Last Friday, the German legislator passed the highly disputed new German Data Retention Act (“GDRA”). The topic has a certain history in Germany as in 2010 the German Constitutional Court declared the previous data retention act invalid. The new GDRA puts quite extensive storage obligations on telecommunications providers. It is expected that claims seeking invalidation of this new GDRA will be launched very soon.
In more detail, the act provides for the following:
Telecommunication Services – storage of the following data:
- Numbers of caller and called person;
- Date, start and end of connection;
- Location data (stored only for four weeks); and
- SMS: inevitably, content will also have to be stored.
Internet Services – storage of the following data:
- Identification of telephone connection; and
- Date, start and end of connection.
Stored data may only be used on the basis of a judicial order for prosecution of severe criminal offences, such as formation of a terrorist group, murder or sexual abuse.
The full text of the new GDRA can be accessed – in German only – here
The new GDRA will enter into force after the last formal steps are taken, i.e. signature by the German president and publication. We expect that the law will enter into force in early November 2015.
You can find further comment from Olswang on the new rules on the DataGuidance website here