Data generated by use of electronic communications services are important to the police in their crime countering operations. In the pre-digital age telecom providers often stored such data and the police could access them under legal powers of seizure or production order. To ensure that traffic and location data would be available to the police also after the e-Privacy Directive, some countries (referring to Article 15), imposed an obligation on providers to retain data related to use of their services. Noticing that differences between national regulations hampered the internal marked, the EU reacted by enacting the Data Retention Directive (2006/24/EC) (“DRD”), which aimed to harmonize data retention rules across the Member States and EEC-countries. DRD acknowledged that such data are important to the prevention, detection, investigation, and prosecution of crime, and compelled Member States to impose a legal obligation on providers to retain metadata for a period of minimum six months and maximum two years. The data was to be made available to the police for the purpose of combating serious crime.
In 2014, in the case Digital Rights Ireland, DRD was voided by the European Court of Justice, as incompatible with the fundamental rights to privacy and data protection laid down in the EU Charter of Fundamental Rights (2012/C 326/02) Articles 7 and 8. Since 2014, the Court has further developed its jurisprudence on the matter, indicating that there is some scope for data retention. To analyse this case-law is out of scope of this study.