The necessity and challenges associated with email archiving are not exclusive to companies operating in the United States.

Like their American counterparts, organizations all around the world rely heavily on email for business communications. As such, correspondence sent through the medium contains pertinent information regarding the company and its inner workings.

European Union officials have recognized the importance of the information contained in email and handed down the Data Retention Directive on March 15, 2006. While the law contains similarities to its American counterparts, most notably the Federal Rules of Civil Procedure, it is also a decidedly different piece of legislation.

Below we’ll examine the need for EU email retention standards, the law’s actual requirements and the heavy criticisms it has faced from several member nations.

The Need

As in most parts of the globe, employees in the European Union can’t do without email. It is the primary form of communications within European businesses, used for sharing information between branches, partners, customers and clients.

Furthermore, a whitepaper from Frost & Sullivan on the subject of email archiving revealed that 80 percent of the business-critical content for a company is contained in email messages. That means nearly all their trade secrets, confidential company data and insider information is all floating through cyber space in email.

For this reason, it is clear that making a legal case either for or against a company is dependent on the information contained in email. However, that same information could also be used to fight crime and thwart terrorism plots, both of which appear to be driving forces behind the EU’s Data Retention Directive.

That differs from the U.S. requirements, which are targeted at civil lawsuits and legal proceedings.

The Requirements

Under the directive, companies, mostly Internet service providers and others in the telecommunications, must retain all customer transactions for a period ranging between six months and two years. As for the transactions covered, they include email, telephone calls and website traffic, among others.

“The bottom line for many EU organizations is that proper email life cycle management decreases outside liability potential and falls in line with modern corporate email governance procedures,” according to Frost & Sullivan’s whitepaper.

However, the directive applies to certain information concerning these channels, but not necessarily the contents of them. Companies must identify the source, destination, date, time and duration of such communications.

Also, industry regulators in specific EU member nations have taken requirements step further. For example, the U.K.’s Financial Services Authority requires companies to retain email for six years. Such measures could cause other countries to follow suit with strict mandates of their own, according to Frost & Sullivan.

The Criticism

The EU Data Retention Directive has not been received without its detractors. In fact, the German Parliament has even gone so far as to call the directive illegal.

According to the IDG News Service, the German Bundestag’s Working Group on data retention said the law is “disproportionate in the measures it requires to fight crime, as data retention increases the crime clearance rate only slightly.” Essentially, the ends don’t justify the means. And the group said it would be impossible to reword the law to bring it in line with the EU’s Charter of Fundamental Rights.

In response, the European Commission, the executive body of the EU, said the directive does walk a fine line in terms of the right to privacy, and it will consider tighter regulations for the access and use of the retained data.

In addition to EU rules, EU companies also face industry email archiving requirements as well as the need to retain and if necessary produce electronic records for tax audits.