Link to ruling : <a href="http://curia.europa.eu/juris/document/document.jsf;jsessionid=F9F4030349E7EE379204044677062DBB?text=&docid=232083&pageIndex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=6203607" rel="nofollow">http://curia.europa.eu/juris/document/document.jsf;jsessioni...</a><p>And from what I read the summary is wrong.<p>This ruling applies to all EU+UK (including post Brexit for now) states but was requested by UK/France/Belgium lawyers initially.<p>This ruling also seems to mandate that all EU+UK states cannot keep metadata indefinitely/permanently unless it's highly targeted (as in "individually targeted"), within a judicial framework and only for specific high security issues.<p>So it doesn't forbid mass surveillance per se but only seems to mandate that they can't keep the data forever unless strictly necessary.<p>Some could even interpret this ruling as permission to do mass surveillance as long as they don't keep the data for too long (a year? 10 years? it's unclear)
As long as these practices are normal, encryption services need to be expanded and cooperation with sate actors should be minimized, preferably use platforms outside the EU.<p>The only defense against surveillance of communication channels is to make it technically impossible. Respecting privacy may be a misnomer here, they just have to adhere to EU law, which probably leaves room to let state actors continue exactly as before.<p>edit: "no mass surveillance without limits" titles techcrunch. As if the "limits" could make mass surveillance acceptable. This article is "fake news" in the original sense, because they actually reduced barriers for mass surveillance.