Charlemagne Building

EC proposes new rules for faster production of evidence

(Image: Loek Essers, IDGNS)

20 April 2018

The European Commission is proposing new rules which will require the providers of cloud services, email and telecoms to produce data called as evidence within six hours.

The efforts are to increase the ability of law enforcement to fight crime and terrorism in the Internet age.

The commission said that such rules are necessary to “make it easier and faster for police and judicial authorities to obtain the electronic evidence, such as e-mails or documents located on the cloud, they need to investigate, prosecute and convict criminals and terrorists”.

The new rules, according to the commission, will allow law enforcement in the member states to “better track down leads online and across borders, while providing sufficient safeguards for the rights and freedoms of all concerned”.

Cumbersome methods
“While law enforcement authorities still work with cumbersome methods,” said Vera Jourová, EU Commissioner for Justice, Consumers and Gender Equality, “criminals use fast and cutting-edge technology to operate. We need to equip law enforcement authorities with 21st century methods to tackle crime, just as criminals use 21st century methods to commit crime.”

“Electronic evidence is increasingly important in criminal proceedings,” said First Vice-President Frans Timmermans. “We cannot allow criminals and terrorists to exploit modern and electronic communication technologies to hide their criminal actions and evade justice. There must be no hiding place for criminals and terrorists in Europe, online or offline. Today’s proposals will put in place unprecedented tools enabling the competent authorities not only to gather electronic evidence quickly, efficiently across borders but also ensuring robust safeguards for the rights and freedoms of all affected.”

According to a release from the commission, the proposals will create a European Production Order that will allow a judicial authority in one member state to request electronic evidence, such as emails, text or messages in apps, directly from a service provider offering services in the Union and established or represented in another member state, regardless of the location of data, which will be obliged to respond within 10 days, and within 6 hours in cases of emergency.

Preservation orders
The rules will prevent data being from being deleted with a European Preservation Order that will allow a judicial authority in one member state to oblige a service provider offering services in the Union and established or represented in another member state to preserve specific data to enable the authority to request this information later via mutual legal assistance, a European Investigation Order or a European Production Order.

The release also says the new rules will provide legal certainty for businesses and service providers, whereas currently, law enforcement authorities often depend on the good will of service providers to produce the evidence needed, in the future, applying the same rules for ordering the provision of electronic evidence will improve legal certainty for authorities and for service providers.

The new rules will have serious implications for service providers of all kinds, and coming in the wake of the US CLOUD Act, means that cloud service providers will be under increasing pressure to be able to meet such demands.

‘Strong safeguards’
The commission does specify that there are strong safeguards built into the rules to ensure fundamental rights. It said that the orders described can only be issued in the framework of criminal proceedings and all procedural safeguards within criminal law still apply.

“The new rules guarantee strong protection of fundamental rights,” said the commission, “such as the involvement of judicial authorities and additional requirements for obtaining certain data categories. It also includes safeguards for the right of personal data protection.”

“The service providers and persons whose data is being sought will benefit from various safeguards, such as a possibility for the service provider to request review.” The example was given of where an order manifestly violates the Charter of Fundamental Rights of the European Union.


TechCentral Reporters

Read More:

Back to Top ↑