Following the invalidation of the Data Retention Directive by the Court of Justice of the EU in April 2014, the e-Privacy Directive constitutes the EU legal basis for member states to oblige electronic service providers (ECS) to retain metadata (e.g. traffic and location data).
Our latest benchmark shows that of the 18 surveyed European countries, only Germany, the Netherlands and Romania do not have any data retention rules in force.
Nearly all the surveyed countries impose on providers of electronic communications services general and indiscriminate data retention obligations. Only Belgium, Denmark and the UK foresee targeted retention of metadata.
The European Commission is consulting on the possible reintroduction of an EU-wide framework for metadata retention obligations.
For more information and access to the full benchmark, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.
more news
12 January 26
Is IoT regulation continuing to intensify globally?
Our Quarterly Regulatory Update on IoT and M2M Services (Q4 2025) highlights how national regulators are shaping the future of IoT and M2M services in areas such as cross-border connectivity, device regulation, and security.
08 January 26
Video gaming: EU regulatory and competition law implications across the value chain
Cullen International’s special report published in December 2025 explores the gaming value chain, with a focus on the application of regulation and competition law in the EU.
07 January 26
Average time to resolve a postal complaint in Europe varies from days to years
Our latest benchmark provides information on how end users' complaints are handled in the European postal sector, including operators' own complaint procedures, escalating procedures and statistics.