By Alessandra Silveira (Editor) and Tiago Sérgio Cabral (Managing Editor)
▪
The CJEU has recently added further pieces to the puzzle of retention of traffic and location data by providers of electronic communications services for the purpose of making them available to competent national authorities in the fight against serious crime.[1] In addition to reiterating its constant jurisprudence on the matter, this CJEU judgment is particularly valuable to Member States that are legislating in order to adapt to EU law – as is the case of Portugal (judgment of 20 September 2022, SpaceNet, joined cases C-793/19 and C‑794/19, ECLI:EU:C:2022:702).[2]
In several Recitals of the judgment, the CJEU left some clues as to its resistance to the generalised and indiscriminate retention of metadata, and it is possible to perceive that it lies in the uncontrolled profiling of users of electronic communications services. Profiling is often used to make such predictions about individuals. It involves the collection of information about a person and the assessment of their characteristics or behavioural patterns in order to place them in a certain category or group and drawing upon that an inference or prediction – be it of their ability to perform a task, of their interest or presumed behaviour.[3]
Continue reading “Again: on the prohibition of generalised and indiscriminate retention of metadata for the purpose of combating serious crime”