This document is an excerpt from the EUR-Lex website
Document 62017CN0623
Case C-623/17: Reference for a preliminary ruling from the Investigatory Powers Tribunal — London (United Kingdom) made on 31 October 2017 — Privacy International v Secretary of State for Foreign and Commonwealth Affairs and Others
Case C-623/17: Reference for a preliminary ruling from the Investigatory Powers Tribunal — London (United Kingdom) made on 31 October 2017 — Privacy International v Secretary of State for Foreign and Commonwealth Affairs and Others
Case C-623/17: Reference for a preliminary ruling from the Investigatory Powers Tribunal — London (United Kingdom) made on 31 October 2017 — Privacy International v Secretary of State for Foreign and Commonwealth Affairs and Others
OJ C 22, 22.1.2018, p. 29–30
(BG, ES, CS, DA, DE, ET, EL, EN, FR, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
22.1.2018 |
EN |
Official Journal of the European Union |
C 22/29 |
Reference for a preliminary ruling from the Investigatory Powers Tribunal — London (United Kingdom) made on 31 October 2017 — Privacy International v Secretary of State for Foreign and Commonwealth Affairs and Others
(Case C-623/17)
(2018/C 022/41)
Language of the case: English
Referring court
Investigatory Powers Tribunal — London
Parties to the main proceedings
Applicant: Privacy International
Defendants: Secretary of State for Foreign and Commonwealth Affairs, Secretary of State for the Home Department, Government Communications Headquarters, Security Service Srl, Secret Intelligence Service
Questions referred
In circumstances where:
a) |
the SIAs’ (1) capabilities to use BCD (2) supplied to them are essential to the protection of the national security of the United Kingdom, including in the fields of counter-terrorism, counter-espionage and counter-nuclear proliferation; |
b) |
a fundamental feature of the SIA’s use of the BCD is to discover previously unknown threats to national security by means of non-targeted bulk techniques which are reliant upon the aggregation of the BCD in one place. Its principal utility lies in swift target identification and development, as well as providing a basis for action in the face of imminent threat; |
c) |
the provider of an electronic communications network is not thereafter required to retain the BCD (beyond the period of their ordinary business requirements), which is retained by the State (the SIAs) alone; |
d) |
the national court has found (subject to certain reserved issues) that the safeguards surrounding the use of BCD by the SIAs are consistent with the requirements of the ECHR (3); and |
e) |
the national court has found that the imposition of the requirements specified in § § 119-125 of the judgment of the Grand Chamber in joined cases C-203/15 and C-698/15, Tele2 Sverige AB v Post-och telestyrelsen and Secretary of State for the Home Department v Watson and Others […] (‘the Watson Requirements’), if applicable, would frustrate the measures taken to safeguard national security by the SIAs, and thereby put the national security of the United Kingdom at risk; |
1. |
Having regard to Article 4 TEU and Article 1(3) of Directive 2002/58/EC (4) on privacy and electronic communications (the ‘e-Privacy Directive’), does a requirement in a direction by a Secretary of State to a provider of an electronic communications network that it must provide bulk communications data to the Security and Intelligence Agencies (SIAs) of a Member State fall within the scope of Union law and of the e-Privacy Directive? |
2. |
If the answer to Question (1) is ‘yes’, do any of the Watson Requirements, or any other requirements in addition to those imposed by the ECHR, apply to such a direction by a Secretary of State? And, if so, how and to what extent do those requirements apply, taking into account the essential necessity of the SIAs to use bulk acquisition and automated processing techniques to protect national security and the extent to which such capabilities, if otherwise compliant with the ECHR, may be critically impeded by the imposition of such requirements? |
(1) Security and Intelligence Agencies.
(2) Bulk Communications Data.
(3) European Convention on Human Rights and Fundamental Freedoms.
(4) Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) (OJ 2002, L 201, p. 37).