threats to people's privacy, and this threat must be countered in an adequate way, the court said.
Loek is Amsterdam Correspondent and covers online privacy, intellectual property, open-source and online payment issues for the IDG News Service. Follow him on Twitter at @loekessers or email tips and comments to firstname.lastname@example.org
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.