EU member states have reacted differently to the annulment of the Data Retention Directive (DRD) by the Court of Justice of the EU in April 2014. Whereas some countries annulled or amended their data retention laws, others have not changed the rules despite the CJEU’s judgments.
A new benchmark by Cullen International looks into the state of data retention rules across 17 European countries.
The research shows that of the surveyed European countries:
- only Germany and Romania do not have data retention rules in force;
- nearly all of them impose on providers of electronic communications services general and indiscriminate data retention obligations; and
- Belgium and Denmark are the only ones with a targeted retention regime in place.
To access the full benchmark, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy Service.
more news
25 February 26
Protection of minors: overview of national initiatives on banning access to social media
Our latest benchmark shows that an increasing number of European countries are discussing a potential social media ban on children.
23 February 26
The DNA explained: universal service to serve the same goals under a revised approach
Cullen International is issuing a series of analyses on different aspects of the Digital Networks Act (DNA) proposal. This report covers universal service.
20 February 26
Revised Cybersecurity Act (CSA2) - Changes to the EU cybersecurity certification framework
Cullen International published an analysis of the proposed changes to the EU cybersecurity certification framework under the draft Cybersecurity Act 2 (CSA2) delivered by the European Commission on 20 January 2026.