This report shows how the Dutch Data Retention Act works in practice. It provides an overview of the way in which the Retention Act is structured, and of the use of the retained telephone and internet traffic data in the investigative practice. The report also provides insight into the use and value of these data in court rulings. The main assumption behind the Data Retention Act is that certain telephone and internet traffic data can play an important role in the investigation and prosecution of serious crimes. However, the fact that these privacy sensitive data have to be stored for a certain period of time, is a continual source of discussion.
This report provides insight into the use of the data that are stored according to Dutch law, in order to assess the value and the necessity of the retention directive. Hereby this report fills a need that is felt both in The Netherlands, as well as at the European level. Due to the rise of mobile phone and smartphone use, and due to the many communication possibilities provided by the Internet, distance communication has changed drastically in recent years. The current legislation does not reflect these developments, and it is unlikely that 'local' Dutch legislation can overcome this and can be meaningful in the borderless and location free space of the Internet. Given the international nature of many forms of crime, European harmonization on retention periods and the retrieval of data is desirable. European harmonization does not, however, resolve all the possible challenges presented by the virtual world. Security minded thinking stimulates an expansion of retention directives to involve more possibilities for the use of internet data in the investigation of crime. However, from the perspective of the privacy of citizens, this is an undesirable development. The search for an alternative to the current data retention is a hefty challenge. Insights offered in this report will be useful in discussions concerning these developments.