Data Protection Insider, Issue 52

ECtHR Rules on Intelligence Agencies in Zoltán Varga –

On 20th July, the ECtHR ruled in the case of Zoltán Varga v. Slovakia. In terms of the facts of the case: the applicant was subject to an intelligence agency surveillance operation. The operation, legitimated by warrants from the Regional Court requested by the Slovak Intelligence Service (SIS), aimed at monitoring meetings between the applicant and others in an apartment owned by the applicant. At domestic level, the applicant had – with certain, albeit limited, success – complained about the warrants, had tried to obtain relevant information about the operation and to have the materials gathered in the course of the operation destroyed. The applicant thus brought a complaint under Articles 8 – right to respect for private and family life – before the ECtHR. The Court found in favour of the applicant. In reaching its conclusion, the Court considered that both the implementation of the warrants and the retention of materials stored following actions supposedly authorised by the warrants was not ‘in accordance with the law’. The Court observed: ‘[Concerning the implementation of the warrants,] in view of the lack of clarity of the applicable jurisdictional rules, the lack of procedures for the implementation of the existing rules and flaws in their application, when implementing the three warrants the SIS practically enjoyed a discretion amounting to unfettered power, not being accompanied by a measure of protection against arbitrary interference as required by the rule of law. Accordingly, it was not “in accordance with the law”…[. Concerning the retention of materials subsequent to activities supposedly authorised by the warrants] the storing of material…and the derivative material from the implementation of all three warrants…was subject to confidential rules which were both adopted and applied by the SIS, with no element of external control. Such rules were clearly lacking in accessibility and provided the applicant with no protection against arbitrary interference with his right to respect for his private life…[Further] the Court finds that, since the annulment of warrant 3 by the Constitutional Court, the retention by the SIS of the primary material from its implementation has as such been lacking sufficient basis in law…[Thus,] retention of the…material therefore has not been “in accordance with the law”’. This is an involved and interesting case worth reading. It is particularly interesting for the insight it provides into the institutional relationships between an intelligence agency and legislative and judicial bodies.


ECtHR Rules on Interception of Telephone Calls in Ahmadov –

On 22nd July, the ECtHR ruled in the case of Azer Ahmadov V. Azerbaijan. In terms of the facts: the applicant was a journalist who was editor-in-chief of an opposition-oriented newspaper. Certain of the applicant’s telephone conversations had then been intercepted in the course of an investigation into the stabbing of one of the applicant’s colleagues – ‘[t]he domestic proceedings concerning A.K.’s stabbing and the interception of his telephone conversations were the subject of the Court’s decision in Khalil v. Azerbaijan’. Following domestic judicial procedures, the applicant then complained to the ECtHR under Articles 8 – right to respect for private and family life –10 – freedom of expression – 6 – right to a fair trial – and 13 – right to an effective remedy. The Court found a violation of Article 8 – the Court considered the Article 10 complaint alongside Article 8 and concluded that there was no need ‘to give a separate ruling on the admissibility and merits’ of the Article 6 and 13 complaints. In reaching the decision, the Court recalled the general principles concerning the interception of telephone conversations outlined in ‘Malone v. the United Kingdom…and…Dragojević v. Croatia’. Applying these principles to the case, the Court concluded that the interference was not ‘in accordance with the law’. In this regard, the Court noted: ‘as secret surveillance is a serious interference with a person’s right to respect for private life, the judicial authorisation serving as the basis for such surveillance cannot be drafted in such vague terms as to leave room for speculation and assumptions with regard to its content and, most importantly, with regard to the person in respect of whom the measure is being applied…In the instant case, in the absence of clarity as to which telephone number or numbers were to be tapped and what was the connection between those numbers and a person genuinely suspected of having committed a criminal offence, the word “contacts” in the decision [in question]…and the terms of that decision as a whole were too broad and imprecise…[. Further] while examining the applicant’s complaints, the domestic courts failed to adequately address his specific arguments, in particular those concerning the compliance of the decision…and the tapping of his telephone with the applicable provisions of domestic law.’


– EDPB Adopted Documents in July 7th and 12th Plenaries

On 22nd July, the EDPB confirmed the list of documents adopted in their July 7th and 12th plenaries. In the July 7th Plenary, the following documents were adopted:

  • ‘Guidelines on Codes of Conduct as a tool for transfers’
  • ‘Guidelines on Virtual Voice Assistants (following public consultation)’
  • ‘Guidelines on the concepts of Controller and Processor (following public consultation)’
  • ‘EDPB response to MEP Sophie in’t Veld regarding the EDPB’s statement 04/2021 on international agreements including transfers’

In the July 12th Plenary, the following document was adopted:

  • ‘Urgent Binding Decision on the request under Article 66(2) GDPR from the Hamburg Supervisory Authority for ordering the adoption of final measures regarding Facebook Ireland Limited’

The adopted documents are available on the EDPB’s website




DPI Editorial Team

Dara Hallinan, Editor: Legal academic working at FIZ Karlsruhe. His specific focus is on the interaction between law, new technologies – particularly ICT and biotech – and society. He studied law in the UK and Germany, completed a Master’s in Human Rights and Democracy in Italy and Estonia and wrote his PhD at the Vrije Universiteit Brussel on the better regulation of genetic privacy in biobanks and genomic research through data protection law. He is also programme director for the annual Computers, Privacy and Data Protection conference.

Diana Dimitrova, Editor: Researcher at FIZ Karlsruhe. Focus on privacy and data protection, especially on rights of data subjects in the Area of Freedom, Security and Justice. Completed her PhD at the VUB on the topic of ‘Data Subject Rights: The rights of access and rectification in the AFSJ’. Previously, legal researcher at KU Leuven and trainee at EDPS. Holds LL.M. in European Law from Leiden University.

Leave a Reply