Data Retention Rules in Belgium: uncertainty remains after third Constitutional Court ruling

The debate surrounding Belgium’s data retention legislation is far from over, despite recent decisions by the Constitutional Court. While some elements of the law have been upheld, the future of this legislation now hinges on the rulings of the European Court of Justice (ECJ) regarding the remaining contested sections. ISPA Belgium is closely following these developments as they have a direct impact on our members and the broader internet ecosystem in Belgium.

A long legal journey

Belgium’s data retention law, which seeks to comply with a European directive aimed at retaining mobile phone data, has faced significant legal hurdles over the years. In 2015, the Belgian Constitutional Court annulled the original legislation, deeming it too vague after a legal challenge by the Human Rights League, among others. A second attempt in 2021 was also struck down by the Court.

Now, the latest ruling by the Constitutional Court on the 2022 version of the data retention law shows some movement in the right direction. Certain key aspects were approved this time, including the concept of targeted data retention within specific geographical zones, also known as differentiated data retention. This provision allows for data retention in zones where there is heightened risk of serious crime or threats to public safety, a change from earlier laws that treated the entire country as a single entity.

Concerns remain

It is true that some legal guidelines have been established, providing much-needed reassurance for the ISP sector. However, with some aspects of the law still lacking clarity, unresolved issues pose technical challenges and create legal uncertainty for the internet ecosystem.

As a matter of fact, the future of Belgium’s data retention framework is still undecided. The Constitutional Court has referred several questions to the ECJ for clarification, particularly around how the EU Charter of Fundamental Rights should be interpreted in this context.

Striking the balance

A major area of concern for Belgian ISPs remains the issue of retaining geolocation data by mobile network operators. While the need for balance between ensuring public safety and upholding fundamental rights is recognised, the outcome of the ECJ rulings will play a decisive role in shaping how this balance is achieved, also on this aspect.

Conclusion

The legal landscape for data retention in Belgium continues to evolve, with both progress and uncertainties on the horizon. The focus of ISPA Belgium is to remain engaged in these discussions, and to ensure that the rights of citizens are respected while addressing the technical and legal challenges that our members face. As we await further developments from the ECJ, our commitment to advocating for balanced and effective policies remains steadfast.

It is crucial that the need to combat crime does not come at the cost of citizens’ fundamental right to privacy. ISPA remains committed to advocating for balanced, well-defined legislation that safeguards both public security and privacy.