The opinion is still sceptical about the need for data retention:
"The Working Party questions whether the justification for an obligatory and general data retention coming from the competent authorities in Member States is grounded on crystal-clear evidence. The Working Party also doubts whether the proposed data retention periods in the draft Directive are convincing."
The Working Party therefore suggests that the legislation should automatically expire three years after it is passed so that the evidence for such invasive requirements can be re-evaluated. The WP also sets out 20 safeguards that should be implemented before any data retention legislation is passed:
Prevention of terrorism should not include large-scale data-mining based on the information referred to in the Directive in respect of the travel and communication patterns of people unsuspected by the law enforcement authorities. Access must be restricted to those data that are necessary in the context of specific investigation.