The Supreme Court , by a six to one majority, is to refer key issues in the State’s appeal over convicted murderer Graham Dwyer’s mobile phone data retention case to the EU Court of Justice.
The State’s appeal over a High Court ruling upholding Dwyer’s challenge to a 2011 data retention law has important implications for the investigation and prosecution of serious crime and may also impact on Dwyer’s separate appeal over his 2015 conviction for the murder of childcare worker Elaine O’Hara.
Although the State’s appeal will not now be fully decided by the Supreme Court until the CJEU rules, the Chief Justice Frank Clarke, who gave the majority judgment today, expressed important preliminary views with which five of his colleagues agreed.
Those included that a system of “universal but limited” retention of phone data is not in itself incompatible with EU law but that there must be a “particularly robust” access system in place which includes having independent prior permission for such access.
The current Irish access system does not meet that standard, the Chief Justice said.
Another important preliminary view, including for the purpose of Dwyer’s separate appeal over his murder conviction, was that national courts have power to decide any declaration of invalidity of the 2011 Act should only be prospective - apply from the date of the court declaration of invalidity.
Because the High Court finding that the 2011 Act breached EU law was made in 2018, that could mean, if the preliminary view stands, the data relevant to Dwyer may have been legally retained and accessed.
The Chief Justice stressed today that the Supreme Court appeal did not concern Dwyer’s separate conviction appeal but rather concerned the High Court finding that provisions of the Telecommunications (Retention of Data) Act 2011 breach EU law because it allowed for indiscriminate data retention without adequate safeguards, including prior independent overview of access requests.
Each of the preliminary matters involved consideration of difficult issues of EU law, the Chief Justice said.
The Supreme Court is obliged, under the EU Treaties and case law of the Court of Justice, to make a referral on any issue of EU law which is necessary to decide proceedings unless there is a “clear” answer to that issue of EU law.
He was not satisfied the answer to any of the three issues identified in this case was clear and the court would therefore make a reference to the CJEU.
The first issue is whether a system of universal retention of certain types of metadata for a fixed period of time is never permissible irrespective of how robust any regime for allowing access to such data may be.
The second seeks the criteria whereby an assessment can be made concerning whether any access regime to such data can be found to be sufficiently independent and robust.
The third issue is whether a national court, if it finds national data retention and access legislation is inconsistent with EU law, can decide the national law should not be regarded as having been invalid at all times but rather can determine invalidity to be prospective only.
A draft reference document was provided to lawyers for the sides and they have seven days to make observations on that before it is finalised.
Earlier in the main judgment, the Chief Justice said the use of phone data is increasingly crucial to the detection and prosecution of serious crimes, including murder, terrorism and cases involving the grooming of children.
The experience of the Irish courts is that some such cases have only been solved because of the availability of the type of phone metadata at issue in Dwyer’s case and Dwyer’s side had not disputed the importance of such evidence, he said.
If, as Dwyer argued, it is not permissible to have such “universal” retention of data, notwithstanding how robust any regime for access to that data is, then many serious crimes against women, children and other vulnerable persons will not be capable of detection or successful prosecution.
In that context, his view was that alternative forms of data retention, such as geographical targeting, would be ineffective in the prevention, investigation, detection and prosecution of at least certain types of serious crime and could also lead to potential violation of other individual rights.
He also suggested the objective of the retention of data by any lesser means than a general data retention regime, subject to the necessary safeguards, is “unworkable”. The objective of prevention, investigation, detection and prosecution of serious crime would also be “significantly compromised” in the absence of a general data retention regime.
Mr Justice Donal O’Donnell, Mr Justice Liam McKechnie, Mr Justice John MacMenamin, Ms Justice Iseult O’Malley and Ms Justice Mary Irvine all agreed with the Chief Justice.
In his dissenting judgment, Mr Justice Peter Charleton said this case was all about excluding “vital” metadata and Ireland is not part of any legislative obligation for the exclusion of evidence.
Issues of proportionality of a legislative measure impinging on guaranteed rights should be resolved by national courts and there was enough evidence before the Supreme Court for a ruling to be made as to whether the High Court decision should be reversed or upheld, he said.
It was also not appropriate to refer cases under Article 267 of the Treaty of the Functioning of the EU which relate to criminal law and which should be resolved by application of a test on the protection of rights, he added.
The “most serious” crimes would remain undetected without phone metadata – Supreme Court judge
An absence of such protection for the population is, instead, a terrifying prospect.
The” most serious crimes against life and limb” would remain undetected without the secure retention of phone metadata and the potential to access and analyse it for strictly limited purposes related to criminal investigation, Mr Justice Charleton said.
There is no evidence any Irish person has fears about such retention and access, he added. “An absence of such protection for the population is, instead, a terrifying prospect.”
The retention and use of phone metadata was critical to the investigations of the murder of journalist Veronica Guerin and the Omagh bombing, in which 29 people died, he said. In his view, a system of prior authorisation for inert data storage could not have solved either of those crimes.
He considered there was sufficient evidence before the Supreme Court as of now for it to rule on the State’s appeal over a ruling allowing Graham Dwyer’s challenge to a 2011 law permitting retention of, and access to phone metadata.
That was one of his reasons for disagreeing with the view of six of his colleagues that legal issues had first to be referred to the Court of Justice of the EU before the Supreme Court could finally decide whether or not the High Court was correct in striking down the 2011 law as invalid.
The High Court had found provisions of the Telecommunications (Retention of Data) Act 2011 breached EU law because it allowed for a general data retention regime and for access without prior review by an independent tribunal or administrative authority.
Mr Justice Charleton said, because of issues related to the competence of the CJEU in criminal litigation, he also considered it was inappropriate to refer cases which relate to criminal law and which ought to be resolved by applying a specific test on the protection of rights.
This case is “all about vital metadata” and what is ultimately being sought by Dwyer is the exclusion of evidence in a criminal trial context on a charge of murder. Ireland is “not part of any legislative obligation” under EU Treaties for the exclusion of evidence.
The mobile phones at issue in Dwyer’s case were abandoned by whoever used them and data analysis at his criminal trial proved one phone belonged to Dwyer and the other was given to him by his employer, he observed.
Guns and other weapons are often abandoned after a crime, Irish law provides for the inert collection of data in that regard with access to that “strictly limited” on the basis of reasonable suspicion and it is for national courts to resolve any issues of compliance in that regard, he said.
While Article 8 of the Charter of Fundamental Rights of the EU provides that everyone has the right to protection of their personal data, that right need not clash with rights to life or bodily integrity.
Article 52 of the Charter provides that any limitation on the exercise of a guaranteed right must be provided for by law and respect the essence of those rights and freedoms, he noted.
He said that “legitimate concerns” about terrorism and “really serious” organised crime are behind the legislative provisions at issue and the relevant Ministerial directions and there was no other basis for them, such as “governmental snooping”.