The European Commission today adopted a report assessing application of the Data Retention Directive (Directive 2006/24/EC) approved amid much controversy in 2006 which requires Member States to ensure that telecommunications operators retain certain categories of data (for identifying identity and details of phone calls made and emails sent) for the purpose of the investigation, detection and prosecution of serious crime.

Whilst Member States maintain the usefulness of the data in fighting terrorism and serious cross-border crime, the European legislation has not been uniformly transposed in Member States laws and concerns about the storage, retrieval and use of personal data remain valid.

"The application of the directive has been disastrous," said Alexander Alvaro (FDP, Germany), EP rapporteur on the directive five years ago. "We are facing a legal smorgasbord of data retention in the European Union. The Commission has admitted that neither the scope, nor access, duration of retention, data security, statistical evaluation, nor costs have been effectively harmonised among Member States to date."

"In certain countries the coastguard can access the retained data, in others a written request is deemed sufficient to look into personal data of European citizens. Also the number of access requests differs considerably. Polish authorities, for example, are responsible for about half of all two million requests for access to retained data in Europe."

"What is more there is no statistical proof for the benefit of the Directive. In fact, those countries that have not implemented the Directive have been just as capable of solving crimes with existing traffic data. The Commission now even questions the proportionality of the Directive while stating that it provides only limited legal certainty for EU operators."

"In the assessment of the directive, required by article 14, the Commission should conclude that no amount of amendment will improve the performance of a directive that represented a knee-jerk reaction to a climate of heightened security threats following the Madrid and London bombings. Data retention is, by definition, an erosion of our civil liberties and the only conclusion to draw is the deletion of the directive from the statute books."