The European Data Protection Supervisor (EDPS) adopted an opinion on the European Commission's Evaluation Report on the Data Retention Directive in which the EDPS takes the view that the Directive does not meet the requirements imposed by the fundamental rights to privacy and data protection.

The Directive requires all providers of electronic communication services to store traffic and location data of the communications of all citizens, for possible use by the Member States for law enforcement purposes. The Commission Report provides an evaluation of the implementation and application of the Directive and measures its impact on economic operators and consumers. The report from EDPS welcomed the that the Commission took into account the implications of the Directive for the fundamental rights to privacy and data protection, especially in view of the criticisms that have been levelled concerning the privacy-intrusive nature of the Directive. However, the report also states that the Directive does not meet the requirements imposed by the fundamental rights to privacy and data protection, mainly for the following reasons:

• The necessity for data retention as provided in the Directive has not been sufficiently demonstrated.
• Data retention could have been regulated in a less privacy-intrusive way.
• The Directive leaves too much scope for Member States to decide on the purposes for which the data might be used, and also for establishing who can access the data and under which conditions.

The Evaluation Report will now play a role in possible decisions on amending the Directive. Therefore, the EDPS asked to the Commission to consider all options in this further process, including the possibility of repealing the Directive, whether or not combined with a proposal for an alternative, more targeted EU measure.