On January 7, 2008, the Regulation # 40 on the categories of data and the procedure under which they would be retained and disclosed by companies providing publicly available electronic communication networks and/or services for the needs of national security and crime investigation was issued by the State Agency on Information Technologies and Communication (SAITC) and the Ministry of Interior (MoI).
On January 29, 2008, the Regulation # 40 was promulgated in the Bulgarian State Gazette.
The Regulation # 40 allegedly puts Bulgarian legislation in conformity with the Directive 2006/24/EC on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications and amending Directive 2002/58/EC.
The Regulation # 40 binds the mobile operators and internet providers to retain data on electronic messages and phone calls:
Under the Regulation, certain operators will have to retain for 12 months data on all mobile phone calls, online calls, e-mails, SMS, even the communications in forums. The data actually does not include the content of the communication or message (though in forums the content is always public), but include information on who spoke or wrote to whom. The retained data will include: name and address of the user or registered user, date and time and duration of the connection. This also includes so-called attempted calls. These data will be accordingly kept and the access will be provided to a directorate within the Ministry of Interior – by default; to the pretrial investigation bodies and to the court – in order to carry out the punitive measures; and to the state security and public order bodies – to ensure national security.
The adoption of the regulation triggered a massive wave of criticism and rage among the civil society and business community in the country, as it implies serious intrusion in private life and correspondence.
On March 19, 2008, Access to Information Programme (AIP) filed an appeal to the Bulgarian Supreme Administrative Court (SAC) against the Regulation # 40. According to AIP, the adoption of this regulation is in violation of the Constitution of the Republic of Bulgaria, the European Convention on Human Rights, and the European Union legislation.
Arguments in the complaint:
A three-member panel of the Supreme Administrative Court rejected the complaint with a decision as of July 17, 2008. According to the court:
- “passive access through a computer terminal” implies provision of access to retained data after the submission of a written request only;
AIP appealed the decision of the SAC before a five-member panel.With a decision as of December 11, 2008, a five-member panel repealed the decision of the lower instance court and Art. 5 of the challenged Regulation. Article 5 provides for a “passive access through a computer terminal” by the Ministry of Interior, as well as access without court permission by security services and other law enforcement bodies, to all retained data by Internet and mobile communication providers. More...
HOME | ABOUT US | APIA | LEGISLATIVE BASE | LEGAL HELP | TRAININGS | PUBLICATIONS | FAQ | LINKS | SEARCH | MAP
English Version Last Update: 12.12.2008 © 1999 Copyright by Interia & AIP