The Information Commissioner holds that data retention provisions of the Act on Electronic Communications (ZEKom-1), which came into force on 15 January 2013 do not respect the principle of proportionality and that they have been transposed into national law in contrast with the provisions of the Data Retention Directive 2006/24.
Data retention has been in force in Slovenia since 2007 (telephone data) and 2009 (internet related data) with retention periods of 14 and 8 months respectively (in 2009 retention periods were shortened from previously 24 months). In the new Act on Electronic Communications, adopted to transpose the provisions of the amended telecommunications package, the legislator did not amend the provisions on data retentions.
The Information Commissioner reasons that huge amounts of data are stored in advance about electronic communications of each individual, regardless if he or she has fully obeyed the law or not. Whereas the principle of legality was respected, the principle of proportionality was completely neglected by the legislator. Processing of personal data is regulated in a manner that is not compatible with the rule of law since it does not respect the conditions allowing encroachments of human rights. Having taken an absolutistic approach to retention of data, the legislator also affected other rights such as the right to secrecy of communications, freedom of speech and movement. It did so without providing any evidence or analysis that such a measure is necessary and reflected in greater (if any) impact on prosecution of criminal offences. In fact, the government has failed to provide any regulatory impact analysis after years of data retention that would justify its existence.
The aim of Directive 2006/24 was to establish mandatory data retention of electronic communications in order to ensure that the data are available for the purpose of the investigation, detection and prosecution of serious crime, as defined by each Member State in its national law. The purposes of data retention under ZEKom-1 however differ significantly – not only did the legislator broaden the scope by not limiting data retention only for serious criminal offences, but for all criminal offences, the data may also be used for the purposes of ensuring national security and the constitutional order, and the security, political and economic interests of the state, as stipulated by the law governing the Slovenian Intelligence-Security Agency, and for the purposes of national defence as stipulated by the law governing defence of the state. Commissioner’s inspections also revealed that retained data were also used in civil litigations, labour law disputes and misdemeanour procedures.
Information Commissioner therefore decided to file a request to the Constitutional Court of the Republic of Slovenia to assess the constitutionality of data retention provisions. It also proposed that the request be given preferential treatment and that data retention provisions be temporarily suspended.
Request to the Constitutional Court (in Slovenian only):
Electronic Communication Act (ZEKom-1; in Slovenian Only)
Information Commissioner of the Republic of Slovenia: