The GDPR doesn’t work for Data Retention

A simple syllogism.


GDPR’s Whereas 19 says:

The protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security and the free movement of such data, is the subject of a specific Union legal act. This Regulation should not, therefore, apply to processing activities for those purposes.


Voice and Internet Data Retention regulations serve to investigate crimes, prevent threats to public security and so on,


the GDPR’s reach doesn’t touch Data Retention


A29 and local Data Protection Authorities have no jurisdiction over this topics.

Question: where’s the fallacy of this syllogism?


Leave a Reply

Your email address will not be published. Required fields are marked *