Wednesday, October 21, 2015

New data retention law in Germany

If your communications pass through Germany, the telecom companies there are required to keep your metadata for communications and pass it to law enforcement on demand.  If you use SMS in the country, then location data will also be stored for four weeks for law enforcement use.

The law does specify that Germany should evaluate how effective the data is in preventing and solving crimes.  There does not appear to be any restriction on the laws applying to only German or EU citizens - it appears that as long as your communications transit German telecom, you're metadata is being recorded, retained, and shared with law enforcement on demand.

With "law enforcement" often defined very broadly, huge number of people may have access to the metadata.  It is unclear whether there will be controls on access to this data, or what those controls would be.  The data retention policies may create issues for companies who do business in Germany that they would prefer to remain private.  Laws like this also create precedent for other countries in the EU (and elsewhere) who may follow suit.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.