The European Commission has announced plans for a review of the 2006 Data Retention Directive.
The Commission will re-examine the law, which provides member states with guidelines for data retention systems maintained by telecoms providers and used by law enforcement in criminal investigations.
Passed in the aftermath of the Madrid and London terrorist attacks, the directive seeks to provide law enforcement with access to telecoms activity when investigating serious crime.
Early investigations into the legislation have highlighted possible threats to personal privacy, and the Commission also believes that member states are enforcing the guidelines to different degress throughout the EU.
In the UK, the directive has led to controversial laws that require service providers to retain user data for one year.
"We need a more proportionate, common approach across the EU to this issue," said home affairs commissioner Cecilia Malmström.
"I therefore intend to review the Directive to clarify who is allowed to access the data, and the purpose and procedures for accessing it."
The Commission said that over the next several months it will review the Directive and suggest possible amendments.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago