The European Commission has moved to sue Sweden after the Nordic state failed to implement the EU's Data Retention Directive in a timely fashion.

The Directive was passed back in 2006 and requires all EU member states to implement some form of data retention legislation, with terms of six month to two years. National laws were to be in place by March of this year, but Sweden still has yet to introduce a bill of its own.

Internet providers and search engines would all need to retain user data and IP addresses so that law enforcement would have a window of time in which to access that information during investigations.

According to Swedish newspaper Svenska Dagbladet, the Swedish government does plan to introduce legislation in the next month or two, asking for a six-month retention period. Why hasn't it happened yet? Because the Swedish Justice Ministry has been busy. Also, it's not Justice Minister Beatrice Ask's "favorite project."

The legislation, whenever it appears, will put more pressure on various ISPs that offer anonymity to their users. Beginning April 1, 2009, ISPs in Sweden had to implement the Intellectual Property Rights Enforcement Directive (IPRED), which meant that they could be forced to turn over user account information in some legal cases.

ISPs like Sweden's Bahnhof responded to IPRED by simply deleting all their data on a regular basis—a perfectly legal move. But when the Data Retention Directive goes into effect, that option will be taken off the table.

Beatrice Ask also says that the process of introducing a bill has been slowed by all the consultation the government has been doing. Which makes sense, since data retention is a sticky wicket for Europeans, who have generally focused on getting ISPs and search engines to store less user data (and for less time).

When all the European countries meet their national Data Retention Directive obligations, the continent will have made it illegal to delete data too quickly, and illegal to store it for too long.