1499081031532
Data Privacy & Security

German Data Retention Obligations Suspended


On 28 June 2017, the German telecommunications regulator (Bundesnetzagentur, "BNetzA") decided to suspend enforcement of the provisions of the German Telecommunications Act which required providers of publicly available telephone services for end users and providers of publicly available internet access services for end users to retain certain metadata (e.g. number of the calling and called party, date and time of the connection etc.) from 1 July 2017 onwards. This follows an order of 22 June 2017, where the Higher Administrative Court of North Rhine-Westphalia decided by way of interim relief, that an affected provider is not required to comply with the data retention obligations until the court has reached a final judgment. Even though this decision had effect only between the parties to that litigation, the court raised doubts as to whether the German data retention law, in its current form, complies with European Union law. Therefore, the BNetzA has officially confirmed that enforcement of the German data retention requirements has been suspended for all providers until a final judgment in the aforementioned litigation has been rendered. The BNetzA also announced that it would not impose any sanctions for non-compliance with the data retention obligations. As a result, providers are not required to comply with these requirements for the time being.