CENTRUM FÖR RÄTTVISA v. SWEDEN JUDGMENT
23
State when the activities relate to State security matters) and the enforcement of
criminal law. Consequently, this Directive does not affect the ability of Member
States to carry out lawful interception of electronic communications, or take other
measures, if necessary for any of these purposes and in accordance with the European
Convention for the Protection of Human Rights and Fundamental Freedoms, as
interpreted by the rulings of the European Court of Human Rights. Such measures
must be appropriate, strictly proportionate to the intended purpose and necessary
within a democratic society and should be subject to adequate safeguards in
accordance with the European Convention for the Protection of Human Rights and
Fundamental Freedoms.”
The Directive further provides, inter alia, the following:
Article 1 – Scope and aim
“1. This Directive harmonises the provisions of the Member States required to
ensure an equivalent level of protection of fundamental rights and freedoms, and in
particular the right to privacy, with respect to the processing of personal data in the
electronic communication sector and to ensure the free movement of such data and of
electronic communication equipment and services in the Community.
2. The provisions of this Directive particularise and complement Directive
95/46/EC for the purposes mentioned in paragraph 1. Moreover, they provide for
protection of the legitimate interests of subscribers who are legal persons.
3. This Directive shall not apply to activities which fall outside the scope of the
Treaty establishing the European Community, such as those covered by Titles V and
VI of the Treaty on European Union, and in any case to activities concerning public
security, defence, State security (including the economic well-being of the State when
the activities relate to State security matters) and the activities of the State in areas of
criminal law.”
Article 15 – Application of certain provisions of Directive 95/46/EC
“1. Member States may adopt legislative measures to restrict the scope of the rights
and obligations provided for in Article 5, Article 6, Article 8(1), (2), (3) and (4), and
Article 9 of this Directive when such restriction constitutes a necessary, appropriate
and proportionate measure within a democratic society to safeguard national security
(i.e. State security), defence, public security, and the prevention, investigation,
detection and prosecution of criminal offences or of unauthorised use of the electronic
communication system, as referred to in Article 13(1) of Directive 95/46/EC. To this
end, Member States may, inter alia, adopt legislative measures providing for the
retention of data for a limited period justified on the grounds laid down in this
paragraph. All the measures referred to in this paragraph shall be in accordance with
the general principles of Community law, including those referred to in Article 6(1)
and (2) of the Treaty on European Union.”
78. On 15 March 2006 the Data Retention Directive (Directive
2006/24/EC on the retention of data generated or processed in connection
with the provision of publicly available electronic communications services
or of public communications networks and amending Directive
2002/58/EC) was adopted. It provided, inter alia, as follows: