Swedish ISP Bahnhof has long been a supporter of keeping its customers' data private. Five years ago, we wrote about its decision to delete user log files
to avoid having to rat out users under Sweden's draconian IPRED law (which required ISPs to hand over info on users accused of copyright infringement). However, various data retention laws were put in place to stop that sort of thing two years ago. So, it's not too surprising that, following the ruling this week in the EU Court of Justice that found the EU's data retention directive invalid
, the ISP has acted swiftly to delete all user records
and to cease collecting and retaining any more information.
After the decision in the European Court of Justice on Tuesday, the internet service provider Bahnhof decided to delete the records and to stop retaining the data with immediate effect.
That said, it may be a bit hasty for Bahnhof to have done this. As many people noted in response to the EU Court of Justice ruling, it was only ruling on the EU directive itself, and didn't directly apply to various laws passed in different countries to comply with that directive. Technically, those laws still apply -- and Swedish Justice Minister Beatrice Ask seems to imply that Bahnhof's decision broke the law.
But the minister is not pleased about Bahnhof's decision to stop all data retention immediately. "Swedish law still applies. It is not the case that you can start applying other conditions straight away. But of course we need to quickly consider what the consequences are so that everybody can get the right information," she said.
Still, it's nice to see Bahnhof, once again, make it clear that it doesn't want to be the custodian of information for law enforcement.