Moon Beever Logo


European Court rules that criminal offences that are not particularly serious may justify access to personal data retained by providers of electronic communications services provided that access does not constitute a serious infringement of privacy

In a welcome further push back against the tide of personal protections for criminals at the expense of victims, the European Court has decided on 2 October 2018 to extend the decision previously set out in Tel2 Sverige which allowed national authorities access to personal data held by electronic communications providers, in cases of serious crime, despite it being a breach of personal and fundamental freedoms enshrined in the Directive (*).  

This case, from Spain (Case C-207/16 Ministerio Fiscal), was in some eyes regarding a small crime, though a prevalent one, of mobile phone theft. 

Spanish police sought access to data identifying the users of telephone numbers activated with the stolen telephone during a period of 12 days as from the date of the robbery but were refused by the Magistrate as access to such data was only permitted for serious crimes. The appellate court sought guidance from the ECJ which in considering the directive on privacy and electronic communications noted that it provides that Member States may restrict citizens’ rights when such a restriction constitutes a necessary, appropriate and proportionate measure within a democratic society in order to safeguard national security, defence, public security, and the prevention, investigation, detection and prosecution of criminal offences or of unauthorised use of the electronic communication system. 
Whilst it recognised that for broader information the protection was necessary the ECJ determined that given the data sought was limited, it was a proportionate interference with the subjects’ personal data rights because it didn’t give any information about their private lives but it did meet the objective of preventing, investigating, detecting and prosecuting ‘criminal offences’ generally, without it being necessary that those offences be defined as ‘serious’.
* Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) (OJ 2002 L 201, p. 37), as amended by Directive 2009/136/EC of the European Parliament and of the Council of 25 November 2009 (OJ 2009 L 337, p. 11). 


Standout firm known for its personal insolvency work for clients including private companies, individuals and governmental institutions. Frequently acts for insolvency practitioners, assisting with the realisation of assets, both in the UK and abroad.

Chambers and Partners

Contact Us

Our office locations can be found here and individual staff profiles here together with full address and contact details. 

For non-urgent enquiries by email, please complete the contact form below and we will respond as soon as possible.