PRIVACY INTERNATIONAL (PI) has warned that EU member states are retaining personal data when they shouldn't be.
Further to this, none of those states are in compliance with human rights standards as applied to their own legislation on data retention.
The countries affected are Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, France, Germany, Hungary, Ireland, Italy, Luxembourg, the Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom.
Privacy International Head of Policy and Advocacy Tomaso Falchetta said: "Blanket and indiscriminate retention of our digital histories—who we interact with, when and how and where—can be a very intrusive form of surveillance that needs strict safeguards against abuse and mission creep.
"Our communications data is no less sensitive than the content of our communications. It is clear that current data retention regimes in Europe violate the right to privacy and other fundamental human rights. In particular the European Court has made clear that general, indiscriminate retention of communications data is disproportionate and cannot be justified, not even on the grounds of fighting crime.
"While some states have recognised the need to reform, there is little evidence that they are moving to change their laws to bring them into line with their obligations under existing human rights law."
PI, which is already suing the so-called "Five Eyes" over surveillance practices, has called for member states to review their legislation and adjust it to European standards (we imagine the UK government will probably gloss over this in the circumstances) and ensure that telecoms (and other) companies that are subject to such standards pressure their governments to comply too.
It also asks that the EU provides guidance on reviewing national retention laws.
This political hot potato matters wherever you stand on Brexit. With more and more companies opting to have their own rules on data protection, some sort of visibility on the matter remains vital.
Russia now insists that all parties keep any data generated in Russia on local soil, and that could be a trend set to continue.
Surprisingly, Germany is one of the countries on the list. It already has some of the most stringent data protection laws in the world and its appearance on this list as non-compliant actually makes us wonder if any nation state is as good as it should be? µ
Some $150,000 in digital currency got swiped
Canadian scientists claim tech could dominate future tech
Alexa, play that 'Let It Go' song 30 times
Webstresser's admins were also arrested as part of major op